• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.22 no.12
• /
• pp.2860-2866
• /
• 1997

Kerberos is the most used example of authentication technology in distributed environment. In this paper, based on this method, a new authentication mechanism associated with X.509 protocol that authenticates services between regions is presented. Since any suggestions to regional services are not described in Kerberos, the authentication between regiona is performed via the connected chain obtained from x.509. These two protocols have distinguished key management systems -X.509 is designed using an asymmetric method, while Kerberos using a symmetric method. In order to provide regional services, X.509 is employed on connection part and Kerberos on actual authetication part.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.505-509
• /
• 2006

Recently, wireless Internet service has become generalized, and required the user authentication of a mobile hosts and QoS. However, time required for user authentication during handoff Processes between a wireless LAN system and mobile hosts is long, and is unsuitable for real-time communication and multimedia applications. In this paper. we improved the existing system in order to reduce a lead time of user authentication as they extended a Fast Inter-AP handoff. We use a Mechanism to assume a confidence degree with bases by the time that stayed at individual wireless LAN systems in order to reduce the handoffs. The experiment network shows that it decreases communication load, and improves communication QoS.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.325-334
• /
• 2009

This paper demonstrates that an attacker can impersonate a random RFID tag and then perform the spoofing attack in the previous RFID authentication protocol. To resolve such a security problem, we also propose a new secure and efficient RFID mutual authentication protocol. The proposed RFID mutual authentication protocol is not only to resolve many security problems with the existing RFID authentication mechanism and the vulnerability against spoofing attack, but also to guarantee reliable authentication time as reducing computational overhead performing by tag. As a result, the proposed RFID mutual authentication protocol provides stronger security including the forward secrecy and more efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.107-112
• /
• 2003

Handover in IEEE 802.11 requires repeated authentication and key exchange procedures, which are an obstacle to seamless services of wireless LAM. We propose a fast authentication and key exchange mechanism using IEEE 802.11f. Especially, by proposing a modified version of the 4-way handshake of IEEE 802.11i, we solve the perfect forward secrecy problem that arises when the pre-authentication is adopted. The scheme can be implemented only using the Context Block of IEEE 802.11f and the 4-way handshake of IEEE 802.11i without involving authentications server's interaction or non-standard behavior between access points. Our scheme is applicable to devices not supporting the us-authentication of IEEE 802.11i and also, it can substitute the pre-authentication when the pre-authentication is failed.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.2
• /
• pp.177-184
• /
• 2009

The digital contents distribution system via network provides comfortability, usability, and diversified functions to content's users. However, for the characteristic of easy access of digital contents, the copyright infringements and indiscreet contents distribution are realized in this days. In other words, any users with the authentication key can access to copyright contents with any restrictions. To solve this problems, we proposed a user authentication mechanism which prevent indiscreet access to the digital content by using user system information. Also, to provide safe distribution of digital content, we used user's unique content authentication key.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.8
• /
• pp.2083-2090
• /
• 1998

In this paper, we propose two authentication exchange schemes which combine public key-based mutual authentication with a Diffie-Hellman key derivation exchange. The security of key exchange of the proposed schemes depends on the discrete logarithm problem. The ,securtly of the etity authentication depends on that of the signature mechanism to be used in the proposed scheme. In comparisun with the Kerberos, X.509 exchanges, and ISO 3-way authentication protocol, the proposed schemes are not only simple and efficient. but also are resistant to the full range of replay and interceptiun attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.5
• /
• pp.1471-1483
• /
• 2023

One of the fastest-growing mobile services accessible today is mobile payments. For the safety of this service, the Near Field Communication (NFC) technology is used. However, NFC standard protocol has prioritized transmission rate over authentication feature due to the proximity of communicated devices. Unfortunately, an adversary can exploit this vulnerability with an antenna that can eavesdrop or alter the exchanged messages between NFC-enabled devices. Many researchers have proposed authentication methods for NFC connections to mitigate this challenge. However, the security and privacy of payment transactions remain insufficient. We offer a privacy-preserving, anonymity-based, safe, and efficient authentication protocol to protect users from tracking and replay attacks to guarantee secure transactions. To improve transaction security and, more importantly, to make our protocol lightweight while ensuring privacy, the proposed protocol employs a secure offline session key generation mechanism. Formal security verification is performed to assess the proposed protocol's security strength. When comparing the performance of current protocols, the suggested protocol outperforms the others.

• The Journal of the Korea Contents Association
• /
• v.7 no.4
• /
• pp.20-29
• /
• 2007

Although E-mail system is considered as a most important communication media, 'Spam' is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Therefore advanced anti-spam techniques are required to basically reduce its transmission volume on sender mail server or MTA, etc. In this study, we propose a new sender authentication model with encryption function based on modified DomainKey with SMS for Spam mail protection. From the SMS message, we can get secret information used for verification of its real sender on e-mail message. And by distributing this secret information with SMS like out-of-band channel, we can also combine proposed modules with existing PGP scheme for secure e-mail generation and authentication steps. Proposed scheme provide enhanced authentication function and security on Spam mail protection function because it is a 'dual mode' authentication mechanism.

• Journal of KIISE
• /
• v.42 no.1
• /
• pp.23-32
• /
• 2015

In the Android market, a large portion of the market share consists of third party applications, but not much research has been performed in this respect. Of these applications, mobile Voice Over IP (VoIP) applications are one of the types of applications that are used the most. In this paper, we focus on user authentication methods for three representative applications of the Google Voice service, which is a famous mobile VoIP application. Then, with respect to the Android file system, we developed a method to store and to send user information for authentication. Finally, we demonstrate a vulnerability in the mechanism and propose an improved mechanism for user authentication by using hash chaining and an elliptic curve Diffie-Hellman key exchange.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.747-754
• /
• 2004

Today, wireless LANs are widely deployed in various places such as corporate office conference rooms, industrial warehouses, Internet-ready classrooms, etc. However, new concerns have been raised regarding suity. Currently, both virtual private network(VPN) and WEP are used together as a strong authentication mechanism. While security is increased by using VPN and WEP together, unnecessary redundancy occurs causing power consumption increase and authentication speed decrease in the authentication process. In this paper a new synchronization protocol for authentication is proposed which allows simple authentication, minimal power consumption at the mobile station, and high utilization of authentication stream. This is achieved by using one bit per a frame authentication, while main authentication process including synchronization is handled by access points. Computer simulation reveals that the proposed scheme significantly improves the authentication efficiency in terms of the number of authenticated frames and authentication speed compared with an earlier protocol employing a similar authentication approach.