Browse > Article
http://dx.doi.org/10.13089/JKIISC.2004.14.5.141

A Design and Analysis of PKCS #11 supporting the KCDSA mechanism  

김명희 (숭실대학교)
김은환 (숭실대학교)
전문석 (숭실대학교)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.14, no.5, 2004 , pp. 141-151 More about this Journal
Abstract
According to the improvemnent of electronic commerce, the requirements of security devices are becoming increasingly pervasive. The security API must design easily and securely to support a compatibility feature between security devices. It is chosen the PKCS #11 interface by RSA Labs that shows the compatibility and extensibility standards of many application product and implementation, and supported KCDSA mechanism which is a korean digital signature standard. And the PKCS #11 security API defines new key management function which provides more secure key management ability. We suggest the object attributes and templates of KCDSA private and public key object, generate and verify digital signature using KCDSA mechanism. The PKCS #11 supporting KCDSA mechanism is designed, implemented using C-Language, tested a performance, and analyzed the security and compatibiltiy feature.
Keywords
PKI; Security API; PKCS #11; KCDSA Mechanism; Digital Signature Algorithm; Private and Public Key;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 NSA Cross Organization CAPI Team, 'Security Service API: Cryptographic API Recommendation Updated and Abridged Edition,' The National Security Agency, July 1997
2 Paul Kocher, Joshua Jaffe, Benjamin Jun, 'Introduction to Differential Power Analysis and Related Attacks,' Technical report, Cryptography Research Inc'1998
3 류영규, 윤호선, 염흥열, '분배된 비밀 공유 기법을 이용한 KCDSA 매직 잉크 서명 방식,' 정보보호학회논문지, 9(2), pp. 13-23, 1999
4 오형근, 이임영, 김지연, 박성준, '공정한 은닉 KCDSA 서명에 기반한 추적 가능한 전자화폐 시스템,' 정보보호학회논문지, 9(4), pp. 85-97, 1999
5 Chae Hoon Lim, 'The Revised Version of KCDSA.' 2000.
6 주학수, 이언경, 김승주, '암호라이브러리 및 암호API 개발현황,' 정보보호학회지, 12(4), pp. 94-103, 2002
7 Mike Bond, Ross Anderson, 'APILevel Attacks on Embedded Systems,' IEEE Computer Magazine Oct 2001, pp, 67-75, 2nd May 2001
8 김명희, 전문석, 'PKCS#11에 기반한 KCDSA 메커니즘 설계,' 한국정보보호학회 춘계학술발표논문집, 11(1), pp. 1015-1018, 2004
9 인터넷보안기술포럼, '암호토큰을 위한 PKCS#11 VMFHVKDLF VYWNS,' 2003
10 Jolyon Clulow, 'The design and analysis of cryptographic application programming interfaces for devices,' Master's thesis, University of Natal. Durban, 2003
11 이상곤, 윤태은, 'EC-KCDSA 부분 은닉서명을 이용한 거스름 재사용 가능한 전자수표지불시스템,' 정보보호학회논문지, 13(1), pp. 3-10, 2003
12 KCDSA Task Force Team, 'The Korean Certificate-based Digital Signature Algorithm,' 1998
13 R. L. Rivest, M. E. Hellman, J. C. Anderson, 'Response to NIST's proposal,' Comm. ACM, 35(7), pp. 41-52, 1992   DOI
14 Jolyon Clulow, 'On the Security of PKCS #l11.'CHES 2003, LNCS 2779, 2003
15 RSA Laboratories, 'PKCS #11 v2.20 : Cryptographic Token Interface Standard- Draft 5,' 2004.
16 Paul Kocher, Joshua Jaffe, Beniamin Jun, 'Differential Power Analysis,' Advances in Cryptology-CRYPTO '99, Springer LNCS, v1666, pp. 388-397, 1999
17 Vlastimil Klima, Tomas Rosa, 'Attack on Private Signature Keys of the OpenPGP format, PGPTM programs and other applications compatible with OpenPGP,' March 2001
18 Peter Gutmann, 'The Design of A Cryptographic Security Architecture,' Proceedings of the 8th USENIX Security Symposium, Washington, D.C., USA. August 23-26, 1999
19 Mike Bond, 'Attacks on Cryptoprocessor Transaction Sets,' Cryptographic Hardware and Embedded System-CHES 2001 Third International Workshop, Springer LNCS, V2162, pp. 220-234, 2001
20 이성은, 장흥종, 박인재, 한선영, '다중 암호화 기법을 활용한 하이브리드 스마트카드 구현.' 정보보호학회논문지, 13(2), pp. 81-89, 2003