Flaws Analysis of Certificate Protection Mechanism in Windows

doi:10.3969/j.issn.1000-3428.2011.23.049

Computer Engineering ›› 2011, Vol. 37 ›› Issue (23): 144-146. doi: 10.3969/j.issn.1000-3428.2011.23.049

• Networks and Communications • Previous Articles Next Articles

Flaws Analysis of Certificate Protection Mechanism in Windows

ZHUANG Ji-hui, WU Hao

(Institute of Information Engineering, PLA Information Engineering University, Zhengzhou 450002, China)

Received:2011-06-28 Online:2011-12-05 Published:2011-12-05

Windows证书保护机制的缺陷分析

庄继辉，吴灏

(解放军信息工程大学信息工程学院，郑州 450002)

作者简介:庄继辉(1982－)，男，硕士研究生，主研方向：网络与信息安全；吴灏，教授
基金资助:
国家“863”计划基金资助项目(2008AA01Z420)；河南省科技攻关计划基金资助项目(082102210010)

Abstract

Abstract: This paper studies the certificate protection mechanism in Windows operating system, it analyses the theory of the three security measures which include the private key export flag protection, the private key accession prompt protection and the password protection. A research method that uses a combination of forward analysis and reverse engineering is applied. It shows that there are security risks in the certificates in the form of software in the Windows operating system. It proposes that it can improve the certificates’ security by storing in the hardware.

Key words: private key export flag, access prompt, key protection, certificate protection mechanism

摘要： 研究Windows操作系统下证书的保护机制，分析私钥导出标志位、私钥访问提示保护和密码保护3种主要安全措施的工作原理，采用正向分析和逆向工程相结合的研究方法，证明软件形式的证书在Windows操作系统中存在安全隐患。指出可以利用与专用硬件相结合的方法提高证书的安全性。

关键词: 私钥导出标, 访问提示, 密码保护, 证书保护机制

CLC Number:

TP309

PENG Ji-Hui, TUN Hao. Flaws Analysis of Certificate Protection Mechanism in Windows[J]. Computer Engineering, 2011, 37(23): 144-146.

庄继辉, 吴灏. Windows证书保护机制的缺陷分析[J]. 计算机工程, 2011, 37(23): 144-146.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.3969/j.issn.1000-3428.2011.23.049

http://www.ecice06.com/EN/Y2011/V37/I23/144

[1]	DING Xiaohui, CAO Suzhen, WANG Caifen. Smart Contract-Assisted Dynamically Searchable Encryption Scheme with Forward and Backward Security [J]. Computer Engineering, 2022, 48(7): 141-150.
[2]	JIN Haibo, ZHAO Xinyue. High-Reliability Intrusion Detection Algorithm Under Conformal Prediction Framework [J]. Computer Engineering, 2022, 48(7): 130-140.
[3]	ZHANG Chao, PENG Changgen, DING Hongfa, XU Dequan. Searchable Encryption Scheme Based on China State Cryptography Standard SM9 [J]. Computer Engineering, 2022, 48(7): 159-167.
[4]	YE Qing, ZHAO Nannan, ZHAO Zongqu, QIN Panke, YAN Xixi, TANG Yongli. Efficient Fully Dynamic Group Signature Scheme from Lattice [J]. Computer Engineering, 2021, 47(2): 160-167,175.
[5]	JI Lusheng, ZHANG Guiling, YANG Jiarun. Off-Chain Personal Data Protection Scheme Based on Blockchain [J]. Computer Engineering, 2021, 47(2): 176-181,187.
[6]	ZHANG Jing, HE Zheng, GE Binghui, TANG Yongli, YE Qing. An Efficient Protocol for Millionaires' Problem and Its Application [J]. Computer Engineering, 2021, 47(2): 168-175.
[7]	YOU Wenzhu, GE Haibo. Efficient Algorithm for Multi-Scalar Multiplication of Elliptic Curves Using Multi-Base Number System [J]. Computer Engineering, 2021, 47(2): 182-187.
[8]	FU Zixi, XU Yang, WU Zhaodi, XU Dandan, XIE Xiaoyao. SVM-KNN Network Intrusion Detection Method Based on Incremental Learning [J]. Computer Engineering, 2020, 46(4): 115-122.
[9]	LIU Xueyan, HE Xiaomei, LU Tingting, LUO Yukun. Certificateless Public Audit Scheme for Shared Data [J]. Computer Engineering, 2020, 46(4): 143-150.
[10]	ZENG Yaqin, ZHANG Linlin, ZHANG Ruonan, YANG Bo. Malware Family Classification Model Based on MobileNet [J]. Computer Engineering, 2020, 46(4): 162-168.
[11]	ZHANG Rui, CHEN Hongwei. Intrusion Detection Based on Feature Optimization and SVPSO for Industrial Control System [J]. Computer Engineering, 2020, 46(4): 19-25.
[12]	LI Zhi, SONG Lipeng. Research on Internal Threat Detection Based on User Window Behavior [J]. Computer Engineering, 2020, 46(4): 135-142,150.
[13]	SHI Zhicai, WANG Yihan, ZHANG Xiaomei, CHEN Jiwei, CHEN Shanshan. An RFID Grouping-proof Protocol with Privacy Protection and Forward Security [J]. Computer Engineering, 2020, 46(1): 108-113.
[14]	ZHAO Nan, ZHANG Guoan, GU Xiaohui. Certificateless Aggregate Signature Scheme for Privacy Protection in VANET [J]. Computer Engineering, 2020, 46(1): 114-120,128.
[15]	LI Yuanhang, CHEN Xianlai, LIU Li, AN Ying, LI Zhongmin. Random Forest Algorithm for Differential Privacy Protection [J]. Computer Engineering, 2020, 46(1): 93-101.

Please choose a citation manager

Content to export

Flaws Analysis of Certificate Protection Mechanism in Windows

Windows证书保护机制的缺陷分析

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

模态框（Modal）标题

Please choose a citation manager

Content to export

Flaws Analysis of Certificate Protection Mechanism in Windows

Windows证书保护机制的缺陷分析

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments