Date post: | 15-Jul-2015 |
Category: |
Government & Nonprofit |
Upload: | meruvian |
View: | 196 times |
Download: | 2 times |
1 Copyright 2013@KICA Inc. All rights reserved
INDEX
Necessity of National PKI
PKI Current Status in Korea
4 Copyright 2013@KICA Inc. All rights reserved
PKI History – RSA, DH
Ron Rivest, Adi Shamir and Len Adleman, the R, S and A in RSA Security
“A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”(1977)
R, S and A win Lifetime Achievement Award Adi Shamir Ron Rivest Len Adleman
Whitfield Diffie Martin Hellman
5 Copyright 2013@KICA Inc. All rights reserved
PKI History
1994: Smart card
1997: Smart card + PKI
2011: Cloud + PKI?
1995: PKI and US Postal Services
1996: Windows 95
6 Copyright 2013@KICA Inc. All rights reserved
PKI History
“PKI Integration – It’s Not All or Nothing”
Year of the PKI
The Second Coming of PKI
“I have PKI – Now What?”
“Reinventing PKI”
7 Copyright 2013@KICA Inc. All rights reserved
PKI (Public Key Infrastructure)?
Personnel, policy, procedures, components and facilities to bind user names to electronic keys so that applications can provide the desired security services.
Client Cert
Server Cert
certificate
Directory Server
repository PKI Server
Server-side software
Client-side software Certificate Authority
Registration Authority
(PC/Phone/PDA)
PKI Client
Dig
ital
Sig
na
tur
e
8 Copyright 2013@KICA Inc. All rights reserved
PKI Center System Configuration
PKI Center
Internet
TS
Admin PC
DB
DS
OCSP
User
Firewall
RA
TSA
KRS/ Etc.
Admin: Administrator Program
User: User S/W
CA: Certificate Authority Server
RA: Registration Authority Server
DS: Directory Server
OCSP: Online Certificate
Status Protocol Server
VA: Validation Authority Server
HSM: Hardware Security Module
(Accelerator)
TS: Time Stamp Module
GPS: Time Accuracy Maintainer
TSA: Time Stamp Authority
Server
DVCS: Data Validation
Certification Server
KRS: Key Roaming Server
Etc.: Other Service Server
※All networks and servers are
double connected (Fault Tolerant)
L4 Switch
HSM GPS Receiver
CA
9 Copyright 2013@KICA Inc. All rights reserved
Difference between NPKI and PKI system
National PKI = Law/Standards + PKI system + Operation
Category National PKI PKI system
Customer Accredited CA, Root CA PKI products
Base Law (Electronic transaction Act and decrees)
Domestic/International Standards
Scope of Evaluation
Wide (System, Policy, Operation)
Narrow (Only System)
Compensation Easy to get compensated N/A
Interoperability Guaranteed by Law Impossible
Application
All for public (E-Government, E-Procurement, E-Commerce, E-Banking, E-Tax, etc)
Only for the limited area (Private Service)
Level of technology and security
Very secure (proved technology + law)
Secure (proved technology)
Burden of Proof Accredited CA User
Usage Infrastructure System (Software)
10 Copyright 2013@KICA Inc. All rights reserved
Why need a NPKI?
It will result to duplication of resources and confusion in policy-making because of absence of unified infrastructure.
It will not grow its national competitive edge in the same region because a country doesn’t accumulate and retain its own technologies related to security and certification.
The interoperability issue among CA’s must happen due to absence of united technical standards.
It is difficult to build e-government framework because PKI is the mandatory infrastructure in e-government.
It is hard to cooperate with other nations about international interoperability because of the absence of accredited CA.
User or entities have to use a lot of certificate for each application.
