Research On Group Encryption Technology Based On IBE

In recent years,group oriented cryptography has been widely and deeply studied.Different from the traditional single-sender and single-recipient cryptosystem,group cryptosystems may include one-to-many,many-to-one,or many-to-many forms,which is more suitable for more and more complex network environments.A simple key sharing scheme is not suitable for dynamic updating of group members.And nowadays,standard applications can not effectively support group encryption.For example,users need to add group members' personal digital certificates when they send group encrypted mail through outlook.The more members a group has,the more difficult it is for users to operate.At the same time,the public key in each group member's personal certificate needs to be used to encrypt the mail information once.This operation is duplicative and inefficient.If a group member joins the group,the user also needs to obtain the digital certificate of the new member.Therefore,a group-oriented cryptosystem that is suitable for encrypted data exchange between group members and facilitates the periodic update of shared keys is studied in this paper,which solves the problem of dynamic updating of group members successfully and is applied to standard applications.A group cryptosystem based on IBE is designed in this paper,which is mainly divided into three functional modules.Firstly,to solve the problems of key leakage,identity security,and the maintenance of the group relationship of users,group and identity management system is designed in this paper so that users can register secure group identities and cancel group identities corresponding to the private keys that are leaked,and users can create,join,exit,manage,dissolve groups and so on.Secondly,for the problems of dynamic update of group members,security of transmitted data,key storage,etc,the IBE CSP which supports group encryption is designed to complete the functions of group encryption and decryption and automatic update of the group shared key.Finally,in view of the complex operations of local storage keys and the time consuming operations of decryption in CSP,a cryptographic server is designed in this paper to complete group encryption and decryption functions the IBE CSP module.At this point,the decryption operation of data is completed on the cryptographic server.CSP is the entry of the standard application to call the cryptographic server to complete group decryption.The two decryption methods are compatible with each other,and users can choose one by themselves.As most standard applications do not support IBE,and IBE does not have similar certificate revocation functions to deal with key leakage.Therefore,the pseudo RSA digital certificate is designed to apply the group cryptography to the standard application,and the group identification is added with the time strategy and the indexing strategy to form an extended group identifier to update,recover or destroy the key.Several innovations are as follows in this paper:(1)A group-oriented crypto system that is suitable for encrypted data exchange between group members and facilitates the periodic update of shared keys is developed.Since the group shared key needs to be changed from time to time,it is very troublesome for the group user to obtain the shared key and install and configure the shared key at regular intervals.This system can avoid such problems;(2)The group cryptosystem developed in this paper has been successfully applied to standard applications and and is convenient for users to use.Therefore,the design is of significance.