• The Journal of the Korea Contents Association
• /
• v.4 no.1
• /
• pp.67-75
• /
• 2004

In this paper, we design an authentication model based mobile PKI (Public Key Infrastructure). The authentication mood consists of Root-CA Home-network agent and Foreign-network agent. CA will going to gave the delegation ticket to Home-Agent or Foreign-Agent when they request. The authentication mode information security is various characteristic more then high speed, mobile network and low cost more then previous structure of assure information security.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.755-764
• /
• 2004

Recently 'Banking IC Card Standard' and EMV Standard by the domestic standard is selected, and it is situation that is developing infrastructure vigorously to alternate Magnetic Stripe card by IC card. This paper analyzes EMV standard that is selecting public key cipher, and research wishes to study unexhausted EMV PKI relatively than internet PKI, WAP PKI etc. This paper propose utilizable EMV base Payment PKI model in IC card base payment system development, and developed EMV CA system with this. Also, this paper supplemented IC card Authentication mechanism that is defined in EMV standard, and propose 'Efficient smart card Authentication mechanism' to improve performance of this mechanism, and estimate performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.3
• /
• pp.607-625
• /
• 2011

Two-party key exchange protocol is a mechanism in which two parties communicate with each other over an insecure channel and output the same session key. A key exchange protocol that is secure against an active adversary who can control and modify the exchanged messages is called authenticated key exchange (AKE) protocol. LaMacchia, Lauter and Mityagin presented a strong security definition for public key infrastructure (PKI) based two-pass protocol, which we call the extended Canetti-Krawczyk (eCK) security model, and some researchers have provided eCK-secure AKE protocols in recent years. However, almost all protocols are provably secure in the random oracle model or rely on a special implementation technique so-called the NAXOS trick. In this paper, we present a PKI-based two-pass AKE protocol that is secure in the eCK security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and does not rely on implementation techniques such as the NAXOS trick.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.2 s.34
• /
• pp.123-132
• /
• 2005

In this paper, a conventional key exchange method simply Performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. Proposed hand-over method shows reduced hand-over processing time than conventional method since it can reduce CRL retrieval time. Also, we compared proposed authentication structure and conventional algorithm, and simulation results show that proposed authentication method outperforms conventional algorithm in authentication waiting time.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10a
• /
• pp.751-753
• /
• 2001

정보보호 분야의 핵심 기술인 PKI는 전자정부 및 전자상거래 전반의 응용 환경에서 정보보호의 기반구조로서 그 활용의 폭을 더욱 넓혀가고 있으며, 현재 유선 인터넷 환경을 기반으로 구성되어진 PKI는 무선 인터넷 환경의 정보보호 기반구조로 그 영역을 더욱 확장해 나가고 있다. 본 논문은 이러한 PKI에 필수적인 요소인 인증 경로 검증에 효율적으로 대응하고 확장성을 지원하기 위하여 Collaborative ETRI VA를 제안하였다. ETRI VA는 클라이언트의 인증 경로 검증에 대한 부담을 줄이고, 신뢰 모델에 영향을 받지 않고 검증을 수행하며, 중앙집중적으로 신속하게 정책을 반영할 수 있게 한다.

• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.287-293
• /
• 2021

Recently, public certificates issued by nationally-recognized certification bodies have been abolished, and internet companies have issued their own common certificates as certification authority. The Electronic Signature Act was amended in a way to assign responsibility to Internet companies. As the use of a joint certificate issued by Internet companies as a certification authority is allowed, it is expected that the fraud damage caused by the theft of public key certificates will increase. We propose an authentication model that can be used in a security gateway that combines PKI with a blockchain with integrity and security. and to evaluate its practicality, we evaluated the security of the authentication model using Sugeno's hierarchical fuzzy integral, an evaluation method that excludes human subjectivity and importance degree using Delphi method by expert group. The blockchain-based joint certificate is expected to be used as a base technology for services that prevent reckless issuance and misuse of public certificates, and secure security and convenience.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.10 no.1
• /
• pp.61-69
• /
• 2006

SSO (Single Sign On), which allows users to have an access to a various systems through a single authentication, has been receiving much attention from many enterprises due to the user convience through a single authentication and the recent security features based on PKI. An emerging authentication management system called EAM has further enhanced the efficiency and stability of the enterprise IT infrastructrure systems. In this article, the basic concept and characteristics of the existing SSO systems are analyzed and a new SSO model, based on PKI where authentication load is balanced via multiple circulators, is presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.99-107
• /
• 2003

In this paper we propose an international cross certification model using cross certificate. We propose a new model by analyzing and solving current problems of the National PKI. We recommend a certificate profile, design a directory schema, and propose a method to access PSE(personal security environment) using PKCS＃11, which gives the expansibility and convenience. Finally, we propose a certificate path verification method using RFC 3280 and show how to get the certificate chain by using the trust anchor. This model is recommended to the detailed level of specification for the interoperability of each country's PKI.

• Convergence Security Journal
• /
• v.10 no.3
• /
• pp.9-14
• /
• 2010

The network architecture and analysis model for evaluating the information security are presented to distribute the reliable and secure multimedia digital contents. Using the firewall and IDS, the function of the proposed model includes the security range, related data collection/analysis, level evaluation and strategy proposal. To develop efficient automatic analysis tool, the inter-distribution algorithm and network design based on the traffic analysis between web-server and user are needed. Furthermore, the efficient algorithm and design of DRM/PKI also should be presented before the development of the automatic information security model.

• Journal of Information Technology Services
• /
• v.3 no.2
• /
• pp.119-127
• /
• 2004

A mobile ad hoc network(MANET) is a network where a set of mobile devices communicate among themselves using wireless transmission without the support of a fixed network infrastructure. The use of wireless links makes MANET susceptible to attack. Eavesdroppers can access secret information, violating network confidentiality, and compromised nodes can launch attack from within a network. Therefore, the security for MANET depends on using the cryptographic key, which can make the network reliable. In addition, because MANET has a lot of mobile devices, the authentication scheme utilizing only the symmetric key cryptography can not support a wide range of device authentication. Thereby, PKI based device authentication technique in the Ad Hoc network is essential and the paper will utilize the concept of PKI. Especially, this paper is focused on the key management technique of PKI technologies that can offer the advantage of the key distribution, authentication, and non-reputation, and the issuing and managing technique of certificates based on clustering using Threshold Cryptography for secure communication in MANET.