• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1049-1062
• /
• 2019

The national accredited certificate is a user certificate issued based on the user's personal information, which has been identified in advance, and has become a universal authentication method used for most electronic financial transactions and user authentication. And it contributed a lot to the use of e-government and domestic service. However, due to the lack of web standards on how to use, it was inconvenient to install a separate plug-in, and efforts to improve it have been continued. In this paper, we attempt to solve the problem of certificate usage environment by presenting the certificate digital signature method using the extension of the FIDO2 (Fast Identity Online v2) client to authentication protocol (CTAP) specification.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.303-316
• /
• 2021

Digital content protection has recently become an important requirement in biometrics-based authentication systems due to the challenges involved in designing a feasible and effective user authentication method. Biometric approaches are more effective than traditional methods, and simultaneously, they cannot be considered entirely reliable. This study develops a reliable and trustworthy method for verifying that the owner of the biometric traits is the actual user and not an impostor. Watermarking-based approaches are developed using a combination of a color face image of the user and a mobile equipment identifier (MEID). Employing watermark techniques that cannot be easily removed or destroyed, a blind image watermarking scheme based on fast discrete curvelet transform (FDCuT) and discrete cosine transform (DCT) is proposed. FDCuT is applied to the color face image to obtain various frequency coefficients of the image curvelet decomposition, and for high frequency curvelet coefficients DCT is applied to obtain various frequency coefficients. Furthermore, mid-band frequency coefficients are modified using two uncorrelated noise sequences with the MEID watermark bits to obtain a watermarked image. An analysis is carried out to verify the performance of the proposed schema using conventional performance metrics. Compared with an existing approach, the proposed approach is better able to protect multimedia data from unauthorized access and will effectively prevent anyone other than the actual user from using the identity or images.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.209-215
• /
• 2020

The environment of the Internet provides an efficient communication of the things which are connected. While internet and online service provide us many valuable benefits, online services offered and accessed remotely through internet also exposes us to many different types of security threats. Most security threats were just related to information leakage and the loss of authentication on client-server environment. In 2016, Ahmed et al. proposed an efficient lightweight remote user authentication protocol. However, Kang et al. show that it's scheme still unstable and inefficient. It cannot resist offline identity guessing attack and cannot provide session key confirmation property. Moreover, there is some risk of biometric information's recognition error. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since we only use hash function and XOR operation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.493-503
• /
• 2024

This paper addresses the issue of continuous user authentication within the metaverse environment. Recently, the metaverse plays a vital role in personal interaction, entertainment, education, and business, bringing forth significant security concerns. Particularly, vulnerabilities related to user identity verification have emerged as a major issue. This research proposes a novel method to verify identities by analyzing users' character movements in the metaverse through a pose estimation model. This method uses only video data for authentication, allowing flexibility in limited environments, and investigates how character movements contribute to user identification through various experiments. Furthermore, it explores the potential for extending this approach to other digital platforms. This research is expected to significantly contribute to enhancing security and innovating user identity verification methods in the metaverse environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.191-194
• /
• 2009

Recently, an anonymous authentication scheme has been proposed by Chang, Lee, and Chiu. In this paper, we show the insecurity of the scheme. To prove the insecurity of the scheme, we describe some attacks that can be used to recover an user's identity.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.6
• /
• pp.1070-1075
• /
• 2006

TETRA system provides the radio authentication service which permits only authorized radio to access network. Radio authentication is the process which checks the sameness of authentication-key(K) shared between radio and authentication center by challenge-response protocol. TETRA standard authentication protocol can prevent the clone radio to copy ISSI from accessing network, but can't prevent the clone radio to copy ISSI & authentication-key. This paper analyzes authentication-key generation/delivery/infection model in TETRA authentication system and analyzes the threat of clone radio caused by authentication-key exposure. Finally we propose the new authentication protocol which prevent the clone radio to copy ISSI & authentication-key from accessing network.

• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.4
• /
• pp.1-8
• /
• 2023

This paper analyzes the trends of identification proofing services(PIPSs) to identify and authenticate users online and proposes a method to improve PIPS based on alternative means of resident registration numbers in Korea. Digital identity proofing services play an important role in modern society, but there are some problems. Since they handle sensitive personal information, there is a risk of information leakage, hacking, or inappropriate access. Additionally, online service providers may incur additional costs by applying different PIPSs, which results in online service users bearing the costs. In particular, in these days of globalization, different PIPSs are being used in various countries, which can cause difficulties in international activities due to lack of global consistency. Overseas online PIPSs include expansion of biometric authentication, increase in mobile identity proofing, and distributed identity proofing using blockchain. This paper analyzes the trend of PIPSs that prove themselves when identifying users of online services in non-face-to-face overseas situations, and proposes improvements by comparing them with alternative means of Korean resident registration numbers. Through the proposed method, it will be possible to strengthen the safety of Korea's PIPS and expand the provision of more reliable identification services.

• Proceedings of the IEEK Conference
• /
• 2004.06a
• /
• pp.297-300
• /
• 2004

In cellular communication, subscriber authentication is an essential technique. The mobile station should operate in conjunction with the base station to authenticate the identity. In CDMA system, authentication is the process by which information is exchanged between a mobile station and base station for the purpose of confirming the mobile station. A successful authentication process means that the mobile station and base station process identical sets of shared secret data(SSD). SSD can be generated by authentication algorithms. The cryptographic hash function is a practical way of authentication algorithms. In this paper, we propose and implement MD5 and SHA-1 with modified structure.

• International Journal of Contents
• /
• v.8 no.3
• /
• pp.79-82
• /
• 2012

In digital contents distribution environments, a user authentication is an important security primitive to allow only authenticated user to use right services by checking the validity of membership. For example, in Internet Protocol Television (IPTV) environments, it is required to provide an access control according to the policy of content provider. Remote user authentication and key agreement scheme is used to validate the contents accessibility of a user. We propose a novel user authentication scheme using smart cards providing a secure access to multimedia contents service. Each user is authenticated using a subset of attributes which are issued in the registration phase without revealing individual's identity. Our scheme provides the anonymous authentication and the various permissions according to the combination of attributes which are assigned to each user. In spite of more functionality, the result of performance analysis shows that the computation and communication cost is very low. Using this scheme, the security of contents distribution environments in the client-server model can be significantly improved.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.10
• /
• pp.21-29
• /
• 2013

This paper proposed the architecture of the authentication and the transmission for high reliable emergency data management based on U-healthcare wireless mesh networks. In U-healthcare monitoring service, the high reliable bio data management as well as the data transmission are required because the monitoring emergency bio data is related linked to life. More specifically, the technologies of the identity authentication of the measuring bio data, the personalized emergency status diagnosis who is authenticated the bio data and the emergency data transmission are important first of all. To do this, this paper presents the structure and protocol of the identity authentication management with using the extended IEEE 11073 PHD, the structure of policy-based management of the emergency bio data for the highly reliable management and the resilient routing protocol based on wireless mesh network for the reliable data transmission.