Abstract
In Japan, three government PKI systems are constructed as Bridge Model PKI, and they are also bridged with each other. Up to now, all of the three PKI systems have issued certificates mainly for digital signature on digital documents. Only recently, a concern to issue certificates for entity authentication has been raised. Not only “KeyUsage” but also “CertificatePolicies” and related extensions should be carefully used in Bridge Model. As a potential international issue, we have started to discuss on the migration of cryptography in PKI systems. Due to Bridge Model and vertically divided administration, difficulties in enforcing consistent policies thoroughly in these PKI systems is expected in Japan.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Administrative Management Bureau: Government Public Key Infrastructure Interoperability Specification (in Japanese). Ministry of Internal Affairs and Communications (2001), http://www.gpki.go.jp/session/
ANS X9.62-2005: Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA). Accredited Standards Committee X9, Inc. (2005)
Bellovin, S., Rescorla, E.: Deploying a New Hash Algorithm. In: First NIST Cryptographic Hash Workshop. National Institute of Standards and Technology (2005), http://csrc.nist.gov/groups/ST/hash/first_workshop.html
Bouillaguet, C., Fouque, P.A., Shamir, A., Zimmer, S.: Second Preimage Attacks on Dithered Hash Functions. Cryptology ePrint Archive: Report 2007/395 (2007); EUROCRYPT 2008 (to appear), http://eprint.iacr.org/2007/395
Burr, W.E., Dodson, D.F., Polk, W.T.: NIST Special Publication 800-63: Electronic Authentication Guideline. National Institute of Standards and Technology (2006), http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
Challenge PKI Project: Project: Challenge PKI Test Suite 2.0. Japan Network Security Association, Information-technology Promotion Agency, Japan (2004), http://www.jnsa.org/mpki/index.html
Cock, D.D., Wolf, C., Preneel, B.: The Belgian Electronic Identity Card (Overview). In: Dittmann, J. (ed.) Sicherheit 2006. Lecture Notes in Informatics, P-77, pp. 298–301. Bonner Köllen Verlag (2006), http://www.cosic.esat.kuleuven.be/publications/article-769.pdf
Cryptography Research and Evaluation Committees: CRYPTREC Report 2006 (in Japanese). National Institute of Information and Communications Technology, Information-technology Promotion Agency, Japan (2007), http://www2.nict.go.jp/y/y213/cryptrec_publicity/c06_wat_final.pdf
The Japanese Act No. 102 of May 31 of 2000: The English Translation of the ACT ON ELECTRONIC SIGNATURES AND CERTIFICATION BUSINESS. Cabinet Secretatiat (2007), http://www.cas.go.jp/jp/seisaku/hourei/data/aescb.pdf
Juki-net: Smart card for Basic Resident Registration System (in Japanese). Ministry of Internal Affairs and Communications (2003), http://www.soumu.go.jp/c-gyousei/daityo/juki_card.html
Housley, R., Polk, W., Ford, W., Solo, D.: RFC 3280, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. The Internet Society (2002), http://www.ietf.org/rfc/rfc3280.txt
Kelsey, J., Schneier, B.: Second Preimages on n-bit Hash Functions for Much Less than 2n Work. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 474–490. Springer, Heidelberg (2005)
Kleinjung, T.: Securing Cyberspace: Applications and Foundations of Cryptography and Computer Security. In: Workshop IV: Special purpose hardware for cryptography: Attacks and Applications, Institute for Pure and Applied Mathematics (2006), http://www.ipam.ucla.edu/schedule.aspx?pc=scws4
Kleinjung, T.: Evaluation of Complexity of Mathematical Algorithms. CRYPTREC technical report No.0601 in FY 2006. In: Cryptography Research and Evaluation Committees (2007), http://www.cryptrec.go.jp/estimation.html
Kleinjung, T.: Questions and answers regarding [14] (2007)
Lenstra, A.K., Lenstra Jr., H.W.: The development of the number field sieve. Lecture Notes in Mathematics, vol. 1554. Springer, Heidelberg (1993)
Nakajima, J., Matsui, M.: Performance Analysis and Parallel Implementation of Dedicated Hash Functions. In: Knudsen, L. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 165–180. Springer, Heidelberg (2002)
NIST FIPS PUB 140-2: Security Requirements for Cryptographic Modules. National Institute of Standards and Technology (2001), http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
NIST FIPS PUB 186-2: DIGITAL SIGNATURE ALGORITHM (DSS). National Institute of Standards and Technology (2000), http://csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf
Pinkas, D., Ross, J., Pope, N.: RFC 3126, Electronic Signature Formats for long term electronic signatures. The Internet Society (2001), http://www.ietf.org/rfc/rfc3126.txt
RSA Laboratories: PKCS #1 v2.1: RSA Cryptography Standard. RSA Security, Inc. (2002), http://www.rsa.com/rsalabs/node.asp?id=2125
Shimaoka, M., Hastings, N., Nielsen, R.: Internet-Draft: Memorandum for multi-domain Public Key Infrastructure Interoperability. The IETF Trust (2008), http://www.ietf.org/internet-drafts/draft-shimaoka-multidomain-pki-12.txt
Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)
Wang, X., Yao, A., Yao, F.: Cryptanalysis on SHA-1. In: First NIST Cryptographic Hash Workshop. National Institute of Standards and Technology (2005), http://csrc.nist.gov/groups/ST/hash/first_workshop.html
Zhang, N., et al.: E-infrastructure Security: authentication Levels of Assurance (ES-LoA). The ES-LoA project (2007), http://www.es-loa.org/
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Miyakawa, Y., Kurokawa, T., Yamamura, A., Matsumoto, Y. (2008). Current Status of Japanese Government PKI Systems. In: Mjølsnes, S.F., Mauw, S., Katsikas, S.K. (eds) Public Key Infrastructure. EuroPKI 2008. Lecture Notes in Computer Science, vol 5057. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69485-4_8
Download citation
DOI: https://doi.org/10.1007/978-3-540-69485-4_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69484-7
Online ISBN: 978-3-540-69485-4
eBook Packages: Computer ScienceComputer Science (R0)