11 Copyright 2013@KICA Inc. All rights reserved
Need for Digital Signature
Risk of deceiving identity of sender Authentication Digital Signature
Risk of changing information on transmission Integrity Digital Signature
Risk of denying a fact information transmit Non-repudiation Digital Signature
Risk of exposing information on transmission Confidentiality Encryption
Solutions Problems
online Offline (face-to-face)
Industrial Society Informational Society
12 Copyright 2013@KICA Inc. All rights reserved
Digital Signature Technology
Authentication, Integrity, Non-Repudiation
Signer Verifer
Hash Algorithm
Hash Code Sign
Digital
Signature
Client Certificate
Hash Code
Hash Code
Compare
Private Key
Verify
Public Key
Hash Algorithm
Certificate Verification
Digital Signature Signing Digital Signature verification Sending
Encrypted Private Key
AES Decryption
Password
Message
13 Copyright 2013@KICA Inc. All rights reserved
Identification and Signature
For Authentication
Name SSN Address Issued Date Finger Print
: Jaejung Kim : XX0921-152XXXX : KICA, Seoul, Kr : 2002/6/1 :
National ID Card
Reusable
Real World
Name Serial No Address Validity Public Key
: Jaejung Kim : 883XXX8377 : KICA, Seoul, Kr : 2010/6/1~ 2011/5/31 :
Accredited Certificate
CA’s Signature
Impossible to reuse
Digital signature using asymmetric encryption
/ decryption method
Encrypted Private Key
+
Digital Signature
Cyberspace (Internet)
Signature or Signature-seal
14 Copyright 2013@KICA Inc. All rights reserved
Electronic Signature
• What ensures that a signature is valid?
Signed Paper Document
Digitally Signed Document
Generate Signature
Process of Verification
National ID
Private Key Public Key
Certification Authority
Process of Verification
Generate Signature
15 Copyright 2013@KICA Inc. All rights reserved
Types of Certificates
Certificate Without Accreditation (or Private Certificate)
A certificate is issued by a certification organization that is not accredited by the government. It is used for a limited number of e-transactions
Accredited Certificate
The accredited certificate is issued by a CA, which in turn is designated by the government pursuant to the laws after thorough screening, to be used for various e-transactions.
Category Accredited Certificate Certificate Without
Accreditation
Level of technology and security
Passage of thorough screening pursuant to the law
Impossible to verify
Legal effect Valid as provided by the laws Valid only by agreement
Compensation Easy to get compensated Hard to get compensated
Scope of applicable services
Wide Narrow
16 Copyright 2013@KICA Inc. All rights reserved
Comparison of Certificates
• When endorsement is mandated by the law, use of the accredited certificate grants the same legal effect and, thus, can be used as evidence in the court of law.
• Use of a certificate without accreditation, however, does not generate any binding authority; it takes effect only upon agreement by both parties.
Legal Effect
• Upon occurrence of any damage arising out of use of an accredited certificate, the CA in charge has to compensate the user unless it proves its innocence.
• On the other hand, the burden of proof shifts to a user when a harm is done to the user during use of a certificate. Therefore, it becomes hard to get compensated for the harm.
Compensation
• Only a single accredited certificate suffices to use various services such as Internet banking AND online stock trading.
• The certificate without accreditation, however, is limited in usage. Thus, a person can use for a certain field such as Internet shopping OR e-transaction.
Scope of applicable
services
17 Copyright 2013@KICA Inc. All rights reserved
Framework of National PKI
NPKI (National Public Key Infrastructure)
Preparation
PKI Scheme Requirements for
PKI System
Operation Requirements
PKI Standards
Education
Promotion Pilot Project
Law & Regulations
PKI Decree Recommendation
Accreditation Generals
Organization of PKI TFT
Implementation Planning
Facilities and Equipment
CPS Framework
long-term Security plan
RA Construction
PKI Center Education & Promotion
PKI Applications
Implementation steps
18 Copyright 2013@KICA Inc. All rights reserved
E-Government Framework
Economic Development (G2B)
e-Customs e-Support for Foreign Firms e-Intellectual Property e-Procurement
Public Service(G2C) Public Admin. Reform(G2G)
e-Agriculture e-Land Registry e-National ID
Shared Services National ID DB Land Resources DB
Infrastructure
Public Key Infrastructure Public Access Point Government Information Network
Database
Management
Organization
Budget
HRD
Standards
Security
IT Management
Privacy
e-Government for National Development
19 Copyright 2013@KICA Inc. All rights reserved
National PKI Establishment
Application service authorities or companies using certificates
E-government seal/ Accredited e-signature
Citizen
Certificate Authority Certificate
Certificate
The Government
PKI Certification System
PKI Application Services
E-signature Pilot services
E-signature pilot site construction
(PKI application service development)
Certification Services PKI System Construction
(Root CA, Government CA Construction)
E-Signature law CPS Standards and technical guidelines
Establishment Law (Electronic Signature),
PKI Standards
Accredited CA
Safe and reliable Information society Establishment
Root CA
Company
20 Copyright 2013@KICA Inc. All rights reserved
PKI Scheme
RA Management
Subscribers Subscribers
RA Management
RA
Accreditation Annual Auditing
…
General/Special Purpose certificates
Accreditation Unit
Root CA Unit
Auditing Unit
Accredited CA
Issuing certificates
RA 1 RA 2 RA N
Operation on Root CA
ACA ACA …
RA RA
(ACA: Accredited CA)
RA
21 Copyright 2013@KICA Inc. All rights reserved
Effectiveness of Expectations
PKI is making up the safe and trustful environment using electronic signature.
