• Title/Summary/Keyword: public-Key infrastructure

Search Result 350, Processing Time 0.025 seconds

Certificate Issuing Protocol Supporting WAKE-KR (WAKE-KR을 지원하는 인증서 발행 프로토콜)

  • 이용호;이임영
    • Journal of Korea Multimedia Society
    • /
    • v.6 no.2
    • /
    • pp.288-300
    • /
    • 2003
  • As the importance of information security gets recognized seriously, ciphers technology gets used more. Particularly, since public key ciphers are easier to control the key than symmetric key ciphers and also digital signature is easily implemented, public key ciphers are increased used. Nowadays, public key infrastructure is established and operated to use efficiently and securely the public key ciphers. In the public key infrastructure, the user registers at the certificate authority to generate the private key and public key pair and the certificate authority issues the certificate on the public key generated. Through this certificate, key establishment between users is implemented and encryption communication becomes possible. But, control function of session key established in the public key infrastructure is not provided. In this thesis, the certificate issuing protocol to support the key recovery of the session key established during the wireless authentication and key establishment is proposed.

  • PDF

Design of a Private Key Escrow System based on the Fingerprint Identification (지문 인식 기반의 개인키 위탁 시스템의 설계)

  • Shin, Yong-Nyuo;Lee, Yong-Jun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.4 no.2
    • /
    • pp.21-28
    • /
    • 2008
  • There are some problems on the system that uses a password comprising a digital signature to identify the secret key owner under the public key infrastructure. For example, the password can be difficult to remember or easy to be disclosure, and users should make more complex password to protect it. A number of studies have been proceeded in order to overcome these defects using the fingerprint identification technologies, but they need to change the current standard of public key infrastructure. On the suggested private key escrow system, the private key can be withdrawn only through the enrollment and identification of a fingerprint template after it is saved to a reliable third system. Therefore, this new private key escrow system can remove previous inconveniences of managingthe private key on current public key infrastructure, and it exhibited superior results in terms of the evaluation items when compared with the integrated method of the existing fingerprint identification and public key infrastructure.

Public Key Certification Technology for Electronic Commerce (전자 상거래 인증 기술)

  • 하영국;임신영;강상승;함호상;박상봉
    • The Journal of Society for e-Business Studies
    • /
    • v.4 no.2
    • /
    • pp.23-40
    • /
    • 1999
  • Nowadays, major application of public key certification technology based on PKI(Public Key Infrastructure) is electronic commerce. Public key certification technology may include various sub-technologies such as key recovery, secret sharing, certificate/key management, and directory system technology. This thesis discusses PKI-based certification authority technology for electronic commerce on the Internet.

  • PDF

Research on Deployment Strategy of Public Key Infrastructure for Developing Country: Focused on Malawi (개도국의 공개키기반구조 도입 전략에 관한 연구: 말라위를 중심으로)

  • Kim, Hyunsung;Choi, Hae-Won
    • Journal of Digital Convergence
    • /
    • v.14 no.10
    • /
    • pp.45-51
    • /
    • 2016
  • The purpose of this paper is to plan deployment strategy of public key infrastructure for Malawi by considering the information and communication technology status on it. For this, we will review the information communication technology status on developing and least developed countries focused on Malawi and plan deployment strategy of mobile based public key infrastructure. First of all, we extract out security considerations for public key infrastructure, which is efficient for wireless communication, and design a new lightweight public key infrastructure apt to mobile device by considering Malawi's information communication technology status. Especially, the proposed mobile based public key infrastructure uses smartcards for all the processes of certificate. It could guarantee the same security as the wired counter part based on lightweight mobile device.

A Study on the Certification System in Electromic Commerce (전자상거래(電子商去來)의 인증체계(認證體系)에 관한 고찰(考察))

  • Ha, Kang Hun
    • Journal of Arbitration Studies
    • /
    • v.9 no.1
    • /
    • pp.367-390
    • /
    • 1999
  • The basic requirements for conducting electronic commerce include confidentiality, integrity, authentication and authorization. Cryptographic algorithms, make possible use of powerful authentication and encryption methods. Cryptographic techniques offer essential types of services for electronic commerce : authentication, non-repudiation. The oldest form of key-based cryptography is called secret-key or symmetric encryption. Public-key systems offer some advantages. The public key pair can be rapidly distributed. We don't have to send a copy of your public key to all the respondents. Fast cryptographic algorithms for generating message digests are known as one-way hash function. In order to use public-key cryptography, we need to generate a public key and a private key. We could use e-mail to send public key to all the correspondents. A better, trusted way of distributing public keys is to use a certification authority. A certification authority will accept our public key, along with some proof of identity, and serve as a repository of digital certificates. The digital certificate acts like an electronic driver's license. The Korea government is trying to set up the Public Key Infrastructure for certificate authorities. Both governments and the international business community must involve archiving keys with trusted third parties within a key management infrastructure. The archived keys would be managed, secured by governments under due process of law and strict accountability. It is important that all the nations continue efforts to develop an escrowed key in frastructure based on voluntary use and international standards and agreements.

