Open Science Research Excellence

Seungjoo Kim

Publications

6

Publications

6
1166
Security Weaknesses of Dynamic ID-based Remote User Authentication Protocol
Abstract:
Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.-s protocol is not secure to randomly chosen password attack and impersonation attack, and proposed an improved protocol. Their protocol provided mutual authentication and efficient password management. In this paper, we analyze the security weaknesses and point out the vulnerabilities of Wang et al.-s protocol.
Keywords:
Message Alteration Attack, Impersonation Attack
5
7231
Security Analysis on the Online Office and Proposal of the Evaluation Criteria
Abstract:
The online office is one of web application. We can easily use the online office through a web browser with internet connected PC. The online office has the advantage of using environment regardless of location or time. When users want to use the online office, they access the online office server and use their content. However, recently developed and launched online office has the weakness of insufficient consideration. In this paper, we analyze the security vulnerabilities of the online office. In addition, we propose the evaluation criteria to make secure online office using Common Criteria. This evaluation criteria can be used to establish trust between the online office server and the user. The online office market will be more active than before.
Keywords:
Online Office, Vulnerabilities, CommonCriteria(CC)
4
7261
Security Analysis on Anonymous Mutual Authentication Protocol for RFID Tag without Back-End Database and its Improvement
Abstract:
RFID (Radio Frequency IDentification) system has been widely used in our life, such as transport systems, passports, automotive, animal tracking, human implants, library, and so on. However, the RFID authentication protocols between RF (Radio Frequency) tags and the RF readers have been bring about various privacy problems that anonymity of the tags, tracking, eavesdropping, and so on. Many researchers have proposed the solution of the problems. However, they still have the problem, such as location privacy, mutual authentication. In this paper, we show the problems of the previous protocols, and then we propose a more secure and efficient RFID authentication protocol.
Keywords:
RFID, mutual authentication, serverless, anonymity.
3
9852
Cryptanalysis of Two-Factor Authenticated Key Exchange Protocol in Public Wireless LANs
Abstract:
In Public Wireless LANs(PWLANs), user anonymity is an essential issue. Recently, Juang et al. proposed an anonymous authentication and key exchange protocol using smart cards in PWLANs. They claimed that their proposed scheme provided identity privacy, mutual authentication, and half-forward secrecy. In this paper, we point out that Juang et al.'s protocol is vulnerable to the stolen-verifier attack and does not satisfy user anonymity.
Keywords:
PWLANs, user privacy, smart card, authentication,key exchange
2
14412
New Identity Management Scheme and its Formal Analysis
Abstract:
As the Internet technology has developed rapidly, the number of identities (IDs) managed by each individual person has increased and various ID management technologies have been developed to assist users. However, most of these technologies are vulnerable to the existing hacking methods such as phishing attacks and key-logging. If the administrator-s password is exposed, an attacker can access the entire contents of the stolen user-s data files in other devices. To solve these problems, we propose here a new ID management scheme based on a Single Password Protocol. The paper presents the details of the new scheme as well as a formal analysis of the method using BAN Logic.
Keywords:
Anti-phishing, BAN Logic, ID management.
1
15268
An Efficient Key Management Scheme for Secure SCADA Communication
Abstract:
A SCADA (Supervisory Control And Data Acquisition) system is an industrial control and monitoring system for national infrastructures. The SCADA systems were used in a closed environment without considering about security functionality in the past. As communication technology develops, they try to connect the SCADA systems to an open network. Therefore, the security of the SCADA systems has been an issue. The study of key management for SCADA system also has been performed. However, existing key management schemes for SCADA system such as SKE(Key establishment for SCADA systems) and SKMA(Key management scheme for SCADA systems) cannot support broadcasting communication. To solve this problem, an Advanced Key Management Architecture for Secure SCADA Communication has been proposed by Choi et al.. Choi et al.-s scheme also has a problem that it requires lots of computational cost for multicasting communication. In this paper, we propose an enhanced scheme which improving computational cost for multicasting communication with considering the number of keys to be stored in a low power communication device (RTU).
Keywords:
SCADA system, SCADA communication, Key management, Distributed networks.