Browse > Article

Wireless Certificate Management Protocol for Mobile Phone Security  

Lee, Yong (Dept. of Electron. and Comm., ChungJu National University)
Lee, Goo-Yeon (Dept. of Computer Eng., Kangwon National University)
Publication Information
Journal of the Institute of Electronics Engineers of Korea TC / v.45, no.10, 2008 , pp. 90-98 More about this Journal
Abstract
PKI (Public Key Infrastructure) which is used for the security of E-commerce (Electronic-commerce) in wired internet is not suitable for the mobile phone because of the fundamental limitation of performance such as less memory and less powerful CPU. Therefore, we need to develop a wireless PKI (WPKI) that provides the similar security level as the wired PKI supporting mobile phone. In this paper, we propose a lightweight and secure Wireless Certificate Management Protocol (WCMP) that is executable to the mobile phone that has a constrained communication environment and limitation of performance, and show the implementation results of the scheme based on the mobile phone. We minimize data sizes processed in mobile phone, and optimize protocols for the certificate management. This results in the reduced module sizes to be able to install in mobile phone and shows as the same level as the wired CMP.
Keywords
Wireless Certificate Management Protocol; Wireless Public Key Infrastructure; Digital Certificate; Mobile Phone; Wireless Internet;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Lam, K.Y., Chung, S.L., Gu,M. and Sun, J.G. : Lightweight security for mobile commerce transactions. Computer Communications, Elsevier, 26, 2052--2060 (2003)   DOI   ScienceOn
2 Frier, A., Karlton, P. and Kocher,P. : The SSL 3.0 Protocol. Netscape Communications Corp., (1996)
3 Aydos, M., Yanik, T. and Koc, C.K. : High- speed implementation of an ECC-cased wireless authentication protocol on an ARM microprocessor, IEEE Proceedings- Communi- cations, Vol. 148, No. 5, pp.273 279 (2001)
4 Admas, C., Farrell, S., Kause, T. and Mononen, T. : Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP) : IETF RFC 2510, IETF Network working Group (2005)
5 Chadwick, D. W., Mundy D. and New, J. : Experiences of using a PKI to access a hospital information system by high street opticians, Computer Communications, Elsevier, 26, 1893-1903 (2003)   DOI   ScienceOn
6 Morogan, M.C. and Muftic, S. : Certificate Management in Ad hoc Networks, IEEE Workshop on Security and Assurance in Ad hoc Networks, in conjunction with the 2003 International Symposium on Applications and the Internet, Orlando (2003)
7 WMLScript Crypto Library, WAP-161-WML ScriptCrypto, OMA (2001)
8 Wireless Application Protocol - WirelessPublic Key Infrastructure, WAP-217-WPKI, OMA (2001)
9 Lenstra, A.K. and Verheul, E.R. : Selecting Cryptographic Key Sizes, PKC 2000, Journal of Cryptology, 14, 255--293 (2001)   DOI
10 WAP Certificate and CRL, WAP-211-X.509, OMA (2000)
11 PKCS#10 : Certification Request Syntax Standard, RSA Laboratories (2000)
12 Selected Attrubute Type Standard, RSA Laboratories PKCS#9 v1.2, (1993)
13 Lee, J.L., Lee, Y. and Song, J.S. : Wireless PKI Technology in Korea. In : The First International Workshop for Asian PKI, pp 145--158 (2001)
14 Wireless Application Protocol WAP2.0 Technical White Paper, OMA (2001)
15 Wireless Application Protocol Architecture Specification, WAP-210-WAPArch, OMA (2001)
16 Wireless Transport Layer Security, WAP-261- WTLS, OMA (2001)
17 ITU-T Recommendation X.509(1997) | ISO/IEC 9594-8:1998, Information technology - Open Systems Interconnection - The Directory: Authentication Frame work
18 Schneier, B.:Applied Cryptocgraphy, 2nd, Wiley, New York (1996)
19 Myers, M., Adams, C., Solo, D. and Kemp, D. : Internet X.509 Certificate Request Message Format:IETF RFC2511, IETF Network Working Group (1999)
20 Extended-Certificate Syntax Standard, RSA Laboratories PKCS#6 v2.0 (1999)
21 WAPTransportLayer E2E Security Specification, WAP Forum Approved Version 11-July-2000, OMA (2000)
22 Dierks, T. and Allen, C. : The TLS Protocol Version 1.0 : IETF RFC2246, IETF Network Working Group (1999)
23 Digital Signature Standard (DSS) : FIPS 186-2, NIST (2000)
24 Polk, W., Housley, R. and Bassham, L. : Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile : IETF RFC3279," IETF Network Working Group (2002)
25 Myers, M., Ankney, R., Malpani, A., Galperin, S. and Adams, C. : X.509 Internet Public Key Infrastructure Online Certificate Status Protocol OCSP : IETF RFC2560, IETF Network Working Group (1999)
26 Housley, R., Polk, W., Ford, W. and Solo, D. : Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile : IETF RFC3280, IETF Network Working Group (2002)