A HighSecurity Scheme of Private Key Protection

doi:10.3969/j.issn.1007130X.2010.

J4 ›› 2010, Vol. 32 ›› Issue (11): 55-57.doi: 10.3969/j.issn.1007130X.2010.

• 论文 • Previous Articles Next Articles

A HighSecurity Scheme of Private Key Protection

ZHU Jiandong1,2,ZHU Zhiting1

（1.Department of Education Information Technology，East China Normal University,Shanghai 200062; 2.Department of Information Engineering，Nantong Agricultural College，Nantong 226007,China)

Received:2009-11-26 Revised:2010-03-02 Online:2010-11-25 Published:2010-11-25

Abstract

Abstract:

The security of the CA private key guarantees the credibility of a digital certificate and the validity of the signature. In order to enhance the security protection of the CA private key, we distribute the CA private key to t signature servers with (t,n) secret sharing, each having a different private key sharing, and the private key sharing is periodically updated using the proactive secret scheme. A phasebased RSA signature mechanism is used, each server calculating part of the signature, and then the signed proxy gets the final signature. In the whole process, the CA private key never reconstructs, so it strengthens the safety of the CA private key and the signature. Finally, heterogeneous platforms are used to store the CA secret. VC and OPENSSL are adopted to realize it.

Key words: digital certificates;security of private key;private sharing;stages signature;update of private key

ZHU Jiandong1,2,ZHU Zhiting1. A HighSecurity Scheme of Private Key Protection[J]. J4, 2010, 32(11): 55-57.

A HighSecurity Scheme of Private Key Protection

PDF

Knowledge

Abstract

Cite this article

share this article

Related Articles 0

Recommended Articles

Metrics

Comments