KR100529594B1 - Method for verifying public key in different certification domain - Google Patents

Abstract

The present invention relates to a method for verifying a public key in different authentication domains. The self-authentication public key issuing method according to the present invention includes the steps of: a user terminal generating a public key having a secret key of the user terminal and a public key parameter of a key issuer; Transmitting the generated public key to the key issuing institution, and generating the authentication information of the key issuing body by inputting the personal identification information and the public key parameter of the key issuing body into a one-way hash function; And generating authentication information of the user terminal by inputting the personal identification information and the public key received from the user terminal into the hash function, authentication information of the key issuer, and authentication of the user terminal. Generating a self-authenticating public key with information, the public key and the public key parameters, A body authentication public key comprises the step of transmitting to the user terminal.

Self-certified public key, certificate, key issuer, wireless

Description

Method for verifying public key in different authentication domains {METHOD FOR VERIFYING PUBLIC KEY IN DIFFERENT CERTIFICATION DOMAIN}             

1 is a view showing a system configuration according to an embodiment of the present invention.

2 is a diagram illustrating a user 10 performing procedure for a self-authentication public key issuing process according to an embodiment of the present invention.

3 is a view showing the procedure of the key issuance authority 30 for the self-certification public key issuing process in the embodiment of the present invention.

4 is a diagram illustrating a user 10 performing procedure for using a self-authentication public key according to an embodiment of the present invention.

FIG. 5 is a diagram illustrating a user 20 performing procedure for a self-authentication public key verification process according to an embodiment of the present invention.

6 is a diagram illustrating a procedure of performing a key issuance authority 40 for a self-certification public key verification process according to an embodiment of the present invention.

The present invention relates to a public key authentication method, and more particularly, to a method for verifying a public key in different authentication domains.

There are three public key authentication methods. First, the certificate-based approach has the burden of verifying the certificate, certificate revocation and revocation list. In addition, the user personal identification information-based method has a disadvantage in that the secret key of the user is exposed to the key issuing authority, and the self-authentication method has a disadvantage in that users of different authentication domains cannot authenticate the other party's public key.

The most commonly used method for authenticating a public key is to verify a public key certificate issued by a certification authority under an existing public key infrastructure (PKI). In such a PKI environment, several certification authorities have various forms to accommodate a large number of users and to provide efficient certificate-related services. Therefore, each user may need to verify a certificate issued by another certification authority as well as the certificate authority's trusted certificate authority. To this end, mutual authentication is signed between certification authorities so that users of different domains can verify each other's public key certificates.

One way to authenticate a public key without using a public key certificate is by a public key proposed by A. Shamir in 1985 based on the user's personally identifiable information. This method makes it easier for anyone to authenticate the public key by using the user's personal identification information as the public key itself. However, since the key issuer directly generates and transmits the public key, that is, the secret key corresponding to the personal identification information, to the user, the secret key of the user is exposed to the key issuer.

The self-certified public key proposed by M. Girault in 1991 is also based on personally identifiable information without using a certificate. However, this method allows a user to generate a private key directly, and the key issuer issues a self-certified public key for the corresponding public key so that the public key itself acts as a certificate (self-authentication). In 1999, S. Kim et al. Extended the concept of self-certified public key, and if the problem occurred because the self-certified public key was used for signature or key distribution, there was a problem with the signature or key distribution. We proposed a verifiable self-certifying public key that can verify its validity. However, this method has a disadvantage in that users who trust different key issuers cannot authenticate the other party's public key.

Accordingly, an object of the present invention is to provide a method in which a user's secret information is not exposed to a key issuing authority, can be authenticated by the public key itself, and public key verification can be performed in different authentication domains.

