• 제목/요약/키워드: mutual security

Search Result 476, Processing Time 0.026 seconds

The Mutual Authentication and Operation Methodology for an Enhanced Security and Operation of the IDL (국제통용운전면허증의 보안성과 운용성 강화를 위한 상호인증 및 운용 기법에 관한연구)

  • Jeon, Sang-Hoon;Jun, Moon-Suk
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.2B
    • /
    • pp.188-202
    • /
    • 2009
  • In the modern world, where the number of people moving from country to country is sharply increasing, domestic and international driver's licenses are easily fabricated or forged, and distinguishing if a driver's license is legitimate or not is often a difficult task. Furthermore, this would require different countries to mutually share and administer the driving records of individuals, making it a much more complex task (Added to it is the complicated matter of countries having to mutually share and administer the driving records of individuals.) However, the authenticity and security of a driver's license has become the first priority since driver's licenses are also used as identification cards in most countries, thus requiring measures to prevent inappropriate uses arising from theft and embezzlement. In this paper, we propose the mutual authentication mechanism which, can provide enhanced security and efficient operation that is administration of personal information contained within ISO Compliant Driving licence(IDL).

A Study On RFID Security Enhancement Protocol Of Passive Tag Using AES Algorithm (AES 알고리즘을 이용한 수동형 태그의 RFID 보안 강화 프로토콜에 관한 연구)

  • Kim, Chang-Bok;Kim, Nam-Il
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.11 no.4
    • /
    • pp.61-68
    • /
    • 2011
  • Recently arithmetic circuit of lightweight AES symmetric key algorithm that can apply to passive tag have been developed, then security protocol of RFID system using AES symmetric encryption techniques have been proposed. This paper proposed security enhancement protocol of RFID system using lightweight AES arithmetic circuit and random number generator of passive tag. The proposed protocol have AES algorithm and random number generator at server, reader, tag, and transmit encrypted message by separate secret key using random number at each session. The mutual authentication of tag and reader used reader random number and tag random number. As a result, proposal protocol reduce authentication steps of the existing mutual authentication protocol, and reduce amount of computation of tag, and demonstrate as secure protocol to every attack type of attacker by decrease communication step of Air Zone.

Security Analysis and Improvements of a Biometrics-based User Authentication Scheme Using Smart Cards (스마트 카드를 이용한 생체인식 기반 사용자 인증 스킴의 안전성 분석 및 개선)

  • An, Young-Hwa
    • Journal of the Korea Society of Computer and Information
    • /
    • v.17 no.2
    • /
    • pp.159-166
    • /
    • 2012
  • Many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2010, Chang et al. proposed an improved biometrics-based user authentication scheme without concurrency system which can withstand forgery attack, off-line password guessing attack, replay attack, etc. In this paper, we analyze the security weaknesses of Chang et al.'s scheme and we have shown that Chang et al.'s scheme is still insecure against man-in-the-middle attack, off-line biometrics guessing attack, and does not provide mutual authentication between the user and the server. And we proposed the improved scheme to overcome these security weaknesses, even if the secret information stored in the smart card is revealed. As a result, the proposed scheme is secure for the user authentication attack, the server masquerading attack, the man-in-the-middle attack, and the off-line biometrics guessing attack, does provide the mutual authentication between the user and the remote server. And, in terms of computational complexities, the proposed scheme is more effective than Chang et al.'s scheme.

Mutual Authentication Method for Hash Chain Based Sensors in IoT Environment (IoT 환경에서 해시 체인 기반 센서 상호 인증 기법)

  • Lee, Kwang-Hyoung;Lee, Jae-Seung
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.19 no.11
    • /
    • pp.303-309
    • /
    • 2018
  • Internet of Things technology is an intelligent service that connects all objects to the Internet and interacts with them. It is a technology that can be used in various fields, such as device management, process management, monitoring of restricted areas for industrial systems, as well as for navigation in military theaters of operation. However, because all devices are connected to the Internet, various attacks using security vulnerabilities can cause a variety of damage, such as economic loss, personal information leaks, and risks to life from vulnerability attacks against medical services or for military purposes. Therefore, in this paper, a mutual authentication method and a key-generation and update system are applied by applying S/Key technology based on a hash chain in the communications process. A mutual authentication method is studied, which can cope with various security threats. The proposed protocol can be applied to inter-peer security communications, and we confirm it is robust against replay attacks and man-in-the-middle attacks, providing data integrity against well-known attacks in the IoT environment.

A Device Authentication Mechanism Reducing Performance Cost in Mobile P2P Networks

  • Jeong, Yoon-Su;Kim, Yong-Tae;Shin, Seung-Soo;Lee, Sang-Ho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.4
    • /
    • pp.923-948
    • /
    • 2013
  • The main concern in mobile peer-to-peer (P2P) networks is security because jamming or eavesdropping on a wireless link is much easier than on a wired one and such damage can be incurred without physical access or contact. In particular, authentication has increasingly become a requirement in mobile P2P environments. This paper presents a new mutual authentication mechanism which requires less storage space and maintains a high level of security in mobile P2P networks. The proposed mechanism improves efficiency by avoiding the use of centralized entities and is designed to be agile in terms of both reliability and low-cost implementation. The mechanism suggested in the simulation evaluates the function costs occurring in authentication between the devices under mobile P2P network environment comparing to existing method in terms of basic operation costs, traffic costs, communications costs, storage costs and scalability. The simulation results show that the proposed mechanism provides high authentication with low cryptography processing overhead.

