• Title/Summary/Keyword: mutual security

Search Result 476, Processing Time 0.026 seconds

Improvements of a Dynamic ID-Based Remote User Authentication Scheme (동적 ID 기반 원격 사용자 인증 스킴의 보안성 개선)

  • Young-Do, Joo;An, Young-Hwa
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.11 no.6
    • /
    • pp.303-310
    • /
    • 2011
  • Recently, many user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication process. In 2009, Wang et al. proposed a more effective and secure dynamic ID-based remote user authentication scheme to improve the security weakness of Das et al.'s scheme, and asserted that the improved scheme is secure against independent of password in authentication phase and provides mutual authentication between the user and the remote server. However, in this paper, we analyze the security of Wang et al. scheme and demonstrate that Wang et al.'s scheme is vulnerable to the man-in-the-middle attack and the off-line password guessing attack. In addition, we show that Wang et al. scheme also fails to provide mutual authentication. Accordingly, we propose an improved scheme to overcome these security weakness even if the secrete information stored in the smart card is revealed. Our proposed scheme can withstand the user impersonation attack, the server masquerading attack and off-line password guessing attack. Furthermore, this improved scheme provides the mutual authentication and is more effective than Wang et al.'s scheme in term of the computational complexities.

Security Enhancement of Biometrics-based Remote User Authentication Scheme Using Smart Cards (스마트 카드를 이용한 생체인식 기반 원격 사용자 인증 스킴의 보안성 개선)

  • An, Young-Hwa;Joo, Young-Do
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.12 no.1
    • /
    • pp.231-237
    • /
    • 2012
  • In 2011, Das proposed an effective biometrics-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication, while eliminating the security drawbacks of Li-Hwang's scheme. In this paper, we have shown that Das's scheme is still insecure against several attacks and does not provide mutual authentication. Also, we proposed the enhanced scheme to overcome these security weaknesses, even if the secret information stored in the smart card is revealed. As a result of security analysis, the enhanced scheme is secure against user impersonation attack, server masquerading attack, off-line password guessing attack, and insider attack. And we can see that the enhanced scheme provides mutual authentication between the user and the server.

Robust Matrix-based RFID Mutual Authentication Protocol (견고한 행렬기반 RFID 상호인증 프로토콜)

  • Yoon, Eun-Jun;Ha, Kyeoung-Ju;Yoo, Kee-Young
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.33 no.11C
    • /
    • pp.883-891
    • /
    • 2008
  • In 2006, Lee and Ahn proposed a matrix-based RFID authentication protocol which eliminates the security problems in HB and $HB^+$ RFID authentication protocols. Their proposed protocol provides the following three merits: (1) it reduces the computational costs of the RFID tag. (2) it reduces the communication overhead between the reader and the tag. (3) it protects the user privacy. However, this paper points out that Lee and Ahn's proposed protocol is insecure to various attacks because it does not provide mutual authentication which the RFID tag does not authenticate the legality of the RFID reader unlike their claims. In addition, this paper proposes an improved matrix-based RFID mutual authentication protocol that can provide the mutual authentication. As a result, the proposed protocol not only can provide strong security and but also guarantee high efficiency because it reduces the communication rounds compare with Lee-Ahn's protocol.

A Vulnerability Analysis of Multi-Context RFID Mutual Authentication Protocol (다중 컨텍스트 RFID 상호 인증 프로토콜의 보안 취약점 분석)

  • Kim, Young-Back;Kim, Sung-Soo;Chung, Kyung-Ho;Kim, Soo-Yong;Yun, Tae-Jin;Ahn, Kwang-Seon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.18 no.10
    • /
    • pp.71-80
    • /
    • 2013
  • In this paper, we analyze the security vulnerability through the several attack scenarios for the MCR-MAP(Multi-Context RFID Mutual Authentication Protocol) proposed by Ahn et al. And we propose the secure mutual authentication protocol that improved a prior MCR-MAP. The suggested protocol uses the ID of the legal tag and the timestamp generated by the server, when the tag tries to authenticate. And when the tag creates the credential, we create the new secret key computing the XOR operation between the secret key shared with the server and the tag timestamp generated by the server. As a result, the proposed protocol provides the secure mutual authentication and then is safe to spoofing attack. Also it provides forward-secrecy and then is safe to offline brute-burst attack. In this paper, we compare and verify the security vulnerability of the prior and the proposed protocol through the security analysis.