According to a first aspect of the present invention for achieving the above object, a method for issuing a self-authenticating public key that can be verified in different domains is disclosed by a user terminal having a secret key of the user terminal and a public key parameter of a key issuer. Generating a key, transmitting the personal identification information of the user terminal and the generated public key to the key issuer, and the key issuer, the personal identification information of the key issuer and the public key parameter Generating an authentication information of the key issuer by inputting a one-way hash function, and generating authentication information of the user terminal by inputting the personal identification information and the public key received from the user terminal into the hash function. Process, authentication information of the key issuer, authentication information of the user terminal, the public key and the public key La has a meter and a process of generating a self-certified public key, and the generated self-certified public key, characterized in that it comprises the step of transmitting to the user terminal.

와

상에서 임의로 선택한 원소

를 이용하여 중간값

을 계산하는 과정과, 상기 제1사용자 단말기의 비밀키

와

를 이용하여 서명문

에 대한 서명

를 생성하는 과정과, 상기 중간값

, 상기 제1키발급기관으로부터 발급받은 자체 인증 공개키

, 상기 제1키발급기관의 인증정보

, 상기 제1사용자 단말기의 인증정보

를 제2사용자 단말기로 전송하는 과정과, 상기 제2사용자 단말기가, 상기 제1사용자 단말기로부터 수신한

와 상기 제1키발급기관의 공개키 파라미터

로 상기 제1 사용자 단말기의

를 검증하는 과정을 포함하는 것을 특징으로 한다.According to a second aspect of the present invention, there is provided a method of using a self-authenticating public key that can be verified in different domains, wherein the first user terminal is a public key parameter disclosed by the first key issuer.

Wow

Randomly selected elements

Median using

Calculating a secret key of the first user terminal;

Wow

Signature using

Signature for

And generating the intermediate value

, Self-certified public key issued by the first key issuing agency

Authentication information of the first key issuing organization

Authentication information of the first user terminal

Transmitting the message to the second user terminal, and receiving the message received from the first user terminal by the second user terminal.

And a public key parameter of the first key issuer

Of the first user terminal

It characterized in that it comprises a process of verifying.

와 개인식별정보

로 상기 제1키발급기관의 인증정보

를 생성하는 과정과, 상기 제2키발급기관의 비밀키

로 상기 인증정보에 대한 서명

를 생성하여 상기 제2사용자로 전송하는 과정과, 상기 제2사용자 단말기가, 상기 서명

, 상기 제2키발급기관의 공개키 파라미터

및 키발급기관의 공개키를 가지고 상기 제1키발급기관의 인증정보

를 계산하는 과정과, 상기 제1키발급기관의 개인식별정보

와 상기 공개키 파라미터

를 일방향 해쉬 함수에 입력하여 나온 결과값과 상기 계산된 제1키발급기관의 인증정보

이 동일한지 비교하여 상기 공개키 파라미터

의 정당성을 검증하는 과정과, 상기 정당성이 검증된 공개키 파라미터

로 상기 제1사용자단말기의 공개키

를 계산하는 과정과, 상기 계산된 공개키

를 상기 제1사용자단말기의 개인식별정보

와 함께 일방향 해쉬 함수에 입력하여 나온 결과값과 상기 제1사용자단말기로부터 수신한 인증정보

가 동일한지 비교하여 상기 제1사용자 단말기의 공개키

의 정당성을 검증하는 과정을 포함하는 것을 특징으로 한다.According to a third aspect of the present invention, there is provided a self-certifying public key verification method that can be verified in different domains, wherein the second user terminal trusts the authentication information of the first key issuing agency by the second user terminal. Requesting to the institution; and the public key parameter of the first key issuing institution that the second key issuing institution has previously verified and stored in advance.

And personally identifiable information

Authentication information of the first key issuing organization

Generating a secret key of the second key issuing organization;

Signature for the above authentication information

Generating and transmitting the generated information to the second user;

, Public key parameter of the second key issuing organization

And authentication information of the first key issuing agency with the public key of the key issuing institution

Calculating the personal identification information of the first key issuing institution;

And the public key parameter

To the one-way hash function and the calculated result and authentication information of the first key issuing organization

Compare the public key parameters

Verifying the validity of the public key parameter, and verifying the validity of the public key parameter

The public key of the first user terminal

Calculating a; and the calculated public key

Personal identification information of the first user terminal

And the result value inputted to the one-way hash function and the authentication information received from the first user terminal.

