스마트카드 기반의 사용자 인증 기법에 관한 연구

• Published in: (사)디지털산업정보학회 논문지, 14(2) Vol. 14; no. 2; pp. 27 - 33
• Main Authors: 이재영, Lee, Jaeyoung
• Format: Journal Article
• Language: Korean
• Published: (사)디지털산업정보학회 01.06.2018
• Subjects: 컴퓨터학; Smart-card; ID Guessing Attack; User Authentication; Session key; Password Guessing Attack
• ISSN: 1738-6667; 2713-9018
• DOI: 10.17662/ksdim.2018.14.2.027

User authentication scheme is a method for controlling unauthorized users' access to securely share the services and resources provided by the server and for verifying users with access rights. Initial user authentication scheme was based on passwords. Nowadays, various authentication schemes such as ID based, smart-card based, and attribute based are being researched. The study of Lee et al. suggested a user authentication scheme that provides forward secrecy and protects anonymity of users. However, it is vulnerable to attacks by outsiders and attackers who have acquired smart-cards. In this paper, we propose a modified smart-card authentication scheme to complement the weakness of the previous studies. The proposed user authentication scheme provides the security for the ID guessing attack and the password guessing attacks of the attacker who obtained the login request message and the user's smart-card.