A Flexible Key Recovery System with One-way Key Distribution Property

일방향 키 분배 기능을 가지는 유연한 키 복구 시스템

  • Published : 2001.06.01

Abstract

급속산 암호의 민간 부문 확산에 따라 암소 사용으로 인한 부작용을 방지하기 위한 대책으로 키 복구에 대한 연구가 활발히 진행되고 있다. 그러나 지금까지 제시된 기존의 키 복구 기술들은 그 대부분이 정부의 법 집행권 보장에만 설계초점을 맞추고 있기 때문에 다양한 사용자들의 요구를 충족시키기 어렵다. 본 논문에서는 키 복구 시스템에 대한 사용주체들의 입장을 고려하여 다양한 환경에서 사용할 수 있는 키 복구 시스템을 제안한다. 제안하는 방식은 암호통신 과정 중에 키가 분배되는 일방향 키 분배가 가능하고 기존의 시스템만큼 효율적이며, 충분한 유연성을 제공한다.

Keywords

References

  1. IBM SecureWay, 'Towards a Framework-based solution to Cryptographic Key Recovery,' available at http://www-4.ibm.com/software/security/library
  2. National Institute of Standards and Technology, 'Requirements for Key Recovery Products,' Report of the Technical Advisory Committee to Develop a Federal Information Processing Standard for the Federal Key Management Infrastructure, Available at http://csrc.nist.gov/keyrecovery, 1998
  3. NIST, 'Escrowed Encryption Standard,' Federal Information Processing Standards Publication 185, 1994
  4. David M. Balenson, Carl M. Ellison, Steven B. Lipner and Stephen T. Walker, 'A New Approach to Software Key Escrow Encryption,' Building in Big Brother; The Cryptographic Policy Debate, pp.180-207, Springer-Verlag, 1995
  5. Ross Anderson and Michael Roe, 'The GCHQ Protocol and its Problems,' Eurocrypt'97, pp.134-148, 1997
  6. Stephen T. Walker, Steven B. Lipner, Carl M. Ellison and David M. Balenson, 'Commercial Key Recovery,' Communications of the ACM, Vol.39, No.3, pp.41-47, 1996 https://doi.org/10.1145/227234.227240
  7. David Paul Maher, 'Crypto Backup and Key Escrow,' Corrununications of the ACM, Vol.39, No.3, pp.48-53, 1996 https://doi.org/10.1145/227234.227241
  8. Matt Blaze, 'Protocol Failure in the Escrowed Encryption Standard,' The 2nd ACM Conference on Computer and Corrununications Security, pp.59-67, 1994 https://doi.org/10.1145/191177.191193
  9. Yair Frankel and Moti Yung, 'Escrowed Encryption Systems Visited : Attacks, Analysis and Designs,' Advanced in Cryptology-Crypto'95, pp.222-235, 1995
  10. Business Scenarios Committee of the Key Recovery Alliance, 'Business Requirements for Key Recovery Release 3.0,' A vailable at http://www.kra.org./whitepapers, 1997
  11. H. Abelson, R. Anderson, S. M. Bellovin, J. Benaloh, M. Blaze, W. Diffie, J. Gilmore, P. G. Neumann, R. L. Rivest, J. I. Schiller and B. Schneier, 'The Risk of Key Recovery, Key Escrow and Trusted Third Party Encryption,' available at http://www.cdt.org/crypto/risks98, 1998
  12. Yang-Chen Lee and Chi-Sung Laih, 'On the Key Recovery of the Key Escrow System,' Proceedings of 13th Annual Conference on Computer Security Applications, pp.216-220, 1997 https://doi.org/10.1109/CSAC.1997.646192
  13. Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, 'Handbook of Applied Cryptography,' pp.321-331, CRC Press, 1996
  14. Colin Boyd, 'Enforcing Traceability in Software,' 1st International Conference on Information and Communication Security, ICICS'97, pp.398-408, 1997 https://doi.org/10.1007/BFb0028495
  15. S. C. Pohig and M. E. Hellman, 'An Improved Algorithm for Computing Logarithms over GF(p) and Its Cryptographic Significance,' IEEE Transaction on Information Theory, Vol. IT 24, No.1, pp.103-110, 1978
  16. W. Diffie and M. E. Hellman, 'New Directions in Cryptography,' IEEE Transaction on Information Theory, Vol.IT 22, No.6, pp.135-145, 1976 https://doi.org/10.1109/TIT.1976.1055638