• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.29-37
• /
• 2020

Password based authentication technology is yet certain and id to provide a level of security being used in most systems, but already a myriad of personal information exposure to the accident. Above all, and once exposed, it is difficult to recover the password. Thus, the various authentication techniques - factor two was introduced, but they are expensive and discomfort to users, to lead. In this paper, the existing unique to users in such a single accreditation process / password id key - stroke, user authentication and cost effectively and at the same time. And not cause discomfort, suggested technologies that can also ensure high security exposure, password id. This paper's proposals and determine the effectiveness of the system to build model.

• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.215-223
• /
• 2013

As cloud computing is activated, a variety of cloud services are being distributed. However, to use each different cloud service, you must perform a individual user authentication process to service. Therefore, not only the procedure is cumbersome but also due to repeated authentication process performance, it can cause password exposure or database overload that needs to have user's authentication information each cloud server. Moreover, there is high probability of security problem that being occurred by phishing attacks that result from different authentication schemes and input scheme for each service. Thus, when you want to use a variety of cloud service, we proposed OpenID based user authentication scheme that can be applied to a multi-cloud environment by the trusted user's verify ID provider.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.10
• /
• pp.101-108
• /
• 2021

In this paper, we analyze Shin's proposed dynamic ID-based user authentication scheme for TMIS(Telecare Medicine Information System), and Shin's authentication scheme is vulnerable to smart card loss attacks, allowing attackers to acquire user IDs, which enables user impersonation attack. In 2019, Shin's proposed authentication scheme attempted to generate a strong random number using ECC, claiming that it is safe to lose a smart card because it is impossible to calculate random number r'i due to the difficulty of the ECC algorithm without knowing random number ri. However, after analyzing Shin's authentication scheme in this paper, the use of transmission messages and smart cards makes it easy to calculate random numbers r'i, which also enables attackers to generate session keys. In addition, Shin's authentication scheme were analyzed to have significantly greater overhead than other authentication scheme, including vulnerabilities to safety analysis, the lack of a way to pass the server's ID to users, and the lack of biometric characteristics with slightly different templates.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.7
• /
• pp.67-75
• /
• 2023

In this paper, we analyze the problem of the user authentication scheme that provides dynamic ID in a multi-server environment proposed by Andola et al. and propose an improved authentication one to solve this problem. As a result of analyzing the authentication scheme of Andrea et al. in this paper, it is not safe for smart card loss attack, and this attack allows users to guess passwords, and eventually, the attacker was able to generate session key. This paper proposed an improved authentication scheme to solve these problems, and as a result of safety analysis, it was safe from various attacks such as smart card loss attack, password guess attack, and user impersonation attack. Also the improved authentication scheme not only provides a secure dynamic ID, but is also effective in terms of the computational complexity of the hash function. In addition, the improved authentication scheme does not significantly increase the amount of transmission, so it can be said to be an efficient authentication scheme in terms of transmission cost.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.5
• /
• pp.113-124
• /
• 2010

In this study, the hybrid authorization quotation technique is based on the device ID for the integrity of the source region guarantee of user certificate, in order to improve the convenience and security for user in the hybrid PKI certificate Mechanism for authentication. The feature of the model in which it is presented from this paper is 5. First, because the user can select the policy himself in which it matches with each authentication situation and security level, the convenience can be improved. Second, the integrity of the source region of the user certificate can be guaranteed through the comparison of the DLDI Key, that is the hash-value of the device ID. Third, the security can be improved by continuously changing an encoding, and the value of the key in which it decodes through the EOTP Key. Fourth, the index value is added to a certificate, and the storage of a certificate is possible at the Multi-Device. Fifth, since the addi the inan aratus for the integrity of the source region guarantee of a certificate is not needed, the authentication process time can be reduced and the computational load of the certificate server can be reduced also.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.05a
• /
• pp.203-205
• /
• 2023

최근 성장하고 있는 드론 산업에 맞추어 전세계적으로 드론 운용을 위한 식별 및 인증 규정을 마련하고 있는 추세이다. 대표적으로, 미국 FAA 에서 채택한 Remote ID 기반의 식별방식이 있다. 그러나, ID 기반의 인증 방식은 해당 ID 가 탈취 혹은 위조될 경우 다른 드론으로 위장하여 여러 심각한 사회 문제를 일으킬 위험성이 있다. 따라서 드론에 탑재된 여러 센서나 모터와 같은 하드웨어의 고유한 특성을 이용하여 Remote ID 를 대체하거나 이중 인증에 이용하려는 연구가 이루어지고 있다. 본 논문에서는 드론에 탑재된 하드웨어의 고유특성을 이용한 다양한 식별 및 인증시스템에 대한 연구에 대하여 살펴본다.

