Advanced SearchSearch Tips
A Design Secure QR-Login User Authentication Protocol and Assurance Methods for the Safety of Critical Data Using Smart Device
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
A Design Secure QR-Login User Authentication Protocol and Assurance Methods for the Safety of Critical Data Using Smart Device
Lee, Jae-Sik; You, Han-Na; Cho, Chang-Hyun; Jun, Moon-Seog;
  PDF(new window)
Our PC have been under constant threat of malicious codes and viruses today. As many new ways of cyber attacks are being developed, such as zero-day-attack, nobody's PC is guaranteed to be safe from the attacks. In case where a user uses the existing verification protocol on a unsecured PC, the user's verification information may well be threatened by sniffing or man-in-the-middle attack. Especially, deadly attacks like memory hacking would give hard time for users to even recognize any symptom of virus infection. Therefore, this paper designs secured QR-Login user verification protocol for smart devices that are ready to communicate with QR-Code and proposes a way to keep critical data safe when using the internet. This way, user would be able to safeguard his/her critical data even when under attack by unknown attacks and safely carry out extremely sensitive task, like financial trading, on the device.
QR-Code;Login;Authentication;Smart Device;Multi-Factor;Multi-Channel;
 Cited by
QR 코드를 이용한 모바일 이중 전송 OTP 시스템,서세현;최창열;이구연;최황규;

한국통신학회논문지, 2013. vol.38B. 5, pp.377-384 crossref(new window)
스마트 보안패드를 이용한 안전한 인터넷 서비스 제공 모델에 관한 연구,이재식;김형주;전문석;

한국산학기술학회논문지, 2013. vol.14. 3, pp.1428-1438 crossref(new window)
웹 서비스를 위한 QR 코드 기반 상호 인증 시스템,박지예;김정인;신민수;강남희;

한국통신학회논문지, 2014. vol.39B. 4, pp.207-215 crossref(new window)
일반 사용자를 위한 포털 사이트 경유 피싱/파밍 방지 방안,김소영;강지윤;김윤정;

한국통신학회논문지, 2015. vol.40. 6, pp.1107-1113 crossref(new window)
LED-QR Authentication Technology for Access Control and Security,;;;;;

International journal of advanced smart convergence, 2015. vol.4. 2, pp.69-75 crossref(new window)
E-payment Authentication System Using QR_code and Mobile OTP,;

한국정보기술학회논문지, 2015. vol.13. 7, pp.75-82 crossref(new window)
QR 코드 및 CVS 기반 주소지 자동 기표지 출력 시스템,최재호;정양권;

한국전자통신학회논문지, 2016. vol.11. 1, pp.113-118 crossref(new window)
지문 워터마킹을 활용한 진술조서 간소화 시스템,김희철;정양권;

한국전자통신학회논문지, 2016. vol.11. 1, pp.93-98 crossref(new window)
Bruce Schneier. "Two-factor authentication: too little, too late." Commun. ACM 48, pp. 136, Apr. 2005.

Ziqing Mao, Florencio, D. Herley, C., "Painless migration from passwords to two factor authentication," Information Forensics and Security (WIFS), 2011 IEEE International Workshop on, Catalunya, Barcelona, pp. 1-6, Nov, 2011.

김영식(Young-Sik Kim), 임대운(Dae-Woon Lim), "스마트 카드를 이용한 서버 인증이 필요 없는 디지털 콘텐츠 보호 기법(Digital Contents Protection Without Server Authentication Using Smart Cards)," J-KICS vol.36, no.3, pp. 133-139, Mar, 2011

김현석(Hyun-Seok Kim), 김주배(Ju-Bae Kim), 정연오(Yeon-Oh Jeong), 한근희 (Keun-Hee Han), 최진영(Jin-Young Choi), " 스마트카드를 이용한 패스워드 기반 인증시스템 정형분석(Formal Analysis of Authentication System based on Password using Smart Card)," 정보과학회논문지. Journal of KIISE. 시스템 및 이론, pp. 304-310, Aug, 2009

Xinyi Huang, Yang Xiang, Chonka. A., Jianying Zhou, Deng. R.H., "A generic framework for three-factor authentication: preserving security and privacy in Ddstributed systems," Parallel and Distributed Systems, IEEE Transactions on, vol.22, no.8, pp. 1390-1397, Aug, 2011. crossref(new window)

Chun-I Fan, Yi-Hui Lin, "Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics," Information Forensics and Security, IEEE Transactions on, vol.4, no.4, pp. 933-945, Kaohsiung, Taiwan, Dec, 2009. crossref(new window)

유한나(Han-na You), 이재식(Jae-Sik Lee), 김 정재(Jung-Jae Kim), 박재표(Jae-Pio Park), 전 문석(Moon-Seog Jun), "인터넷 뱅킹 환경에서 사용자 인증 보안을 위한 Two-Channel 인증 방식(A Study on the Two-channel Authentication Method which Provides Two-way Authentication using Mobile Certificate in the Internet Banking Environment)," J-KICS vol.36, no.8, pp. 939-946, Aug, 2011. crossref(new window)

Vapen. A., Byers. D., Shahmehri. N., "2-clickAuth optical challenge-response authentication," Availability, Reliability, and Security, 2010. ARES '10 International Conference on, Krakow, Poland, pp. 79-86, Feb. 2010.

Ben Dodson, Debangsu Sengupta, Dan Boneh, Monica S. Lam., "Secure, consumer-friendly web authentication and payments with a phone," In Conference on Mobile Computing, Applications, and Services (MobiCASE'10), pp. 17-38, Santa Clara, CA, USA, Oct, 2010.

Jaesik Lee, C. H. Cho, M. S. Jun, "Secure quick response-payment(QR-Pay) system using mobile device," Advanced Communication Technology (ICACT), 2011 13th International Conference on, pp. 1424-1427, Seoul, South Korea, Feb. 2011.

Kyeongwon Choi, Changbin Lee, Woongryul Jeon, Kwangwoo Lee, Dongho Won, "A mobile based anti-phishing authentication scheme using QR code," Mobile IT Convergence (ICMIC), 2011 International Conference on, pp. 109-113, Suwon, South Korea, Sep. 2011.

Kuan-Chieh Liao, Wei-Hsun Lee, Min-Hsuan Sung, Ting-Ching Lin, "A one-time password scheme with QR-Code based on mobile phone," INC, IMS and IDC, 2009. NCM '09. Fifth International Joint Conference on, pp. 2069-2071, Taichung, Taiwan, 25-27 Aug. 2009.

Kuan-Chieh Liao, Wei-Hsun Lee, "A novel user authentication scheme based on QR-Code," Journal of Networks, vol 5, no 8 (2010), pp. 937-941, Aug. 2010.

Michiru Tanaka, Yoshimi Teshigawara, "A method and its usability for user authentication by utilizing a matrix code reader on mobile phones," Information Security Applications (WISA), 2006 Workshop on, LNCS 4298, pp. 225-236, Jeju Island, Korea, Aug, 2006.

Yamamoto. N., Wakahara. T., "A user attestation system using a cellular phone equipped with digital camera," P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2010 International Conference on, pp. 431-435, Fukuoka, Japan, Nov. 2010.

Wikipedia, "Smart device", "", Wikipedia, June. 2012.

Faldo, "Theories and methods of memory hacking,", Dec, 2008.

Widipedia, "QR-Code,", June 2012.

Widipedia, "Transport Layer Security.", June 2012.