Law, Policies Standards & Technology
PKI enabled Applications
Accredited CA
• Reduce the time and cost.
• Convenience of application like Online Civil Service, Internet Banking etc.
• Convert offline business to online.
• Provide more secure and safe of service.
• Increase the trust of company.
• Increase the confidence and trust.
• Ensure interoperability of PKI infrastructure with other Government.
• Establishment of National Security Plan.
USER Corporation
Background
Government
National PKI Establishment Win (User) – Win (Government) – Win (Company)
22 Copyright 2013@KICA Inc. All rights reserved
Application Layers
Internet mall
International Law
E-network Law
Intellectual Property Law
Basic e-trade Law E-Signature
Law
Reserve Agent
E-pay
security
E-Auth
High-speed Internet
e-edu
E-govern
Cyber S1
Virtual-bank
Sales NW
E-procurement Research NW
Virtual Co Product NW
Supply NW
Netizen
E-park entertainment
E-missionary
E-health
Cyber insure
E-trade
Society rules
Basic Infra
B-to-G
B-to-B
B-to-C
Institutions Commercial Law
Civil Law
Criminal Law
City Cost..Law Building Law
road
energy
water
Communication
Law system
Basic Infra
Public Infra
Industry Infra
Environment Establish -ment
police Public office
Bank school land
Public site
Sales Co
Physical Co institute
Major Co factory
Small Co
Trade Co
The stores
House
theater
church
court restaurant
gym
Real World Cyberspace (Internet)
23 Copyright 2013@KICA Inc. All rights reserved
Types of PKI Model
Network Trust Model
Hierarchical Trust Model
Hybrid Trust Model
25 Copyright 2013@KICA Inc. All rights reserved
Overview (1/3)
5 Accredited CAs issued accredited certificates to subscriber around 25 million in total
Major PKI Applications
* Internet Banking, Online Stock, Internet Shopping, Procurement, e-Government Services
Numbers of annual issuance of certificates (2011.09, published by KISA)
0
500
1,000
1,500
2,000
2,500
3,000
2003 2004 2005 2006 2007 2008 2009 20102011.9
782950
1,100
1,437
1,7161,856
2,192
2,3662,593
26 Copyright 2013@KICA Inc. All rights reserved
Overview (2/3)
Statistics on Accredited CA’s
No. Accredited CA/
Web site Accredited
Date Characteristics
Main Business Area
1 KICA (CA: SignGATE) http://www.signgate.com
2000. 02. 10 Corporation All industry, government
2 KOSCOM (CA: SignKorea) http://www.signkorea.com
2000. 02. 10 Special purpose Corporation
Cyber trading
3 KFTC (CA: yessign) http://www.yessign.com
2000. 04. 12 Non-commercial Organization
Internet banking
4 CrossCert (CA: CrossCert) http://gca.crosscert.com
2001. 11. 24 Corporation -
5 KTNET (CA: TradeSign) http://www.tradesign.net
2002. 03. 11 State-run Corporation with special mission
Trading
(As of 2011; published by MOPAS)
27 Copyright 2013@KICA Inc. All rights reserved
Overview (3/3)
PKI Model in Korea
Types Entity Certificate Usage Field Fee
General Individual All electronic transactions US$ 4/year
Corporation All electronic transactions US$ 100/year
Specific
- G2C, Bank, Insurance Free
- G2C, Stock, Insurance Free
- G4C, Credit Card Free
GPKI NPKI
Act Established in 2001 pursuant to E-Government Act
Established in 1999 under Electronic Signature Act
Ministry in Charge
MOPAS (Ministry of Public Administration and Security)
Root CA GCMA (http://www.gpki.go.kr) KISA (http://www.rootca.or.kr)
Main Customer
Public Servants Individual, Company
Algorithm NEET (not open) SEED, AES
Types of Accredited Certificate and Fees
28 Copyright 2013@KICA Inc. All rights reserved
PKI Scheme in Korea
Foreign Government
Ministry of Public Administration and Security
Accredited CA
Accredited CA
Certification issuance / Management
Accredited CA
Accredited CA
Certification issuance / Management
Subscriber Subscriber
E-Government Service
Provider
E-Government Service
Provider
Certification issuance / Management
Certification issuance / Management
Mutual Recognition
…
…
…
…
National Root CA (KISA)
Government Root CA
(GCMA)
29 Copyright 2013@KICA Inc. All rights reserved
Role of Root CA
