KR101616795B1 - Method for manage private key file of public key infrastructure and system thereof - Google Patents

Abstract

The present specification relates to a method and a system for managing a private key file based on a public key infrastructure (PKI), which can encrypt a PKI-based private key file using a one-time password (OTP), thereby securely managing the encrypted private key file. The system for managing a private key file based on a PKI according to an embodiment of the present specification may be configured to generate a character string based on an OTP authentication value generated by authenticating an OTP value of an OTP terminal and a password input by a user, recognize the generated new character string as a cipher key, encrypt the private key file using the cipher key, and store the encrypted private key file.

Description

TECHNICAL FIELD [0001] The present invention relates to a PKI-based private key file management method and system,

The present invention relates to a method and system for managing a PKI-based private key file.

Generally, a user performs various electronic commerce such as internet banking, stock trading, shopping, etc. by using a personal computer (PC) or a smart phone. At this time, the certificate is used as a means of identification and non-repudiation for safe electronic commerce. In this way, the electronic signature law has been enacted in order to establish a system of secure issuance and management of authorized certificates essential for electronic commerce activation. However, account numbers, passwords, and passwords of authorized certificates are leaked through keyboard hacking (Key Stroke) .

Korean Patent Application No. 10-2007-0098691

The present disclosure relates to a PKI-based private key file management method that can securely manage an encrypted private key file by encrypting a PKI (Public Key Infrastructure) based private key file with a One Time Password (OTP) The purpose of this system is to provide.

A system for managing a PKI-based private key file according to an embodiment of the present invention generates a string based on an OTP authentication value generated by authenticating an OTP value of an OTP (One Time Password) terminal and a password input by a user Encrypts the generated private key file with the encryption key, and stores the encrypted private key file.

A method of managing a PKI-based private key file according to an embodiment of the present invention includes generating an OTP authentication value by authenticating an OTP value of an OTP (One Time Password) terminal, inputting the generated OTP authentication value, Generating a string based on a single password, and encrypting and storing the generated private key file using the generated new string as a cryptographic key.

A method and system for managing a PKI-based private key file according to an embodiment of the present invention encrypts a PKI (Public Key Infrastructure) -based private key file with a One Time Password (OTP) It is possible to safely manage the private key file.

BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a schematic view showing a PKI authentication system for explaining an embodiment of the present invention. FIG.
2 is an exemplary view showing detailed certificate information for explaining an embodiment of the present invention.
3 is an exemplary view showing encrypted private key file detailed information for explaining an embodiment of the present invention.
FIGS. 4 and 5 are exemplary diagrams illustrating an asynchronous mode and a synchronous mode.
6 is a block diagram of a PKI-based private key file management system using an OTP according to an embodiment of the present invention.
7 is a flowchart illustrating a PKI-based user registration method using an OTP according to an embodiment of the present invention.
8 is a flowchart illustrating a PKI-based private key file management method using an OTP according to an embodiment of the present invention.

It is noted that the technical terms used herein are used only to describe specific embodiments and are not intended to limit the invention. It is also to be understood that the technical terms used herein are to be interpreted in a sense generally understood by a person skilled in the art to which the present invention belongs, Should not be construed to mean, or be interpreted in an excessively reduced sense. Further, when a technical term used herein is an erroneous technical term that does not accurately express the spirit of the present invention, it should be understood that technical terms that can be understood by a person skilled in the art are replaced. In addition, the general terms used in the present invention should be interpreted according to a predefined or prior context, and should not be construed as being excessively reduced.

Also, the singular forms "as used herein include plural referents unless the context clearly dictates otherwise. In the present application, the term "comprising" or "comprising" or the like should not be construed as necessarily including the various elements or steps described in the specification, Or may be further comprised of additional components or steps.

Furthermore, terms including ordinals such as first, second, etc. used in this specification can be used to describe various elements, but the elements should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from another. For example, without departing from the scope of the present invention, the first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings, wherein like reference numerals refer to like or similar elements throughout the several views, and redundant description thereof will be omitted.

