Browse > Article
http://dx.doi.org/10.13089/JKIISC.2017.27.2.293

Certified Key Management in Multi K-FIDO Device Environment  

Lee, Byoungcheon (Joongbu University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.27, no.2, 2017 , pp. 293-303 More about this Journal
Abstract
FIDO(Fast IDentity Online) technology is expanding very rapidly which can replace traditional password-based authentication with biometrics technology[1,7]. FIDO provides convenient authentication with biometrics technology and secure key management with smart card technology, but it does not provide user identification, thus traditional user identification technology should be used before a FIDO device is registered to a FIDO server. K-FIDO[3] is an approach to implement FIDO and certificate-based authentication technology into a single device that user can utilize certificate-based authentication in initial registration of FIDO device to FIDO server. It is expected that very shortly users will own and use multiple K-FIDO devices. If we consider the traditional approach of copying single certificate to multiple devices or issuing independent certificate to each device, there will be many complex problems. In this paper we propose more secure and convenient key management technology in multiple K-FIDO device scenario using self-extended certification[4].
Keywords
FIDO; K-FIDO; multi-device key management; self-extended certification;
Citations & Related Records
연도 인용수 순위
  • Reference
1 FIDO alliance, https://fidoalliance.org/
2 R. Lindermann, V. Bharadwaj, A. Czeski s, and M.B. Jones, "FIDO 2.0: Client To Authenticator Protocol," Oct. 2016, https://fidoalliance.org/specs/fido-v2.0-rd-20161004/fido-client-to-authenticatorprotocol-v2.0-rd-20161004.html
3 KISA, "Implementation Guideline for Safe Usage of Accredited Certificate using bio information in Smart phone," KCAC.TG.IMP, 2016. 9.
4 Byoungcheon Lee, "Hybrid Key Management Using Self-Extended Certification and Hardware Security Module," Journal of Security Engineering, 11(4), pp. 273-286, Aug. 2014.   DOI
5 Byoungcheon Lee, "Model of Key Management Server for Hybrid Certification," Journal of Security Engineering, 13(1), pp. 27-40, Feb. 2016.   DOI
6 Byoungcheon Lee, "Hybrid-Style Personal Key Management in Ubiquitous Computing," Proceedings of the 11th International Conference on Security and Cryptography (SECRYPT2014), pp. 238-243, Aug. 2014.
7 S.R. Cho, D.S. Choi, S.H. Jin, and H.H. Lee, "Passwordless Authentication Technology - FIDO," Electronics and Telecommunications Trends, 29(4), pp. 101-109. Aug. 2014.
8 H.L.V. Gong, D. Balfanz, A. Czeskis, A. Birgisson, and J. Hodges, "FIDO 2.0: Web API for accessing FIDO 2.0 credentials," Nov. 2015, https://www.w3.org/Submission/2015/SUBM-fido-web-api-20151120/
9 D. Boneh, and M. Franklin, "Identity-based encryption from the Weil pairing," Advances in Cryptology - Crypto'2001, LNCS 2139, pp. 213-229. SpringerVerlag. Aug. 2001.