• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.127-137
• /
• 2019

The growth in smartphone service has given rise to an increase in frequency and importance of authentication. Existing smartphone authentication mechanisms such as passwords, pattern lock and fingerprint recognition require a high level of awareness and authenticate users temporarily with a point-of-entry techniques. To overcome these disadvantages, there have been active researches in behavior-based authentication. However, previous studies focused on enhancing the accuracy of the authentication. Since authentication is directly used by people, it is necessary to reflect actual users' perception. This paper proposes user perception on behavior-based authentication with feature analysis. We conduct user survey to empirically understand user perception regarding behavioral authentication with selected authentication features. Then, we analyze acceptance of the behavioral authentication to provide continuous authentication with minimal awareness while using the device.

• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.65-72
• /
• 2022

In this paper, a zero trust-based complex biometric authentication was proposed in a passwordless environment. The linkage of FIDO 2.0 (Fast IDENTITY Online) transaction authentication platforms was designed in conjunction with metaverse. In particular, it was applied with the location information of a smart terminal according to a geomagnetic sensor, an accelerator sensor, and biometric information for multi-factor authentication(MFA). At this time, a FIDO transaction authentication platform was presented for adaptive complex authentication with user's environment through complex authentication with secondary authentication based on situational awareness such as illuminance and temperature/humidity. As a result, it is possible to authenticate secondary users based on zero trust with behavior patterns such as fingerprint recognition, iris recognition, face recognition, and voice according to the environment. In addition, it is intended to check the linkage result of the FIDO platform for complex integrated authentication and improve the authentication accuracy of the linkage platform for transaction authentication using FIDO2.0.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.3
• /
• pp.1350-1355
• /
• 2011

It is very important issues to protect many system resources using authorized client authentication in distributed client server systems. So it is not enough to prevent unauthorized opponents from attacking our systems that client authentication is performed using only the client's identifier and password. In this paper, we propose a secure authentication database modeling with two authentication keys such as a client authentication key and a server authentication key. The proposed authentication model can be used making high quality of computer security using two authentication keys during transaction processing. The two authentication keys are created by client and server, and are used in every request transaction without user's extra input. Using the proposed authentication keys, we can detect intrusion during authorized client's transaction processing because we can know intrusion immediately through comparing stored authentication keys in client server systems when hackers attack our network or computer systems.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.747-754
• /
• 2004

Today, wireless LANs are widely deployed in various places such as corporate office conference rooms, industrial warehouses, Internet-ready classrooms, etc. However, new concerns have been raised regarding suity. Currently, both virtual private network(VPN) and WEP are used together as a strong authentication mechanism. While security is increased by using VPN and WEP together, unnecessary redundancy occurs causing power consumption increase and authentication speed decrease in the authentication process. In this paper a new synchronization protocol for authentication is proposed which allows simple authentication, minimal power consumption at the mobile station, and high utilization of authentication stream. This is achieved by using one bit per a frame authentication, while main authentication process including synchronization is handled by access points. Computer simulation reveals that the proposed scheme significantly improves the authentication efficiency in terms of the number of authenticated frames and authentication speed compared with an earlier protocol employing a similar authentication approach.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.12C
• /
• pp.1288-1296
• /
• 2006

This paper proposes a fast authentication scheme based on hierarchical key structure (HiFA) for roaming mobile nodes in both intra-domain and inter-domain. The full authentication procedure standardized in IEEE 802.11 and 802.16 is difficult to be applied to a handover since it needs a heavy operation and long delay time during a handover. Though a number of schemes were proposed to solve the problem, the existing schemes might degrade the security of authentication or impose heavy administrative burden on the Pome authentication server. The main contribution of this paper is to reduce the communication and computation overhead of the home authentication sewer without degrading the security strength of the fast roaming authentication using hierarchical authentication key structure. The proposed scheme iii this paper decentralizes the administrative burden of the home authentication server to other network entities such as a local authentication server or access point and supports the security separation of the authentication key among local authentication servers using hash key chain.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.373-381
• /
• 2017

