• Title, Summary, Keyword: authentication protocol

Search Result 1,066, Processing Time 0.035 seconds

Security enhanced privacy-aware two-factor authentication protocol for wireless sensor networks (무선 센서 네트워크 환경을 위한 보안성이 향상된 프라이버시 보호형 two-factor 인증 프로토콜)

  • Choi, Younsung;Chang, Beom-Hwan
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.15 no.4
    • /
    • pp.71-84
    • /
    • 2019
  • Various researchers conducted the research on two-factor authentication suitable for wireless sensor networks (WSNs) after Das first proposed two-factor authentication combining the smart card and password. After then, To improve the security of user authentication, elliptic curve cryptography(ECC)-based authentication protocols have been proposed. Jiang et al. proposed a privacy-aware two-factor authentication protocol based on ECC for WSM for resolving various problems of ECC-based authentication protocols. However, Jiang et al.'s protocol has the vulnerabilities on a lack of mutual authentication, a risk of SID modification and a lack of sensor anonymity, and user's ID exposed on sensor node Therefore, this paper proposed security enhanced privacy-aware two-factor authentication protocol for wireless sensor networks to solve the problem of Jiang et al.'s protocol, and security analysis was conducted for the proposed protocol.

Design of GE subgroup based User Authentication Protocol For efficient Electric Commerce (효율적 전자상거래를 위한 유한체 서브그룹 기반의 사용자 인증 프로토콜 설계)

  • 정경숙;홍석미;정태충
    • The Journal of Society for e-Business Studies
    • /
    • v.9 no.1
    • /
    • pp.209-220
    • /
    • 2004
  • If protocol has fast operations and short key length, it can be efficient user authentication protocol. Lenstra and Verheul proposed XTR. XTR have short key length and fast computing speed. Therefore, this can be used usefully in complex arithmetic. In this paper, to design efficient user authentication protocol we used a subgroup of Galois Field to problem domain. Proposed protocol does not use GF(p/sup 6/) that is existent finite field, and uses GF(p²) that is subgroup and solves problem. XTR-ElGamal based user authentication protocol reduced bit number that is required when exchange key by doing with upside. Also, proposed protocol provided easy calculation and execution by reducing required overhead when calculate. In this paper, we designed authentication protocol with y/sub i/ = g/sup b.p/sup 2(i-1)//ㆍv mol q, 1(equation omitted) 3 that is required to do user authentication.

  • PDF

A Study on Secure Matrix-based RFID Authentication Protocol (행렬기반 RFID 인증 프로토콜에 대한 연구)

  • Lee, Su-Youn;Ahn, Hyo-Beom
    • Convergence Security Journal
    • /
    • v.6 no.1
    • /
    • pp.83-90
    • /
    • 2006
  • Recently, the security for RFID/USN environment is divided into network security and RFID security. The authentication protocol design for RFID security is studied to protect user privacy in RFID system. However, the study of efficient authentication protocol for RFID system is not satisfy a security for low-cost RFID tag and user privacy. Therefore, this paper proposes a secure matrix-based RFID authentication protocol that decrease communication overhead and computation. In result, the Matrix-based RFID authentication protocol is an effective authentication protocol compare with HB and $HB^+$ in traffic analysis attack and trace location attack.

  • PDF

Improved Strong Password Mutual Authentication Protocol to Secure on Replay Attack (재전송 공격에 안전한 개선된 강력한 패스워드 상호인증 프로토콜)

  • Kim, Jun-Sub;Kwak, Jin
    • Journal of Advanced Navigation Technology
    • /
    • v.14 no.3
    • /
    • pp.415-425
    • /
    • 2010
  • In public network, user authentication is important security technology. Especially, password-based authentication method is used the most widely in distributed environments, and there are many authentication methods. Their SPMA protocol indicates vulnerability about problem that NSPA protocol does not offer mutual authentication, and proposed Strong Password Mutual Authentication protocol with mutual authentication. However, SPMA protocol has vulnerability of replay attack. In the paper, we analyzed vulnerability to replay attack of SPMA protocol. And we also proposed Improved Strong Password Mutual Authentication protocol to secure on replay attack with same efficiency.

Invited Speech at ICSS 2007 Generation of Session, Authentication, and Encryption Keys for CDMA2000 1x EV-DO Air Interface Standard

  • Rhee, Man-Young
    • Review of KIISC
    • /
    • v.17 no.2
    • /
    • pp.9-23
    • /
    • 2007
  • The air interface supports a security layer which provides the key exchange protocol, authentication protocol, and encryption protocol. The authentication is performed on the encryption protocol packet. The authentication protocol header or trailer may contain the digital signature that is used to authenticate a portion of the authentication protocol packet that is authenticated. The encryption protocol may add a trailer to hide the actual length of the plaintext of padding to be used by the encryption algorithm. The encryption protocol header may contain variables such as the initialization vector (IV) to be used by the encryption protocol. It is our aim to firstly compute the session key created from the D H key exchange algorithm, and thereof the authenticating key and the encryption key being generated from the session key.

