摘要 |
The present invention relates to a method for key management and user authentication using ID-based encryption, in which a private key management server having received a certification from a certification authority generates a public key and a private key by using an ID-based encryption method and transmits a pair of generated keys to a user-owned device, thereby enabling the user-owned device, having not received a certification directly from the certification authority, to provide user authentication to an external device. The method for key management and user authentication using ID-based encryption according to the present invention comprises the steps of: generating, by a private key management server, a first public key and a first private key for authentication of a user; transmitting, by the private key management server, user identification information and the generated first public key to a certification authority, and receiving, by the private key management server, a certificate from the certification authority; when at least one user-owned device is connected to the private key management server, generating, by the private key management server, a second public key by using a name of the user and a name of the user-owned device, and generating, by the private key management server, a second private key by using the generated second public key and the first private key; transmitting, by the private key management server, the received certificate, the generated second public key, and the generated second private key to the at least one user-owned device; when the at least one user-owned device is requested to authenticate the user by an external device, generating, by the at least one user-owned device, a signature document by using the received second public key and the received second private key, and providing, by the at least one user-owned device, the certificate, the name of the user-owned device, and the signature document to the external device; and verifying, by the external device, the provided certificate and signature document in order to authenticate the user. |