• Title/Summary/Keyword: Authentication

Search Result 4,133, Processing Time 0.03 seconds

Security enhanced privacy-aware two-factor authentication protocol for wireless sensor networks (무선 센서 네트워크 환경을 위한 보안성이 향상된 프라이버시 보호형 two-factor 인증 프로토콜)

  • Choi, Younsung;Chang, Beom-Hwan
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.15 no.4
    • /
    • pp.71-84
    • /
    • 2019
  • Various researchers conducted the research on two-factor authentication suitable for wireless sensor networks (WSNs) after Das first proposed two-factor authentication combining the smart card and password. After then, To improve the security of user authentication, elliptic curve cryptography(ECC)-based authentication protocols have been proposed. Jiang et al. proposed a privacy-aware two-factor authentication protocol based on ECC for WSM for resolving various problems of ECC-based authentication protocols. However, Jiang et al.'s protocol has the vulnerabilities on a lack of mutual authentication, a risk of SID modification and a lack of sensor anonymity, and user's ID exposed on sensor node Therefore, this paper proposed security enhanced privacy-aware two-factor authentication protocol for wireless sensor networks to solve the problem of Jiang et al.'s protocol, and security analysis was conducted for the proposed protocol.

A Secure WLAN Authentication Scheme

  • Singh, Rajeev;Sharma, Teek Parval
    • IEIE Transactions on Smart Processing and Computing
    • /
    • v.2 no.3
    • /
    • pp.176-187
    • /
    • 2013
  • Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.

  • PDF

Authentication and Trust Relationship Chaining for Resource Sharing Community (자원 공유 커뮤니티를 위한 인증 기술과 신뢰관계사슬)

  • Kim, Jeong Gon;Kim, Shin Kon
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.6 no.2
    • /
    • pp.55-69
    • /
    • 2010
  • This article proposed the authentication protocol for peer-to-peer resource sharing community. The proposed protocol does not require a priori information for generating and exchanging authentication key. Also this protocol can provide the delicate access control by allowing the user(authenticator) to assign the trust level to the authentication supplicant, which can be used to decide if the resource providing node will accept the resource sharing request from a resource requesting node. Trust Relationship Chaining provides the environment where trust levels (included in the trust table) of nodes in the resource sharing community are propagated among nodes when trust tables are exchanged between two nodes engaged in mutual authentication process and authentication refresh so that any two nodes which are not directly mutual-authenticated can assign the trust level each other for the access control for resource sharing. In the proposed protocol a node can implements the authentication refresh continuously to verify the effectiveness of authentication after mutual authentication so that the authentication of new node or authentication revocation(effectiveness cancellation) of the departed node can be propagated to the all the nodes in RSC and eventually safe resource sharing community is configured.

The Analysis of the TETRA Authentication Protocol (TETRA 인증 프로토콜 분석)

  • Park Yong-Seok;Ahn Jae-Hwan;Jung Chang-Ho;Ahn Joung-Chul
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.10 no.6
    • /
    • pp.1070-1075
    • /
    • 2006
  • TETRA system provides the radio authentication service which permits only authorized radio to access network. Radio authentication is the process which checks the sameness of authentication-key(K) shared between radio and authentication center by challenge-response protocol. TETRA standard authentication protocol can prevent the clone radio to copy ISSI from accessing network, but can't prevent the clone radio to copy ISSI & authentication-key. This paper analyzes authentication-key generation/delivery/infection model in TETRA authentication system and analyzes the threat of clone radio caused by authentication-key exposure. Finally we propose the new authentication protocol which prevent the clone radio to copy ISSI & authentication-key from accessing network.

A Study about weight grant of Authentication level in USN environment

  • Choi, Bae-Young;Ahn, Byung-Ryul;Chung, Tai-Myoung
    • Proceedings of the Korea Society of Information Technology Applications Conference
    • /
    • 2005.11a
    • /
    • pp.165-168
    • /
    • 2005
  • The objects, which can be personal digital assistants, electronic rings, doors or even clothes, offer embedded chips with computation facilities and are generally called artifacts. I later realized that this was not so the real problem is actually authentication. Recent results indicate scalability problems for flat ad hoc networks. Sensor network achieves function that handle surrounding information perception through sensor and sensed information to network that is consisted of sensor nodes of large number. Research about new access control techniques and height administration techniques need authentication information persons' certification assurance level classification in sensor network environment which become necessary different view base with authentication information at node for application of AAA technology in USN environment that must do authentication process using information that is collected from various sensor mountings. So, get base authentication information in sensor type and present weight grant model by security strength about authentication information through information who draw. In this paper collected information of sensor nodes model who give weight drawing security reinforcement as authentication information by purpose present be going to. and Must be able to can grasp special quality of each sensor appliances in various side and use this and decide authentication assurance level for value estimation as authentication information elements. Therefore, do to define item that can evaluate Authentication information elements thus and give simple authentication assurance level value accordingly because applying weight. Present model who give authentication assurance level value and weight for quotation according to security strength.

