• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.317-322
• /
• 2005

The existing certificate based authentication or identification just verifies whether the owner of private key corresponding to public key of certificate is the DN user set in the user field in the certificate or not, then we cannot find out who is the actual private key owner in a real world. To make up for this weak points, the method to insert the identification number like the resident registration number into the certificate extension field is applied as a technical standard to current domestic PKI system. In this paper, we propose the ECC based integrated identification, identification number checking and key management protocol providing user validation during the login.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.81-89
• /
• 2003

With the rapid development of information and communication technology, online dissemination increases rapidly. So, It becomes more important to protect information. Recently the authentication system using public key infrastructure (PKI) is being utilized as an information protection infrastructure for electronic business transactions. And the smartcard system makes the most use of such an infrastructure. But because the certification based on the current PKI provides oかy basic user certification information, the use has to be limited in various application services that need the identification and authorization information as well as face-to-face information of the user. In order to protect a system from various kinds backings and related treats, we have proposed angular and private key multiplexing for prevention of smartcard forgery and alteration based on a photopolymer cryptosystem. When smartcard becomes prone to forgery and alteration, we should be able to verify it. Also, our parer proposes a new authentication system using multi authentication based on PKI. The smartcard has an excellent advantage in security and moving.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1329-1338
• /
• 2001

This paper describes the biometrics system for user authentication in electronic commerce. At present, social demands are increasing for information security techniques against the information wiretapping in open communications network. For this, these techniques such as anti-virus, firewall, VPN, authentication, cryptography, public key based systems and security management systems have been developed. This Paper discusses the user authentication for the implementation of efficient electronic payment systems. In particular. user authentication system has keen developed using biometrics techniques and the effectiveness of this paper is demonstrated by several experiments.

• Journal of KIISE:Information Networking
• /
• v.32 no.6
• /
• pp.659-667
• /
• 2005

A Mobile Ad Hoc Network(MANET) is a multi hop wireless network with no prepared base stations or centralized administrations, where flocks of peer systems gather and compose a network. Each node operates as a normal end system in public networks. In addition to it, a MANET node is required to work as a router to forward traffic from a source or intermediate node to others. Each node operates as a normal end system in public networks, and further a MANET node work as a router to forward traffic from a source or intermediate node to the next node via routing path. Applications of MANET are extensively wide, such as battle field or any unwired place; however, these are exposed to critical problems related to network management, node's capability, and security because of frequent and dynamic changes in network topology, absence of centralized controls, restricted usage on network resources, and vulnerability oi mobile nodes which results from the special MANET's character, shared wireless media. These problems induce MANET to be weak from security attacks from eavesdropping to DoS. To guarantee secure authentication is the main part of security service In MANET because networks without secure authentication are exposed to exterior attacks. In this paper, a multistage authentication strategy based on CGSR is proposed to guarantee that only genuine and veritable nodes participate in communications. The proposed authentication model is composed of key manager, cluster head and common nodes. The cluster head is elected from secure nodes, and key manager is elected from cluster heads. The cluster head will verify other common nodes within its cluster range in MANET. Especially, ID of each node is used on communication, which allows digital signature and blocks non repudiation. For performance evaluation, attacks against node authentication are analyzed. Based on security parameters, strategies to resolve these attacks are drawn up.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.61-68
• /
• 2008

Authentication for inter-NEMO rooming is on important issue for achieving the seamless mobile networking. In this proposal, the technical challenge lies in the fact that a visited network does not initially have the authentication credentials of a roaming mobile router. This paper proposes an efficient approach for providing AAA service in NEMO environment. This approach uses localized authentication based on the roaming agreement between ISPs. A public key certificate structure is proposed, tailored to the business model of wireless internet Service Providers (ISPs). In this approach, the mutual authentication between a visited network and a roaming user can be performed locally without any control with user's home network. In conclusion, our protocol shown that communication delay can be reduced by overuse 45% overhead in communication delay than the previous AAA approach.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.6 no.3
• /
• pp.57-70
• /
• 1996

It would be desirable in network to implement an efficient asymmetric key cryptosystem which can not only solve the public key authentication problem but also integrate digital signature and key distribution, We propose two ID-based key distribution systems integrated with digital signature, and analyze them in computation and implementation. The first is based on the EIGamal-typed signature scheme, and the second is based on the RSA scheme, Both can be employed in one-pass and interactive key distribution systems.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.8
• /
• pp.1732-1742
• /
• 2003

WPP protocol based a Credit card payment in mobile Internet uses WTLS which is security protocol of WAP. WTLS can't provide End­to­End security in network. In this paper, we propose a protocol both independent in mobile Internet platform and allow a security between user and VASP using Mobile Gateway in AIP. In particular, our proposed protocol is suitable in mobile Internet, since session key for authentication and initial payment process is generated using Weil Diffie­Hellman key exchange method that use additive group algorithm on elliptic curve.

• Current Optics and Photonics
• /
• v.4 no.6
• /
• pp.483-499
• /
• 2020

In this paper, a novel analog signature scheme is proposed by modifying an RSA-based digital signature scheme with optical phase-shifting digital holography. The purpose of the proposed method is generating an analog signature to provide data confidentiality and security during the data transfer, compared to the digital signature. The holographic encryption technique applied to a hash value reveals an analog-type of pseudo-random pattern in the analog signature scheme. The public key and secret key needed to verify the analog signature are computed from public key ciphers which are generated by the same holographic encryption. The proposed analog signature scheme contains a kind of double encryption in the process of generating signature and key, which enhances security level more than the digital signature. The results of performance simulations show the feasibility of the highly secure signature scheme, and security analysis shows high robustness against known-message attacks and chosen-message attacks. In addition, the proposed method can apply to one-time signature schemes which can be used to sign only one message and it can also apply to authentication, e-mails, electronic banking and electronic data interchange.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1466-1477
• /
• 2016

Public key infrastructure(PKI), principle technology of the certificate, is a security technology providing functions such as identification, non-repudiation, and anti-forgery of electronic documents on the Internet. Our government and financial organizations use PKI authentication using ActiveX to prevent security accident on the Internet service. However, like ActiveX, plug-in technology is vulnerable to security and inconvenience since it is only serviceable to certain browser. Therefore, the research on HTML5 authentication system has been conducted actively. Recently, domestic bank introduced PKI authentication complying with web standard for the first time. However, it still has inconvenience to register a certification on each website because of same origin policy of web storage. This paper proposes the certificate based SSO protocol that complying with web standard to provide user authentication using certificate on several sites by going around same origin policy and its security proof.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.3-16
• /
• 2001

With the development of Internet, it is widely spreaded to a Intranet based on Internet technology. Intranet is a private, unique network to share the information of organization such as incorporate, research institute and university. With the increase of Intranet using, Intranet environment is developing into Extranet environment which is connected many Intranet. Currently such Intranet and Extranet environments, above all, it is important to solve security problems which can appear through use of information between domains. Thus, in this paper, we propose SSO(Single Sign-on System) model with authorization management and single sign-on operation, and we extend it to enable mutual authentication through inter-working based on PKI(Public Key Infrastructure) in Extranet environments.