Accredited CA
Legal & Policy Issue
Technical Specification
Environment of Usage of Electronic Signature
International Cooperation
Root CA
Root CA (KISA)
30 Copyright 2013@KICA Inc. All rights reserved
Scope of Benchmarking
Subject contents
Law, Policy, Standards
Electronic Signature Act, Decree and Ordinance
Certification Practices Statement
Electronic Signature Certification Technology
PKI Model
Government PKI
National PKI
User
Electronic Signature Promotion Provide User’s Convenience End of Certificate Free Trial Period
Accredited CA
Interoperability among Accredited CA’s Upgrading of PKI technologies Division of PKI Markets
Root CA Cross certification for NPKI and GPKI Addition of Root CA Certificate to MS IE
Applications Mandating Accredited Certificate (bank, stock)
PKI Applications
E-Procurement, Internet Banking, Payment Gateway, G4C etc
31 Copyright 2013@KICA Inc. All rights reserved
Framework of Registration
Electronic Signature
Act
-Ensure the security and reliability of electronic documents and to promote their use -Promoting nationwide informationalization and improving
convenience in people's living standard
Electronic Signature Act, Decree and Ordinance
Guideline on Electronic Signature
Certification Practices
Technical Specification
CSP
Rules on Accredited CA’s Facilities and
Equipment
Rules on Accredited CA’s
Protective Measures
Methods and Procedures
for I & A through Representatives
* I & A: Identification and Authentication * CPS: Certification Practices Statement
CA accreditation
Accredited CA’s
operation
Accredited CA’s protection measure
Subscriber’s I & A
32 Copyright 2013@KICA Inc. All rights reserved
CPS (Certification Practices Statement)
Contents Detail
Management of Certificates
- Transmission of Registered Information - Request for Issuance of Certificate - Generation of Certificates - Request for Suspension, Restoration and Revocation of Certificates - Generation of Certificate Suspension and Revocation List - Public Announcement and Validation of Certificates
Management of Key Pairs
- Generation of Private Pairs - Backup of Private Pairs - Loss, Destruction, Theft or Leakage of
Private Keys
- Protection of Private Pairs - Revocation of Private Pairs
Other Certification Services
- Provision of Time Stamping - Storage of Time Stamping Records - Backup of Time Stamping Records
- Time Reception and Correction - Storage of Electronic Documents - Other Supplementary Services
Others
- Conformity with Technical Specifications - Scope and Intended Use of Certificates - Conformity to Certification Procedure - Matters concerning Facilities and Equipment - Management of Certification Service Records - Management of Certification Service Records through the representative - Management of Audit Records - Management of Registration Authorities - Test Run of Certification Practice - Correct Provision of Information and Public Notification
33 Copyright 2013@KICA Inc. All rights reserved
History of NPKI in Korea
‘00 ‘01 ‘02 ‘03 ‘04 ‘05 ‘06 ‘07 ‘08 ‘09 ‘10 ‘11
Electronic Signature Promotion
Interoperability among Accredited CA’s
Provide User’s Convenience
Cross certification for NPKI and GPKI
Mandating Accredited Certificate (bank, stock, E-malls)
End of Certificate Free Trial Period
Upgrading of PKI technologies
Division of PKI Markets
Addition of Root CA Certificate to MS IE
Adapt HSM (Hardware Security Module)
Asia PKI Consortium
Year Activity
34 Copyright 2013@KICA Inc. All rights reserved
Interoperability among Accredited CA’s
Goals
- Subscriber who has an general-purpose accredited certificate can do all kinds of electronic transaction at Internet - To provide technologies that recognize and process accredited
certificates regardless of who issue them - To provide data to policy-makers on how to determine the scope and
conditions of each accredited certificate
Lesson to learn
The interoperability issue should be considered which arises during early stages of the NPKI construction.