  • PDF

A Comparative Analysis of PKI Authentication and FIDO Authentication (PKI 인증과 FIDO 인증에 대한 비교 분석)

  • Park, Seungchul
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.7
    • /
    • pp.1411-1419
    • /
    • 2017
  • The two factor authentication capability, private key possession and key protection password knowledge, and the strong public key cryptography protocol of PKI authentication have largely contributed to the rapid construction of Internet transaction trusted infrastructure. The reusability of a certificate-based identity for every PKI site was another contribution factor of the spread of PKI authentication. Nevertheless, the PKI authentication has been criticised mainly for the cost of PKI construction, inconvenience of individual certificate management, and difficulties of password management. Recently FIDO authentication has received high attention as an alternative of the PKI authentication. The FIDO authentication is also based on the public key cryptography which provides strong authentication services, but it does not require individual certificate issuance and provides user-friendly and secure authentication services by integrating biometric technologies. The purpose of this paper is to concretely compare the PKI-authentication and FIDO-authentication and, based on the analysis result, to propose their corresponding applications.

ECbA(Elliptic Curve based Authentication) System on the wireless network environment (무선 네트워크 환경에서의 ECbA(Elliptic Curve based Authentication)시스템 설계)

  • Jeong, Eun-Hee;Yang, Seung-Hae;Kim, Hak-Chun;Lee, Byung-Kwan
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.1 no.1
    • /
    • pp.67-74
    • /
    • 2008
  • As wireless network market is increasing rapidly, the biggest issue is to transfer safe data and to authenticate users. This paper proposes ECbA(Elliptic Curve based Authentication) which consists of the mutual authentication mechanism that users can ascertain the identity of an authentication server and the user authentication mechanism that an authentication server can make sure users' identity, by using Elliptic Curve algorithms. The proposed ECbA system diminishes the message quantity and the execution time by using the small elliptic curve algorithm with the small key length in authentication. In addition, as this paper reduces the authentication steps of existing EAP_TLS into 6 authentication steps, the communication cost and mutual authentication time can be saved. As this paper distributes new keys, whenever authenticating users by using key exchange mechanism, it provides safe encryption communication and prevents DoS attack by controlling the users authentication request by authentication server.

  • PDF

User Authentication Mechanism using Smartphone (스마트폰을 이용한 사용자 인증 메커니즘)

  • Jeong, Pil-seong;Cho, Yang-hyun
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.2
    • /
    • pp.301-308
    • /
    • 2017
  • With the popularization of smart phones and the development of the Internet, many people use smart phones to conduct identity verification procedures. smart phones are easier and faster to authenticate than personal desktop computers. However, as Internet hacking technology and malicious code distribution technology rapidly evolve and attack types become more diverse, authentication methods suitable for mobile environment are required. As authentication methods, there are methods such as possessive-based authentication, knowledge-based authentication, biometric-based authentication, pattern-based authentication, and multi-element authentication. In this paper, we propose a user authentication mechanism that uses collected information as authentication factor using smart phone. Using the proposed authentication mechanism, it is possible to use the smart phone information and environment information of the user as a hidden authentication factor, so that the authentication process can be performed without being exposed to others. We implemented the user authentication system using the proposed authentication mechanism and evaluated the effectiveness based on applicability, convenience, and security.

The Framework for Cost Reduction of User Authentication Using Implicit Risk Model (내재적 리스크 감지 모델을 사용한 사용자 인증 편의성 향상 프레임워크)

  • Kim, Pyung;Seo, Kyongjin;Cho, Jin-Man;Kim, Soo-Hyung;Lee, Younho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.5
    • /
    • pp.1033-1047
    • /
    • 2017
  • Traditional explicit authentication, which requires awareness of the user's authentication process, is a burden on the user, which is one of main reasons why users tend not to employ authentication. In this paper, we try to reduce such cost by employing implicit authentication methods, such as biometrics and location based authentication methods. We define the 4-level security assurance model, where each level is mapped to an explicit authentication method. We implement our model as an Android application, where the implicit authentication methods are touch-stroke dynamics-based, face recognition based, and the location based authentication. From user experiment, we could show that the authentication cost is reduced by 14.9% compared to password authentication-only case and by 21.7% compared to the case where 6-digit PIN authentication is solely used.

POSCAL : A Protocol of Service Access Control by Authentication Level (인증 수준에 의한 서비스 접근제어 프로토콜)

  • Yoo, SeongMin;Choi, SeokJin;Park, JunHoo;Ryou, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1509-1522
    • /
    • 2018
  • The purpose of this study is to support flexible authentication functions in various services using various types of user information. Rather than requiring the same level of authentication for all services, the goal is to identify the level of authentication at the time of user authentication and to increase convenience and efficiency by dynamically granting authority. In this paper, we propose POSCAL (Protocol of Service Control by Authentication Level) protocol which can control service access based on various local authentication information. To verify the function of the authentication framework, we developed the electronic wallet service based on the POSCAL authentication framework and evaluated the implementation function based on the use case scenario. The proposed protocol satisfies user and message authentication, confidentiality of authentication information, integrity of authentication history, non - repudiation of authorization, and access control by service according to security level.