• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.55-66
• /
• 2018

Since existing server-based authentications use vulnerable password-based authentication, illegal leak of personal data occurs frequently. Since this can cause illegal ID compromise, alternative authentications have been studied. Recently token-based authentications like OAuth 2.0 or JWT have been used in web sites, however, they have a weakness that if a hacker steals JWT token in the middle, they can obtain plain authentication data from the token, So we suggest a new authentication method using the verification token of authentic code to encrypt authentication data with effective time. The verification is to compare an authentication code from decryption of the verification-token with its own code. Its crypto-method is based on do XOR with ECDH session key, which is so fast and efficient without overhead of key agreement. Our method is outstanding in preventing the personal data leakage.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.305-308
• /
• 2017

EAP is an extensible authentication protocol that supports EAP methods with various authentication mechanisms. Since EAP itself is designed as a protocol for authentication only, it is not used for general data transmission after authentication between peer and authenticator. EAP itself is a protocol that can operate lightly in terms of the simple communication structure of EAP, but the procedure may become more complicated depending on which EAP method is selected and used. In particular, the IoT market has recently become established, and frequent authentication environments arise due to data loss, modulation, and repeated connections in a wireless environment. In this case, some highly secure EAP methods are not suitable for some IoT environments that require lighter and faster communications than complex procedures. In this paper, we design a lightweight authentication EAP method that is suitable for IoT environment that does not touch the existing EAP framework and requires frequent authentication and fast communication.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.12C
• /
• pp.1021-1028
• /
• 2008

In a network environment, when a user requests a server's service, a remote user authentication system using smart cards is a very practical solution to validate the eligibility of a user and provide secure communication. In these authentication schemes, due to fast progress of networks and information technology, most of provided services are in multi-server environments. However, there are no studies in multi-server authentication schemes using smart cards providing mutual anonymity so far. In this paper, we propose a novel user authentication scheme using smart cards providing mutual authentication and mutual anonymity for multi-server environments. Our proposed scheme achieves the low-computation requirement for smart cards and a user can use permitted various services in eligible servers by only one registration. Also, this scheme guarantees perfect mutual anonymity of participants.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.8B
• /
• pp.502-508
• /
• 2007

This paper proposes a method to shut out all of the not certified network access packet by embodying the two-factor(MAC ADDRESS, ID/PASSWORD) authentication system. The Authenticating Gateway System takes over central server's policy and permit or hold up the packet by inherited policy. And checks the whether or not patched the OS version and getting influenced from computer virus. And takes the information about client's resources(H/W, S/W) without Agent in the client. That makes more stability of network operating circumstance and fast facing the attack from hackers. In the fixed mobile network circumstance, This method provides more simplicity and less expenses than IEEE802.1x authentication system(cisco nac).

• Journal of KIISE:Information Networking
• /
• v.30 no.6
• /
• pp.714-719
• /
• 2003

A Mobile IPv6 services exposes its vulnerability when a mobile node is roaming the subnets belonging to the different domains. The AAA infrastructure is strongly recommended when the ISPs need to authenticate the mobile user comes from the different domains. In addition to the basic requirements for the AAA service, the authentication latency and AAA message overhead should be minimized for the continuity of the mobile service. This paper considers the roaming service with AAA infrastructure in Mobile IPv6 and proposes an authentication scheme using delegation to authenticate the mobile node with effective manner. The effectiveness of the proposed scheme is confirmed using the cost analysis. The result shows at least 50% of performance enhancement when the MN is roaming fast under the control of the delegation.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.303-316
• /
• 2021

Digital content protection has recently become an important requirement in biometrics-based authentication systems due to the challenges involved in designing a feasible and effective user authentication method. Biometric approaches are more effective than traditional methods, and simultaneously, they cannot be considered entirely reliable. This study develops a reliable and trustworthy method for verifying that the owner of the biometric traits is the actual user and not an impostor. Watermarking-based approaches are developed using a combination of a color face image of the user and a mobile equipment identifier (MEID). Employing watermark techniques that cannot be easily removed or destroyed, a blind image watermarking scheme based on fast discrete curvelet transform (FDCuT) and discrete cosine transform (DCT) is proposed. FDCuT is applied to the color face image to obtain various frequency coefficients of the image curvelet decomposition, and for high frequency curvelet coefficients DCT is applied to obtain various frequency coefficients. Furthermore, mid-band frequency coefficients are modified using two uncorrelated noise sequences with the MEID watermark bits to obtain a watermarked image. An analysis is carried out to verify the performance of the proposed schema using conventional performance metrics. Compared with an existing approach, the proposed approach is better able to protect multimedia data from unauthorized access and will effectively prevent anyone other than the actual user from using the identity or images.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.117-128
• /
• 2008

Compared with the existing bar code system, RFID system has lots of advantages such as it identifies automatically massive objects. We might anticipate RFID technology will be a substitution for an optical bar code system in the near future. However, their feature that uses radio waves may cause various security problems. Many kinds of solutions have been researched to overcome these security problems. In this paper, we analyze the previous proposed protocols. And then, we categorize RFID authentication into two types according to the synchronization requirement between a Back-end Database and a Tag. In addition, we introduce the previous proposed approaches to tag search problem in RFID authentication. And we propose an efficient method which provides fast tag search by using membership test algorithm, a Bloom filter.

• Journal of Korea Multimedia Society
• /
• v.13 no.2
• /
• pp.205-215
• /
• 2010

It is necessary to provide a fast and secure handover for seamless real-time multimedia services based on IEEE 802.11. In this paper, we propose FMIPv6 handoff protocol integrating L2/L3 layer based on IEEE 802.11 WLAN environment. In that, we propose a hierarchical key management scheme and authentication mechanism for protecting the handover signaling messages. The number of connections with AAA server is minimized for the fast handover. It is also compared and analyzed the handover cost with previous method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.10
• /
• pp.1786-1795
• /
• 2006

Portable Internet extended from wireless LAN has a large cell size, similar to a wireless mobile communication. and can provide the seamless service which offers middle-low speed mobility. IEEE 802.16e, the international standard of Portable Internet, uses PKMv2 protocol for authorization and key exchange between a MSS and a BS. This paper proposes a new protocol based on PKMv2, which can provide that MSS is able to do fast authorization with a new BS when soft handover is occurred in a MSS. Our protocol can carry out fast authorization because of reducing the number of messages and parameter exchange, public key encryption and signature in wireless network more than the previous works. It also prevents eavesdropping from an external attacker and keeps the security against impersonation attacks for both a MSS and a BS.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.40 no.4
• /
• pp.256-265
• /
• 2003

To improve reliability and practicality, a fingerprint-based biometric system needs to be robust to rotations of an input fingerprint and the processing speed should be fast. Accordingly, this paper presents a new filterbank-based fingerprint feature extraction and matching method that is robust to diverse rotations and reasonably fast. The proposed method fast extracts fingerprint features using a directional filter bank, which effectively decomposes an image into several subband outputs Since matching is also performed rapidly based on the Euclidean distance between the corresponding feature vectors, the overall processing speed is so fast. To make the system robust to rotations, the proposed method generates a set of feature vectors considering various rotations of an input fingerprint and then matches these feature vectors with the enrolled single template feature vector. Experimental results demonstrated the high speed of the proposed method in feature extraction and matching, along with a comparable verification accuracy to that of other leading techniques.