计算机工程 ›› 2011, Vol. 37 ›› Issue (15): 106-109.doi: 10.3969/j.issn.1000-3428.2011.15.033

• 安全技术 • 上一篇    下一篇

智能卡私钥文件潜在风险分析

胡永涛1,姚静晶1,胡善学2   

  1. (1. 公安部第三研究所信息网络安全公安部重点实验室,上海 201204;2. 上海交通大学软件学院,上海 200240)
  • 收稿日期:2011-03-14 出版日期:2011-08-05 发布日期:2011-08-05
  • 作者简介:胡永涛(1976-),男,副研究员,主研方向:网络攻防;姚静晶,助理研究员;胡善学,硕士研究生
  • 基金项目:
    国家“863”计划基金资助项目(2008AA01Z412)

Analysis of Potential Risks for Private Key File in Smart Card

HU Yong-tao  1, YAO Jing-jing  1, HU Shan-xue  2   

  1. (1. Key Laboratory of Information Network Security, Ministry of Public Security, The 3rd Research Institute of Ministry of Public Security, Shanghai 201204, China; 2. School of Software, Shanghai Jiaotong University, Shanghai 200240, China)
  • Received:2011-03-14 Online:2011-08-05 Published:2011-08-05

摘要: 在病毒、木马泛滥的情况下,智能卡终端的安全性得不到保障,因此在智能卡私钥文件的生命周期中(如产生、更换、撤销过程)仍然存在安全风险,导致以私钥安全为核心的各类PKI应用出现各种问题。为此,介绍原有智能卡安全体系,对私钥在整个智能卡生命周期中的使用进行研究,并对潜在的风险进行全面分析,提出一种基于生产公钥证书的智能卡私钥保护方案。

关键词: 智能卡, 公钥基础设施, 私钥, 智能卡操作系统, 生命周期

Abstract: As the viruses and trojan horses are in flood, the security of smart card terminals can not always be guaranteed. Some risks may still exist in life cycle of the private key file such as generation, replacement and revocation process, resulting in various types of problems in the Public Key Infrastructure(PKI) applications based on private-key as a core. This paper elaborates the original security system of smart card, then conducts the research to the private key’s use process in the entire smart card life cycle, carries on comprehensive and the thorough analysis to the latent risk, and proposes a smart card private key protection solution based on the production public key certificate.

Key words: smart card, Public Key Infrastructure(PKI), private key, Card Operating System(COS), life cycle

中图分类号: