• Title/Summary/Keyword: Private and Public Key

Search Result 357, Processing Time 0.023 seconds

Design of a Private Key Escrow System based on the Fingerprint Identification (지문 인식 기반의 개인키 위탁 시스템의 설계)

  • Shin, Yong-Nyuo;Lee, Yong-Jun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.4 no.2
    • /
    • pp.21-28
    • /
    • 2008
  • There are some problems on the system that uses a password comprising a digital signature to identify the secret key owner under the public key infrastructure. For example, the password can be difficult to remember or easy to be disclosure, and users should make more complex password to protect it. A number of studies have been proceeded in order to overcome these defects using the fingerprint identification technologies, but they need to change the current standard of public key infrastructure. On the suggested private key escrow system, the private key can be withdrawn only through the enrollment and identification of a fingerprint template after it is saved to a reliable third system. Therefore, this new private key escrow system can remove previous inconveniences of managingthe private key on current public key infrastructure, and it exhibited superior results in terms of the evaluation items when compared with the integrated method of the existing fingerprint identification and public key infrastructure.

A Secure Asymmetric Watermarking to the Public Key Attack (공개키 공격에 안전한 비대칭 워터마킹)

  • Li, De;Kim, Jong-Weon;Choi, Jong-Uk
    • Journal of the Korea Society of Computer and Information
    • /
    • v.13 no.7
    • /
    • pp.173-180
    • /
    • 2008
  • In this paper, we proposed an algorithm for an effective public key and private key generation to implement a secure asymmetric watermarking system against the public key attack. The public key and private key generation is based on the linear transformation using a special matrix and the keys are designed to be able to have high correlation value. We also proposed a counter plan of public key attack. This method uses a multiple public key generation and distribution. As the results, the correlation value between the public key and the private key is high in the watermarked image. After the public key attack. this can detect the correlation by using other public key.

  • PDF

Optical Asymmetric Cryptography Modifying the RSA Public-key Protocol

  • Jeon, Seok Hee;Gil, Sang Keun
    • Current Optics and Photonics
    • /
    • v.4 no.2
    • /
    • pp.103-114
    • /
    • 2020
  • A new optical asymmetric cryptosystem is proposed by modifying the asymmetric RSA public-key protocol required in a cryptosystem. The proposed asymmetric public-key algorithm can be optically implemented by combining a two-step quadrature phase-shifting digital holographic encryption method with the modified RSA public-key algorithm; then two pairs of public-private keys are used to encrypt and decrypt the plaintext. Public keys and ciphertexts are digital holograms that are Fourier-transform holograms, and are recorded on CCDs with 256-gray-level quantized intensities in the optical architecture. The plaintext can only be decrypted by the private keys, which are acquired by the corresponding asymmetric public-key-generation algorithm. Schematically, the proposed optical architecture has the advantage of producing a complicated, asymmetric public-key cryptosystem that can enhance security strength compared to the conventional electronic RSA public-key cryptosystem. Numerical simulations are carried out to demonstrate the validity and effectiveness of the proposed method, by evaluating decryption performance and analysis. The proposed method shows feasibility for application to an asymmetric public-key cryptosystem.

The Improved Estimation of the Least Upper Bound to Search for RSA's Private key

  • Somsuk, Kritsanapong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.16 no.6
    • /
    • pp.2074-2093
    • /
    • 2022
  • RSA is known as one of the best techniques for securing secret information across an unsecured network. The private key which is one of private parameters is the aim for attackers. However, it is exceedingly impossible to derive this value without disclosing all unknown parameters. In fact, many methods to recover the private key were proposed, the performance of each algorithm is acceptable for the different cases. For example, Wiener's attack is extremely efficient when the private key is very small. On the other hand, Fermat's factoring can quickly break RSA when the difference between two large prime factors of the modulus is relatively small. In general, if all private parameters are not disclosed, attackers will be able to confirm that the private key is unquestionably inside the scope [3, n - 2], where n is the modulus. However, this scope has already been reduced by increasing the greatest lower bound to [dil, n - 2], where dil ≥ 3. The aim of this paper is to decrease the least upper bound to narrow the scope that the private key will remain within this boundary. After finishing the proposed method, the new scope of the private key can be allocated as [dil, dir], where dir ≤ n - 2. In fact, if the private key is extremely close to the new greatest lower bound, it can be retrieved quickly by performing a brute force attack, in which dir is decreased until it is equal to the private key. The experimental results indicate that the proposed method is extremely effective when the difference between prime factors is close to each other and one of two following requirement holds: the first condition is that the multiplier of Euler totient function is very close to the public key's small value whereas the second condition is that the public key should be large whenever the multiplier is far enough.