  • PDF

Designing Reliable P2P Transmission Mechanism Against MITM Attack (MITM 공격에 안전한 P2P 신뢰전송 메커니즘의 설계)

  • Kim, Sang-Choon;Kwon, Hyeonk-Chan;Nah, Jae-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.4
    • /
    • pp.103-109
    • /
    • 2008
  • Many Internet application provide the PKI(public key infrastructure)-based service to provide authentication and message integrity. Several researchers proposed PKI-based p2p network framework. However, in the real world, the use of PKI is not suitable for peer to peer network, because the peer-to-peer network is an open and dynamic network. Moreover, currently there is no nation-to-nation interoperable certificate. In this paper, we designed reliable p2p file sharing application without public key infrastructure. To do this we propose reliable public key distribution mechanism to distribute public key safely without PKI infrastructure for two-tier super-peer architecture. In our system, each peer generates and distributes its public/private key pairs, and the public key is securely distributed without PKI. The proposed mechanism is safe against MITM attack. This mechanism can be applied various P2P applications such as file sharing, IPTV, distributed resource sharing and so on

A Study of the PMI-based XML Access Control Model in Consideration of the Features of the Public Organization (공공기관의 특성을 고려한 PMI기반의 XML 접근제어 모델에 관한 연구)

  • Cho, Chang-Hee;Lee, Nam-Yong
    • Journal of Information Technology Services
    • /
    • v.5 no.3
    • /
    • pp.173-186
    • /
    • 2006
  • The local public organizations, to secure the Confidentiality, Integrity, Authentication and Non-Repudiation of cyber administrative environment is giving it a try to consolidate the official documents among them by standardizing all the documents into XML formats together with the establishment of the GPKI(Government Public Key Infrastructure). The Authentication System based on the PKI(Public Key Infrastructure) used by the GPKI, however, provides only the simple User Authentication and thus it results in the difficulty in managing the position, task, role information of various users required under the applied task environment of public organizations. It also has a limitation of not supporting the detailed access control with respect to the XML-based public documents.In order to solve these issues, this study has analyzed the security problems of Authentication and access control system used by the public organizations and has drawn the means of troubleshoot based on the analysis results through the scenario and most importantly it suggests the access control model applied with PMI and SAML and XACML to solve the located problem.

On Design of the Recoverable Cryptosystem in Public Key Infrastructure (PKI 연동 키복구 암호 시스템 설계에 관한 연구)

  • 최희봉;오수현;홍순좌;원동호
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.1
    • /
    • pp.11-20
    • /
    • 2002
  • In 1998, A. Young and M. Yung proposed the auto-recovery auto-certificate cryptosystem in public key infrastructure. We propose the new recoverable cryptosystem in public key infrastructure which is designed with the concept of A. Young et al's auto-recovery auto-certificate cryptosystem. It has the private/public key pairs of the user and the master private/public key pairs of the escrow authority. It is based on RSA cryptosystem and has efficiency and security.

Authentication Technology of Public Key Infrastructure for Electronic Commerce (전자상거래를 위한 공개키 기반 하부구조의 인증 기술)

  • 유창열;임신영;송유진;함호상
    • Proceedings of the CALSEC Conference
    • /
    • 1997.11a
    • /
    • pp.167-184
    • /
    • 1997
  • 암호화 기술의 확장성과 비도 측면에서 우수한 공개키 기반 하부구조(Public Key Infrastructure)는 공개키를 보증하는 기반 기술과 인증서의 안전한 사용 기술로 구성되어있으며, 전자상거래의 기본 기술중 하나이다. 이러한 기본 기술 중에는 키 복구(Key Recovery) 및 비밀 분산(Secret Sharing) 기술등이 포함되며, 인증기관(Certificate Authority: CA)을 통한 키 관리 효율성 및 인중 기관과 사용자 간 안전한 정보 교환 기술이 요구된다. 본 논문에서는 인터넷 기반의 전자 상거래 시 사용되는 공개키 기반 하부구조에 대하여 검토 분석한다.

  • PDF