• Journal of Korea Multimedia Society
• /
• v.14 no.8
• /
• pp.1029-1040
• /
• 2011

Electronic identity (e-ID) card based on smartcard is a representative identity credential for on-line and off-line personal identification. The e-ID card can store the personal identity information securely, so that the information can be accessed fast, automated identity verification and used to determine the cardholder's authorization to access protected resources. Due to such features of an e-ID card, the number of government organizations and corporate enterprises that consider using e-ID card for identity management is increasing. In this paper, we present an authentication framework for access control system using e-ID cards by discussing the threat environment and security requirement against e-ID card. Specifically, to accomplish our purpose, we consider the Personal Identity Verification system as our target model.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.977-980
• /
• 2007

로그인 과정은 사용자의 ID와 Password를 기반으로 시스템에 대한 사용권한을 부여한다. 로그인 과정에서 입력된 ID와 Password 정보는 패킷 스니핑 또는 Keylogger 프로그램 등을 이용하여 악의적인 공격자에 의해 노출될 수 있다는 취약점이 있다. 웹서버 또는 웹메일 시스템 등에 등록된 ID와 Password가 노출된다면 이는 개인 프라이버시 문제와도 연결되어 매우 심각한 문제이기도 하다. 현재 대부분의 시스템에서는 ID와 Password 만을 가지고 사용자에 대한 인증 및 로그인 과정을 수행하기 때문에 더욱더 강력한 복합 로그인 메카니즘이 제시되어야 한다. 본 연구에서는 기존의 ID/Password 기반 로그인 기법과 더불어 소프트웨어 형태의 보안카드를 핸드폰에 설치하여 유무선망을 통한 이중 인증(Two factor authentication) 기법을 제시한다. 제안한 소프트웨어 형태의 보안카드 기반 로그인 기법은 ID/Password와 함께 부가적 정보로써 사용자의 핸드폰에 발급받은 보안카드내 난수 형태로 생성된 번호를 사용한다. 따라서 제안한 시스템을 사용할 경우 기존의 ID와 Password와 연계되어 일회용 패스워드 형태로 제공되는 보안카드 정보를 사용하여 로그인 과정을 수행하기 때문에 보다 안전한 인증 시스템을 구축할 수 있다.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.43-52
• /
• 2023

Many businesses and organizations use smartcard-based user authentication for remote access. In the meantime, through various studies, dynamic ID-based remote user authentication protocols for distributed multi-server environments have been proposed to protect the connection between users and servers. Among them, Qiu et al. proposed an efficient smart card-based remote user authentication system that provides mutual authentication and key agreement, user anonymity, and resistance to various types of attacks. Later, Andola et al. found various vulnerabilities in the authentication scheme proposed by Qiu et al., and overcame the flaws in their authentication scheme, and whenever the user wants to log in to the server, the user ID is dynamically changed before logging in. An improved authentication protocol is proposed. In this paper, by analyzing the operation process and vulnerabilities of the protocol proposed by Andola et al., it was revealed that the protocol proposed by Andola et al. was vulnerable to offline smart card attack, dos attack, lack of perfect forward secrecy, and session key attack.

• The Journal of the Korea Contents Association
• /
• v.9 no.3
• /
• pp.28-38
• /
• 2009

Login process uses both ID and password information to authenticate someone and to permit its access privilege on system. However, an attacker can get those ID and password information by using existing packet sniffing or key logger programs. It cause privacy problem as those information can be used as a hacking and network attack on web server and web e-mail system. Therefore, a more secure and advanced authentication mechanism should be required to enhance the authentication process on existing system. In this paper, we propose a multi-factor authentication process by using software form of secure card system combined with existing ID/Password based login system. Proposed mechanism uses a random number generated from the his/her own handset with biometric information. Therefore, we can provide a one-time password function on web login system to authenticate the user using multi-factor form. Proposed scheme provide enhanced authentication function and security because it is a 'multi-factor authentication mechanism' combined with handset and biometric information on web login system.