In the following description, well-known functions or constructions are not described in detail since they would obscure the invention in unnecessary detail. It is to be noted that the accompanying drawings are only for the purpose of facilitating understanding of the present invention, and should not be construed as limiting the scope of the present invention with reference to the accompanying drawings.

The user uses a personal computer (PC) or a smart phone to perform a variety of electronic commerce such as internet banking, stock trading, and shopping. At this time, the certificate is used as a means of identification and non-repudiation for safe electronic commerce. In this way, the Electronic Signature Law was enacted in order to establish a system for secure issuance and management of authorized certificates, which is essential for the activation of electronic commerce. However, a user account number, a password, and a password of an authorized certificate are leaked through a keyboard stroke of a user PC.

Hacking technologies such as keyboard and memory hacking of users' PCs and attempts to steal passwords and passwords stored in smartphones have been rapidly developing, and the amount of hacking related to Internet banking is increasing recently. In order to cope with such a hacking accident, various attempts have been made to introduce various authentication methods such as a one time password (hereinafter referred to as OTP) authentication method, SMS (Short Message Service) and a virtual keypad in addition to a public certificate. In particular, financial institutions such as banks and securities are forced to use SMS, public certificate, OTP, virtual keypad, etc. to prevent various hacking accidents. In addition, various security programs such as keyboard security solution and vaccine Installation. In addition, since the user requires more than nine digits in combination of English, uppercase / lowercase / numerals / special characters, the user is burdened with password management. However, if the user's password and the private key file are exposed to the outside world despite the various security measures, the security measures of the financial institution do not play any protective role. In other words, even if various security countermeasures are established and operated, a secure management plan for the passwords of the authorized certificates and the authorized certificates is needed.

Therefore, in the present invention, a method of securely managing (maintaining) a private key file even when a user's password and a private key file are exposed using OTP technology will be described.

Hereinafter, a PKI (Public Key Infrastructure) authentication system for explaining the present invention will be described.

BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a schematic view showing a PKI authentication system for explaining an embodiment of the present invention. FIG.

First, PKI (Public Key Infrastructure) is an information security standard for securely using and managing a public key cryptosystem. It is a security technology by digital signatures and encryption between users who are locally distant, such as electronic commerce on the Internet. In other words, the PKI authentication system supports secure e-commerce by using the public key and the private key generated by all the parties (authorized certification authorities) that both parties who want to communicate can trust.

As shown in FIG. 1, the PKI authentication system includes a certification authority (CA) that issues and manages a certificate (for example, a public certificate) storing public key information generated randomly according to user information, A registrar (RA) for registering user information in response to a request, and a directory system (DS) for providing a certificate and a revoked certificate list to the user. The operation procedure of the PKI authentication system is as follows.

First, a user confirms his / her identity information in a registration agency (RA) and requests a certificate issuance. Upon receiving the certificate issuance request, the registration authority (RA) transmits the user identity information to the certification authority (CA) to issue a certificate request. Upon receiving the user certificate issuance request, the certification authority (CA) issues a certificate to the user, and posts the issued certificate and certificate revocation list to the directory system (DS).

When the user accesses the Internet store and accesses the directory system (DS) in the e-commerce market, the user checks the validity of the user's certificate by downloading the user certificate and certificate revocation list, The service is provided only to users whose certificates are valid.

In this way, the PKI authentication system supports encryption / decryption and electronic signing technology to provide a mechanism for checking the forgery and alteration of transmitted data to secure various Internet services and e-commerce transactions. PKI-based technology is more cryptographically safe than e-commerce ID / PW method and security token, and operates certified certificate authority in Korea. The X.509 certificate used in this case consists of the files "signCert.der", "signPri.key", "CaPubs", and the usage of each file is shown in Table 1.

File name Usage signCert.der The public key file stored in X.509 format, such as the version of the certificate, the certificate owner information, the validity period, and the certificate issuer information signPri.key Private key file saved according to PKCS # 8 structure CaPubs The certificate chain (issuer information) file for validating the certificate

2 is an exemplary view showing detailed certificate information for explaining an embodiment of the present invention.