A Key Distribution and Authentication Scheme based on X.25 Protocol (X.25 프로토콜 기반의 새로운 키 분배 및 인증방식)

  • Sohn, Ki-Wook;Park, Eung-Ki;Lee, Jin-Seok;Shin, Ki-Soo
    • The Transactions of the Korea Information Processing Society
    • /
    • v.4 no.12
    • /
    • pp.3078-3087
    • /
    • 1997
  • The information security is very important in computer communication network, and the security system has been developed in many aspects to provide secure communication. The secret key distribution and mutual user authentication are essential element in designing security system, then many algorithms and implementation schemes have been proposed. But they don't consider communication protocol, so they are not easy to adapt a real communication network' In this paper, we propose a key distriburion and mutual user authentication scheme based on X.25 protocol which is the most popular in packet communication, and the proposed scheme maintains a protocol transparency and can select communication mode, so the security system is more capable.

  • PDF

Mutual Surveillance based Cheating Detection Method in Online Games (상호 감시 기반의 온라인 게임 치팅 탐지 방법)

  • Kim, Jung-Hwan;Lee, Sangjin
    • Journal of Korea Game Society
    • /
    • v.16 no.1
    • /
    • pp.83-92
    • /
    • 2016
  • An online game is a huge distributed system comprised of servers and untrusted clients. In such circumstances, cheaters may employ abnormal behaviors through client modification or network packet tampering. Client-side detection methods have the merit of distributing the burden to clients but can easily be breached. In the other hand, server-side detection methods are trustworthy but consume tremendous amount of resources. Therefore, this paper proposes a security reinforcement method which involves both the client and the server. This method is expected to provide meaningful security fortification while minimizing server-side stress.

Privacy Preserving and Relay Attack Preventing Multi-Context RFID Mutual Authentication Protocol (프라이버시를 제공하고 중계 공격에 안전한 다중-컨텍스트 RFID 상호 인증 프로토콜)

  • Ahn, Hae-Soon;Yoon, Eun-Jun;Nam, In-Gil
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.36 no.8B
    • /
    • pp.1028-1037
    • /
    • 2011
  • Recently, Selim et al proposed public key cryptography based privacy preserving multi-context RFID authentication protocol. However Selim et al's proposed protocol not only doesn't fit into passive tag based RFID system because it uses public key based encryption algorithm to perform authentication between reader and tag, but also is insecure to an impersonation attack because it doesn't provide mutual authentication. In order to eliminate the above described efficiency problem and security vulnerabilities, this paper proposes a new multi-context RFID mutual authentication protocol that can prevent privacy invasion and tag impersonation attack through providing mutual authentication between single passive tag which is located different application space and readers which provide multi-context purposes and can secure against relay attack and denial-of-service attack. As a result, the proposed protocol performs secure mutual authentication based on the collected space and time information from the RFID reader and provides strong security and high computation efficiency because if performs secure one-way hash function and symmetric encryption operations suitable to the environments of passive RFID tags.

Efficient Mutual Authentication Protocol Suitable to Passive RFID System (수동형 RFID 시스템에 적합한 효율적인 상호 인증 프로토콜 설계)

  • Won, Tae-Youn;Chun, Ji-Young;Park, Choon-Sik;Lee, Dong-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.6A
    • /
    • pp.63-73
    • /
    • 2008
  • RFID(Radio Frequency IDentification) system is an automated identification system that basically consists of tags and readers and Back-End-Databases. Tags and Readers communicate with each other by RF signal. As a reader can identify many tags in contactless manner using RF signal, RFID system is expected to do a new technology to replace a bar-code system in supply-chain management and payment system and access control and medical record and so on. However, RFID system creates new threats to the security of systems and privacy of individuals, Because tags and readers communicate with each other in insecure channel using RF signal. So many people are trying to study various manners to solve these problems against attacks, But they are difficult to apply to RFID system based on EPCglobal UHF Class-1 Generation-2 tags. Recently, Chien and Chen proposed a mutual Authentication protocol for RFID conforming to EPCglobal UHF Class-1 Generation-2 tags. we discover vulnerabilities of security and inefficiency about their protocol. Therefore, We analyze vulnerabilities of their protocol and propose an efficient mutual authentication protocol that improves security and efficiency.

A Fault-tolerant Mutual Exclusion Algorithm in Asynchronous Distributed Systems

  • Kim, Yoon
    • International Journal of Contents
    • /
    • v.8 no.4
    • /
    • pp.1-6
    • /
    • 2012
  • Mutual Exclusion is one of the most studied topics in distributed systems where processes communicate by asynchronous message passing. It is often necessary for multiple processes at different sites to access a shared resource or data called a critical section (CS) in distributed systems. A number of algorithms have been proposed to solve the mutual exclusion problem in distributed systems. In this paper, we propose the new algorithm which is modified from Garg's algorithm[1] thus works properly in a fault-tolerant system. In our algorithm, after electing the token generator, the elected process generates a new token based on the information of the myreqlist which is kept by every process and the reqdone which is received during election. Consequently, proposed algorithm tolerates any number of process failures and also does even when only one process is alive.