Journal of IKEEE (전기전자학회논문지)

Institute of Korean Electrical and Electronics Engineers (한국전기전자학회)
권호 표지
DOI QR코드

DOI QR Code

Design of Electronic ID System Satisfying Security Requirements of Authentication Certificate Using Fingerprint Recognition

지문 인식을 이용하여 공인인증서의 보안 요건을 만족하는 전자 신분증 시스템의 설계

  • Lee, Chongho (PKI Security Institute, ISolutec Corporation) ;
  • Lee, Seongsoo (School of Electronic Engineering, Soongsil University)
  • Received : 2015.12.22
  • Accepted : 2015.12.28
  • Published : 2015.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, an electronic ID system satisfying security requirements of authentication certificate was designed using fingerprint recognition. The proposed electronic ID system generates a digital signature with forgery prevention, confidentiality, content integrity, and personal identification (=non-repudiation) using fingerprint information, and also encrypts, sends, and verify it. The proposed electronic ID system exploits fingerprint instead of user password, so it avoids leakage and hijacking. And it provides same legal force as conventional authentication certificate. The proposed electronic ID consists of 4 modules, i.e. HSM device, verification server, CA server, and RA client. Prototypes of all modules are designed and verified to have correct operation.

본 논문에서는 지문 인식을 이용하여 공인인증서의 보안 조건을 만족하는 전자 신분증 시스템을 설계 및 개발하였다. 제안하는 전자 신분증 시스템은 지문 정보를 사용하여 위변조 불가, 기밀성, 무결성, 본인 인증 (=부인 방지)등의 기능을 가진 전자서명문을 생성하고, 이를 암호화, 전송 및 검증한다. 제안하는 전자 신분증 시스템은 사용자 암호 대신에 지문을 사용하여 유출 및 탈취를 피하면서도 기존의 공인인증서와 동일한 법적 효력을 가진다. 제안하는 전자 신분증 시스템은 HSM 디바이스, 검증 서버, CA 서버, RA 클라이언트의 4개 모듈로 설계하였으며 각 모듈의 프로토타입이 정상적으로 동작하는 것을 확인하였다.

Keywords

References

  1. Digital Signature Act, http://www.law.go.kr/lsInfoP.do?lsiSeq=160903&efYd=20141015#0000
  2. J. Lee and S. Lee, "Development of Electronic ID Performing as Authentication Certificate Based on Fingerprint Recognition", Proceedings of IEIE Fall Conference, CFP-020, 2015.
  3. ITU-T Recommendation X.509, "Information Technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks", 2012.
  4. IETF RFC 3280, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", 2002.
  5. W. Park, "Encryption of Biometrics Data for Security Improvement in the User Authentication System", Journal of IKEEE. vol. 9, no. 1, pp. 31-39, Apr. 2005.
  6. H. Kim, S. Kim, and K. Cho, "Design of Low-area Encryption Circuit Based on AES-128 Suitable for Tiny Applications", Journal of IKEEE. vol. 18, no. 2, pp. 198-205, Jun. 2014. https://doi.org/10.7471/ikeee.2014.18.2.198
  7. TTAS.KO-12.0012/R1, "Digital Signature Certificate Profile", 2006.