| 一种CA私钥的容侵保护机制 |
| |
| 引用本文: | 柴争义,白浩,张浩军. 一种CA私钥的容侵保护机制[J]. 计算机应用, 2008, 28(4): 910-911 |
| |
| 作者姓名: | 柴争义 白浩 张浩军 |
| |
| 作者单位: | 河南工业大学,信息科学与工程学院,郑州,450007;河南工业大学,信息科学与工程学院,郑州,450007;河南工业大学,信息科学与工程学院,郑州,450007 |
| |
| 基金项目: | 河南省科技攻关项目 , 河南工业大学基金 |
| |
| 摘 要: | 保护CA私钥的安全性是整个PKI安全的核心。基于RSA公钥算法和(t, n)门限密码技术,采用分阶段签名方案,确保私钥在任何时候都无需重构。同时,在私钥产生、分发及使用过程中,即使部分系统部件受到攻击,也不会泄漏CA的私钥,CA仍可以正常工作(即系统具有一定的容侵性)。通过VC和Openssl对系统进行了实现。
|
| 关 键 词: | 容侵 认证中心 秘密共享 CA私钥 |
| 文章编号: | 1001-9081(2008)04-0910-02 |
| 收稿时间: | 2007-10-15 |
| 修稿时间: | 2007-10-13 |
An intrusion tolerant protection scheme of CA private key |
| |
| CHAI Zheng-yi,BAI Hao,ZHANG Hao-jun. An intrusion tolerant protection scheme of CA private key[J]. Journal of Computer Applications, 2008, 28(4): 910-911 |
| |
| Authors: | CHAI Zheng-yi BAI Hao ZHANG Hao-jun |
| |
| Affiliation: | CHAI Zheng-yi,BAI Hao,ZHANG Hao-jun(College of Information Science , Engineering,Henan University of Technology,Zhengzhou Henan 450007,China) |
| |
| Abstract: | Protecting the Certificate Authority(CA)private key is the key issue of the whole Public Key infrastructure(PKI).Based on Rivest-Shamir-Alleman(RSA)and(t,n)secret shared method,the two phrase signature scheme was used to ensure that the private key never be reconstructed at any time.At the same time,in the process of CA generation,delivery and usage,even if some part of the CA was broken,the CA private key was still safe,and CA still could work.At last,the system was realized by VC and Openssl. |
| |
| Keywords: | intrusion tolerance Certificate Authority(CA) secret sharing CA private key |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
|
