원문정보
초록
영어
With the advances of IT technology, the interest in smartwork is increasing by using various mobile devices through Internet services at anytime and anywhere. The introduction of smartwork to a company provides business efficiency, improves productivity and reduces costs, but security researches are required to solve a variety of security issues in it. For the secure user authentication, Won proposed a user authentication method using NFC in smartwork environment. However, this paper shows that Won’s method has some security problems, including weak against stolen verifier attack and replay attack and lack of message integrity, and proposes a new NFC based user authentication mechanism to solve the problems. The proposed mechanism could be used as a security building block in various smartwork environments including telework, mobile office, and so on.
목차
1. Introduction
2. Related Works
2.1. Smartwork Environment
2.2. NFC Operation Mode
3. Won’s Authentication Method
3.1. Review of Won’s Authentication Method
3.2 Security Flaws in Won’s Authentication Method
4. Proposed NFC based User Authentication Method
4.1. User Registration
4.2. Mobile Device Registration
4.3. User Authentication
4.4. Password Updating
5. Security Analysis
5.1. Offline Password Guessing Attack
5.2. Replay Attack
5.3. Denial of Service Attack
5.4 Stolen Verifier Attack
5.5. User Impersonation Attack
5.6. Mutual Authentication
5.7. Session Key Agreement
6. Conclusion
Acknowledgements
References