QR-Code Based Mutual Authentication System for Web Service 


Vol. 39,  No. 4, pp. 207-215, Apr.  2014


PDF
  Abstract

Password based authentication systems are most widely used for user convenience in web services. However such authentication systems are known to be vulnerable to various attacks such as password guessing attack, dictionary attack and key logging attack. Besides, many of the web systems just provide user authentication in a one-way fashion such that web clients cannot verify the authenticity of the web server to which they set access and give passwords. Therefore, it is too difficult to protect against DNS spoofing, phishing and pharming attacks. To cope with the security threats, web system adopts several enhanced schemes utilizing one time password (OTP) or long and strong passwords including special characters. However there are still practical issues. Users are required to buy OTP devices and strong passwords are less convenient to use. Above all, one-way authentication schemes generate several vulnerabilities. To solve the problems, we propose a multi-channel, multi-factor authentication scheme by utilizing QR-Code. The proposed scheme supports both user and server authentications mutually, thereby protecting against attacks such as phishing and pharming attacks. Also, the proposed scheme makes use of a portable smart device as a OTP generator so that the system is convenient and secure against traditional password attacks.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

J. Park, J. Kim, M. Shin, N. Kang, "QR-Code Based Mutual Authentication System for Web Service," The Journal of Korean Institute of Communications and Information Sciences, vol. 39, no. 4, pp. 207-215, 2014. DOI: .

[ACM Style]

Ji-ye Park, Jung-in Kim, Min-su Shin, and Namhi Kang. 2014. QR-Code Based Mutual Authentication System for Web Service. The Journal of Korean Institute of Communications and Information Sciences, 39, 4, (2014), 207-215. DOI: .

[KICS Style]

Ji-ye Park, Jung-in Kim, Min-su Shin, Namhi Kang, "QR-Code Based Mutual Authentication System for Web Service," The Journal of Korean Institute of Communications and Information Sciences, vol. 39, no. 4, pp. 207-215, 4. 2014.

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880