Browse > Article
http://dx.doi.org/10.5762/KAIS.2014.15.8.5294

Key-pair(Public key, Private key) conflict analysis using OpenSSL  

Lee, Kwang-Hyoung (Department of Internet Information, Seoil University)
Park, Jeong-Hyo (Department of Computer Science, SoongSil University)
Jun, Moon-Seog (Department of Computer Science, SoongSil University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.15, no.8, 2014 , pp. 5294-5302 More about this Journal
Abstract
The development of public-key-based technique that enables a variety of services(E-government, e-banking, e-payment, etc.) evaluated as having complete safety. On the other hand, vulnerabilities(e.g, heartbleed bug, etc.) are constantly being discovered. In this paper, a public key infrastructure to verify the safety and reliability, the collision rate using OpenSSL key pair was analyzed. the experiment was performed using the following procedure. Openssl was used to create five private certification agencies, and each of the private certificate authority certificates to create 2 million, generating a total of 10 million by the certificate of the key pair conflicts analysis. The results revealed 35,000 in 1 million, 0.35% chance of a public key, a private key conflict occurred. This is sufficient in various fields(E-payment, Security Server, etc.). A future public-key-based technique to remove the threat of a random number generator, large minority issues, in-depth study of selection will be needed.
Keywords
The public key based technique; RSA Cryptosystem; The key pair conflict analysis; The collision rate;
Citations & Related Records
Times Cited By KSCI : 10  (Citation Analysis)
연도 인용수 순위
1 In Bum Kim, "A Study on Enforce the Policy of User Certification in Public Certificate System", Journal of Korea Information Assurance Society 10(4), PP.69-76, 2010.   과학기술학회마을
2 M. Stevens, A. Sotirov, J. Appelbaum, A. Lenstra, D. Molnar, D. A. Osvik, and B. de Weger, "Short chosen-prex collisions for MD5 and the creation of a rogue CA certicate", In S. Halevi, editor, Crypto 2009, volume 5677 of Lecture Notes in Computer Science, pages 55-69. Springer, Heidelberg, 2009. DOI: http://dx.doi.org/10.1007/978-3-642-03356-8_4   DOI   ScienceOn
3 D. Loebenberger and M. Nusken, "Analyzing standards for RSA integers", In A. Nitaj and D. Pointcheval,editors, Africacrypt '11, volume 6737 of Lecture Notes in Computer Science, pp.260-277, Springer, 2011.
4 Yeon-ho Jung, "Domestic PKI Construction and technology", Journal of Korea Information Assurance Society 17(6), pp.122-131, December, 2007.
5 Seon-keun Lee, "A Study on the Modulus Multiplier Speed-up Throughput in the RSA Cryptosystem." THE JOURNAL OF KOREA INFORMATION AND COMMUNICATIONS SOCIETY 4(3), pp.217-233, September, 2009.   과학기술학회마을
6 Kwang-Eun Gil, Yi-Roo Baek, Whan-koo Kim, Jea-cheol Ha, "Fault Analysis Attacks on Control Statement of RSA Exponentiation Algorithm", Journal of The Korea Institute of Information Security and Cryptology 19(6), pp.63-70, December, 2009.   과학기술학회마을
7 Yunyoung Lee, Soonhaeng Hur, Sangjoo Park, Donghwi Shin, Dongho Won, Seungjoo Kim, "CipherSuite Setting Problem of SSL Protocol and It's Solutions", Korea Information Processing Society Review, pp.359-366, October, 2008.
8 Behrouz A. Forouzan, "Cryptography and Network Security", McGrawHillKorea, 2008.
9 Woo Hyun Ahn, Hyungsu Kim, "Attacking OpenSSL Shared Library Using Code Injection", Journal of KISS : Computer Systems and Theory, pp.226-238, August, 2010.   과학기술학회마을
10 Jong-Hoon Park, Chul-won Kim, "Design and Implementation of Web Service System for secure Message Transmission in Electronic Commerce", THE JOURNAL OF KOREA INFORMATION AND COMMUNICATIONS SOCIETY 14(8), August, 2010. DOI: http://dx.doi.org/10.6109/jkiice.2010.14.8.1855   과학기술학회마을   DOI   ScienceOn
11 Soo-jong Mo, Won-hi Cho, Sun-young Yu, Jae-hong Yim, "Design and Implementation of PKI based Cryptography Communication Component", Journal of the Korea Institute of Information and Communication Engineering, pp.1316-1322, 2005.   과학기술학회마을
12 R. Holz, L. Braun, N. Kammenhuber, and G. Carle. The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements. In Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, IMC '11, pages 427-444. ACM, 2011. DOI: http://dx.doi.org/10.1145/2068816.2068856   DOI
13 S. Cavallar, Zimmermann, "Factorization of a 512-bit RSA modulus", In B. Preneel, editor, Eurocrypt 2000, volume 1807 of Lecture Notes in Computer Science, pages 1-18, Springer, Heidelberg, 2000.
14 S. Yilek, E. Rescorla, H. Shacham, B. Enright, and S. Savage, "When private keys are public: results from the 2008 debian OpenSSL vulnerability", In A. Feldmann and L. Mathy, editors, Internet Measurement Conference, pp.15-27, ACM, 2009. DOI: http://dx.doi.org/10.1145/1644893.1644896   DOI
15 Kyoung-Soon Hong, "Accessibility Evaluation of Accredited Certificate Subscriber Software", Journal of the Korea Contents Association, pp.40-53, February, 2011. DOI: http://dx.doi.org/10.5392/JKCA.2011.11.2.040   과학기술학회마을   DOI   ScienceOn
16 P. Q. Nguyen and I. Shparlinski, "The insecurity of the digital signature algorithm with partially known nonces", Journal of Cryptology 15(3), pp.151-176, 2002. DOI: http://dx.doi.org/10.1007/s00145-002-0021-3   DOI   ScienceOn
17 J.-M. Kang, Y.-J. Song, "A Study on Structural Holes of Privacy Protection for Life Logging Service as analyzing/processing of Big-Data", The Journal of The Institute of Internet, Broadcasting and Communication, Vol. 14, No. 1, pp. 189-193, Feb. 2014.   과학기술학회마을   DOI   ScienceOn
18 D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. "Internet X.509 Public Key Infrastructure Certicate and Certicate Revocation List (CRL) Prole", RFC 5280, 2008.
19 Pil-Yong Kang, "Certificate usage and policy direction of the mobile revolution era", KIISC, Review 21(1), pp.51-56, Fedbruary, 2011.
20 W.-J. Kang, "An Efficient Privacy Preserving Method based on Semantic Security Policy Enforcement", The Journal of The Institute of Internet, Broadcasting and Communication, Vol. 13, No. 6, pp. 173-186, Dec. 2013.   과학기술학회마을   DOI   ScienceOn
21 J.-H. Jun, M.-J. Kim, J.-H. Cho, C.-W. Ahn, S.-H. Kim, "Detection Method of Distributed Denial-of-Service Flooding Attacks Using Analysis of Flow Information", The Journal of The Institute of Internet, Broadcasting and Communication, Vol. 14, No. 1, pp. 203-209, Feb. 2014.   과학기술학회마을   DOI   ScienceOn