The Secure Key Store to prevent leakage accident of a Private Key and a Certificate
인증서와 개인키 유출 방지를 위한 보안키 저장소 Secure Key Store

Young-Jin Park, Seon-Jong Kim, Dong-Hoon Lee
2014 Journal of the Korea Institute of Information Security and Cryptology  
In Korea, the Public Key Infrastructure (PKI) has been introduced. For secure information transmission and identification, the electronic signature authorization system of a certificate-based is built, and then the service provide.The certificate is stored in location what users can easily access and copy. Thus, there is a risk that can be stolen by malware or web account hacking. In addition, private key passwords can be exposed by the logging tool, after keyboard security features are
more » ... eatures are disabled. Each of these security weaknesses is a potential conduit for identity theft, property/asset theft, and theft of the actual certificates. The present study proposes a method to prevent the private key file access illegally. When a certificate is stored, the private key is encrypted by the dependent element of the device, and it is stored securely. If private key leakage occurs, the retrieved key could not be used on other devices.
doi:10.13089/jkiisc.2014.24.1.31 fatcat:fanufg4w7rbmriy5yngnz7mqyi