Public key of the first user terminal in comparison

Characterized in that it includes a process of verifying the validity of.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. In describing the present invention, if it is determined that the detailed description of the related known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted.

First, prior to explaining the symbols used in the present invention as follows.

<System Parameter>

: 각 사용자

: Each user

: 각각

와

가 신뢰하는 키 발급 기관

: each

Wow

Trusted key issuing authority

             The two key issuers form different domains,

             A trust relationship is established so that the public key and public key of the other party's organization

             Storing parameters

: 각각

와

의 개인식별정보

: each

Wow

Personally identifiable information

: 각각

와

의 공개키 파라미터

: each

Wow

Public key parameters

와

은 Pohlig-Hellman attack에 대해 안전하기At this time,

Wow

Is safe against Pohlig-Hellman attacks

       To be fairly large prime numbers of similar size each,

,

,

일 때,

,

,

when,

역시 큰 소수이어야 함

Must also be a large prime number

)(eg

)

등 모든 키 발급 기관의 공개키Integer 3:

Public keys of all key issuers

        Used to increase the efficiency of exponential operations with public keys

) 중 In two forms:

) Of

을 사용함In the present invention

Used

: 각각

와

의 비밀키

: each

Wow

Secret key

At this time,

상에서의 원시원소

Primitive elements

:

인 일방향 해쉬 함수

:

One-way hash function

Hereinafter, the present invention will be described for issuance, use, and verification of self-certified public keys that can be verified in different authentication domains.

1 shows a system configuration according to an embodiment of the present invention.

As shown in the drawing, a user A (user terminal A) 10, a user B (user terminal B) 20, a key issuing engine A 30, and a key issuing engine 40 are configured. In particular, FIG. 1 shows the information exchanged between the devices.

와 공개키

를 키발급기관(30)으로 전송하면, 상기 키발급기관(30)은 자체 인증 공개키

를 생성하여 상기 사용자(10)에게 전송한다. 그러면, 상기 사용자(10)는 수신된 자체 인증 공개키

를 가지고 앞서 생성한 공개키

를 검증한다.Information exchanged between the key issuer 30 and the user (or user terminal) 10 is information exchanged in the process of issuing a self-authentication public key. User 10 has the personal identification information of user 10

And public key

To the key issuing authority 30, the key issuing authority 30 is a self-certified public key

Create and transmit to the user (10). Then, the user 10 receives the received self-authentication public key.

Public key created earlier with

Verify.

(≡

), 서명문

, 서명

, 자체 인증 공개키

, 키발급기관(30)의 인증정보

, 사용자(10)의 인증정보

를 사용자(20)에게 전송하면, 상기 사용자(20)는 상기 자체 인증 공개키, 키발급기관(30)의 인증정보, 사용자(10)의 인증정보 및 키발급기관(30)의 공개키 파라미터

로 사용자(10)의 서명(

,

,

)을 검증한다.The information exchanged between the user 10 and the user (or user terminal) 20 is information exchanged when the user 20 verifies a signature generated by the user 10. User (10) is the median

(≡

), Signature

, signature

Self-certifying public key

, Authentication information of the key issuing organization (30)

, Authentication information of user 10

Is transmitted to the user 20, the user 20 is the self-authentication public key, the authentication information of the key issuing organization 30, the authentication information of the user 10 and the public key parameters of the key issuing organization 30

The signature of the user (

,

,

).

의 정당성을 확인할 수 있는 인증정보를 요청하면, 상기 키발급기관(40)은 키발급기관(10)의 인증정보

를 생성하고 키발급기관(40)의 비밀키

로 서명 S_B를 생성하여 사용자(20)에게 전송한다. 그러면, 상기 사용자(20)는 상기 공개키 파라미터

의 정당성을 검증하고, 정당성이 검증된 공개키 파라미터로 사용자(10)의 공개키

를 계산하고, 상기 공개키

를 가지고 사용자(10)의 공개키

를 검증한다.The information exchanged between the user 20 and the key issuer 40 is information exchanged when the user 20 verifies the self-authentication public key when the verification of the user 10 fails in the above process. . The user 20 sends the public key parameter to the key issuer 40.

