디지털산업정보학회논문지 (Journal of Korea Society of Digital Industry and Information Management)
- 제5권1호
- /
- Pages.63-70
- /
- 2009
- /
- 1738-6667(pISSN)
- /
- 2713-9018(eISSN)
DOI QR Code
피싱과 파밍 공격에 대응하기 위한 인증 프로토콜 설계
Design Of A Secure Authentication Protocol Against Phishing And Pharming Attacks
- 투고 : 2009.02.02
- 심사 : 2009.02.20
- 발행 : 2009.03.30
초록
As individuals spend more time doing social and economic life on the web, the importance of protecting privacy against Phishing and Pharming attacks also increases. Until now, there have been researches on the methods of protection against Phishing and Pharming. However, these researches don't provide efficient methods for protecting privacy and don't consider Pharming attacks. In this paper, we propose an authentication protocol that protects user information from Phishing and Pharming attacks. In this protocol, the messages passed between clients and servers are secure because they authenticate each other using a hash function of password and location information which are certificated to clients and servers only. These messages are used only once, so that the protocol is secure from replay attacks and man-in-the-middle attacks. Furthermore, it is also secure from Pharming attacks.