• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.1-11
• /
• 2021

Development of ICT technologies leads exponential growth of various sharing economy over the last couple of years. The intuitive advantage of the sharing economy is efficient utilization of idle goods and services, but there are safety and security concerns. In this paper, we propose a onetime password based access control system to support secure accommodation sharing service and show the implementation results. To provide a secure service to both the provider and the user, the proposed system issues a onetime access password that is valid only during the sharing period reserved by the user, thereafter access returns to the accommodation owner. Especially, our system provides secure user access by merging the two elements of speaker recognition using voice and a one-time password to open and close the door lock. In this paper, we propose a secure system for accommodation sharing services as a use-case, but the proposed system can be applicable to various sharing services utilizing security-sensitive facilities.

• Journal of Internet Computing and Services
• /
• v.6 no.5
• /
• pp.27-43
• /
• 2005

EAP provides authentication for each entity based on IEEE Std 802.1x Wireless lAN and RADIUS/DIAMETER protocol, and it uses certificate, dual scheme(e.g., password and token) with the authentication method. The password-based authentication scheme for authenticated key exchange is the most widely-used user authentication method due to various advantages, such as human-memorable simplicity, convenience, mobility, A specific hardware device is also unnecessary, This paper discusses user authentication via public networks and proposes the Split Password-based Authenticated Key Exchange (SPAKE), which is ideal for both authenticating users and exchanging session keys when using a subsequent secure communication over untrusted network, And then we provides EAP authentication framework EAP-SPAKE by using it.

• Journal of Korea Society of Industrial Information Systems
• /
• v.16 no.3
• /
• pp.57-63
• /
• 2011

The internet is currently becoming popularized and generalized in our daily life. Recently, a lot of hacking tools have appeared on the internet. And damage size and seriousness the measurement is impossible. The password security protects oneself and information is the tool which is essential for from the internet, if this emphasizes no matter how, does not go to extremes. If applies a encryption, a 7 character password is sufficient, so long as attackers don't pick easily guessed values. In this paper, entering password using the virtual keyboard, I propose a new and improved one time password algorithm using information a part of ID and final approval time.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.11C
• /
• pp.1074-1080
• /
• 2002

In clients/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. However, it has the problem that is time-slippage, and causes the authentication to fail. In this paper, we propose an effective one-time password algorithm, which solves the time-slippage problem through the use of 1-bit information, which denotes the duration in which the authentication could be failed because of time-slippage. This algorithm is added easily and quickly to current one-time password systems using time without requiring any change of protocols: the proposed algorithm can be implemented by adding only 1-bit information to the user authentication information, not by modifying the one-time password authentication system protocol. And we propose also the algorithm of time correction, which can be implemented by adding 2-bit information on the proposed one-time password.

• Journal of Digital Convergence
• /
• v.12 no.5
• /
• pp.231-238
• /
• 2014

Graphical passwords using images have been developed to solve problems in text based password recognition. The basic recognition process scheme of graphical passwords is clicking certain points on the screen image in correct order. In this pre-developed method of graphical passwords the recognition will fail if the precise positions are not clicked. A new graphical password system called PassPositions is introduced in this paper. PassPositions is a new graphical password scheme which is using relative positions never used earlier graphical password schemes. PassPositions is a graphical password scheme based on universal design that everybody can use conveniently without regarding their physical conditions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1251-1258
• /
• 2016

Recently, leaks of the personal information of Internet users have been occurring too frequently. Generally, Internet users have email accounts. The use of email as a communications tool in the private and public sectors has increased. Therefore, in email usage, password management to ensure a more secure email service is most important. In this study, we conducted an online survey of email users and analyzed their responses by using structural equation modeling software to find the psychological and behavioral characteristics of their password management. The results of this study provide useful suggestions on information security strategies related to email password management at both the enterprise and individual levels.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.1
• /
• pp.119-125
• /
• 2015

In this paper, we propose a user friendly password input method for mobile devices which is secure against SSA. The proposed method is a numeric password input method such as a conventional PIN method. One of the buttons, numbers and colors, so as to display the two pieces of information to double. The user can select one of the colors or numbers within one button to type in the password. Because an attacker does not know whether the user has entered any color and number, the proposed technique is safe from the SSA. Also to be secure for smudge attacks and password guessing attacks through random changes in the number and color information.

• Journal of Korea Multimedia Society
• /
• v.14 no.6
• /
• pp.785-793
• /
• 2011

Since then, with the advance of computing environment, various Internet services are emerging and the importance of user authentication technology is increasing for verifying users authorized to use such services. Along with the advance of authentication technology, research is being made actively on one time password, which is used once in a session and then discarded. In existing one time passwords, however, the values of one time passwords in a created table are stored in serial order, and therefore, if the seed value and the number of one time passwords used are disclosed, one may infer the value of the one time password to be used next. What is more, one time passwords of the S/Key type have the problem that the number of uses is fixed. In this paper, We analysis the existing one time password. Also, We propose one time password methods using elliptic curve cryptography scheme and using enhanced randomness with time value.

• The Journal of the Korea Contents Association
• /
• v.17 no.7
• /
• pp.276-282
• /
• 2017

Password-based authentication is vulnerable because of its low cost and convenience, but it is still widely used. In order to increase the security of the password-based user authentication method, the password is changed frequently, and it is recommended to use a combination of numbers, alphabets and special characters when generating the password. However, it is difficult for users to remember passwords that are difficult to create and it is not easy to change passwords periodically. Therefore, in this paper, we implemented a user authentication system that does not require a password by using the USB memory that is commonly used. Authentication data used for authentication is protected by USB data stored in USB memory using USB device information to improve security. Also, the authentication data is one-time and reusable.Based on this, it is possible to have the same security as the password authentication system and the security level such as certificate or fingerprint recognition.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.241-244
• /
• 2011

Recently, Due to development of Internet techniques, user suddenly increased that Used of Web services and with out constraints of place and time has been provided. typically, Web services used ID/Password authentication. User confirmed personal data Stored on Web servers after user authorized. web service provider is to provide variety security techniques for the protection personal information. However, recently accident has happened is the malicious attackers may capture user information such as users entered personal information through new keyboard hooking. In this paper, we propose a keyboard hooking protected password input method using CAPTCHA. The proposed password input method is based on entering the password using mouse click or touch pad on the CAPTCHA image. The mapping of CAPTCHA image pixels is random.