As shown in FIG. 2, the X.509 certificate detail information includes information such as the certificate owner information, the validity period, the signature algorithm, the signature verification algorithm, the issuer, and the public key according to the X.509 certificate structure format. And the private key detailed information encrypts and stores the information such as the private key cryptographic algorithm and the signature algorithm according to the PKCS # 8 structure type with the password inputted by the user. At this time, the encryption mechanism of the private key file uses a Password Based Encryption Scheme (PBES). That is, a private key file is encrypted and stored with a password input from a user, and the encrypted private key file is decrypted after the user inputs a password whenever the private key is needed, and then used for digital signature generation verification and encryption / decryption.

3 is an exemplary view showing encrypted private key file detailed information for explaining an embodiment of the present invention. Authorized certificates are used as a group of public and private key files and certificate chain files, but encrypted private key files are a major target for hackers.

Hereinafter, an OTP (One Time Password) terminal (or OTP device) for explaining the present invention will be described.

One Time Password (OTP) terminal is a security system that generates a one-time password that can be used only in a session each time a user logs in. It is a system that allows a user password to be reused at the time of external exposure in an ID / To prevent problems that may occur, a one-time password that is different at every authentication is generated to authenticate the user.

The user and the OTP authentication center (OTP authentication server) share the OTP generation verification algorithm. When the user inputs his / her own ID and timestamp value into the OTP generation algorithm and sends the generated OTP value to the OTP authentication center, The authentication center inputs the OTP value and the user ID received from the user into the OTP generation verification algorithm to generate an OTP value according to the user ID, and then compares and verifies the OTP value. In this case, the OTP generation algorithm generates an OTP value using a one-way hash algorithm in a cryptographically secure manner using a timestamp value and a password, and generates another OTP value upon each request, so even if an attacker obtains an OTP value in the middle Can not be reused for authentication. The OTP method can be divided into a synchronization method and an asynchronous method depending on whether the synchronization process with the OTP authentication center is required.

FIG. 4 shows an example of an asynchronous method, and FIG. 5 shows an example of a synchronous method.

As shown in FIG. 4, in the asynchronous mode, when a user (user terminal) requests authentication information of the user, the authentication server requests a challenge value from the user (user terminal) And receives the response value again to authenticate the user with the user authentication information and the response value.

As shown in FIG. 5, in the synchronization method, when a user transmits an OTP value including his / her authentication information to an authentication server, the authentication server requests the authentication center to perform OTP verification and consequently authenticates the user to be.

The asynchronous method does not need a synchronization process with the authentication server and the OTP authentication center. However, the user has to input the challenge value received from the OTP authentication center every time, the network load is generated compared with the synchronization method, (ID) / password (PW) based applications. On the other hand, the synchronization scheme does not need to receive a response value to the challenge value of the OTP authentication center, and the network load is relatively small as compared with the asynchronous scheme, and the existing ID / password (PW ) -Based applications. However, synchronization of reference values such as time synchronization and number of synchronization between user terminal, authentication server and OTP authentication center must be performed.

6 is a block diagram of a PKI-based private key file management system using an OTP according to an embodiment of the present invention.

6, a PKI-based private key file management system using an OTP according to an embodiment of the present invention includes a user terminal 100, an authentication server 200, an OTP authentication server (or an OTP authentication center) 300), and a PKI authentication system (or PKI authentication server) 400.

The user terminal 100 may be a mobile phone, a smart phone, a laptop computer, a digital broadcasting terminal, a personal digital assistant (PDA), a portable multimedia player (PMP), a navigation device, a slate PC, , A tablet PC, an ultrabook, a wearable device (for example, a smartwatch, a glass glass, a head mounted display (HMD) .

The present invention applies OTP technology to an existing PKI authentication system, thereby enabling a user to efficiently use an electronic signature certificate. The private key file used in the PKI authentication system is encrypted and stored with the password entered by the user. At this time, an attacker (hacker) tries various hacking such as keyboard hacking, memory hacking and the like to secretly extract a password inputted by the user. In order to cope with such hacking, it is recommended to change the password from time to time.

The present invention provides a method for securely protecting an encrypted private key file by providing a method of encrypting a private key file using a user password and a value received from an OTP server.

