Browse > Article
http://dx.doi.org/10.9708/jksci.2011.16.8.109

Vulnerability Analysis on Digital Signature Function of Word Processors  

Lee, Chang-Bin (School of Information and Communication Engineering, Sungkyunkwan University)
Park, Sun-Woo (School of Information and Communication Engineering, Sungkyunkwan University)
Lee, Kwang-Woo (School of Information and Communication Engineering, Sungkyunkwan University)
Kim, Jee-Yeon (School of Information and Communication Engineering, Sungkyunkwan University)
Nam, Jung-Hyun (Department of Computer Engineering, Konkuk University)
Lee, Young-Sook (Department of Cyber Investigation Police, Howon University)
Won, Dong-Ho (School of Information and Communication Engineering, Sungkyunkwan University)
Publication Information
Journal of the Korea Society of Computer and Information / v.16, no.8, 2011 , pp. 109-118 More about this Journal
Abstract
Recently, electronic documents are deployed in many areas. However, trust concerns arise owing to the fact that detecting whether an electronic document is modified or not is not an easy process. To facilitate this process, many word processors provide digital signature capabilities on themselves. However, there were not much research on the security of digital signature function of various programs including Microsoft Word and Hancom Hangul. Therefore, in this paper, we analyze the security of Microsoft Word and Hancom Hangul, and propose improvements for their digital signature schemes.
Keywords
Electronic document; Digital signature; Certificate; Vulnerability Analysis;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 S. Pyo, "A Design of XML Structure for Digital Sign ature", Journal of The Korea Society of Computer and Information, Vol. 7, No. 4, pp. 66-74, Dec. 2002.
2 K.S. Sung, J.J. Kim, and H.S. Oh, "System Design for the Safe store and Issue Service Assurance of the E-Document", Journal of The Korea Society of Computer and Information, Vol. 13, No. 6, pp. 173-180, Nov. 2008.
3 etnews, "What solutions exist for 'Paperless Office'", March 2011.
4 Microsoft Office Products - Office.com, http://office. micro soft.com/ko-kr/products
5 Hancom, http://www.hancom.co.kr
6 KISA, "Digital Signature Certificate Profile", Sept. 2009.
7 M. Myers, R. Ankney, A. Malpani, S. Galperin and C. Adams, "X.509 Internet PKI Online Certificate Status Protocol," IETF RFC 2560, June 1999.
8 KISA, "Accredited Certificate Cryptosystem Sophist ication Plan", Sept. 2009.
9 Y. Lee, J. Ahn, S. Kim, and D. Won, "A PKI System for Detecting the Exposure of a User's Secret Key", Proc. of EuroPKI 2006, Springer-Verlag, LNCS 4043, pp.248-250, June 2006.
10 R. Housley, W. Polk, W. Ford, and D. Solo, "Intern et x.509 public key infrastructure certificate and CRL profile," IETF RFC 3280, April 2002.
11 Timestamp Solution, http://www.timestamping.co.kr
12 C. Jung, "e-Government", Seoul Economics and Management, pp. 44-45, 2009.
13 K. Oh, "e-Government and u-paradigm ", MnB, pp. 80-85, 2010.
14 Presidential Committee on Government Innovation &Decen tralization, "e-Government of Participation Government", 2005.