CA A
CA B
User A
User B
App 1
App 2
x
general-purpose certificate Company 1
E-service Provider S/W development Company
Company 2 Accredited CA
35 Copyright 2013@KICA Inc. All rights reserved
Cross-Certification for NPKI and GPKI
Background
- Two years after establishment of the NPKI in 1999, the GPKI was brought to birth. The two got to have overlapped service areas. - To smooth out simultaneous operation of both, realization of cross-
certification is vital, which was obtained by means of a simplified CTL (i.e. Certificate Trust List).
Lesson to learn
To avoid duplication of resources and confusion in policy-making, services should be provided through a single root CA.
A PKI CTL issuance
A Root CA
Hash
A_USER B_USE
R
A_CA
A_RootCA B_RootCA
B_CA
CTL
CTL
B Root CA
Hash
B_User Cert
B_CA Cert
A_RootCA Cert
CTL issued by A_RootCA
B_RootCA Cert
Certificate Path
B PKI
generate signatur
e
verify signature
36 Copyright 2013@KICA Inc. All rights reserved
Mandatory Use of Accredited Certificates
Background
- To promote use of accredited certificates, services were provided free of charge. - Accredited certificates were provided without any charge to relieve the initial
burden of customers, to secure adjustment period, and to build up the Internet services.
- The deteriorating financial status of CA’s led to efforts to improve security and quality of certification services.
◊ Only corporate certificates began to be charged for (Approximately, 100 $ /year).
◊ It was unable to impose any liabilities on CA’s since they did not generate any profits.
◊ CA’s were unable to make additional investments, for example, in equipment.
Lesson to learn
For CA’s to serve the public with stability in operation and services, free trial periods should not be provided.
Progresses
-Individuals began to pay fees. (June, 2004)
◊ Individual accredited certificate of general purpose: $4/year ◊ Individual accredited certificate of limited purpose: Implementation
thereof was in the sole discretion of a CA. (CA’s were able to charge only after September, 2004.)
37 Copyright 2013@KICA Inc. All rights reserved
Division of PKI Markets
Lesson to learn
Different natures of CA’s may lead to conflicts and harm to the market. Thus, it is necessary, in some case, to set boundary between certificate markets.
Progresses
-KESA (Korea Electronic Signature Act) amended to set “borders” between different markets (December, 2005)
◊ The amended KESA demands tougher requirements for a government agency or a non-profit organization to get designated as CA.
-Implementation of PKI with divided roles (July, 2006) ◊ The KCFC, under the new KESA, is not allowed to issue certificates of general
purpose; it can only issue certificates required for banking.
CA Characteristics
Individual
Corporation Total General
Purpose
Specific Purpose
(Bank)
KCFC non-profit
organization
63% 76% 29% 67%
4$/year Free 100$/year or Free
38 Copyright 2013@KICA Inc. All rights reserved
Upgrading of PKI technologies
Background
-The term “upgrading (or its verb form “to upgrade”) refers to any effort made to increase system security and compatibility of technologies such as renewal of private keys, adjustment of length of private keys, application of RFC3280, etc.
Lesson to learn
Advance of technologies does not always guarantee stability of certification technologies. Thus, counter- measures should be considered in advance.
