• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.309-316
• /
• 2013

Machine-to-machine (M2M) communication occurs when devices exchange information independent of human intervention. Prominent among the technical challenges to M2M communication are security issues, such as eavesdropping, spoofing, modification, and privacy violation. Hence, it is very important to establish secure communication. In this paper, we propose a remote authentication scheme, based on dynamic ID, which provides secure communication while avoiding exposure of data through authentication between the M2M domain and the network domain in the M2M architecture. We then prove the correctness and security of the proposed scheme using a logic-based formal method.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.273-278
• /
• 2013

Recently, user authentication schemes using smart cards for multi-server environment have been proposed for practical applications. In 2009, Liao-Wang proposed a secure dynamic ID based remote user authentication scheme for multi-server environment that can withstand the various possible attacks and provide user anonymity. In this paper, we analyze the security of Liao-Wang's scheme, and we show that Liao-Wang's scheme is still insecure against the forgery attack, the password guessing attack, the session key attack, and the insider attack. In addition, Liao-Wang's scheme does not provide user anonymity between the user and the server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.61-72
• /
• 2009

To guarantee security between the tag and back-end server and implementation efficiency in low power tag, we propose two typed mutual authentication protocols in RFID system. One is static-ID authentication scheme which is well suitable in distributed server environments. The other is dynamic-ID scheme which is additively satisfied forward security. In proposed scheme, it does not need any random number generator in tag and requires only one(maximally three) hash operation(s) in tag or server to authenticate each other. Furthermore, we implement the proposed schemes in RFID smart card system and verify its normal operations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4661-4676
• /
• 2014

In Wireless Mesh Networks (WMN), an authentication technique can be compromised due to the distributed network architecture, the broadcast nature of the wireless medium and dynamic network topology. Several vulnerabilities exist in different protocols for WMNs. Hence, in this paper, we propose trust based authentication and key establishment for secure routing in WMN. Initially, a trust model is designed based on Ant Colony Optimization (ACO) to exchange the trust information among the nodes. The routing table is utilized to select the destination nodes, for which the link information is updated and the route verification is performed. Based on the trust model, mutual authentication is applied. When a node moves from one operator to another for accessing the router, inter-authentication will be performed. When a node moves within the operator for accessing the router, then intra-authentication will be performed. During authentication, keys are established using identity based cryptography technique. By simulation results, we show that the proposed technique enhances the packet delivery ratio and resilience with reduced drop and overhead.

• ETRI Journal
• /
• v.31 no.4
• /
• pp.460-462
• /
• 2009

The emerging wireless networks require the design of new authentication protocols due to their dynamic nature and vulnerable-to-attack structure. Recently, Wu and others proposed a wireless authentication protocol which is claimed to be an improvement of the authentication protocol proposed by Lee and others which provides user anonymity. In this letter, we show that these protocols have a common flaw and that these protocols fail to provide user anonymity. We also propose a modification method to solve this problem.

• The KIPS Transactions:PartD
• /
• v.12D no.1 s.97
• /
• pp.121-128
• /
• 2005

This paper describes the requested IP assignment and authentication problem for wireless internet service of visited ISP subscriber on GPRS network, and proposes to use RADIUS authentication and accounting server for these problems. In this paper, we also define signals between GGSN and RADIUS, and between RADIUS authentication server and accounting sever for IP management and wireless internet service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.361-371
• /
• 2017

The increase in user data stored in the device implies the increase in threats of users' sensitive data. Currently, smartphone authentication mechanisms such as Pattern Lock, fingerprint recognition are widely used. Although, there exist disadvantages of inconvenience use and dependence that users need to depend on their own memory. User behavior based authentication mechanism have advantages of high convenience by offering continuous authentication when using the mobile device. However, these mechanisms show limitations on low accuracy of authentication and there are researches to improve the accuracy. This paper proposes improved authentication mechanism that uses user's smartphone application usage pattern which has not considered on earlier studies. Also, we analyze performance of proposed mechanism with collected datasets from actual use of smartphone applications.

• Proceedings of the IEEK Conference
• /
• 2002.06c
• /
• pp.131-134
• /
• 2002

As the increased use of computer, wired/wireless/mobile Internet, security in using Internet becomes a more important problem. Thus, biometric technology using physical and behavior characteristics of a person is hot issue. Many different types of biometric technologies of a person such as fingerprint, face, iris, vein, DNA, brain wave, palm, voice, dynamic signature, etc. had already been studied but remained unsuccessful because they do not meet social demands. However, recently many of these technologies have been actively revived and researchers have developed new products on various commercial fields. Dynamic signature verification technology is to verify the signer by calculating his writing manner, speed, angle, and the number of strokes, order, the down/up/movement of pen when the signer input his signature with an electronic pen for his authentication. Then signature verification system collects mentioned above various feature information and compares it with the original one and simultaneously analyzes to decide whether signature is forgery or true. The prospect of signature verification technology is very promising and its use will be wide spread in terms of economy, security, practicality, stability and convenience.

• Journal of Korea Multimedia Society
• /
• v.11 no.5
• /
• pp.661-672
• /
• 2008

Mobile Ad-hoc NETwork is a kind of self-controlled network composed only of mobile hosts. Since its range of use is gradually expanding into various sections applicable to practical lives, active researches are being conducted on it. However, as it depends on cooperation of nodes composing the entire network, due to weakness of wireless link and lack of its central infrastructure, so it is exposed to more serious risk than general network in security. Therefore, this paper proposes Cluster-Based Dynamic Authentication that enables only reliable nodes to participate in communication, by solving lack of centralized infrastructure, using hierarchical Mobile Ad hoc NETwork structure based on cluster, and by complementing security weakness through mutual authentication between hierarchical nodes. Simulation shows that the proposed scheme can complement security weakness of Mobile Ad hoc NETwork and that it is more adequate in reliability and expandability than the existing schemes.

• ETRI Journal
• /
• v.35 no.5
• /
• pp.889-899
• /
• 2013

Wireless sensor networks (WSNs) are used for many real-time applications. User authentication is an important security service for WSNs to ensure only legitimate users can access the sensor data within the network. In 2012, Yoo and others proposed a security-performance-balanced user authentication scheme for WSNs, which is an enhancement of existing schemes. In this paper, we show that Yoo and others' scheme has security flaws, and it is not efficient for real WSNs. In addition, this paper proposes a new strong authentication scheme with user privacy for WSNs. The proposed scheme not only achieves end-party mutual authentication (that is, between the user and the sensor node) but also establishes a dynamic session key. The proposed scheme preserves the security features of Yoo and others' scheme and other existing schemes and provides more practical security services. Additionally, the efficiency of the proposed scheme is more appropriate for real-world WSNs applications.