earticle

영어

With the continuous development of the internet, there has been increasing research on reliability of data shared through the network. In particular, the focus on the public key infrastructure (PKI) that performs functions including verifying the sender’s identity and preventing forgery based on digital certificates has been intensifying rapidly. However, existing certificate-based PKI gives rise to various problems in terms of the Certificate Authority (CA), user, and domain name system (DNS). Moreover, certificate-PKI involves cost, an authentication environment, and security, and the existing PKI system uses CA, a hierarchical structure, to process certificates. This paper aims to devise a reliable address using the DNS security extension (DNSSEC) that applies security to the existing DNS, and proposes a certificate less-based PKI that uses DNSSEC. The proposed PKI can reduce the cost of the existing certificate and address existing vulnerabilities.