When requesting authentication information to verify the legitimacy of the, the key issuing authority 40 is the authentication information of the key issuing authority (10)

A secret key of the key issuing institution 40

The signature S _B is generated and transmitted to the user 20. Then, the user 20 is the public key parameter

The public key of the user 10 with the public key parameter verified

Calculate the public key

Public key of user 10 with

Verify.

The present invention is largely the process of issuing a self-certified public key from a key issuing agency, using the self-certified public key in applications such as signing and key distribution, and if a problem occurs after use by a user of another domain It can be divided into the process of verifying whether there is an error in the certificate public key or whether there is an error in the signature or key distribution process.

First, the self-certification public key issuance process is as follows.

2 is a flowchart illustrating a user 10 performing a procedure of issuing a self-authentication public key according to an embodiment of the present invention.

를 선택하고, 203단계에서 자신이 신뢰하는 키발급기관(30)의 공개키 파라미터

를 이용하여 공개키

(≡

)를 계산한다. 그리고 상기 사용자(10)는 205단계에서 사용자(10)의 개인식별정보

와 상기 공개키

를 상기 키발급기관(30)으로 전송한다.Referring to FIG. 2, first, the user 10 uses a secret key in step 201.

In step 203, the public key parameter of the key issuing institution 30 trusted by the user is determined.

Using public key

(≡

Calculate In operation 205, the user 10 may personally identify the user 10.

And the public key

Send to the key issuing engine (30).

가 수신되는지 검사한다. 상기 자체 인증 공개키 수신시, 상기 사용자(10)는 209단계에서 키발급기관(30)의 개인식별정보

와 공개키 파라미터

를 일방향 해쉬함수

에 입력하여 상기 키발급기관(30)의 인증정보

를 생성하고, 211단계에서 상기 사용자(10)의 개인식별정보

와 공개키

를 일방향 해쉬함수

에 입력하여 상기 사용자(10)의 인증정보

를 생성한다.Thereafter, the user 10 authenticates his / her own public key from the key issuer 30 in step 207.

Checks to see if it is received. Upon receiving the self-authentication public key, the user 10 may identify the personal identification information of the key issuer 30 in step 209.

And public key parameters

Is a one-way hash function

Authentication information of the key issuing organization 30 by inputting in

Create a personal identification information of the user 10 in step 211

And public key

Is a one-way hash function

Authentication information of the user 10 by inputting in

Create

,

)과 상기 수신된 자체 인증 공개키

및 공개키 파라미터

를 이용해 하기 수식에 의해 앞서 생성한 공개키

의 정당성을 검증한후 종료한다.In operation 213, the user 10 receives the authentication information (

,

) And the received self-authentication public key

And public key parameters

The public key previously generated by the following formula

After verifying the validity of the

3 is a flowchart illustrating an execution procedure of a key issuing organization 30 for the self-certification public key issuing process according to an embodiment of the present invention.

와 공개키

가 수신되는지 검사한다. Referring to FIG. 3, first, the key issuer 30 checks the identity of the user 10 in step 301. If the identity is confirmed, the key issuing organization 30 in step 303 the personal identification information from the user 10

And public key

Checks to see if it is received.

와 공개키 파라미터

를 일 방향 해쉬함수

에 입력하여 상기 키발급기관(30)의 인증정보

를 생성하고, 307단계에서 상기 사용자(10)의 개인식별정보

와 공개키

를 일방향 해쉬함수

에 입력하여 상기 사용자(10)의 인증정보

를 생성한다.When the personal identification information and the public key are received, the key issuing organization 30 at step 305 personal identification information of the key issuing organization 30.

And public key parameters

One-way hash function

Authentication information of the key issuing organization 30 by inputting in

Generate the personal identification information of the user 10 in step 307.

