Browse > Article
http://dx.doi.org/10.13089/JKIISC.2012.22.5.945

Security Analysis on Digital Signature Function Implemented in Electronic Documents Software  

Park, Sunwoo (Sungkyunkwan University)
Lee, Changbin (Sungkyunkwan University)
Lee, Kwangwoo (Sungkyunkwan University)
Kim, Jeeyeon (Sungkyunkwan University)
Lee, Youngsook (Howon University)
Won, Dongho (Sungkyunkwan University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.22, no.5, 2012 , pp. 945-957 More about this Journal
Abstract
Electronic documents have characteristics that detecting whether an electronic document is modified or not is not an easy process. Thus verifying integrity of documents is very important for using electronic documents. To facilitate this process, various electronic document software provide digital signature capabilities on themselves. However, there were not much research on the security of digital signature function of software. Therefore, in this paper, we analyze the security of Adobe PDF, MS Word, Hancom Hangul, digital notary service and digital year-end-settlement service, and propose recommendations for implementation of digital signature funcion.
Keywords
Electronic Documents; Electronic Document Software; Digital Signature; PDF; MS Word; Hancom Hangul;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 오관석, 전자정부와 u-패러다임, 진한엠엔비, 2010.
2 R.C. Merkle, "A certified digital signature," Advances in Cryptology, CRYPTO' 89, LNCS 435, pp. 241-250, 1989.
3 M. Bellare and S.K. Miner, "A Forward -Secure Digital Signature Scheme," Advances in Cryptology, CRYPTO'99, LNCS 1666, pp. 431-448, 1999.
4 R. Housley, W. Polk, W. Ford, and D. Solo, "Internet x.509 public key infra- structure certificate and CRL profile," RFC 3280, Apr. 2002.
5 Y. Lee, J. Ahn, S. Kim, and D. Won, "A PKI System for Detecting the Ex- posure of a User's Secret Key," Proceedings of EuroPKI, LNCS 4043, pp. 248-250, 2006.
6 Adobe Community, http://forums.adobe.com/community/acrobat
7 "Document management - Portable document format - Part 1: PDF 1.7," ISO 32000-1, Jan. 2008
8 B. Kaliski, "PKCS#7: Cryptographic Message Syntax Version 1.5," RFC 2315, Mar. 1998
9 CEOworld Magazine, http://ceoworld.biz/ceo/2010/04/13
10 S. Park, C. Lee, K. Lee, J. Kim, Y. Lee, and D. Won, "Security Analysis on Digital Signature Function Implemented in PDF Software," Proceedings of FGIT, LNCS 7105, pp. 327-334, 2011.
11 MS 오피스, http://office.microsoft.com/ko-kr/products
12 이창빈, 박선우, 이광우, 김지연, 남정현, 이영숙, 원동호, "워드프로세서의 전자서명 기능에 대한 취약성 분석," 한국컴퓨터정보학회논문지, 16(8), pp. 109-118, 2011년 8월
13 한글과컴퓨터, http://www.hancom.co.kr
14 법무부 전자공증시스템, http://enotary.moj. go.kr
15 국세청 연말정산간소화서비스, http://www.yesone.go.kr/home/ragaw008.jsp
16 타임스탬프솔루션, http://www.timestamping.co.kr
17 C. Adams, P. Cain, D. Pinkas, and R. Zuccherato, "Internet X.509 Public Key Infrastructure Time-Stamp Protocol," RFC 3161, Aug. 2001.
18 Y. Lee, I. Kim, S. Kim, and D. Won, "A Method for Detecting the Exposure of OCSP Responder's Session Private Key in D-OCSP-KIS," Proceedings of EuroPKI, LNCS 3545, pp. 215-226, 2005.