Applications for transforming money or personal information are increasingly common on the Internet and in mobile communications. These applications require user authentication for confirming legal users. One-time password authentication methods change the verifier every time by sending the present verifier along with the next verifier. However, such methods risk attacks because those protocols use two verifiers every session. The SAS (Simple And Secure password authentication protocol) is a one-time password authentication method that the method uses a hash function five times, but it requires high overhead on low spec machines. In this paper, we propose a new method, SAS-2, which reduces overhead of hash function adaptation by 40%. This method has a mutual authentication phase, which maintains synchronous data communications in its authentication procedure. Moreover, SAS-2 can be applied to key-free systems.

Software applications for the transfer of money or personal information are increasingly common on the Internet. These applications require user authentication for confirming legitimate users. One-time password authentication methods risk a stolen-verifier problem or other steal attacks because the authentication on the Internet server stores the user's verifiers and secret keys. The SAS-2 (Simple And Secure password authentication protocol, ver.2) and the ROSI (RObust and SImple password authentication protocol) are secure password authentication protocols. However, we have found attacks on SAS-2 and ROSI. Here, we propose a new method which eliminates such problems without increasing the processing load and can perform high security level same as S/Key systems without resetting the verifier.

Secret key encipherment is a basic technique for information security. The authors propose a new encipherment algorithm which is fast in software on 32-bit microprocessors. It is a 128-bit block encipherment algorithm and has fundamental security due to variable bit-rotations in the enciphering process. The algorithm is safe against trial-and-error key exhaustive attack and attacks utilizing the statistical properties of related plaintext and ciphertext pairs. The encryption speed is over 7 Mbps on a µP68030 microprocessor (25 MHz). This performance is about three or four times faster than that of FEAL-8. The algorithm will be effective for encryption in multimedia communication environments and as a hash function for message authentication, and digital signatures.

An abstract enciphering machine model (AEM model); an encipherment evaluation model considering the recent trends in computer architecture is proposed. With the advances in computer communication, network security is an important issue. Although there exist several encipherment method, there is no abstract measure for comparing encipherment algorithms. The authors implemented several encipherment algorithms is C and assembler with several programming techniques. Observing the improvements in various programming techniques, especially with RISC processors, it has lead us to believe that the amount of algorithm-specific improvement techniques is small. It is noted that there exists an abstract machine model which can predict encipherment algorithm performance without implementation. The authors discuss the parameter value in the AEM model for encipherment evaluation comparing the real observation with the predicted values. Also, the upperbound speed of ideal fast encipherment algorithms is discussed with the AEM model.

A high-performance microprocessor-compatible small size full CMOS SRAM cell technology for under 1.8-V operation has been developed. Less than 1-µm spacing between the n and pMOSFETs is achieved by using a retrograde well combined with SSS-OSELO technology. To connect the gates of a driver nMOSFET and a load pMOSFET directly, a 0.3-µm n-gate load pMOSFET, formed by amorphous-Si-film through-channel implantation, is merged with a 0.25-µm p-gate pMOSFET for the peripheral circuits. The memory cell area is reduced by using a mask-free contact process for the local interconnect, which includes titanium-nitride wet-etching using a plasma-TEOS silicone-dioxide mask. The newly developed memory cell was demonstrated using 0.25-µm CMOS process technology. A 6.93-µm2 and 1-V operation full CMOS SRAM cell with a high-performance circuit was achieved by a simple fabrication process.

Many activities are being promoted for the coming multimedia age. In this paper, background information for multimedia communications is followed by an outline of joint tests in multimedia communications with some examples of the projects and applications. These trials are also explained from the aspects of project specifications, which include application classifications and details of multimedia-on-demand offerings, as well as technical issues in experimental environments which mainly include those related to ATM technology.