And public key

Is a one-way hash function

Authentication information of the user 10 by inputting in

Create

와 상기 사용자(10)의 인증정보

에 배타적 논리합을 취해 상기 사용자(10)의 공개키

와 함께 서명을 함으로써 자체 인증 공개키

를 생성하고, 311단계에서 상기 생성된 자체 인증 공개키

를 상기 사용자(10)에게 전송한후 종료한다.In addition, the key issuing engine 30 is the authentication information of the key issuing engine 20 as shown in the following formula in step 309

And authentication information of the user 10

The exclusive key of the user 10

Self-certified public key by signing with

Generate a self-certified public key generated in step 311

After transmitting to the user 10 is terminated.

Referring to FIG. 2 and FIG. 3, the self-authentication public key issuing process is summarized as shown in Table 1 below.

As shown in Table 1, the key issuer 30 first confirms the identity of the user 10.

를 선택하고, 자신이 신뢰하는 키발급기관(30)의 공개키 파라미터

를 이용하여 공개키

(≡

)를 계산한다. 그리고, 사용자(10)는 자신의 개인식별정보

와 공개키

를 상기 키발급기관(30)으로 전송한다.On the other hand, the user 10 is a secret key

Select the public key parameter of the key issuing authority 30

Using public key

(≡

Calculate And, the user 10 is his personal identification information

And public key

Send to the key issuing engine (30).

와 사용자들에게 공개하고 있는 공개키 파라미터

를 일방향 해쉬 함수

에 입력하여 자신의 인증 정보

를 생성하고, 상기 사용자(10)로부터 수신된

와

를 동일한

를 입력하여 상기 사용자(10)의 인증정보

를 생성한다. 그리고, 상기 키발급기관(30)은 상기

와

에 배타적 논리합을 취해 상기 사용자(10)의 공개키와 함께 서명을 함으로써 자체 인증 공개키

를 생성하고, 상기 생성된 자체 인증 공개키를 상기 사용자(10)에게 전송한다.Subsequently, the key issuing agency 30 has its own personal identification information.

Public key parameters to users and users

One-way hash function

Enter your own credentials at

Generates a received message from the user 10

Wow

Same

Enter the authentication information of the user 10

Create And, the key issuing engine 30 is the

Wow

Self-authentication public key by taking an exclusive OR to and signing with the public key of the user 10

Generates and transmits the generated self-authentication public key to the user (10).

를 이용하여 키발급기관(30)의 인증정보

와 사용자(10)의 인증정보

를 계산하고, 이 값들과 상기 수신된 자체 인증 공개키

및 공개키 파라미터

를 이용해 앞서 생성한 공개키

의 정당성을 검증한다.The user 10 receiving the self-authentication public key is a one-way hash function.

Authentication information of the key issuing organization 30 using the

And authentication information of the user (10)

Compute these values and the received self-authentication public key.

And public key parameters

The public key you created earlier

Verify the validity of

Next, the process of using the self-authentication public key is as follows.

Hereinafter, it is assumed that the user 20 verifies a signature generated by the user 10 using the ElGamal signature scheme.

4 is a flowchart illustrating a user 10 performing a procedure of using the self-authentication public key according to an embodiment of the present invention.

상에서 임의로 선택한 원소

를 선택하고, 403단계에서 키발급기관(30)이 공개한 공개키 파라미터

와 상기 원소

를 가지고 중간값

(≡

)을 계산한다.Referring to FIG. 4, first, the user 10 proceeds to step 401.

Randomly selected elements

In step 403, the public key parameter disclosed by the key issuer 30 is disclosed.

And the element

Median with

(≡

Calculate

와

를 이용하여 서명

(≡

)를 생성한다. 그리고 상기 사용자(10)는 407단계에서 상기 서명문

, 상기 중간값

, 상기 서명

, 상기 자체 인증 공개키

, 키발급기관(30)의 인증정보

및 사용자(10)의 인증정보

를 사용자(20)에게 전송한다.Thereafter, the user 10 stores the private key of the user 10 with respect to the signature M in step 405.