7 is a flowchart illustrating a PKI-based user registration method using an OTP according to an embodiment of the present invention. For example, a method of performing user registration and encryption of a private key file in an OTP authentication center and an authentication server in a state where a user certificate and a private key file are first issued from a PKI authentication system will be described.

First, the user terminal 100 requests the authentication server 200 to register user information (for example, a user ID) and OTP device information (or OTP terminal information) received from the OTP authentication server 300 (S11) . (For example, signPri.key) is encrypted only with the password entered by the user, and an electronic signature value (for example, AuthID ₀ ) necessary for encrypting the private key file is stored in the authentication server 200). ≪ / RTI >

The authentication server 200 receives the user information (for example, a user ID) and the OTP device information (or OTP terminal information) from the user terminal 100 and transmits the received user information (for example, ID) and the OTP device information (or OTP terminal information).

The user terminal 100 receives the user information (for example, the user ID) input by the user and the OTP value OTP_No displayed on the OTP device, And the OTP value (OTP_No) to the authentication server 200 (OTP authentication request) (S12).

The authentication server 200 receives the user information (e.g., user ID) and the OTP value OTP_No displayed on the OTP device, and only when the received user information (e.g., user ID) is the first user The OTP authentication server 300 requests the OTP authentication server 300 to authenticate the OTP value OTP_No by transmitting the received OTP value OTP_No to the OTP authentication server 300 in operation S13. The authentication server 200 rejects the OTP authentication request when the OTP authentication request is not the first one.

The OTP authentication server 300 receives the OTP value OTP_No from the authentication server 200 and verifies the validity of the received OTP value OTP_No and then outputs the OTP verification result OTP_No To the authentication server 200 (S14). For example, the OTP authentication server 300 receives the OTP value OTP_No from the authentication server 200, verifies the validity of the received OTP value OTP_No, and outputs an OTP value OTP_No generating the OTP authentication value (AuthID ₀ value) only when valid, and transmits the generated OTP authentication value (AuthID value ₀₎ to the authentication server (200). On the other hand, if the OTP value (OTP_No) is not valid, the OTP authentication server 300 transmits an authentication failure value (False) to the authentication server 200.

The authentication server 200 receives the OTP authentication value (AuthID ₀ ) from the OTP authentication server 300 and transmits the received OTP authentication value (AuthID ₀ ) to the authentication server 200 (for example, .

The authentication server 200 transmits the stored OTP authentication value (AuthID ₀ ) to the user terminal 100 and requests the user terminal 100 for the digital signature value for the transmitted OTP authentication value (AuthID ₀ ) S15).

When the OTP authentication value (AuthID ₀ ) is received from the authentication server 200, the user terminal 100 receives the password from the user and performs one-way hashing to decrypt the encrypted private key file.

Generating a user terminal 100 is an electronic signature value (Sig _{User _ Pri _ key} (AuthID ₀₎₎ by the digital signature of the OTP authentication value (AuthID ₀₎ using the private key file that is the decoding, and the generated digital signature Value to the authentication server 200 (S16).

When the digital signature value is received from the user terminal 100, the authentication server 200 verifies the user's certificate through the PKI authentication system 400 (S17). If the user's certificate is valid, Verify that the signature value is valid. If the received digital signature value is valid, the authentication server 200 stores the valid digital signature value in the database of the authentication server 200 and transmits the valid digital signature value to the user terminal 100 (S18).

The user terminal 100 receives the valid digital signature value from the authentication server 200, generates a character string by combining and validating the valid digital signature value and the user password in one direction, recognizes the generated character string as a cipher key , Encrypts the decrypted private key file (for example, signPri.key) of the user with the encryption key, and stores it as a file. That is, the private key file (for example, signPri.key) is encrypted with the user's password and the valid digital signature value, and the user registration procedure is completed in the authentication server 200.

FIG. 8 is a flowchart illustrating a PKI-based private key file management method using an OTP according to an embodiment of the present invention. The authentication procedure of a user registered in the authentication server 200 will be described.

