Design and implementation of wireless PKI technology suitable for mobile phone in mobile-commerce

With the advent of wireless communication and internet protocol, many technologies have been developed to provide mobile phone user with the wireless internet service. Security supporting wireless internet must be guaranteed at same level as the wired security. But PKI (Public Key Infrastructure) which is used for the security of e-commerce in wired internet is not suitable for the mobile phone because of the fundamental limitation of performance such as less memory and less powerful CPU. Therefore, we need to develop a wireless PKI (WPKI) that provides the similar security level as the wired PKI supporting mobile phone. In this paper, we consider why it is difficult to apply the wired PKI technology to the mobile phone and how to cope with these problems. We propose wireless PKI technology and illustrate that implementation result of the proposed wireless PKI technology on the newest mobile phone. We minimize data sizes processed in mobile phone, and optimize protocols for the certificate management and verification between mobile phone and server. This results in the reduced module sizes to be able to install in mobile phone. Hence, the proposed WPKI technology shows that security is in the same level as the wired PKI and all PKI procedures are successfully processed in mobile phone.