A New Protection Method of Private Key File in Smart Card

Author

Hu, Yongtao ; Yao, Jingjing ; Hu, Shanxue

Author_Institution

Key Lab. of Inf. Network Security, Minist. of Public Security, Shanghai, China

fYear

2010

Firstpage

228

Lastpage

232

Abstract

As the PKI system is widely used in e-commerce and e-government, the smart card which generates public/private key pair by itself has good prospects because of its "private key not out of card" key feature. However, when the viruses and Trojan horses are in flood, the security of smart card terminals can\´t always be guaranteed. Some risks may still exist in the processes of generation, replacement and revocation of the private key, resulting in various types of problems in the PKI applications based on private-key as a core. This paper firstly elaborates the original security system of smart card, then conducts the research to the private key\´s use process in the entire smart card life cycle, carries on comprehensive and thorough analysis to the latent risk, and proposes a smart card private key protection solution based on the production public key certificate.

Keywords

electronic commerce; government data processing; invasive software; private key cryptography; public key cryptography; smart cards; PKI applications; e-commerce; e-government; production public key certificate; public/private key; smart card; smart card private key protection; smart card terminals; trojan horse; Authentication; Digital signatures; File systems; Public key; Smart cards; COS; Life Cycle; PKI; Private Key; Smart Card;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Processing (ISIP), 2010 Third International Symposium on

Conference_Location

Qingdao

Print_ISBN

978-1-4244-8627-4

Type

conf

DOI

10.1109/ISIP.2010.19

Filename

5669043