DOI QR코드

DOI QR Code

피싱과 파밍 공격에 대응하기 위한 인증 프로토콜 설계

Design Of A Secure Authentication Protocol Against Phishing And Pharming Attacks

  • 김익수 ((주)스카이컴) ;
  • 최종명 (국립목포대학교 정보공학부 컴퓨터공학)
  • 투고 : 2009.02.02
  • 심사 : 2009.02.20
  • 발행 : 2009.03.30

초록

As individuals spend more time doing social and economic life on the web, the importance of protecting privacy against Phishing and Pharming attacks also increases. Until now, there have been researches on the methods of protection against Phishing and Pharming. However, these researches don't provide efficient methods for protecting privacy and don't consider Pharming attacks. In this paper, we propose an authentication protocol that protects user information from Phishing and Pharming attacks. In this protocol, the messages passed between clients and servers are secure because they authenticate each other using a hash function of password and location information which are certificated to clients and servers only. These messages are used only once, so that the protocol is secure from replay attacks and man-in-the-middle attacks. Furthermore, it is also secure from Pharming attacks.

키워드