Wow

Sign using

(≡

) In step 407, the user 10 signs the signature.

, The median value

, Signature

, The self-certifying public key

, Authentication information of the key issuing organization (30)

And authentication information of the user 10

To the user 20.

Based on the above description, the process of using the self-authentication public key is summarized in Table 2 below.

와

상에서 임의로 선택한 원소

를 이용하여 중간값

(≡

)을 계산한다.As shown in Table 2, first, the user 10 is a parameter disclosed by the key issuer 30.

Wow

Randomly selected elements

Median using

(≡

Calculate

에 대해 자신의 비밀키

와

를 이용하여 서명

(≡

)를 생성하고,

그리고

를 사용자(20)에게 전송한다.Then, the user 10 is a signature text

About their private key

Wow

Sign using

(≡

),

And

To the user 20.

Next, the self-public key and signature verification process is as follows.

FIG. 5 is a flowchart illustrating a user 20 performing the self-certification public key and signature verification process according to an embodiment of the present invention.

의 정당성을 확인하기 위해 키발급기관(40)으로 키발급기관(30)의 인증정보를 요청한다.Referring to FIG. 5, first, the user 20 determines the public key parameter of the key issuer 30 in step 501.

In order to confirm the legitimacy of the key issuing authority 40 requests the authentication information of the key issuing authority (30).

이 수신되는지 검사한다. 상기 인증정보에 대한 서명

수신시, 상기 사용자(20)는 505단계에서 키발급기관(40)의 공개키 파라미터

와 키발급기관의 공개키를 가지고 상기 수신된 서명

로부터 상기 키발급기관의 인증정보

를 추출한다. Thereafter, the user 20 signs the authentication information from the key issuer 40 in step 503.

Check if it is received. Signature of the authentication information

Upon reception, the user 20 sets the public key parameter of the key issuer 40 in step 505.

And the received signature with the public key of the key issuer

Authentication information of the key issuing organization

Extract

와 공개키 파라미터

를 일방향 해쉬함수에 입력하여 키발급기관(30)의 인증정보

를 생성한다. 그리고, 상기 사용자(20)는 509단계에서 상기 생성된 인증정보와 상기 추출된 인증정보

가 동일한지 검사한다. 상기 두 인증정보가 상이하면, 상기 사용자(20)는 519단계로 진행하여 해당처리를 수행한다. 상기 두 인증정보가 동일하면, 상기 사용자(20)는 511단계로 진행하여 정당성이 검증된 공개키 파라미터

로 사용자(10)의 공개키

(≡

)를 생성한다. In operation 507, the user 20 may identify the personal identification information of the key issuing institution 30.

And public key parameters

To enter the one-way hash function authentication information of the key issuing organization (30)

Create In operation 509, the user 20 extracts the generated authentication information and the extracted authentication information.

Check that is the same. If the two authentication information are different, the user 20 proceeds to step 519 to perform the corresponding process. If the two authentication information is the same, the user 20 proceeds to step 511 and the public key parameter is verified.

The public key of the user (10)

(≡

)

와 상기 키발급기관(30)의 공개키 파라미터로 사용자(10)의

,

,

를 다음과 같이 검증한다.In operation 513, the user 20 may use the public key of the user 10.

And the public key parameter of the key issuer 30

,

,

Is verified as follows.

와 상기 사용자(10)의 개인식별정보

를 일방향 해쉬함수에 입력하여 사용자(10)의 인증정보를 생성한다. 그리고 상기 사용자(20)는 517단계에서 사용자(10)로부터 수신한 인증정보와 상기 생성된 인증정보를 비교하여 사용자(10)의 공개키의 정당성을 검증한후 종료한다.In step 515, the user 20 generates the generated public key.

And personally identifiable information of the user 10

In the one-way hash function to generate authentication information for the user 10. In operation 517, the user 20 compares the authentication information received from the user 10 with the generated authentication information and verifies the validity of the public key of the user 10.