Major
missions
-Renewal of Root CA certificate and Accredited CA Certificates -Upgrading of private-key lengths to RSA 2048 bit
- Application of RFC 3280: International standard changed - RSA 1024 and SHA-1 algorithm don't guarantee their security in 2013. - Offline operation of Root CA’s directory ◊ The CRL’s of Root CA are posted on directories of accredited CA’s.
Before Feb., 2006 After Feb., 2006 After Jan., 2011
Valid Key Valid Key Valid Key
Root CA 10
years 2048
bit(SHA1) 20
years 2048 bit(SHA1)
20 years
2048 bit(SHA256)
Accredited CA
5 years 1024
bit(SHA1) 10 years
2048 bit(SHA1)
10 years 2048
bit(SHA256)
User 1 year 1024
bit(SHA1) 1 year 1024 bit(SHA1) 1 year
2048 bit(SHA256)
39 Copyright 2013@KICA Inc. All rights reserved
Addition of Root CA Certificate to MS IE
Lesson to learn
A country should accumulate and retain its own technologies related to security and certification to enhance its national competitive edge.
Problems and
solutions
- When using services like e-mail and web server with domestic certificates, security warnings popped up, causing confusion among users. - Foreign CA’s (i.e., VeriSign) recognized by MS Windows got to monopolize
the Korean PKI markets for SSL, code signing certificates. - By mounting certificates of Korean Root CA’s on MS Windows, it has
become possible to apply their certificates to Windows-based web services including web server, secured e-mail and code signing etc.
Thawte
• Microsoft Root Certificate Program Members: 58 CA’s (15 accredited CA’s)
Microsoft
VeriSign
VISA
RSA
Korean Root CA
JCSI
Hongkong Post
★ Inclusion KISA Root CA Certificate in Web Browsers (~'08) Internet Explorer ('06.02), Safari ('07.03), Opera ('08.05), FireFox ('06~)
40 Copyright 2013@KICA Inc. All rights reserved
HSM Token as a secure storage
Lesson to learn
In order to enhance subscriber’s personal security environment, HSM Token as a secure storage can use.
Problems -If subscriber uses hard disk for certificate storage, some malicious programs can control subscriber’s PC and extract that information.
Storage for Certificate
<Subscriber's S/W> <HSM Token>
Interface between the Token and the Subscriber’s S/W
<HSM Access Program>
Background
-A hardware protected secure storage with hardware cryptographic accelerator to generate and store private keys
① Digital signing and generation of a private key can be done inside the Token, ② Private keys can not be exported
Progresses
-Developing the technical specifications for HSM Token with certificate ('06~'07.8) -Carrying out the evaluation for the interoperability of HSM Token ('07.9~)
41 Copyright 2013@KICA Inc. All rights reserved
Asia PKI Consortium
Lesson to learn
Thoughts should be given to the issue of international interoperability. Close cooperation, for example, with the Asia PKI Consortium will be helpful.
• Non-profit international collaboration body in Asia region, specialized for information security areas
• Objectives : To realize borderless and seamless e-commerce in a secure and trustworthy way, in Asia regions
• Founded : Nov. 2007
• Member : Korea (KISA), China, Taiwan (As of June, 2008)
Steering Committee (SC)
General Assembly (GA)
PKI WG Other WG
Composed of all Principal member
Approve resolutions by GA
Determine policy, direction, strategy
Composed of all members
Elect Chairperson and Vice chairperson
Decide to Start and Dismiss WG
Secretariat Task-force based Working Group
SME WG Privacy
WG
Mobile
WG Candidate WG
Actual WG
42 Copyright 2013@KICA Inc. All rights reserved
Lesson to learn
• It is inevitable for the government to lead the efforts to build up a NPKI.
• To avoid duplication of resources and confusion in policy-making, services
should be provided through a single root CA.
• A country should accumulate and retain its own technologies related to
security and certification to enhance its national competitive edge.
• The interoperability issue should be considered which arises during early
stages of the NPKI construction.
• For CA’s to serve the public with stability in operation and services, free trial
periods should not be provided.
• To boost the certification market, it is recommendable to impose mandatory
use on some industries.
• Different natures of CA’s may lead to conflicts and harm to the market. Thus,
it is necessary, in some case, to set boundary between certificate markets.
• Advance of technologies does not always guarantee stability of certification
technologies. Thus, countermeasures should be considered in advance.
