Enhanced User Authentication Method Using Usb Device Information

We are accustomed to using various multimedia services through authorization as a legitimate user, by entering ID and password. However, while technology using ID and password in that case, is inexpensive for constructing system, and convenient for general public to use, user ID and password can be easily exposed to attackers by various attacking techniques, such as password guessing attack, reply attack, and others[1]. In order to resolve such problems, users can be authenticated by adding other authentication methods, such as security card, OTP, certification, finger print recognition, and others, to user authentication using ID and Password [2-5]. In this thesis, we suggest user authentication method that uses authentication data stored in USB memory after generating authentication data by combining USB memory info and user password in multimedia environment. In such system, even if attacker takes over user authentication data stored in USB memory, USB memory device info is still unknown, and thus, seized information cannot be used. In addition, it is convenient to use due to inexpensive construction cost and regular USB memory. Therefore, in the future, it is expected to provide easy construction and operation environment to the companies required to use ID and password based authentication.