대한전자공학회논문지TC (Journal of the Institute of Electronics Engineers of Korea TC)

대한전자공학회 (The Institute of Electronics and Information Engineers)
권호 표지

휴대폰에서의 무선 인증서 관리 프로토콜

Wireless Certificate Management Protocol for Mobile Phone Security

  • 이용 (충주대학교 전자통신공학) ;
  • 이구연 (강원대학교 컴퓨터학부)
  • Lee, Yong (Dept. of Electron. and Comm., ChungJu National University) ;
  • Lee, Goo-Yeon (Dept. of Computer Eng., Kangwon National University)
  • 발행 : 2008.10.25
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

휴대폰에서의 제한된 메모리 용량 및 CPU 성능으로 인하여, 유선망에서의 전자상거래 보안에 사용되는 PKI를 그대로 휴대폰 보안에 사용하기는 적당치 않다. 그러므로 유선망과 비슷한 보안 기능을 제공하면서도 휴대폰에 적용할 수 있는 무선 PKI 기능을 개발할 필요가 있다. 이에 본 논문에서는 경량화되고 안전한 무선 인증서 관리 프로토콜을 제안한다. 제안한 프로토콜은 휴대폰의 제한된 통신 환경 및 성능을 고려하였다. 또한 우리는 제안된 프로토콜에 대하여 시험적으로 구현하였다. 시험 구현에서 무선 인증서 관리 프로토콜의 모듈 사이즈는 휴대폰에 탑재 할 수 있을 정도로 작게 구현되었으나, 보안 기능은 유선망의 인증서 관리 프로토콜의 경우에 비하여 비슷함을 알 수 있었다.

PKI (Public Key Infrastructure) which is used for the security of E-commerce (Electronic-commerce) in wired internet is not suitable for the mobile phone because of the fundamental limitation of performance such as less memory and less powerful CPU. Therefore, we need to develop a wireless PKI (WPKI) that provides the similar security level as the wired PKI supporting mobile phone. In this paper, we propose a lightweight and secure Wireless Certificate Management Protocol (WCMP) that is executable to the mobile phone that has a constrained communication environment and limitation of performance, and show the implementation results of the scheme based on the mobile phone. We minimize data sizes processed in mobile phone, and optimize protocols for the certificate management. This results in the reduced module sizes to be able to install in mobile phone and shows as the same level as the wired CMP.

키워드

참고문헌

  1. Lam, K.Y., Chung, S.L., Gu,M. and Sun, J.G. : Lightweight security for mobile commerce transactions. Computer Communications, Elsevier, 26, 2052--2060 (2003) https://doi.org/10.1016/S0140-3664(03)00188-9
  2. Lee, J.L., Lee, Y. and Song, J.S. : Wireless PKI Technology in Korea. In : The First International Workshop for Asian PKI, pp 145--158 (2001)
  3. Wireless Application Protocol - WirelessPublic Key Infrastructure, WAP-217-WPKI, OMA (2001)
  4. Housley, R., Polk, W., Ford, W. and Solo, D. : Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile : IETF RFC3280, IETF Network Working Group (2002)
  5. ITU-T Recommendation X.509(1997) | ISO/IEC 9594-8:1998, Information technology - Open Systems Interconnection - The Directory: Authentication Frame work
  6. Wireless Application Protocol WAP2.0 Technical White Paper, OMA (2001)
  7. Wireless Application Protocol Architecture Specification, WAP-210-WAPArch, OMA (2001)
  8. Wireless Transport Layer Security, WAP-261- WTLS, OMA (2001)
  9. Frier, A., Karlton, P. and Kocher,P. : The SSL 3.0 Protocol. Netscape Communications Corp., (1996)
  10. WAP Certificate and CRL, WAP-211-X.509, OMA (2000)
  11. Aydos, M., Yanik, T. and Koc, C.K. : High- speed implementation of an ECC-cased wireless authentication protocol on an ARM microprocessor, IEEE Proceedings- Communi- cations, Vol. 148, No. 5, pp.273 279 (2001)
  12. Lenstra, A.K. and Verheul, E.R. : Selecting Cryptographic Key Sizes, PKC 2000, Journal of Cryptology, 14, 255--293 (2001) https://doi.org/10.1007/s00145-001-0009-4
  13. Myers, M., Adams, C., Solo, D. and Kemp, D. : Internet X.509 Certificate Request Message Format:IETF RFC2511, IETF Network Working Group (1999)
  14. PKCS#10 : Certification Request Syntax Standard, RSA Laboratories (2000)
  15. Admas, C., Farrell, S., Kause, T. and Mononen, T. : Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP) : IETF RFC 2510, IETF Network working Group (2005)
  16. Myers, M., Ankney, R., Malpani, A., Galperin, S. and Adams, C. : X.509 Internet Public Key Infrastructure Online Certificate Status Protocol OCSP : IETF RFC2560, IETF Network Working Group (1999)
  17. Schneier, B.:Applied Cryptocgraphy, 2nd, Wiley, New York (1996)
  18. Chadwick, D. W., Mundy D. and New, J. : Experiences of using a PKI to access a hospital information system by high street opticians, Computer Communications, Elsevier, 26, 1893-1903 (2003) https://doi.org/10.1016/S0140-3664(03)00084-7
  19. Morogan, M.C. and Muftic, S. : Certificate Management in Ad hoc Networks, IEEE Workshop on Security and Assurance in Ad hoc Networks, in conjunction with the 2003 International Symposium on Applications and the Internet, Orlando (2003)
  20. Dierks, T. and Allen, C. : The TLS Protocol Version 1.0 : IETF RFC2246, IETF Network Working Group (1999)
  21. WMLScript Crypto Library, WAP-161-WML ScriptCrypto, OMA (2001)
  22. Polk, W., Housley, R. and Bassham, L. : Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile : IETF RFC3279," IETF Network Working Group (2002)
  23. Digital Signature Standard (DSS) : FIPS 186-2, NIST (2000)
  24. Selected Attrubute Type Standard, RSA Laboratories PKCS#9 v1.2, (1993)
  25. Extended-Certificate Syntax Standard, RSA Laboratories PKCS#6 v2.0 (1999)
  26. WAPTransportLayer E2E Security Specification, WAP Forum Approved Version 11-July-2000, OMA (2000)