• Convergence Security Journal
• /
• v.2 no.1
• /
• pp.59-68
• /
• 2002

The smart card including memory and processor is able to simple process such as privilege unauthorized access and used to Authentication System for security. In this paper, we propose using the smart card in the key exchange phase when secure Internet phones conversation, so certainly guarantee to mutual authentication and secret communication.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.53-60
• /
• 2024

In this paper, we analyze the authentication scheme of Hwang et al. proposed in 2023 and propose a new authentication scheme that improves its problems. Hwang et al. claimed that their authentication scheme was practical and secure, but as a result of analysis in this paper, it is possible to attack the password/ID guessing attack and session key disclosure attack due to insider attack and stolen smart card attack. In addition, Hwang et al.'s authentication scheme, which provides user anonymity, does not provide user untraceability due to its unstable design. The proposed authentication scheme, which improves these problems, not only provides user untraceability, but also is secure for stolen smart card attack, insider attack, session key disclosure attack, and replay attack. In addition, except for one fuzzy extraction operation, it shows the same complexity or very similar one as related authentication schemes. Therefore, the proposed authentication scheme can be said to be an authentication scheme with safety and practicality.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.99-107
• /
• 1994

For the secure control of the communication satellite, security mechanisms should be employed on the ground station as well as on the spacecraft. In this paper, we present a security architecture fur the spacecraft command security of the communication satellite. An authentication mechanism is also proposed using message authentication code (MAC) based on the Data Encryption Standard (DES) cryptosystem.

• Journal of Electrical Engineering and information Science
• /
• v.1 no.1
• /
• pp.82-90
• /
• 1996

In this paper, we present an analysis of the IS-95 authentication protocol for the Code Division Multiple Access(CDMA) mobile communication network. We propose a mutual authentication protocol, AP-6, to improve the security and correctness. Formal description and verification of the proposed AP-6 are also presented on the basis of the formal logic. It is shown that the proposed AP-6 is more secure and correct than the IS-95 authentication protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.3-13
• /
• 2004

DRM is the ability to brand digital contents with features that ensure copy Protection and affect the way in which digital contents are played back. DRM is a technology that enables the secure distribution, promotion and sale of digital contents on the Internet. The DRM Client System that operates on the untrusted user environments has to meet the requirements of the contents owner, including copyright and contents protection. After the DRM Client System is installed on the untrusted user environments, it verifies and plays digital contents. With these procedures it cuties out user authentication, contents decryption, and license management. During these procedures, the sensitive data, including authentication information, decryption data and license data, must be secured against any illegal access from users. The goal of this thesis is to introduce the implementation of Secure Storage Device which can protect user's authentication key, cryptographic key, and license data in safe where the DRM Client System is running.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.119-131
• /
• 2013

With the explosive growth of computer networks, many remote service providing servers and multi-server network architecture are provided and it is extremely inconvenient for users to remember numerous different identities and passwords. Therefore, it is important to provide a mechanism for a remote user to use single identity and password to access multi-server network architecture without repetitive registration and various multi-server authentication schemes have been proposed in recent years. Recently, Tsaur et al. proposed an efficient and secure smart card based user authentication and key agreement scheme for multi-server environments. They claimed that their scheme satisfies all of the requirements needed for achieving secure password authentication in multi-server environments and gives the formal proof on the execution of the proposed authenticated key agreement scheme. However, we find that Tsaur et al.'s scheme is still vulnerable to impersonation attack and many logged-in users' attack. We propose an extended scheme that not only removes the aforementioned weaknesses on their scheme but also achieves user anonymity for hiding login user's real identity. Compared with other previous related schemes, our proposed scheme keeps the efficiency and security and is more suitable for the practical applications.

• International journal of advanced smart convergence
• /
• v.6 no.2
• /
• pp.65-71
• /
• 2017

Fingerprints are increasingly used for user authentication in small devices such as mobile phones. Therefore, it is important for Fingerprint authentication systems in personal devices to protect the user's fingerprint information while performing efficiently with a lightweight matching algorithm. In this paper, we propose a new method to extract strong minutiae with unique numbers from fingerprint images. Strong minutiae are at all times obtained from fingerprint images, and can be useful for secure and rapid fingerprint authentication. The binary information of strong minutiae of a fingerprint can be transformed securely and can create cancelable fingerprint templates. Also the bit-strings of strong minutiae decrease computing time necessary for the matching procedure between two fingerprints due to the simplicity of bitwise operations. First, we enroll several fingerprints images of a finger. From these images we select a reference fingerprint and put a number on each minutia. Following this procedure, we search for mated-minutiae between the reference fingerprint and other fingerprints one by one. Finally we derive unique numbers of strong minutiae of the finger. In the experiment with the FVC2004 fingerprint database, we show that using the proposed method, strong minutiae can be extracted successfully.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.8
• /
• pp.2133-2144
• /
• 1999

IMT-2000 system is expected to start its service at the beginning of 2000 on the purpose of providing with the highest qualitative service through one mobile terminal. In this paper, we investigate some of the important issues which need to be addresses in designing an authentication protocol for IMT-2000. Also proposed is an authentication protocol which addresses the above issues, and we design a correct and efficient authentication protocol to establish secure communication channel. Our protocol provides an authentication of the communication entities, location privacy, and secure messaging as well as global roaming service.

• Journal of Advanced Navigation Technology
• /
• v.17 no.3
• /
• pp.314-325
• /
• 2013

Smartwork is future-oriented work-environment to bring swift business transaction and convenient for users. In domestic and foreign various countries, It's already prompting introduction of smartwork. Users process work to access frequently from the outside in smartwork that's a similar client/server environment to existing Cloud Computing environment. Necessary of user authentication is increasing to be solvable to security vulnerability because there is possibility that malware flows in and leaks company's confidential information by unauthorized users especially in smartwork environment. Therefore we propose User Authentication scheme based face recognition is applicable to smartwork environment to analyze established User Authentication scheme. environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.8
• /
• pp.1855-1860
• /
• 2010

This paper describes construction of web services system for secure message transmission appling web services standards. This system composes single sign on module, SSL module and secure message module. We applied these modules to price comparison site. Single sign on module used SAML standards. This module was designed, in order to provide authentication and authorization. As SSL module processes message encryption among end to end, messages of this system are secure. Secure message module is designed according to WS-Security standards and processes authentication, XML signature and XML encryption.