FIG. 6 is a flowchart illustrating a procedure of executing a key issuing authority 40 for the self-certification public key and signature verification process according to an embodiment of the present invention.

와 개인식별정보

로 키발급기관(30)의 인증정보

를 생성한다. Referring to FIG. 6, the key issuer 40 first checks whether a signal for requesting authentication information of the key issuer 30 is received from the user 20 in step 601. Upon receiving a signal for requesting authentication information of the key issuing organization 30, the key issuing organization 40 checks the legitimacy in advance in step 603 and stores the public key parameter of the key issuing organization 30.

And personally identifiable information

Authentication information of the low-key issuing organization (30)

Create

로 상기 생성된 인증정보에 대한 서명

를 생성하고, 607단계에서 상기 생성된 서명

를 사용자(20)에게 전송한후 종료한다.And the key issuance engine 40 is the secret key of the key issuance engine 40 in step 605

Signature for the generated authentication information

Generate the signature and the generated signature in step 607

Terminate after transmitting to the user 20.

Based on the above description, the self-certification public key and signature verification process are summarized as shown in Table 3 below.

의 정당성을 확인할 수 있는 인증 정보를 자신이 신뢰하는 키발급기관(40)으로 요청한다.As shown in Table 3, the user 20 first determines the public key parameter of the key issuer 30.

Request the authentication information to verify the validity of the key issuer 40 that they trust.

와 개인식별정보

로 키발급기관(30)의 인증정보 인증정보

를 생성하고, 자신의 비밀키

로 상기 인증정보에 대한 서명

(≡

)를 생성하여 상기 사용자(20)에게 전송한다.Then, the key issuing organization 40 verifies the legitimacy in advance and stores the public key parameters of the key issuing organization 30.

And personally identifiable information

Authentication information authentication information

Create a private key

Signature for the above authentication information

(≡

) Is generated and transmitted to the user 20.

와 키발급기관의 공개키로부터

(≡

)를 계산한다. 그리고

를 일방향 해쉬 함수에 입력하여 나온 결과값과

이 같은지 비교함으로써

의 정당성을 검증한다.Then, the user 20 is a public key parameter of the key issuer 40 that it trusts

From public key of key issuer

(≡

Calculate And

To the one-way hash function

By comparing

Verify the validity of

로 사용자(10)의 공개키

(≡

)을 계산한다.Thereafter, the user 20 checks the validity of the public key parameter.

The public key of the user (10)

(≡

Calculate

와 키발급기관(30)의 공개키 파라미터

,

로 상기 사용자(10)의

를 다음과 같이 검증한다.Then, the user 20 is the public key

And public key parameters of key issuer 30

,

Of the user 10

Is verified as follows.

를

와 함께 일방향 해쉬 함수

에 입력하여 나온 결과값과 상기 사용자(10)로부터 수신한 인증정보

가 같은지 비교하여 사용자(10)의 공개키의 정당성을 검증한다.And the above

To

One-way hash function with

Result value inputted in and authentication information received from the user (10)

Is validated by comparing the public key of the user 10 with each other.

Meanwhile, in the detailed description of the present invention, specific embodiments have been described, but various modifications are possible without departing from the scope of the present invention. Therefore, the scope of the present invention should not be limited to the described embodiments, but should be defined not only by the scope of the following claims, but also by those equivalent to the scope of the claims.

As described above, the present invention does not have a burden of verifying the public key certificate, and the amount of calculation required in the process of verifying the self-certified public key is small. Therefore, there is no burden on communication and calculation amount due to the certificate, and it provides the efficiency of calculation, so it is suitable for the wireless environment in which a user terminal with low computational power and lack of storage space is used. In addition, the present invention provides a self-authentication that can be justified by the public key itself, and can be used for applications such as signature or key distribution, and can check whether there is an error in the application or the self-certified public key when a problem occurs. It also offers valid verification possibilities. On the other hand, since the user can also verify the public key of another domain user only through the key issuing authority trusted by the user, there is an advantage that the user can verify the other party's public key even between users who trust different key issuing institutions.

