Browse > Article

Enhanced Certificate with User's Privacy Protection Methods  

Yang Hyung kyu (강남대학교 컴퓨터미디어공학부)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.30, no.4C, 2005 , pp. 290-295 More about this Journal
Abstract
When a Certification Authority (CA) issues X.509 public-key certificate to bind a public key to a user, the user is specified through one or more subject name in the 'subject' field and the 'subjectAltName' extension field of a certificate. The 'subject' field or the 'subjectAltName' extension field may contain a hierarchically structured distinguished name, an electronic mail address, If address, or other name forms that correspond to the subject. In this paper, we present the requirements for certificate holder's privacy protection and propose the methods to protect the user's privacy information contained in the 'subject' field or the 'subjectAltName' extension field of a public-key certificat
Keywords
PKI; Public-key certificate; Privacy; zero-knowledge;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S.G. Renfro, 'VeriSign CZAG: privacy leak in X.509 certificates', Proceedings of the 11th USENIX Security Symposium, August 2002
2 MasterCard and VISA, 'Secure Electronic Transaction (SET) specification', Book 2 : Programmer's Guide, version 1.0(1997)
3 J.J. Hwang, T.C. Yeh, and J.B. Li, 'Securing on-line credit card payments without disclosing privacy information', Computer Standards and Interfaces 25, pp.119-129, 2003   DOI   ScienceOn
4 J. Camenisch and M. Stadler, 'Proof systems for general statements about discrete logarithms', Technical Report TR 260, 13pages, Department of Computer Science, ETH Zurich, March 1997
5 J.J. Hwang and S.C. Hsueh, 'Greater protection for credit card holders : a revised SET protocol', Computer Standards and Interfaces 19, pp.1-8, 1988
6 M. Bellare and P. Rogaway, 'Random oracles are practical: A paradigm for designing efficient protocols', Proc. First Annual Conference on Computer and Communications Security, ACM, 1993   DOI
7 Verisign, 'VeriSign enhances digital IDs to enable universial website login and one-step registration', http://www.verisign.comjpress/product/isv.htrnl, , April 1997
8 M. Bellare, J.A. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, E.V. Herreweghen, and M. Waidner, 'Design, implementation, and deployment of the iKP secure electronic payment system', IEEE Journal on Selected Areas in Communications 18(4), pp. 611-627, April 1991
9 Hongkong Post, 'e-Cert certification practice statement', 2001
10 MasterCard and VISA, 'Secure Electronic Transaction (SET) specification', Book 1 : Business Description, version 1.0(1997)
11 W. Diffie and M.E. Hellman, 'New Directions in cryptography', IEEE Trans. Inform. Theory, IT-22, pp.644-654, 1976
12 E.IITF principles, supra note 19, at 5
13 R. Housley, W. Ford, W. Polk, and D. Solo, 'Intenet X.509 public key infrastructure certificate and Certificate Revocation list (CRL) profile', IETF RFC 3280, April 2002
14 J. Park, J. Yoon, S. Kim, S. Park, J.Lee, H. Lee, and T. Polk, 'Internet X.509 public key infrastructure subject identification method' draft-ietf-pkix-sim-03.txt, Feb. 2004
15 MasterCard and VISA, 'Secure Electronic Transaction (SET) specification', Book 3 : Formal Protocol Definition, version 1.0 (1997)
16 Australian Transaction Report and Analysis Center, 'RGEC report -- research and technical advice volume 3', http://www.austrac.gov.au/text/publications/rgec/3/pdf/ch1.pdf, Dec, 1999