Design And Analysis Of Cryptographic Protocols From Bilinear Pairings

Cryptographic protocol is one of the key techniques to provide identity authentication, dada integration and non-repudiation in the network environment. It plays an important role in the secure networks systems on which the multimedia services (e.g. Pay-TV, Online Database) are based, and it is the foundation for establishing the secure network environment.Bilinear pairings is a crucial tool for constructing the cryptographic protocols in recent years. The bilinear pairing-based cryptographic protocols not only have the advantages of higher security, shorter key size and faster implementation, but also possess many benefits that cannot be easily achieved by using other techniques. This dissertation focuses on the design and analysis of the pairing-based cryptographic protocols in following aspects: traitor tracing, digital signature, identity authentication and group key distribution of the multimedia information protection. The main contributions of this dissertation are as follows:1. A new pairing-based traitor tracing scheme that can efficiently resist single-user anonymous pirate attack is proposed, and the corresponding black-box tracing algorithm with limited pirate capability is also constructed. The proposed scheme has the following advantages: (1) The data transmission bandwidth needed is independent of the number of the users in the system; (2) All the authorized users contributing to the construction of the pirate decoder can be detected; (3) The scheme can be used to construct public key traitor tracing schemes.2. We study the certificateless public-key cryptosystem using SEM (SEcurity Mediator) mechanism, and present the formal models of the SEM-based certificateless public-key encryption scheme and certificateless signature scheme respectively. An efficient SEM-based certificateless public-key encryption scheme using bilinear pairing is proposed. The proposed scheme can eliminate the key escrow problem in traditional identity-based public-key cryptosystem, and also realize the immediate revocation of user keys.3. A mediated identity-based signature scheme is presented by introducing the online SEM mechanism. The scheme can provide fast user-key revocation and securely withstand existential forgery attack under the difficulty of computational Diffie-Hellman assumption.4. Security analysis is conducted for Ju et al's signature scheme with immediate revocation. As pointed out, the immediate revocation property will be damaged once the system user has successfully completed one message signature with the help of the SEM. We propose an improved scheme that does not have the above weakness.5. By binding the initial password selected by one user with his identity information, we present a smartcard-based remote user password authentication scheme using bilinear pairings derived from hyperelliptic curves. The proposed scheme enables each user to choose and change his login password freely to achieve the aim of the user-friendly. Additionally, there is no need to use any verifier table to verify each user's login request, and thus the authentication server's storage burden is greatly reduced.6. The notion of key proxy quantity is introduced to construct remote user authentication scheme using smart card. The authentication server generates for each user a key along with the corresponding proxy quantity stored in the smartcard which is given to the user to compute the login request, which enhances the system security against collusion attack.7. An identity-based group key distribution scheme using bilinear pairings is constructed. The broadcasting controlling information in the scheme is independent of the number of the users in the system. Therefore, the proposed scheme is suitable for the situation with large set of system members. The proposed scheme can also provide dynamic user joining.