Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 3

Publications

3 Security Analysis on the Online Office and Proposal of the Evaluation Criteria

Authors: Hyunsang Park, Kwangwoo Lee, Yunho Lee, Seungjoo Kim, Dongho Won

Abstract:

The online office is one of web application. We can easily use the online office through a web browser with internet connected PC. The online office has the advantage of using environment regardless of location or time. When users want to use the online office, they access the online office server and use their content. However, recently developed and launched online office has the weakness of insufficient consideration. In this paper, we analyze the security vulnerabilities of the online office. In addition, we propose the evaluation criteria to make secure online office using Common Criteria. This evaluation criteria can be used to establish trust between the online office server and the user. The online office market will be more active than before.

Keywords: Online Office, Vulnerabilities, CommonCriteria(CC)

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1032
2 Cryptanalysis of Two-Factor Authenticated Key Exchange Protocol in Public Wireless LANs

Authors: Hyunseung Lee, Donghyun Choi, Yunho Lee, Dongho Won, Seungjoo Kim

Abstract:

In Public Wireless LANs(PWLANs), user anonymity is an essential issue. Recently, Juang et al. proposed an anonymous authentication and key exchange protocol using smart cards in PWLANs. They claimed that their proposed scheme provided identity privacy, mutual authentication, and half-forward secrecy. In this paper, we point out that Juang et al.'s protocol is vulnerable to the stolen-verifier attack and does not satisfy user anonymity.

Keywords: PWLANs, user privacy, smart card, authentication, key exchange

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1036
1 Security Weaknesses of Dynamic ID-based Remote User Authentication Protocol

Authors: Hyoungseob Lee, Donghyun Choi, Yunho Lee, Dongho Won, Seungjoo Kim

Abstract:

Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.-s protocol is not secure to randomly chosen password attack and impersonation attack, and proposed an improved protocol. Their protocol provided mutual authentication and efficient password management. In this paper, we analyze the security weaknesses and point out the vulnerabilities of Wang et al.-s protocol.

Keywords: Message Alteration Attack, Impersonation Attack

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1386