Multi-Server Authenticated Key Exchange Protocol (다중서버를 이용한 인증된 키교환 프로토콜)

  • 이정현;김현정;이동훈
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.1
    • /
    • pp.87-97
    • /
    • 2003
  • In this paper, we define two security concepts, “non-computable security” and “distribution security”, about authentication information committed to a authentication server without any trustee, and propose an authenticatied key exchange protocol based on password, satisfying “distribution security”. We call it MAP(Muti-Server Authentication Protocol based on Password) and show that SSSO(Secure Single Sign On) using MAP solves a problem of SSO(Single Sign On) using authentication protocol based on password with a trustee.

Mutual Authentication Protocol Using a Low Power in the Ubiquitous Computing Environment

  • Cho Young-bok;Kim Dong-myung;Lee Sang-ho
    • Proceedings of the KSRS Conference
    • /
    • /
    • pp.91-94
    • /
    • 2004
  • Ubiquitous sensor network is to manage and collect information autonomously by communicating user around device. Security requirements in Ubiquitous based on sensor network are as follows: a location of sensor, a restriction of performance by low electric power, communication by broadcasting, etc. We propose new mutual authentication protocol using a low power of sensor node. This protocol solved a low power problem by reducing calculation overload of sensor node using two steps, RM(Register Manager) and AM(Authentication Manager). Many operations performing the sensor node itself have a big overload in low power node. Our protocol reduces the operation number from sensor node. Also it is mutual authentication protocol in Ubiquitous network, which satisfies mutual authentication, session key establishment, user and device authentication, MITM attack, confidentiality, integrity, and is safe the security enemy with solving low electric power problem.

  • PDF

Study on RFID Mutual Authentication Protocol Using Finite Field (유한체를 사용한 RFID 상호인증 프로토콜 연구)

  • Ahn, Hyo-Beom;Lee, Su-Youn
    • Convergence Security Journal
    • /
    • v.7 no.3
    • /
    • pp.31-37
    • /
    • 2007
  • There are many investigations about the security on RFID system to protect privacy. It is important to mutual authentication of the security on RFID system. The protocol for mutual authentication use light-weight operation such as XOR operation, hash function and re-encryption. However, the protocol for authentication and privacy is required more complicated cryptography system. In this paper, we propose a mutual authentication protocol using finite field GF($2^n$) for a authentication and are a safety analysis about various attacks.

  • PDF

POSCAL : A Protocol of Service Access Control by Authentication Level (인증 수준에 의한 서비스 접근제어 프로토콜)

  • Yoo, SeongMin;Choi, SeokJin;Park, JunHoo;Ryou, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1509-1522
    • /
    • 2018
  • The purpose of this study is to support flexible authentication functions in various services using various types of user information. Rather than requiring the same level of authentication for all services, the goal is to identify the level of authentication at the time of user authentication and to increase convenience and efficiency by dynamically granting authority. In this paper, we propose POSCAL (Protocol of Service Control by Authentication Level) protocol which can control service access based on various local authentication information. To verify the function of the authentication framework, we developed the electronic wallet service based on the POSCAL authentication framework and evaluated the implementation function based on the use case scenario. The proposed protocol satisfies user and message authentication, confidentiality of authentication information, integrity of authentication history, non - repudiation of authorization, and access control by service according to security level.

A Lightweight RFID Authentication Protocol Based on Hash Chain (해시체인기반의 경량화 RFID 인증 프로토콜)

  • Youn, Keun-Young;Kim, Dong-Seong;Park, Jong-Sou
    • Convergence Security Journal
    • /
    • v.6 no.1
    • /
    • pp.45-53
    • /
    • 2006
  • It has been proposed that several RFID authentication protocols based on hash chain. Status based authentication protocol and challenge-response based authentication protocol are secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks but are vulnerable to Dos attacks. RFID authentication protocol with strong resistance against traceability and denial of service attack is secured against location tracking attack, spoofing attacks, replay attacks, DoS attacks but are vulnerable to traffic analysis attacks. The present study suggests a more secure and lightweight RFID authentication protocol which is combining the advantages of hash-chain authentication protocol and RFID authentication protocol with strong resistance against traceability and denial of service attack. The results of the secure analysts for a proposed protocol are illustrated that it is secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks, Dos attacks and is a lightweight operation between server and tag.

  • PDF