In addition, since the present invention is based on the problem of discrete algebra on modular synthetic water, an attack in which a third party replaces a legitimate user's public key with himself or an arbitrary public key, and the user has been previously issued from a key issuer. It is safe against attacks that deny a key is not its own public key, or attacks in which a third party replaces a key issuer's public key parameter with an arbitrary value. In addition, since there is no need to validate public key certificates, certificate revocation and revocation lists, and the amount of calculation required in the process of verifying the self-certified public key is very small, it can be used in wireless environments that use terminals with insufficient computing power and storage space. Suitable. That is, the present invention is expected to be used in electronic commerce, Internet banking, and the like that require high security without using a certificate in a wired or wireless environment.

Claims (10)

In the method of issuing a self-certifying public key that can be verified in different domains, Generating, by the user terminal, the public key with the secret key of the user terminal and the public key parameters of the key issuer; Transmitting the personal identification information of the user terminal and the generated public key to the key issuer; Generating, by the key issuer, authentication information of the key issuer by inputting the personal identification information and the public key parameter of the key issuer into a one-way hash function; Generating authentication information of the user terminal by inputting the personal identification information and the public key received from the user terminal into the hash function; Generating a self-authentication public key with the authentication information of the key issuer, the authentication information of the user terminal, the public key and the public key parameters; Transmitting the generated self-authentication public key to the user terminal; When the self-authentication public key is received, calculating, by the user terminal, authentication information of the key issuer and authentication information of the user terminal by using a one-way hash function; And verifying the received self-authentication public key with the calculated two authentication information and the public key previously generated. The method of claim 1, The self-authentication public key (

) Is generated as in the following formula.

here,

Is the public key generated by the user terminal,

Is the authentication information of the key issuer,

Is authentication information of the user terminal,

Is the secret key of the key issuer,

Is a public key parameter. delete The method of claim 2, Wherein said verification is performed with the following formula.

here,

Is a self-certifying public key,

Is the authentication information of the key issuer,

Is authentication information of the user terminal,

Is the public key generated by the user terminal,

Is a public key parameter. In the method of using a self-certifying public key that can be verified in different domains, The public key parameter disclosed by the first key issuer by the first user terminal

Wow

Randomly selected elements

Median using

And the process of calculating Secret key of the first user terminal

Wow

Signature using

Generating a signature S for, The median value

, Self-certified public key issued by the first key issuing agency

Authentication information of the first key issuing organization

Authentication information of the first user terminal

Transmitting to the second user terminal; Received by the second user terminal from the first user terminal

And a public key parameter of the first key issuer

Of the first user terminal

The method comprising the step of verifying. The method of claim 5, The median value

Is generated as in the following formula.

The method of claim 5, Remind signature

Is generated as in the following formula.

The method of claim 5, Wherein said verification is performed as in the following formula.

In a self-certifying public key verification method that can be verified in different domains, Requesting, by the second user terminal, authentication information of the first key issuing authority from a second key issuing authority trusted by the second user terminal; The public key parameter of the first key issuing institution that the second key issuing institution has previously verified and stored in advance.

And personally identifiable information

Authentication information of the first key issuing organization

Creating a process, Secret key of the second key issuing organization

Signature for the above authentication information

Generating and transmitting to the second user; The second user terminal is the signature

, Public key parameter of the second key issuing organization

And authentication information of the first key issuing agency with the public key of the key issuing institution

And the process of calculating Personal identification information of the first key issuing organization

And the public key parameter

To the one-way hash function and the calculated result and authentication information of the first key issuing organization

Compare the parameters to see if they are equal

The process of verifying the validity of The public key parameter whose validity has been verified

The public key of the first user terminal

And the process of calculating The calculated public key

Personal identification information of the first user terminal

And the result value inputted to the one-way hash function and the authentication information received from the first user terminal.

Public key of the first user terminal in comparison

And verifying the validity of the method. The method of claim 9, The public key of the first user terminal

Is calculated as in the following formula.

Images