• International journal of advanced smart convergence
• /
• v.8 no.1
• /
• pp.44-57
• /
• 2019

Most banks in Korea have provided Internet banking services based on PKI(Public Key Infrastructure) certificates since the early 2000s when Internet banking began in Korea. To support PKI Internet banking, the Korean government backed the electronic signature law and supported the rapid spread of PKI-based Internet banking by regulating the application of PKI certificates to be compulsory in Internet banking until 2015. PKI Internet Banking in Korea has been developed as a pioneer in this field through many challenges and responses until its present success. Korea's PKI banking, which started with soft-token-based closed banking, has responded to various types of cyber attack attempts and promoted the transition to open banking by accepting various criticisms due to lack of compatibility with international standards. In order to improve the convenience and security of PKI Internet banking, various attempts have been made, such as biometric-integrated smartphone-based PKI authentication. In this paper, we primarily aim to share the experience and lessons of PKI banking by analyzing the evolution process of PKI Internet banking in Korea. It also has the purpose of presenting the challenges of Korea's PKI Internet banking and sharing its development vision.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.7
• /
• pp.1411-1419
• /
• 2017

The two factor authentication capability, private key possession and key protection password knowledge, and the strong public key cryptography protocol of PKI authentication have largely contributed to the rapid construction of Internet transaction trusted infrastructure. The reusability of a certificate-based identity for every PKI site was another contribution factor of the spread of PKI authentication. Nevertheless, the PKI authentication has been criticised mainly for the cost of PKI construction, inconvenience of individual certificate management, and difficulties of password management. Recently FIDO authentication has received high attention as an alternative of the PKI authentication. The FIDO authentication is also based on the public key cryptography which provides strong authentication services, but it does not require individual certificate issuance and provides user-friendly and secure authentication services by integrating biometric technologies. The purpose of this paper is to concretely compare the PKI-authentication and FIDO-authentication and, based on the analysis result, to propose their corresponding applications.

• Journal of Industrial Technology
• /
• v.22 no.A
• /
• pp.95-100
• /
• 2002

When the wireless PKI is applied to 3G/4G mobile network which requires mutual authentication among all entities, the wired PKI procedure is not feasible for validating visited network's certifications because of the wireless environmental limitations. Also, if we depend on WAP based PKI, we cannot support confidence about certification validation since the information offered from visited network is not authenticated. Therefore, in this paper we consider various and unique characteristics of mobile environment for certification validation at 3G/4G mobile networks based on wireless PKI and then propose two certification validation procedures.

• The KIPS Transactions:PartD
• /
• v.9D no.2
• /
• pp.307-312
• /
• 2002

In this paper we propose the efficient blind signature scheme based on Gap problem. We can find the short signature schemes for Weil pairing as the example of signature schemes based on Gap problem. Since short signature scheme is based on elliptic curve, our proposed signature scheme can be used in wireless PKI environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.6
• /
• pp.1316-1322
• /
• 2005

Specially, though electronic commerce and electron signature technology through internet rose, PKI (Public Key Ifrastructure) is one of technologies. PKI brought several kind of new standards in encryption base technology. In spite of several kind of standardizations consist lively, shortcoming of solutions that apply PKI is expensive and slow. If main interest of encryption technology including PKI is the fast speed and security that improve, this is very serious problem. The various kinds alternatives about these problem are presented. But, we must consider about replace expense and stability etc. still. So, I propose that use suitable encryption policy by method to solve such problem. I improved some problems of existent PKI structure. Subject of this treatise designs and embody communication component could use easily and simply short message communication or simplicity way encryption communication.

• Proceedings of the Korea Contents Association Conference
• /
• 2004.11a
• /
• pp.220-227
• /
• 2004

In this paper, we made out blocking probability analysis for a new authentication structure for reducing the certificate acquisition time which is one of the factors that should be improved in a conventional wireless PKI. A conventional key exchange method simply performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. Besides, we proposed advanced handover method and blocking probability analysis for wireless PKI.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.755-764
• /
• 2004

Recently 'Banking IC Card Standard' and EMV Standard by the domestic standard is selected, and it is situation that is developing infrastructure vigorously to alternate Magnetic Stripe card by IC card. This paper analyzes EMV standard that is selecting public key cipher, and research wishes to study unexhausted EMV PKI relatively than internet PKI, WAP PKI etc. This paper propose utilizable EMV base Payment PKI model in IC card base payment system development, and developed EMV CA system with this. Also, this paper supplemented IC card Authentication mechanism that is defined in EMV standard, and propose 'Efficient smart card Authentication mechanism' to improve performance of this mechanism, and estimate performance.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.703-707
• /
• 2008

Nowadays, Internet becomes an essential element in our life. We can make use of numerous on-line services through Internet such as information search, on-line shopping, e-mail service, etc. But, while getting the benefits of Internet service, invasion of our privacy frequently occurs because on-line service providers tend to request excessive or unnecessary personal information. So, there have been some researches on anonymous authentication, which means that user can authenticate herself, not revealing her identity or personal information. But, most of the researches are not somewhat applicable to current authentication infrastructure. In this paper, we propose a pseudonym-based anonymous PKI with short group signature. Using our proposed scheme, we can provide anonymity with conditional traceability to current PKI.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.103-109
• /
• 2008

Many Internet application provide the PKI(public key infrastructure)-based service to provide authentication and message integrity. Several researchers proposed PKI-based p2p network framework. However, in the real world, the use of PKI is not suitable for peer to peer network, because the peer-to-peer network is an open and dynamic network. Moreover, currently there is no nation-to-nation interoperable certificate. In this paper, we designed reliable p2p file sharing application without public key infrastructure. To do this we propose reliable public key distribution mechanism to distribute public key safely without PKI infrastructure for two-tier super-peer architecture. In our system, each peer generates and distributes its public/private key pairs, and the public key is securely distributed without PKI. The proposed mechanism is safe against MITM attack. This mechanism can be applied various P2P applications such as file sharing, IPTV, distributed resource sharing and so on

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.873-877
• /
• 2008

There were many exposed problems in previous authentication method on LAN. Especially Open System Authentication Method, Shared Key Method, Mac Based Authentication Method are very hard to use in wireless network that needs security. So now, many researches have been performed about $802.1{\times}$ and user authentication method applying PKI. But certificate verification protocol has been used abolished list called CRL since it's first usage of PKI, there were still has a problem about distribution point. In this paper, I applied CVS to use CA direct not to use CRL and OSCP server in order to improve this problems.