SYSTEM AND METHOD OF SOFTWARE-BASED COMMERCIAL KEY ESCROW FOR PKI ENVIRONMENT

摘要

PURPOSE: A PKI-based commercial key entrusting method and system are provided which provides PKI-roaming service without changing a system and guarantees perfect forward secrecy for a key management server managing a key recovery server. CONSTITUTION: A user A(10) generates a pair of password private key and public key and creates a key recovery block to transmit the key recovery block together with the public key to a registration server(11) in the first step(S201). The registration server transmits the key recovery block and public key to a key managing server(13) at the second step(S202). The key managing server sends a password authentication note issuance permit to the registration server at the third step(S203). The registration server shows the permit to an authentication server(12) and requests a password authentication note with respect to the public key at the fourth step(S204). The authentication server issues the password authentication note and opens the authentication note to a directory server(19) at the fifth step(S205), and transmits the authentication note to the registration server at the sixth step(S206). The registration server delivers the password authentication note to the user A at the seventh step(S207).