The Transactions of the Korea Information Processing Society (한국정보처리학회논문지)

Korea Information Processing Society (한국정보처리학회)
권호 표지

Specification and Analysis of Key Recovery System using ECTPN

ECTPN을 이용한 키복구 시스템의 명세 및 분석

  • Go, Jeong-Ho (Dept. of Computer Engineering, Graduate School of Hannam University) ;
  • Gang, Sang-Seung ;
  • Jeon, Eun-A (Dept. of Computer Engineering, Graduate School of Hannam University) ;
  • Lee, Gang-Su (Dept. of Computer Engineering, Graduate School of Hannam University)
  • 고정호 (한남대학교 대학원 컴퓨터공학과) ;
  • 강상승 (한국전자통신연구원 전자상거래연구부) ;
  • 전은아 (한남대학교 대학원 컴퓨터공학과) ;
  • 이강수 (한남대학교 대학원 컴퓨터공학과)
  • Published : 2000.06.01
Download PDF
⟨ Previous Next ⟩

Abstract

When a receiver of ciphertext message can not decrypt a message because he has lost his private-key, the private-key of receiver and session-key of the message should be recovered. In this paper, we developed an Encapsulation based Key Recovery System (EKRS). EKRS is a new key encapsulation based key recovery system which is characterized by secretly choice of KRA, randomized target keys. n-way recovery type, and useful for commercial key recovery. EKRS is formally specified by a pictorial model, an Extended Cryptographic Timed Petri Net (ECTPN). Secure information flow and reachability of a session-key are verified by using reachability graph of ECTPN. EKRS, executing over a Public Key Infrastructure, can be used as a security solution in Web based applications such as CALS, EC an EDI.

Keywords

References

  1. Technology Committee of Key Recovery Alliance, Cryptographic Information Recovery using Key Recovery, A Working Paper, Version 1.2, http:// www.kra.org, Aug. 1997
  2. Dorothy E. Denning and Dennis K. Branstad, 'A Taxonomy for Key Escrow Encryption Systems,' Communications of the ACM, pp.34-40, Vol.39, No.3, 1996 https://doi.org/10.1145/227234.227239
  3. Ravi Ganesan, 'How To Use Key Escrow,' Communications of the ACM, Vol.39, No.3, pp.33, Mar.1996 https://doi.org/10.1145/227234.227238
  4. Jingmin He and Ed Dawson, 'A New Key Escrow Cryptosystem,' Lecture Notes in Computer Science. Vol. 1029, pp,105-113, 1995 https://doi.org/10.1007/BFb0032350
  5. Yung-Cheng Lee; Chi-Sung Laih, 'On the key recovery of the Key Escrow System,' Proceedings of 13th Annual Computer Security Applications Conference, pp.216-220, 1997
  6. Ravi Ganesan, 'The Yaksha Security System,' Communications of the ACM. Vol.39, No.3, pp.55-60. Mar. 1996 https://doi.org/10.1145/227234.227242
  7. Jefferies, N., Mitchell, C. and Walker, M., 'A Proposed Architecture for Trusted Third Party Services,' Lecture Notes in Computer Science, Vol. 1029, pp.98-104, 1995 https://doi.org/10.1007/BFb0032349
  8. D. P. Maher, Crypto Backup and Key Escrow, Communications of ACM. Vol.39, No.3. pp.48-53, Mar. 1996 https://doi.org/10.1145/227234.227241
  9. Stephen T. Walker, Steven B. Lipner, Carl M. Ellison and David M. Balenson., 'Commercial Key Recovery,' Communications of the ACM, Vol.39, No.3, pp.41-47, 1996 https://doi.org/10.1145/227234.227240
  10. M. Markowitz and R Schlafly, 'Key Recovery in Secret Agent,' Digital Signature, 1997
  11. 'CyKey, A Key Recovery System for Commerical Environments,' Cylink Corp. http://www cylink. com, 1998
  12. R. Gennaro, et, al., 'Secure Key Recovery,' IBM Thomas J. Watson Research Center, 1999
  13. James Peterson, J. 'Petri Nets Theory and the Modeling of Systems'. Prentice Hall. 1982
  14. Zuberak, W, 'Timed Petri Nets' Definitions, Properties, and Applications.' Microelectronics and Reliability, Vol.31, pp.627-644, 1991 https://doi.org/10.1016/0026-2714(91)90007-T
  15. Varadhajan, V., 'Petri Net based Modeling of Information Flow Security Requirements,' Proc. of the Computer Security Foundations Workshop III, pp.51-61, 1990 https://doi.org/10.1109/CSFW.1990.128185
  16. Gang-Soo Lee and Jin-seok Lee, 'Petri Net based models for specification and analysis of Cryptographic Protocols,' Journal of systems and software, Vol.37, pp,141-159, 1997 https://doi.org/10.1016/S0164-1212(96)00112-4
  17. 'Korean Certification-based Digital Signature Algorithm', 한국정보보호센터, 1997
  18. B. Scheneier, Applied Cryptography(second edition), Wiley& Sons, 1996
  19. 'Requirements for Key Recovery Products, (Final Report),' Federal Information Processing Standard for Federal Key Management Infrastructure, http://csrc.nist.gov/key recovery/, Nov. 1998
  20. 채승철, 이임영, '안전한 키 위탁 시스템에 관한 연구', 한국통신정보보호학회논문지, 제9권, 제2호, pp. 83-92. Jun. 1999