Currently, various types of user authentication methods based on public certificates are used in domestic financial transactions. Such an authorized certificate method has a problem that a different security module must be installed every time a user connects an individual financial company to a web server. Also, the financial company relying on this authentication method has a problem that a new security module should be additionally installed for each financial institution whenever a next generation authentication method such as biometric authentication is newly introduced. In order to solve these problems, we propose an integrated authentication system that handles user authentication on behalf of each financial institution in financial transactions, and proposes an integrated authentication protocol that handles secure user authentication between user and financial company web server. The new authentication protocol is a modified version of OAuth2.0 that increases security and efficiency. It is characterized by performing a challenge-response protocol with a pre-shared secret key between the authentication server and the financial company web server. This gives users a convenient and secure Single Sign-On (SSO) effect.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.11
• /
• pp.1011-1019
• /
• 2012

This paper presents a novel hybrid authentication scheme in the next-generation Tactical Mobile Communication Systems(TMCS) with wireless MSAP mesh networks. The existing centralized and distributed authentication methods for security between MSAPs may have their pros and cons. The centralized authentication method induces overhead from frequent MSAP association which leads to long authentication delay. On the other hand, the distributed authentication method requires initial sharing of the authentication information. Therefore, a more efficient authentication scheme is needed to protect the network from malicious MSAPs and also maximize efficiency of the network security. The proposed scheme provides a hybrid method of efficiently managing the authentication keys in the wireless MSAP mesh network to reduce the induced authentication message exchange overhead. Also, as the authentication method between MSAP and TMFT is different, a method of utilizing the ACR for handling the EAP packets is proposed. In overall, the proposed scheme provides efficient mutual authentication between MSAPs especially for tactical environments and is analyzed through performance evaluation to prove its superiority.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.75-82
• /
• 2018

As user of mobile device increases, various user authentication methods are actively researched. The user authentication methods includes a method of using a user ID and a password, a method of using user biometric feature, a method of using location based, and a method of authenticating secondary authentication such as OTP(One Time Password) method is used. In this paper, we propose a user system which improves the problem of existing authentication method and encryption can proceed in a way that user desires. The proposed authentication system is composed of an authentication factor collection module that collects authentication factors using a mobile device, a security key generation module that generates a security key by combining the collected authentication factors, and a module that performs authentication using the generated security key module.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.843-853
• /
• 2017

In the case of electronic payment, the obligation to use the certificate-based authentication was abolished. As Fin-tech service providers gain autonomy, various authentication methods are provided. SMS, ARS, PIN, Text-passwords, Fingerprints are popular authentication methods in the mobile Fin-tech services. In this study evaluate the usability and security of authentication methods in a unified mobile environment. We evaluate the usability through SUS and interview. Also we evaluate the security level of authentication methods through NIST guideline. At the result of the usability evaluation, Fingerprint authentication method had been determined as the highest usability, also Fingerprint authentication method had been determined as the safest authentication method by obtaining Security Level 4.

• Proceedings of the KSRS Conference
• /
• 2005.10a
• /
• pp.678-682
• /
• 2005

IETF suggested AAA for safe and reliable user authentication on various network and protocol caused by development in internet and increase in users. Diameter standard authentication system does not provide mutual authentication and non-repudiation. AAA authentication system using public key was suggested to supplement such Diameter authentication but application in mobile service control nodes is difficult due to overhead of communication and arithmetic. ID based AAA authentication system was suggested to overcome such weak point but it still has the weak point against collusion attack or forgery attack. In this thesis, new ID based AAA authentication system is suggested which is safe against collusion attack and forgery attack and reduces arithmetic quantity of mobile nodes with insufficient arithmetic and power performance. In this thesis, cryptological safety and arithmetical efficiency is tested to test the suggested system through comparison and assessment of current systems. Suggested system uses two random numbers to provide stability at authentication of mobile nodes. Also, in terms of power, it provides the advantage of seamless service by reducing authentication executing time by the performance of server through improving efficiency with reduced arithmetic at nodes.