Browse > Article
http://dx.doi.org/10.13089/JKIISC.2007.17.1.41

The Recovery of the Deleted Certificate and the Detection of the Private-Key Encryption Password  

Choi, Youn-Sung (Information Security Group, School of Information and Communication Engineering, Sungkyunkwan University)
Lee, Young-Gyo (Information Security Group, School of Information and Communication Engineering, Sungkyunkwan University)
Lee, Yun-Ho (Information Security Group, School of Information and Communication Engineering, Sungkyunkwan University)
Park, Sang-Joon (Information Security Group, School of Information and Communication Engineering, Sungkyunkwan University)
Yang, Hyung-Kyu (Department of Computer & Media Engineering, Kangnam University)
Kim, Seung-Joo (Information Security Group, School of Information and Communication Engineering, Sungkyunkwan University)
Won, Dong-Ho (Information Security Group, School of Information and Communication Engineering, Sungkyunkwan University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.17, no.1, 2007 , pp. 41-55 More about this Journal
Abstract
The certificate is used to confirm and prove the user's identity in online finance and stocks business. A user's public key is stored in the certificate(for e.g., SignCert.der) and the private key, corresponding to public key, is stored in the private key file(for e.g., SignPri.key) after encryption using the password that he/she created for security. In this paper, we show that the certificate, deleted by the commercial certificate software, can be recovered without limitation using the commercial forensic tools. In addition, we explain the problem that the private key encryption password can be detected using the SignCert.der and the SignPri.key in off-line and propose the countermeasure about the problem.
Keywords
Digital Forensic; Data Recovery; PKI;
Citations & Related Records
Times Cited By KSCI : 5  (Citation Analysis)
연도 인용수 순위
1 R. Hunt. PKI and digital certification Infrastructure, Ninth IEEE International Conference on Networks (ICON'01), October, 2001
2 J. S. Park and R. Sandhu. Binding identities and attributes using digitally signed certificates, Annual Computer Security Applications Conference 2000, USA , 2000
3 정보보호진흥원 암호인증기술팀, 전자서명 인증서 효력정지 및 폐지목록 프로파일 기술규격[V1.10], 정보보호진흥원, 2004
4 Intrusion Detection, Diagnosis, and Recovery with Self-Securing Storage. John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A.N. Soules, Gregory R. Ganger. CMU SCS Technical Report CMU-CS-02-140, May 2002
5 추경균, 김종배, 류성열, 정부의 행정전자서명인증체계(GPKI) 활성화 및 발전방안, 정보보호학회논문지 14(2), pp. 85-100, 2004
6 정보보호진흥원 암호인증기술팀, 전자서명 인증서 프로파일 기술규격 [V1.10], 정보보호진흥원, 2004
7 정보보호진흥원 암호인증기술팀, 공인인증서 표시를 위한 기술규격[V1.00], 정보보호진흥원, 2002
8 염흥열, 정보보호 법제도 및 기술 표준화 : PKI 표준화 동향과 PKI 영역간 상호 연동 방법, 정보보호학회지, 12(4), pp. 23-46, 2002
9 The SANS Institute, Password Protection Policy Standards Organization, http://www.sans.org/resources/policies/Password_Policy.pdf
10 William Burr, Donna Dodson, Noel Nazario, W. Timothy Polk. MISPC Minimum Interoperability Specification for PKI Components, Version 1 Computer Science Resource Center, NIST September, 1997
11 김영백, 이석래, 이재일, 고승철, 전자서명 키관리 시스템에 대한 고찰, 정보보호학회지, 10(4), pp. 1-8, 2000
12 미국 NIST 전자인증 가이드라인 표준, NIST Special Publication 800-63-Appendix A, http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
13 T. Auro and C. Ellison. Privacy and Accountability in certificate Systems, Helsinki University of Technology, 2000
14 Sharon Boyen, Tim Howes and Patrick Richard. Internet X.509 Public Key Certificate Operational Protocols-LDAPv2. RFC2559, IETF Network Working Group, April 1999
15 이래, 이동훈, 코드 서명 기술의 국내 PKI 적용 방안 비교 연구, 정보보호학회논문지 14(3), pp.13-27, 2004
16 심주걸, 박택진, 이철원, 원동호, 국내 PKI 시스템 평가 기준 제안, 정보보호학회논문지, 12(3), pp. 45-61, 2002
17 마이크로소프트의 패스워드 설정 원칙, http://www.microsoft.com/athome/security/privacy/password.mspx
18 정보보호진흥원 암호인증기술팀, SEED 알고리즘을 이용한 개인키 암호화 기술규격〔v1.00], 정보보호진흥원, 2004
19 최희봉, 오수현, 홍순좌, 원동호, PKI 연동 키복구 암호 시스템 설계에 관한 연구, 정보보호학회논문지 12(1), pp. 11-19, 2002