First, the user terminal 100 receives a user ID and an OTP value OTP_No of the OTP terminal and performs authentication (user authentication) on the input user ID and OTP value OTP_No And requests the authentication server 200 (S21).

The authentication server 200 receives the user ID and the OTP value OTP_No from the user terminal 100 and verifies (verifies) that the received user ID is a valid user, OTP value (OTP_No) corresponding to the user ID (User ID) and the received OTP value (OTP_No) to the OTP authentication server 300 and transmits the received OTP value (OTP_No) To the OTP authentication server 300 (S22).

The OTP authentication server 300 receives the OTP device information OTP_DeviceNo and the received OTP value OTP_No from the authentication server 200 and transmits the received OTP device information OTP_DeviceNo and the received OTP value OTP_No, And transmits the OTP verification result for the received OTP device information OTP_DeviceNo and the received OTP value OTP_No to the authentication server 200 at step S23. For example, the OTP authentication server 300 receives the OTP device information (OTP_DeviceNo) and the OTP value (OTP_No) from the authentication server 200 and stores the received OTP device information (OTP_DeviceNo) and the OTP value (OTP_No) And generates a new OTP authentication value (AuthID ₁ ) only when the OTP value (OTP_No) is valid and transmits the generated OTP authentication value (AuthID ₁ value) to the authentication server (200). On the other hand, if the OTP value (OTP_No) is not valid, the OTP authentication server 300 transmits an authentication failure value (False) to the authentication server 200.

The authentication server 200 stores the new OTP authentication value (AuthID ₁ ) in the database and then transmits the previously stored OTP authentication value (AuthID ₀ ) to the user terminal 100, and stores the previously stored OTP authentication value ₀ ) to the user terminal 100 (S24). On the other hand, when the authentication failure value is received from the OTP authentication server 300, the authentication server 200 transmits an authentication failure message to the user terminal 100.

The user terminal 100 receives a password from a user when the OTP authentication value (AuthID ₀ ) is received from the authentication server 200, combines the received password with the OTP authentication value (AuthID ₀ ) Decryption is performed on the key file.

The user terminal 100 is an electronic signature value (e.g., Sig _{User _ Pri _ key} (AuthID ₀₎₎ of the OTP authentication value (AuthID ₀₎ with the private key (e.g., User_Pri_key) the decrypted by electronic signature And transmits the generated digital signature value to the authentication server 200 (S25).

When the digital signature value is received from the user terminal 100, the authentication server 200 verifies the user's certificate through the PKI authentication system 400 (S26). If the user's certificate is valid, Verify that the signature value is valid. When the received digital signature value is valid, the authentication server 200 changes the previously stored OTP authentication value (AuthID ₀ ) to the new OTP authentication value (AuthID ₁ ) and transmits the changed new OTP authentication value (AuthID ₁ ) And transmits the encrypted new OTP authentication value (AuthID ₁ ) to the user terminal 100 (S27). The authentication server 200 transmits an error message to the user terminal 100 if the received digital signature value is invalid.

The user terminal 100 receives the encrypted new OTP authentication value (AuthID ₁ ) from the authentication server 200, decrypts the encrypted new OTP authentication value (AuthID ₁ ), and transmits the decrypted new OTP authentication value ( ₁ ) and the password input by the user, and recognizes the new string as a new cryptographic key. Then, the user's decrypted private key file (for example, signPri.key) and save it as a file.

Hereinafter, a PKI-based private key file management method according to an embodiment of the present invention and the objective safety of the system are compared with an existing user authentication method, and a user authentication method used in an existing security system, Table 2 shows the results of comparison with PW method, authentication method using public / private certificate, and authentication method using OTP.

ID / PW method
Certificate method
OTP method
Suggested system

characteristic

silence
silence
dynamic
dynamic

PW change required

need
need
Unnecessary
Unnecessary
recycle
possible
possible
Impossible
(One time use)
Impossible
(One time use)
Possibility of speculation
has exist
has exist
none
none
Authentication Factor
user
Proprietary Information
user
Proprietary Information
Information via user media
User-owned and user-supplied information

Forgery
Possibility
height
lowness
(Private key file
Increased risk of exposure)
lowness
lowness
(Private key file
Reducing exposure risk)

Security strength
Ha
Prize
Prize
Prize

As a result of comparing and evaluating the authentication method as shown in Table 2, the PKI-based private key file management method and system according to the embodiment of the present invention do not require frequently changing the password, and even if the private key file is exposed, And the possibility of forgery and falsification is low, so that the security strength is high.

