• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.10
• /
• pp.2309-2315
• /
• 2013

VANET(Vehicular Ad-hoc Network) is getting attention as an application to improve driver safety through inter-vehicle communication. For activation of VANET, privacy-preserving mutual authentication has to be guaranteed. In previous works, authors proposed various group-based authentication protocols. However, risks on ID exposure due to repeated use of group key and RSU(Road Side Unit) DoS attack were not considered. In this paper, we propose a probabilistic approach for robust anonymous authentication protocol. We evaluated our proposed method in a sets of criteria in VANET and verified it is an efficient solution for enhancing privacy.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.5
• /
• pp.291-298
• /
• 2002

Mutual authentication is essential for key exchange protocols and password-based authentication scheme is used widely, which is convenient to users and executed on the cheap. Password-based protocol should be not only secure against attach but also efficient to reduce user's load. In this paper, we propose a new key exchange protocol, called OTP-EKE(One Time Password based Encrypted Key Exchange), to provide authentication and to share a session key between a server and a user. We choose a password-based scheme as a user authentication. Especially, we use a one-time-password verifier and server's public password to protect against attacks on server's directory. As for efficiency, we improve the performance by reducing the number of modular exponentiations and the number of rounds.

• Journal of KIISE:Information Networking
• /
• v.31 no.5
• /
• pp.429-437
• /
• 2004

The mobileip working group is equipped with the RR(Return Routabilit) taking the simple procedures and small amount of cryptographic operations by considering the processing capability of the mobile node however it dose not provide security features enough. To replace with enhanced methods, mobileip WG is making an effort to find the approved solutions include CGA(Craptographically Generated Address), IPsec(Internet Protocol Security) as well as the existing infrastructure such as AAA(Authentication, Authorization and Account) and PKI(Public Key Infrastructure). In this paper, we propose the authentication and route optimization based on AAA suitable for the requested security service for its successful story in wireless network such as 802.11 and 3GPP(3rd Generation Partnership Project) as well as wired one. We analyze the effectiveness of our scheme according to the traffic and mobility properties. The result shows the cost reduction up to 20 percent comparing with RR.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.43-53
• /
• 2019

Recently, a number of military intranet infiltrations suspected of North Korea have been discovered. There was a problem that a vulnerability could occur due to the modification of user authentication data that can access existing military information systems. In this paper, we applied mutual verification technique and API (Application Programming Interface) forgery / forgery blocking and obfuscation to solve the authentication weakness in web browsers that comply with FIDO (Fast IDentity Online) standard. In addition, user convenience is improved by implementing No-Plugin that does not require separate program installation. Performance tests show that most browsers perform about 0.1ms based on the RSA key generation rate. In addition, it proved that it can be used for commercialization by showing performance of less than 0.1 second even in the digital signature verification speed of the server. The service is expected to be useful for improving military information system security as an alternative to browser authentication by building a web secure storage.

• The Journal of Korean Association of Computer Education
• /
• v.14 no.1
• /
• pp.175-185
• /
• 2011

Recently RFID systems have been introduced in place of barcode systems to industries such as logistics, distribution, and manufacturing. Due to security vulnerabilities in wireless communication between the reader and tags, however, the authentication protocols for the communication have also been researched extensively. In order to solve the vulnerability of previously proposed protocols, this paper thus proposes an authentication protocol that satisfies the security requirements in the RFID system and minimizes the quantity of computation such as random number generation, transmitting the micro-time of databases. In addition, it is expected that the proposed cross authentication protocol is safe against replay attack, spoofing attack, traffic analysis, and eavesdropping attack when it is applied to the RFID system. Also, it has advantages such as providing a high level of security at a lower manufacturing cost.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.5
• /
• pp.131-137
• /
• 2011

Recently Lin et al. proposed a simple remote user authentication scheme using smart cards. But the proposed scheme has not satisfied security requirements which should be considered in the user authentication scheme using the password based smart card. In this paper, we show that Lin et al.'s scheme is insecure against off-line password guessing attack. In their scheme, any legal user's password may be derived from the password guessing when his/her smart card is stolen and the secret information is leaked from the smart card by an attacker. Accordingly, we demonstrate the vulnerability of their scheme and present an enhancement to resolve such security weakness. Our proposed scheme can withstand various possible attacks including password guessing attack. Furthermore, this improved scheme can provide mutual authentication to improve the security robustness. Performance evaluation shows that the proposed scheme is relatively more effective than Lin et al.'s scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.2
• /
• pp.119-125
• /
• 2010

Recently Hsiang-Shih proposed the user authentication scheme to improve Yoon et al's scheme. But the proposed scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we proved that Hsiang-Shih's scheme is vulnerable to the off-line password guessing attack. In other words, the attacker can get the user's password using the off-line password guessing attack on the scheme when the attacker steals the user's smart card and extracts the information in the smart card. Also, the improved scheme based on the hash function and random number was introduced, thus preventing the attacks, such as password guessing attack, forgery attack and impersonation attack etc. And we suggested the effective mutual authentication scheme that can authenticate each other at the same time between the user and server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.77-87
• /
• 2008

Recently, many hash-based authentication protocols were presented to guarantee mutual authentication between tag and DB in RFID system. To be suitable for distributed DB environment, one generally uses fixed constant value as a tag ID. However, some existing protocols have security flaws or heavy computational loads in DB in order to search a tag ID. We propose a secure authentication protocol which is suitable for distributed DB environment by using unchangeable tag ID. The storage method of pre-synchronized information in DB at previous session is core idea of our proposal which gives low-cost ID search of DB at next session. In normal synchronization state, our protocol only requires 3 hash operations in tag and DB respectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.31-39
• /
• 2008

Recently, remote user authentication schemes using smart cards has been researched to provide user privacy because of increasing interest and demands. Previously, provided authentication schemes were only concerned about providing user privacy against outside attackers, but the scheme. which guarantees user privacy against both a remote server and outside attackers, has been recently demanded because the user's information has leaked out through the service providers. When the remote server perceives a user doing a malicious act, the server should be able to trace the malicious user by receiving help from a trust agency. In this paper, we suggest a scheme which not only guarantees user privacy against both a remote server and outside attackers, but also provides traceable anonymity authentication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.115-124
• /
• 2008

In vehicular networks, vehicles should be able to authenticate each other to securely communicate with network-based infrastructure, and their locations and identifiers should not be exposed from the communication messages. however, when an accident occurs, the investigating authorities have to trace down its origin. As vehicles communicate not only with RSUs(Road Side Units) but also with other vehicles, it is important to minimize the number of communication flows among the vehicles while the communication satisfies the several security properties such as anonymity, authenticity, and traceability. In our paper, when the mutual authentication protocol is working between vehicles and RSUs, the protocol offers the traceability with privacy protection using pseudonym and MAC (Message Authentication Code) chain. And also by using MAC-chain as one-time pseudonyms, our protocol does not need a separate way to manage pseudonyms.