• In order to enhance subscriber’s personal security environment, HSM Token
as a secure storage can use.
• Thoughts should be given to the issue of international interoperability. Close
cooperation, for example, with the Asia PKI Consortium will be helpful.
43 Copyright 2013@KICA Inc. All rights reserved
Lesson to learn
• It is inevitable for the government to lead the efforts to build up a NPKI.
• To avoid duplication of resources and confusion in policy-making, services
should be provided through a single root CA.
• A country should accumulate and retain its own technologies related to
security and certification to enhance its national competitive edge.
• The interoperability issue should be considered which arises during early
stages of the NPKI construction.
• For CA’s to serve the public with stability in operation and services, free trial
periods should not be provided.
• To boost the certification market, it is recommendable to impose mandatory
use on some industries.
• Different natures of CA’s may lead to conflicts and harm to the market. Thus,
it is necessary, in some case, to set boundary between certificate markets.
• Advance of technologies does not always guarantee stability of certification
technologies. Thus, countermeasures should be considered in advance.
• In order to enhance subscriber’s personal security environment, HSM Token
as a secure storage can use.
• Thoughts should be given to the issue of international interoperability. Close
cooperation, for example, with the Asia PKI Consortium will be helpful.
44 Copyright 2013@KICA Inc. All rights reserved
Development steps of PKI
Past Present Future
Special Purpose Infancy of EC Take off Leap
The Internet was born
Fundamental Investigation
For Military Purpose
Special Financial Application
Web sites and email users are exploding
PKI standardization
The birth of CA
Access control by Certificate
The law of Electronic Signature
Mainly “B to B”
Desktop Commerce
Certificates in HSM, Smart Card
Products confirming PKI standard will spread
Data > Voice
“B to C” will rise(PKI will enter in every day life)
Digital contents will increase rapidly
Digital signature > Handwritten Signature
45 Copyright 2013@KICA Inc. All rights reserved
Upgrade PKI Cryptography(1/2)
• The existing encryption algorithms' security was declined due to
rapid computing technology development
According to NIST key size recommendations, RSA 1024 and SHA-1
algorithm used by Korean digital certificate management system don't
guarantee their security in 2013 ※ (“Recommendation for Transitioning
the Use of Cryptographic Algorithms and Key Lengths", 2011.1.13)
Digital Signature
Use
Digital Signature
Generation
RSA: 1024 ≤ |n| < 2048
• Acceptable through 2010 • Deprecated from 2011
through 2013 • Disallowed after 2013
RSA: |n| ≥ 2048
• Acceptable
Hash Function
Use
SHA-1
Digital signature generation
• Acceptable through 2010 • Deprecated from 2011
through 2013 • Disallowed after 2013
Non-digital signature generation applications
• Acceptable
SHA-256 Acceptable for all hash function applications
• With hacking prevention through digital certificate itself such as illegal
duplication and forgery, an advanced encryption system of digital
certificates for certificate reliability is needed.