Management Method to Secure Private Key of PKI using One Time Password (OTP를 이용한 PKI 기반의 개인키 파일의 안전한 관리 방안)

  • Kim, Seon-Joo;Joe, In-June
    • The Journal of the Korea Contents Association
    • /
    • v.14 no.12
    • /
    • pp.565-573
    • /
    • 2014
  • We have various e-commerce like on-line banking, stock trading, shopping using a PC or SmartPhone. In e-commerce, two parties use the certificate for identification and non-repudiation but, the attack on the certificate user steadily has been increasing since 2005. The most of hacking is stealing the public certificate and private key files. After hacking, the stolen public certificate and private key file is used on e-commerce to fraud. Generally, the private key file is encrypted and saved only with the user's password, and an encrypted private key file can be used after decrypted with user password. If a password is exposed to hackers, hacker decrypt the encrypted private key file, and uses it. For this reason, the hacker attacks user equipment in a various way like installing Trojan's horse to take over the user's certificate and private key file. In this paper, I propose the management method to secure private key of PKI using One Time Password certification technique. As a result, even if the encrypted private key file is exposed outside, the user's private key is kept safely.

A Study on the Secure Global Key Recovery System (안전한 글로벌 키복구 시스템에 관한 연구)

  • Yang Hyung-Kyu;An Young-Hwa
    • Journal of Internet Computing and Services
    • /
    • v.7 no.1
    • /
    • pp.59-64
    • /
    • 2006
  • Harn al proposed a GKRS(Global Key Recovery System) that combines the functions of the key recovery authorities and the public key certification authorities(CA), Among other features, user dominance(i.e, a user is allowed to select his own public-private key pair and especially a public element for verifying the validity of the public-private key pair)is proposed by [1] for wide acceptance of GKRS. In this paper, we attack the RSA version of GKRS by showing that its user-dominance feature and the corresponding key verification scheme employed by the CA allow for fraud by users against CA. We propose more secure GKPS than original GKPS, The proposed system makes the probability of user fraud negligible small.

  • PDF

A Study on the Contents Security Management Model for Multi-platform Users

  • Joo, Hansol;Shin, Seung-Jung
    • International journal of advanced smart convergence
    • /
    • v.10 no.2
    • /
    • pp.10-14
    • /
    • 2021
  • Today people adopt various contents from their mobile devices which lead to numerous platforms. As technology of 5G, IOT, and smart phone develops, the number of people who create, edit, collect, and share their own videos, photos, and articles continues to increase. As more contents are shared online, the numbers of data being stolen continue to increase too. To prevent these cases, an authentication method is needed to encrypt the content and prove it as its own content. In the report, we propose a few methods to secure various misused content with secondary security. A unique private key is designed when people create new contents through sending photos or videos to platforms. The primary security is to encrypt the "Private Key" with a public key algorithm, making its data-specific "Timeset" that doesn't allow third-party users to enter. For the secondary security, we propose to use Message Authentication Codes(MACs) to certify that we have produced the content.

A Method for Detection of Private Key Compromise (서명용 개인키 노출 탐지 기법)

  • Park, Moon-Chan;Lee, Dong-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.5
    • /
    • pp.781-793
    • /
    • 2014
  • A Public Key Infrastructure (PKI) is security standards to manage and use public key cryptosystem. A PKI is used to provide digital signature, authentication, public key encryption functionality on insecure channel, such as E-banking and E-commerce on Internet. A soft-token private key in PKI is leaked easily because it is stored in a file at standardized location. Also it is vulnerable to a brute-force password attack as is protected by password-based encryption. In this paper, we proposed a new method that detects private key compromise and is probabilistically secure against a brute-force password attack though soft-token private key is leaked. The main idea of the proposed method is to use a genuine signature key pair and (n-1) fake signature key pairs to make an attacker difficult to generate a valid signature with probability 1/n even if the attacker found the correct password. The proposed method provides detection and notification functionality when an attacker make an attempt at authentication, and enhances the security of soft-token private key without the additional cost of construction of infrastructure thereby extending the function of the existing PKI and SSL/TLS.

Certificateless Public Key Encryption Revisited: Security Model and Construction (무인증서 공개키 암호 기법의 재고: 안전성 모델 및 설계)

  • Kim, Songyi;Park, Seunghwan;Lee, Kwangsu
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.20 no.6
    • /
    • pp.1109-1122
    • /
    • 2016
  • Certificateless public key cryptography is a technique that can solve the certificate management problem of a public key cryptosystem and clear the key escrow issue of ID-based cryptography using the public key in user ID. Although the studies were actively in progress, many existing schemes have been designed without taking into account the safety of the secret value with the decryption key exposure attacks. If previous secret values and decryption keys are exposed after replacing public key, a valid private key can be calculated by obtaining the partial private key corresponding to user's ID. In this paper, we propose a new security model which ensures the security against the key exposure attacks and show that several certificateless public key encryption schemes are insecure in the proposed security model. In addition, we design a certificateless public key encryption scheme to be secure in the proposed security model and prove it based on the DBDH(Decisional Bilinear Diffie-Hellman) assumption.

An Fingerprint Authentication Model of ERM System using Private Key Escrow Management Server (개인키 위탁관리 서버를 이용한 전자의무기록 지문인증 모델)

  • Lee, Yong-Joon;Jeon, Taeyeol
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.20 no.6
    • /
    • pp.1-8
    • /
    • 2019
  • Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.