| 摘要: |
| 在公开密钥密码系统中,用户必须使用私钥才能阅读加密的相关信息,因此私钥的安全有效管理非常重要。《电讯技术》2004年第1期《一种私钥管理实现技术》一文中提出了一种基于PKI的私钥管理实现方案,但在实现过程中不经意让CA无条件解密了"用户"送来的数据,并且返回用户,造成安全隐患。针对这个问题,分析并修改了这个方案,避免直接返回接受数据的"解密"值,保证了系统安全性。 |
| 关键词: 信息安全,PKI,CA,私钥保护 |
| DOI: |
|
| 基金项目: |
|
| Analysis and Modification of a Private Key Protection Scheme |
|
| () |
| Abstract: |
| In public key cryptosystems,users must use private key to read enciphered information,thus the safe and effect management of private key is very important.The paper "Implementation of Private Key Management"(Telecommunication Engineering,No.1,Vol.44,2004) written by Fang Yong proposed a private key management scheme based on PKI,but in the process of realization,the proposed method uses CA to decrypt the data sent by "users" unconditionally and sends decrypted one back to users,thus leading to hidden safe danger.In this paper the Fang's scheme is analysed and a modified scheme is proposed which avoids sending the decrypted value of received data back directly,and confirms the security of the system. |
| Key words: information security,PKI,CA,private key protection |
《电讯技术》编辑部 