Accordingly, a PKI-based private key file management method and system thereof according to an embodiment of the present invention encrypts a private key file based on a PKI (Public Key Infrastructure) with a one-time password (OTP) You can safely manage your private key file. For example, even if a private key file encrypted by a hacker is exposed to the outside, the encrypted private key file can be safely managed.

The PKI-based private key file management method and system according to the embodiment of the present invention has a stronger security strength than other existing authentication methods, i.e., the ID / PW method, and has the same level as the certificate method and the OTP method It is possible to securely manage the private key file, which is a weak point of the existing PKI authentication system.

It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. Therefore, the embodiments disclosed in the present invention are intended to illustrate rather than limit the scope of the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments. The scope of protection of the present invention should be construed according to the following claims, and all technical ideas within the scope of equivalents should be construed as falling within the scope of the present invention.

100: user terminal 200: authentication server
300: OTP authentication server 400: PKI authentication system

Claims (11)

OTP (One Time Password) A PKI (Public Key Infrastructure) -based private key file that manages a private key file based on the OTP authentication value (AuthID1 ₁ ) generated by authenticating the terminal's OTP value and the password entered by the user A system for managing, the system comprising:
A user terminal for requesting user authentication of the user ID and the OTP value;
An authentication server verifying whether the user ID is valid according to a request of the user terminal, and requesting OTP authentication of the OTP device information and the OTP value of the OTP terminal when the user ID is valid;
The authentication server verifies the validity of the OTP device information and the OTP value according to a request from the authentication server, generates an OTP authentication value (AuthID ₁ ) for the OTP value if the OTP value is valid, ₁ value) to the authentication server,
The authentication server includes:
A digital signature value for the OTP authentication value (AuthID ₁₎ a storage after transmitting a previous OTP authentication value (AuthID ₀₎ to the user terminal, wherein the transfer OTP authentication value (AuthID ₀₎ to request to the user terminal PKI - based private key file management system. delete delete The method of claim 1,
If the previous OTP authentication value (AuthID ₀ ) is received from the authentication server, the password is input from the user, and based on the inputted password and the previous OTP authentication value (AuthID ₀ ), the previously encrypted private key file And generating an electronic signature value by digitally signing the previous OTP authentication value (AuthID ₀ ) with the private key in the decrypted private key file, and transmitting the generated digital signature value to the authentication server PKI based private key file management system. 5. The authentication server according to claim 4,
Verifies the user's certificate through the PKI authentication server when the digital signature value is received from the user terminal, verifies whether the received digital signature value is valid if the user's certificate is valid, Value, the control unit changes the previous OTP authentication value (AuthID ₀ ) to the OTP authentication value (AuthID ₁ ), encrypts the changed OTP authentication value (AuthID ₁ ), and transmits the encrypted OTP authentication value (AuthID ₁ ) Wherein the PKI-based private key file management system transmits the PKI-based private key file to the user terminal. 6. The method of claim 5,
And the encrypted OTP authentication value (AuthID ₁ ) is received from the authentication server, and after decrypting the encrypted OTP authentication value (AuthID ₁ ), the decrypted OTP authentication value (AuthID ₁ ) and the password Encrypts the decrypted private key file with the encryption key, and stores the decrypted private key file in the encrypted private key file. The system according to claim 1, wherein the OTP authentication server comprises:
Generates an authentication failure value if the OTP value is invalid, and transmits the generated authentication failure value to the authentication server. 6. The authentication server according to claim 5,
And transmits an error message to the user terminal if the received digital signature value is not valid. 5. The method of claim 4,
Wherein the previously encrypted private key file comprises:
Wherein the private key file is an encrypted private key file based on the password input by the user and the old OTP authentication value (AuthID ₀ ). delete delete

Images