DOI QR코드

DOI QR Code

Security Implementation using Flexible Keypad

Flexible Keypad를 활용한 보안 구현

  • An, Kyuhwang (Department of IT Engineering, Hansung University) ;
  • Kwon, Hyeokdong (Department of IT Engineering, Hansung University) ;
  • Kwon, Yongbin (Department of IT Engineering, Hansung University) ;
  • Seo, Hwajeong (Department of IT Engineering, Hansung University)
  • Received : 2019.01.26
  • Accepted : 2019.03.08
  • Published : 2019.05.31

Abstract

In the case of door locks most widely used in the market, the most used area as a one-dimensional problem is worn out, and a worn area which does not use a special attack method enables password guessing. To solve this problem, various methods such as a keypad for randomly displaying numbers are introduced, but this is also not completely safe. The common feature of all the solutions so far is that the keypad area is fixed. In this paper, we consider that point in reverse and create a new area smaller than the entire area in the entire area of the keypad, making the keypad of the new area move randomly, thereby preventing the password from being deduced. When using this technique, a new type of keypad is proposed for the first time because of the impossibility of a shoulder surfing attack even though the number of keypad is left as it is.

시중에 가장 많이 보급 된 도어락의 경우 1차원적 문제로 가장 많이 사용하는 영역이 닳아 특별한 공격방법을 사용하는 것이 아닌 닳은 영역으로 하여금 비밀번호 유추를 가능하게 한다. 이를 해결하고자 번호를 섞어 무작위로 표출하는 키패드 등 다양한 방법들이 소개되고 있지만 이 역시 완벽하게 안전하지 못 하다. 여태까지 나온 모든 해결법의 공통점은 키패드를 누르는 영역이 고정되어 있다는 점이다. 본 논문에서는 그 점을 역으로 생각하여 키패드 전체 영역 안에 전체 영역보다 작은 새로운 영역을 만들어 새로운 영역의 키패드를 무작위하게 움직이게 하여 비밀번호를 유추하지 못 하게 한다. 본 기법을 사용할 경우 키패드의 번호는 그대로 둠에도 불구하고 shoulder surfing attack 등이 불가능하여 새로운 유형의 키패드를 최초로 제안한다.

Keywords

HOJBC0_2019_v23n5_613_f0001.png 이미지

Fig. 1 Keypad had some damaged from long time usage

HOJBC0_2019_v23n5_613_f0002.png 이미지

Fig. 2 The Number of cases

HOJBC0_2019_v23n5_613_f0003.png 이미지

Fig. 3 Example of secure keypad with tetris type

HOJBC0_2019_v23n5_613_f0004.png 이미지

Fig. 4 Left) Current default keypad Right) using double touch security keypad

HOJBC0_2019_v23n5_613_f0005.png 이미지

Fig. 5 Left) example of shoulder surfing attack, Right) example of prevent shoulder surfing attack

HOJBC0_2019_v23n5_613_f0006.png 이미지

Fig. 6 Blue box can located every section in red box and the number of blue box changed every position

HOJBC0_2019_v23n5_613_f0007.png 이미지

Fig. 7 Suggest technique

HOJBC0_2019_v23n5_613_f0008.png 이미지

Fig. 8 The information of survey experimenter

HOJBC0_2019_v23n5_613_f0009.png 이미지

Fig. 9 How to protect key logging attack

HOJBC0_2019_v23n5_613_f0010.png 이미지

Fig. 10 How to do shoulder surfing attack

Table. 1 The information of experiment environment

HOJBC0_2019_v23n5_613_t0001.png 이미지

Table. 2 The information of shoulder surfing attack area

HOJBC0_2019_v23n5_613_t0002.png 이미지

Table. 3 The time it takes to enter the password is in seconds.

HOJBC0_2019_v23n5_613_t0003.png 이미지

References

  1. OBS News M. "Using the fingerprint trail to unlock the door," Available : https://www.youtube.com/watch?v=CwA9lSU9ng8
  2. K. Apostol, "Brute-force attack," Available: https://dl.acm.org/citation.cfm?id=2378515
  3. T. Holz, M. Engelberth, F. Freiling, Learning more about the underground economy: A case-study of keyloggers and dropzones. In European Symposium on Research in Computer Security, pages. 1-18. Springer, Berlin, Heidelberg. 2009.
  4. A. H. Lashkari, S. Farmand, D. Zakaria, O. Bin, D. Saleh, "Shoulder surfing attack in graphical password authentication." Available: https://arxiv.org/ftp/arxiv/papers/0912/0912.0951.pdf
  5. H. J. Mun, Virtual Keypads based on Tetris with Resistance for Attack using Location Information. Journal of the Korea Convergence Society. vol. 8, no. 6, pp. 37-44, 2017. https://doi.org/10.15207/JKCS.2017.8.4.037
  6. J. S. Song, M. W. Jung, J. I. Choi, S. H. Seo, Proposal and Implementation of Security Keypad with Dual Touch. KIPS Tr. Comp. and Comm. Sys. vol.7, no.3 pp. 73-80, pISSN: 2287-5891, 2018. https://doi.org/10.3745/KTCCS.2018.7.3.73
  7. M. K. Lee, Research Trend of Entering Personal Identification Number on Smart Device. Korea Institute Of Information Security And Cryptology. pp. 16-21, 2018.
  8. Flexible Keypad youtube. "Flexible Keypad implementation video" Available: https://youtu.be/wCfYr9s0lDM.
  9. Flexible Keypad github. "Flexible Keypad opensource" Available: https://github.com/kyu-h/CyberSecurity_Flexible_PIN.