A Relay-assisted Secure Handover Mechanism for High-speed Trains

  • Zhao, Yue;Tian, Bo;Chen, Zhouguo;Yang, Jin;Li, Saifei
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.2
    • /
    • pp.582-596
    • /
    • 2019
  • Considering that the existing Long Term Evolution is not suitable for the fast and frequent handovers of high-speed trains, this paper proposes a relay-assisted handover mechanism to solve the problems of long handover authentication time and vulnerable to security attacks. It can achieve mutual authentication for train-ground wireless communication, and data transmission is consistent with one-time pad at the same time. The security analysis, efficiency analysis and simulation results show that the proposed mechanism not only realizes the forward security and resists many common attacks, but also effectively reduces the computational overhead of train antenna during the secure handover process. When the running speed of a train is lower than 500km/h, the handover delay is generally lower than 50ms and the handover outage probability is less than 1.8%. When the running speed of a train is 350km/h, the throughput is higher than 16.4mbps in the process of handover. Therefore, the secure handover mechanism can improve the handover performance of high-speed trains.

RFID Mutual Autentication Protocol Using AES (AES를 이용한 RFID 상호인증 프로토콜)

  • Kim, Seok;Han, Seung-Jo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.16 no.9
    • /
    • pp.1963-1969
    • /
    • 2012
  • Recently use of RFID(Radio Frequency Identification) tends to be rapidly increased and will be also extended throughout the whole life. Using radio-frequency data can be recognized automatically in the RFID system is vulnerable to personal information protection or security. And passive tags have a hardware problem is the limit for applying cryptographic. This paper presents an authentication protocol using AES and Nounce. After completing mutual authentication server to access and strengthen security vulnerability to the use of the Nounce, because safety in denial of service attacks.

One-time Pattern Mutual Authentication Method by using Digital Holography (디지털 홀로그래피를 이용한 one-time pattern 상호 인증 방법)

  • Gil, Sang-Keun
    • Journal of IKEEE
    • /
    • v.20 no.3
    • /
    • pp.291-294
    • /
    • 2016
  • A new optical one-time pattern password(OTPT) mutual authentication method is proposed, which presents a two-factor authentication by 2-step phase-shifting digital holography and performs a two-way authentication by a challenge-response handshake of the optical OTPT in both directions. Because a client and a server use OTPT once as a random number and encrypt it for mutual authentication, it protects against a replay or a man-in-the middle attack and results in higher security level.

Multi-session authentication scheme for secure authentication and session management of cloud services environment (클라우드 서비스 환경의 안전한 인증과 보안세션 관리를 위한 다중세션 인증 기법)

  • Choi, Do-hyeon;Park, Jung-oh
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.19 no.9
    • /
    • pp.2056-2063
    • /
    • 2015
  • Recently, as the service scale of cloud service is expanded, an anxiety due to concerns on new vulnerabilities and security related incidents and accidents are also increasing. This paper proposes a certification scheme for multiple session management of security sessions which are generated after the user authentication. The proposed session multiplexing scheme enables the independent management of security sessions in the level of virtualization (hypervisor) within the service provider. As a result of performance analysis, providing a strong safety due to session multiplexing and mutual authentication, and the superiority of performance was proven by comparing it with the existing mutual authentication encryption algorithms.

Design of Mutual Authentication and Grouping Protocol Based On Network Control Server Applicable to General Purpose (범용적으로 적용 가능한 네트워크제어서버 기반의 상호인증 및 그룹핑 프로토콜 설계)

  • Park, Jungoh
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.13 no.4
    • /
    • pp.13-23
    • /
    • 2017
  • In order to protect personal information and important information (confidential information, sales information, user information, etc.) in the internal network, companies and organizations apply encryption to the Server-To-Server or Server-To-Client communication section, And are experiencing difficulties due to the increasing number of known attacks and intelligent security attacks. In order to apply the existing S / W encryption technology, it is necessary to modify the application. In the financial sector, "Comprehensive Measures to Prevent the Recurrence of Personal Information Leakage in the Domestic Financial Sector" has been issued, and standard guidelines for financial computing security have been laid out, and it is required to expand the whole area of encryption to the internal network. In addition, even in environments such as U-Health and Smart Grid, which are based on the Internet of Things (IoT) environment, which is increasingly used, security requirements for each collection gateway and secure transmission of the transmitted and received data The requirements of the secure channel for the use of the standard are specified in the standard. Therefore, in this paper, we propose a secure encryption algorithm through mutual authentication and grouping for each node through H / W based Network Control Server (NCS) applicable to internal system and IoT environment provided by enterprises and organizations. We propose a protocol design that can set the channel.

A password-based mutual authentication and key-agreement protocol (패스워드 기반의 상호 인증 및 키 교환 프로토콜)

  • 박호상;정수환
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.5
    • /
    • pp.37-43
    • /
    • 2002
  • This paper proposes a password-based mutual authentication and key agreement protocol, which is designed by applying ECDSA and ECDH. The proposed protocol, AKE-ECC, computes 2 times of point multiplication over ECC on each of client and server, and generates the key pairs(public key. private key) and a common session key using ECDH that is different compare to previously proposed protocol. It is against common attacks include a dictionary attack and the security of proposed protocol is based on the ECDLP, ECDH.