Advanced SearchSearch Tips
Management Method to Secure Private Key of PKI using One Time Password
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Management Method to Secure Private Key of PKI using One Time Password
Kim, Seon-Joo; Joe, In-June;
  PDF(new window)
We have various e-commerce like on-line banking, stock trading, shopping using a PC or SmartPhone. In e-commerce, two parties use the certificate for identification and non-repudiation but, the attack on the certificate user steadily has been increasing since 2005. The most of hacking is stealing the public certificate and private key files. After hacking, the stolen public certificate and private key file is used on e-commerce to fraud. Generally, the private key file is encrypted and saved only with the user's password, and an encrypted private key file can be used after decrypted with user password. If a password is exposed to hackers, hacker decrypt the encrypted private key file, and uses it. For this reason, the hacker attacks user equipment in a various way like installing Trojan's horse to take over the user's certificate and private key file. In this paper, I propose the management method to secure private key of PKI using One Time Password certification technique. As a result, even if the encrypted private key file is exposed outside, the user's private key is kept safely.
PKI;Certificate;Private Key File;Password;OTP;
 Cited by
전자서명법, 법률 제11690호, 2013.03.23 시행

2. &mid=sec&sid1=101&oid=014&aid=0000177855


4. _id=20131016174155


이형우, "안전한 로그인을 위한 소프트 보안카드 기반 다중 인증시스템", 한국콘텐츠학회논문지, 제9권, 제3호, pp.28-38, 2009.

김대진, 최홍섭, "OTP를 이용한 IPTV 콘텐츠 보호 및 인증 시스템 설계", 한국콘텐츠학회논문지, 제9권, 제8호, pp.129-137, 2009. crossref(new window)

고윤미, 권경희, "SIP에서의 강화된 사용자 인증 방식", 한국콘텐츠학회논문지, 제11권, 제12호, pp.88-93, 2011. crossref(new window)


B. Kaliski, PKCS #8: Private-Key Information Syntax Standard V1.2, RSA Laboratories, 2008.

B. Kaliski, PKCS #5, Password Based Cryptography Standard V2.1, RSA Laboratories, 2000.