46 Copyright 2013@KICA Inc. All rights reserved
Upgrade PKI Cryptography(2/2)
• Raise the key size of digital signature
• Adjust the key size of subscribers’ digital certificates to be higher (1,024
bit to 2,048 bit)
• As hackers try to get an digital certificate key from 21,024 up to 22,048
times, it can guarantee certificate security until the year of 2030
• Exchange a hash algorithm
• Exchange a hash algorithm used for certificate issuance and digitally
signing
• 160bit hash (SHA-1) → 256bit hash (SHA-256)
Change subscriber S/W of e-transaction companies
(~ complete by October 2011)
Integration Test
(November 2011 ~ )
Issue new certificates
(January 2012 ~ )
2011 2012
47 Copyright 2013@KICA Inc. All rights reserved
Cryptography Key Length - NIST
NIST Draft SP 800-57 Recommendation for Key Management - Part1: General(Revision 3) (2011.05)
Date Minimum
of Strength
Symmetric Algorithms
Asymmetric
Discrete Logarithm Elliptique Curve
Hash (A) Hash (B) Key Group
2010 80 2TDEA* 1024 160 1024 160
SHA-1** SHA-224 SHA-256 SHA-384 SHA-512
SHA-1 SHA-224 SHA-256 SHA-384 SHA-512
2011 - 2030 112 3TDEA 2048 224 2048 224
SHA-224 SHA-256 SHA-384 SHA-512
SHA-1 SHA-224 SHA-256 SHA-384 SHA-512
> 2030 128 AES-128 3072 256 3072 256 SHA-256 SHA-384 SHA-512
SHA-1 SHA-224 SHA-256 SHA-384 SHA-512
>> 2030 192 AES-192 7680 384 7680 384 SHA-384 SHA-512
SHA-224 SHA-256 SHA-384 SHA-512
>>> 2030 256 AES-256 15360 512 15360 512 SHA-512 SHA-256 SHA-384 SHA-512
48 Copyright 2013@KICA Inc. All rights reserved
Certificate for Smart Phone
iPhone App(iOS)
Android App
4. Select Certificate and
Generate digital signature
1. Request digital
signature
3. Request digital
signature
8. Verify signature
Web
Page
User
Smart
phone
Relay Server
1.Issue Certificate
3. Input auth_code
4. Select certificate
5. Export certificate
(PKCS#12)
2. Send
identification
number
User
PC
Smart
Phone
Relay
Server
CA
1.Import certificate
2. Generate
auth_code
6. Input NID
PC
2. Request digital
signature Generation
7. Digital signature
5. Signature information
6. Digital signature
Certificate Issuance and Export/Import Digital Signature using Smart Phone
49 Copyright 2013@KICA Inc. All rights reserved
Open WEB Environment
USER Server
Service Provider Server
PKI Client
Toolkit
Internet
Microsoft AcitveX JAVA Applet
BIO HSM
Smart Card
HSM
PKI Server Toolkit
Any Web Browser
50 Copyright 2013@KICA Inc. All rights reserved
U-Authentication System
Establishing a reliable u-Authentication System
• Extending the authentication object to devices
(smart grid, VoIP-phones, CCTV cameras, and etc)
Internet Banking, Log-in
ID/Pass
Human ↔ Human
SSL Server, ETC
Device ↔ Device
RFID/USN Environment BroadcastingTelecommunication
Environment U-City Environment
U-home Environment
Extending the Target of Authentication
i-PIN
Certs.
OTP
BIO
Extending the
Authentication
Method
Human Device
As is
U-health Environment
Traditional Network Environment Ubiquitous Network Environment
To be
Human ↔ Device
51 Copyright 2013@KICA Inc. All rights reserved
PKI Roaming Service
The PKI certificate and the private key can be stored at the safe CA
By the user authentication(OTP, two-channel authentication) the PKI
certificate and the private key can be downloaded at the device the user
already registered
After the use, the key and the certificate will be erased safely
4. Internet Banking
CA USER
BANK
Roaming Server
Registered devices
1. issuance 2. Key escrow
3. User authentication
52 Copyright 2013@KICA Inc. All rights reserved
USIM as PKI Storage and NFC service
USIM as a secure mobile storage
※ HSM : Hardware Security Module
※ USIM : Universal Subscriber Identification Module
NFC using a PKI certificate
※ adopt the PKI at NFC (Near field Communication)
PKI certificate
53 Copyright 2013@KICA Inc. All rights reserved
Strengthening Authentication(1/2)
Two-channel Authentication
For important baking accounts or accessing secured government data,
more safe authentication method is required
If the user PC is hacked and is monitored by the hacker the channel
itself would be in dangerous despite the safety of the PKI ※ registered
PC, mobile phone SMS authentication and etc.
Network Device (PC)
Other channel
1- channel (WEB)
2- channel
54 Copyright 2013@KICA Inc. All rights reserved
Strengthening Authentication(2/2)
Internet Banking Authentication
• For 1st-level transaction
• PKI + ACS(Auto-Calling System)
E-Government Authentication
• Registered PC, HSM, mobile phone SMS authentication must be adapted
for important transaction (issuance of resident registration and etc.)
1.Request transaction using PKI
2. Bank calls the user
3. User approves the transaction by ACS USER
BANK
USER E-Government System
1) HSM PKI, or 2) PKI + registered PC,
or PKI + mobile phone SMS authentication