A countermeasure of fake root key installation using one-time hash chain

Lee Younggyo, Ahn Jeonghee, Seung-Joo Kim, Won Dongho

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Adil Alsaid and Chris J. Mitchell proposed the possibility of fake root public key installation by an attacker in user's PC and showed its countermeasures in 2005. The root public keys are used to verify the certificates for applet providers. Therefore the insertion of false public keys allows arbitrary numbers of rogue application to be executed on a user's PC. We propose a protection method for installing fake root keys in a user's PC. The method uses the one-time hash chain based on NOVOMODO. In the proposal, as the computation costs and the storage amounts for hash chain are very small, the proposed method will not be a big load to the publisher of the browser, the applet provision agent and the user. The implementation of the method is simple and it offers convenient authentication of the root to the user. Therefore, the method can provide a intelligent and secure agent technique for the digital content distribution.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages1007-1016
Number of pages10
Volume4496 LNAI
Publication statusPublished - 2007 Dec 1
Externally publishedYes
Event1st KES International Symposium on Agent and Multi-Agent Systems - Technologies and Applications, KES-AMSTA 2007 - Wroclaw, Poland
Duration: 2007 May 312007 Jun 1

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4496 LNAI
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other1st KES International Symposium on Agent and Multi-Agent Systems - Technologies and Applications, KES-AMSTA 2007
CountryPoland
CityWroclaw
Period07/5/3107/6/1

Fingerprint

Hash Chain
Countermeasures
Roots
Public key
Authentication
Content Distribution
Costs
Certificate
Insertion
Verify
Costs and Cost Analysis
Arbitrary

Keywords

  • Applet distribution agent
  • Applet provider
  • Hash chain
  • Publisher of the browser
  • Root public key
  • Web browser

ASJC Scopus subject areas

  • Biochemistry, Genetics and Molecular Biology(all)
  • Computer Science(all)
  • Theoretical Computer Science

Cite this

Younggyo, L., Jeonghee, A., Kim, S-J., & Dongho, W. (2007). A countermeasure of fake root key installation using one-time hash chain. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4496 LNAI, pp. 1007-1016). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4496 LNAI).

A countermeasure of fake root key installation using one-time hash chain. / Younggyo, Lee; Jeonghee, Ahn; Kim, Seung-Joo; Dongho, Won.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 4496 LNAI 2007. p. 1007-1016 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4496 LNAI).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Younggyo, L, Jeonghee, A, Kim, S-J & Dongho, W 2007, A countermeasure of fake root key installation using one-time hash chain. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 4496 LNAI, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4496 LNAI, pp. 1007-1016, 1st KES International Symposium on Agent and Multi-Agent Systems - Technologies and Applications, KES-AMSTA 2007, Wroclaw, Poland, 07/5/31.
Younggyo L, Jeonghee A, Kim S-J, Dongho W. A countermeasure of fake root key installation using one-time hash chain. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 4496 LNAI. 2007. p. 1007-1016. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
Younggyo, Lee ; Jeonghee, Ahn ; Kim, Seung-Joo ; Dongho, Won. / A countermeasure of fake root key installation using one-time hash chain. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 4496 LNAI 2007. pp. 1007-1016 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{bb064b2915664d5da502b779301b49d1,
title = "A countermeasure of fake root key installation using one-time hash chain",
abstract = "Adil Alsaid and Chris J. Mitchell proposed the possibility of fake root public key installation by an attacker in user's PC and showed its countermeasures in 2005. The root public keys are used to verify the certificates for applet providers. Therefore the insertion of false public keys allows arbitrary numbers of rogue application to be executed on a user's PC. We propose a protection method for installing fake root keys in a user's PC. The method uses the one-time hash chain based on NOVOMODO. In the proposal, as the computation costs and the storage amounts for hash chain are very small, the proposed method will not be a big load to the publisher of the browser, the applet provision agent and the user. The implementation of the method is simple and it offers convenient authentication of the root to the user. Therefore, the method can provide a intelligent and secure agent technique for the digital content distribution.",
keywords = "Applet distribution agent, Applet provider, Hash chain, Publisher of the browser, Root public key, Web browser",
author = "Lee Younggyo and Ahn Jeonghee and Seung-Joo Kim and Won Dongho",
year = "2007",
month = "12",
day = "1",
language = "English",
isbn = "9783540728290",
volume = "4496 LNAI",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "1007--1016",
booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

}

TY - GEN

T1 - A countermeasure of fake root key installation using one-time hash chain

AU - Younggyo, Lee

AU - Jeonghee, Ahn

AU - Kim, Seung-Joo

AU - Dongho, Won

PY - 2007/12/1

Y1 - 2007/12/1

N2 - Adil Alsaid and Chris J. Mitchell proposed the possibility of fake root public key installation by an attacker in user's PC and showed its countermeasures in 2005. The root public keys are used to verify the certificates for applet providers. Therefore the insertion of false public keys allows arbitrary numbers of rogue application to be executed on a user's PC. We propose a protection method for installing fake root keys in a user's PC. The method uses the one-time hash chain based on NOVOMODO. In the proposal, as the computation costs and the storage amounts for hash chain are very small, the proposed method will not be a big load to the publisher of the browser, the applet provision agent and the user. The implementation of the method is simple and it offers convenient authentication of the root to the user. Therefore, the method can provide a intelligent and secure agent technique for the digital content distribution.

AB - Adil Alsaid and Chris J. Mitchell proposed the possibility of fake root public key installation by an attacker in user's PC and showed its countermeasures in 2005. The root public keys are used to verify the certificates for applet providers. Therefore the insertion of false public keys allows arbitrary numbers of rogue application to be executed on a user's PC. We propose a protection method for installing fake root keys in a user's PC. The method uses the one-time hash chain based on NOVOMODO. In the proposal, as the computation costs and the storage amounts for hash chain are very small, the proposed method will not be a big load to the publisher of the browser, the applet provision agent and the user. The implementation of the method is simple and it offers convenient authentication of the root to the user. Therefore, the method can provide a intelligent and secure agent technique for the digital content distribution.

KW - Applet distribution agent

KW - Applet provider

KW - Hash chain

KW - Publisher of the browser

KW - Root public key

KW - Web browser

UR - http://www.scopus.com/inward/record.url?scp=39649103197&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=39649103197&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:39649103197

SN - 9783540728290

VL - 4496 LNAI

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 1007

EP - 1016

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ER -