A password authentication method PERM has been developed for application to e-mail forwarding. This method is suitable for communications in insecure network environments such as the Internet. In particular, it can be adapted to Internet appliances and Java applets which have limited performance. The PERM method does not require password resettings and enables high-speed authentication processing with a small-sized program. Moreover, it does not use facilities or mechanisms for generating random numbers and writing them into and reading them out of an IC card or similar storage medium on the user's side.

A 4-Mb CMOS SRAM with 3.84 µm2 TFT load cells is fabricated using 0.25-µm CMOS technology and achieves an address access time of 6 ns at a supply voltage of 2.7 V. The use of a current sense amplifier that is insensitive to its offset voltage enables the fast access time. A boosted cell array architecture allows low voltage operation of fast SRAM's using TFT load cells.

The use of computers with private networks has accelerated the electronic storage of business information in office systems. With the rapid progress in processing capability and small sizing of the computer world, private networks are going to be more intelligent. The utilization of shared information is a key issue in modern organizations, in order to increase the productivity of white-collar workers. In the CSCW research field, it is said that informal and unstructured information is important in group work contexts but difficult to locate in a large organization. Many researchers are paying particular attention to the importance of support systems for such information. These kinds of information are called Organizational memory or Group Memory. Our research focuses on knowledge propagation with private networks in the organization. This means emphasis on the process; with which organized information or the ability to use information is circulated throughout the organization. Knowledge propagation has three issues: knowledge transmission, destination locating and source locating. To cope with these issues we developed FISH, which stands for Flexible Information Sharing and Handling system. FISH was designed to provide cooperative information sharing in a group work context and to explore knowledge propagation. FISH stores fragmental information as cards with multiple keywords and content. This paper discusses a three-layered model that describes computer supported knowledge transmission. Based on this model, three issues are discussed regarding knowledge propagation. FISH and its two-year experiment are described and knowledge propagation is explored based on the results of this experiment.

User authentication is necessary on the Internet and in mobile communications to protect the legal user's rights. One-time password authentication methods change the verifier every time by sending the present verifier along with the next verifier. However, such methods risk impersonation attacks because those protocols use two verifiers every session. The OSPA (Optimal Strong-Password Authentication) method is a one-time password method which prevents stolen-verifier problems, replay attacks, and denial of service attacks. In this letter, we devise an impersonation attack on the OSPA method and discuss how to break down the OSPA method.

In this paper we propose SAS-Coin, a very practical micro payment scheme based on a hash chain and a simple one time password authentication protocol called SAS. While it has many desirable features of a coin (anonymity etc.), it has no public key operations at any stage and has very little overheads. Moreover authentication is also available and a session key could be generated for encrypted information supply without any additional cost at all. Since there are no public key operations this is extremely useful for mobile telephone applications. This has sufficient security even for larger payments. Comparative analysis with some of the already proposed systems is also done.

The Internet and mobile communication systems are being developed, and related applications for managing personal information require user authentication for confirming legitimate users. One-time password authentication methods secure user's authorities by changing the verifier every time. The S/Key is a famous one-time password authentication scheme, which is based on Lamport's scheme. T.-C. Yeh et al. have point out security problems of the S/Key scheme and have proposed a variant of the S/Key scheme, which can be applied to smart cards. However, this method risks certain attacks, too. Those two proposed schemes use counter value, which can easily be modified by an attacker. Herein we discuss security problems of the S/Key and Yeh-Shen-Hwang's password authentication schemes using forgery attacks and stolen-verifier attacks.

In the Internet and Mobile communication environment, authentication of the users is very important. Although at present password is extensively used for authentication, bare password transmission suffers from some inherent shortcomings. Several password-based authentication methods have been proposed to eliminate such shortcomings. Those proposed methods have relative demerits as well as merits. In this letter we propose a method where those demerits are eliminated. The prominent feature is security improvement apart from low processing, storage and transmission overheads compared to previous methods. This method can be used in several applications like remote login, encrypted and authenticated communication and electronic payment etc.