• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.2
• /
• pp.109-121
• /
• 2009

As our society is changed to the information & digital society based on the internet, the requirement that the analog certificate of Korean residence is changed to digital one is increased. The Korean Government selected the smart card of 72 KB for the digital certificate of Korean residence and try to insert the personnel information of 41 items to it. The method that the numerous personnel information is stored in one smart card is convenience to use. If the certificate of residence is lost, the number of personnel information is misused or spreaded thorough the Internet by the hacking. In this paper, we analyze the problem about the digital certificate of Korean residence and propose the countermeasure about the problem. In the proposal, the digital certificate of residence have only the certificate. Therefore, the size of the smart card is minimized and can be canceled at the loss of the certificate of residence. And the exposure worry of personnel information will be decreased.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.107-117
• /
• 2014

The personal information extrusion accident(hacking, improper maintenance) by the internet has been increased rapidly during the last ten-year period. The personal information includes Korean resident registration number, name, cellphone number, home telephone number, E-mail address, home address, etc. Korean resident registration number is unchangeable from the cradle to the grave. Illegally accessed personal information can be wrongfully resoled or used at phishing scam. In this paper, we propose a alternative means of Korean resident registration number using the authorized certificate. The authorized certificate is in use safely in Internet. The authorized certificate(included Chinese name) is in used in offline service, the authorized certificate(included English name) is used in online(for government service) and the authorized certificate(not included name) is used in online(for private service). The authorized certificates are possible for discard, republication. The method can reduce the possibility of the personal information extrusion.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.7
• /
• pp.2554-2571
• /
• 2014

Certificate-based cryptography is a new cryptographic paradigm that provides an interesting balance between identity-based cryptography and traditional public key cryptography. It not only simplifies the complicated certificate management problem in traditional public key cryptography, but also eliminates the key escrow problem in identity-based cryptography. As an extension of the signcryption in certificate-based cryptography, certificate-based signcryption provides the functionalities of certificate-based encryption and certificate-based signature simultaneously. However, to the best of our knowledge, all constructions of certificate-based signcryption in the literature so far have to be based on the costly bilinear pairings. In this paper, we propose a certificate-based signcryption scheme that does not depend on the bilinear pairings. The proposed scheme is provably secure in the random oracle model. Due to avoiding the computationally-heavy paring operations, the proposed scheme significantly reduces the cost of computation and outperforms the previous certificate-based signcryption schemes.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.433-440
• /
• 2003

According as the real economic activities are carried out in the cyber world and the identity problem of a trade counterpart emerges, digital signature has been diffused. Due to the weakness for real-time validation using the validation method of digital signature, Certificate Revocation List, On-line Certificate Status Protocol was introduced. In this case, every transaction workload requested to verify digital signature is concentrated of a validation server node. Currently this method has been utilized on domestic financial transactions, but sooner or later the limitation will be revealed. In this paper, the validation method will be introduced which not only it can guarantee real-time validation but also the requesting node of certificate validation can maintain real-time certificate status information. This method makes the revocation management node update the certificate status information in real-time to the validation node while revoking certificate. The characteristic of this method is that the revocation management node should memorize the validation nodes which a certificate holder uses. If a certificate holder connects a validation node for the first time, the validation node should request its certificate status information to the above revocation management node and the revocation management node memorizes the validation node at the time. After that, the revocation management node inform the revocation information in real-time to all the validation node registered when a request of revocation happens. The benefits of this method are the fact that we can reduce the validation time because the certificate validation can be completed at the validation node and that we can avoid the concentration of requesting certificate status information to a revocation node.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.3
• /
• pp.91-97
• /
• 2008

The conventional CA(Certificate Authority) has problems in dealing with certificates whose valid time is expired and in managing CRI (Certificate Revocation Information) produced by clients. Many researches are conducted to solve them, but they have limitations in providing real-time verifications of certificates' status for clients. In this paper, we propose a new CRI management model to address these limitations in distributed OCSP(On-line Certificate Status Protocol) environments. CRL(Certificate Revocation List) is divided into two parts: one part that is recent is replicated over several OCSP servers, the other part is replicated and distributed over servers. Our methods can help to break the bottleneck of CA, and effectively reduce the size of CRL transferred. Therefore, with our methods, clients can verify the state of certificates in real time.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.1
• /
• pp.115-129
• /
• 2010

As the fixed mobile communication tools using the internet are developed, the off-line services are serviced through on-line on the internet. our society is divided into the real world and the cyber world. In the cyber world, the authentication to the user is absolutely required. The authentication is divided into the real-name authentication and the anonymous authentication by the kind of the internet service provider. There are some ISPs needed the real-name authentication and there are others ISPs needed the anonymity authentication. The research about the anonymity authentication is steadily established to these days. In this paper, we analyze the problem about blind signature, group signature, ring signature, and traceable signature. And we propose a method of anonymity authentication using the public certificate. In the proposal, the anonymity certificate have the new structure and management. Certificate Authority issues several anonymity certificates to a user through the real-name authentication. Several anonymity certificates give non-linked and non-traceability to the attacker.

• Proceedings of the Korean Society for Quality Management Conference
• /
• 2004.04a
• /
• pp.618-624
• /
• 2004

Korean Standard Certificate , suitable for the korean industrial standards is one which was designed not only to spread and utilize the industrial standard established for the industrial standardization but to protect the consumer In this study, the practical effects of the Korean Standard Certificate will be examined in various fields, based on the small medium enterprises which achieved the K.S. Certificate In order to look into how the system has effects on the performance of the management in a company, the method of the actual approach will be used. In the end, the purpose of this study is to find the plan in which KS Certificate can be helpful to the development of the company.

• Journal of Information Processing Systems
• /
• v.15 no.3
• /
• pp.707-716
• /
• 2019

In this paper, we present a certificate management platform for performance assessment during recruitment using blockchain. Applicants are awarded certificates according to a predetermined level of progress based on their performances. All certificates are stored on a recruitment management platform that serves as an environment for storing and presenting all awarded certificates. The hashed information of all the certificates are stored in the blockchain, and once stored, the contents cannot be tampered with. Therefore, anyone can check the validity of the certificates using this blockchain. Our proposed platform will be useful for recruitment and application management, career management, and personal history maintenance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.881-896
• /
• 2016

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. In this paper, by giving a concrete attack, we first show that the certificate-based encryption scheme without bilinear pairings proposed by Yao et al. does not achieve either the chosen-ciphertext security or the weaker chosen-plaintext security. To overcome the security weakness in Yao et al.'s scheme, we propose an enhanced certificate-based encryption scheme that does not use the bilinear pairings. In the random oracle model, we formally prove it to be chosen-ciphertext secure under the computational Diffie-Hellman assumption. The experimental results show that the proposed scheme enjoys obvious advantage in the computation efficiency compared with the previous certificate-based encryption schemes. Without costly pairing operations, it is suitable to be employed on the computation-limited or power-constrained devices.

• Management & Information Systems Review
• /
• v.2
• /
• pp.195-208
• /
• 1998

We have experienced tremendous growth in commercial use of Internet especially in the last couple of years, and the rate of growth does not appear to be slowing down. As the Internet becomes a dominant platform for electronic commerce, all involved parties of electronic commerce are concerned about security of transactions. Various technologies are adopted to enhance the security of business transactions. This paper briefly discusses certificate technology and a way to minimize the business risk of certificate authority in a form of system requirements of CMS(Certificate Management System).