Research On Identity-Based Cryptography And Its Application

With the advance of the technique about computer network, all kinds of network sevices have soaked in many aspects of people's life. Since more and more information are storaged, transmited and operated in the open network, it maybe suffer from all kinds of attacks and threats, such as wiretapping, intercept, modified forgery and replay attack. Thus information security has become one of the most important problems to be solved.Cryptography is an effective means to provide information security services. The basic security services cryptosystem should provide are Confidentiality, Intergrity, Authentication and Non-repudiation, which usually be achieved by cryptographic primitives as Encryption and Digital Signature. In a traditional Public Key Cryptosystem (PKC), the association between a user's identity and his public key is obtained through a digital certificate issued by a Certifying Authority (CA). However, the process of certificate management requires high computation and storage efforts.To simplify the certificate management process, Shamir introduced the concept of identity-based cryptosystem. In such cryptosystems, the public key of a user is derived from his identity information and his private key is generated by a trusted third party called Key Generater Center (KGC). An identity-based cryptosystem has the following properties: (1) A user's public key is derived from his identity. (2) Digital certificates are eliminated. (3) The process of encryption or signature verification requires only receiver's or signer's identity information and some system parameters. Thus identity-based cryptosystems are advantageous over traditional PKCs in the aspect that key management is simplified. It only needs a directory for public system parameters, other than maintaining public keys for all of users.However, identity-based cryptosystem has its own drawback. One inherent problem is key escrow. In such cryptosystem, the KGC is involved in issuing secret keys to users whose identity is assumed to be unique in the system. Knowing the KGC's master key should be able to impersonate a user, that is, carrying out any cryptographic operations as the user, so there is no user privacy and authenticity in the system. Another threat is that user's secret key maybe exposure to an adversary in an insecure device. In many cases, it is easier to obtain a secret key from a stolen device than to break the computational assumption on which the security of the system is based. This threat is increasing nowadays when more and more cryptographic primitives are deployed on insecure devices such as mobile devices. In section 3, we propose a secure identity-based key issuing scheme. In our suggestion, multiple authorities are involved in issuing a user's private key in a serial manner, and the key escrow problem of a KGC is avoided. We present a secure key issuing and updating model for identity-based cryptosystems in section 4. Our suggested model can simultaneously solve both key escrow and key exposure problems. We also propose an identity-based encryption scheme and an identity-based signature scheme based on our proposed model.Considering the application of identity-based cryptosystem, we mainly focus on applying identity-based cryptosystem in access control technique. Role-based access control (RBAC) is an effective access control method for protecting information and resources in large-scale systems. In RBAC, access rights {permissions) are associated with roles, and users are assigned appropriate roles thereby acquiring the corresponding permissions. In the implementation phase, access control should be strong and efficient based on user's authentication information, so the RBAC mechanism often requires user authentication as a prerequisite. In section 5, by cooperating with identity-based cryptography, we first present an identity& role-based access control (IRBAC) model which supports user's authentication internally. An implementation method of IRBAC is also presented using a variant of an ID-based signature scheme due to Cha and Cheon, which provides user authentication and role-based authoization internally without digital certificates.Delegation is an important extension to role-based access control model. Role-based delegation means that a user delegates his/her assigned role to another user to carry out some functions on behalf of the former. In section 6, we present a scheme that integrates hierarchical identity-based signature (Hierarchical IBS) technique to perform role-based delegation.In the Internet payment scheme based on E-cash, different domains relevant to the transaction process have different privileges and different access authorization. If they all deal with security problems respectively, maintenance and collaboration for the whole system will be very difficult. The issue of privilege management across multiple domains will bring additional challenges. In section 7, we analyze privilege management policies for the E-cash system based on RBAC.The existing RBAC models have been developed for fixed network structures. When implementing RBAC concepts into mobile environments, the new security requirement should be considered. In section 8, on the basis of NIST RBAC, an extended RBAC model that can utilize location information in security policy definitions is proposed, which is suited for wireless network.The main work in this paper is researching on the identity-based cryptosystem and its applications in access control area. The main results are as follows:We propose a secure identity-based key issuing scheme, in which multiple authorities are involved in issuing a user's private key in a serial manner, and the key escrow problem of a KGC is avoided.We present a secure key issuing and updating model that can simultaneously solve both key escrow and key exposure problems in identity-based cryptosystem. We also propose two application scheme of our model: an identity-based encryption scheme and an identity-based signature scheme, both scheme are secure against key escrow and key exposure threats, and are secure in the random oracle model.By cooperating with identity-based cryptography, we first present an identity& role-based access control (IRBAC) model which supports user's authentication internally. An implementation method of IRBAC is also presented based on Cha-Cheon's identity-based signature scheme, in which a user's signature can provide both user authentication and role-based authorzation simultaneously.We integrate hierarchical identity-based signature (Hierarchical IBS) technique to perform role-based delegation. In our suggestion, delegation paths starting with the same role can construct a hierarchical structure, such as a delegation tree. Each node in the tree refers to a user and each edge to a delegation relation. A user can delegate his/her role by generating a private key for the delegated user without any help of a trusted party.We analyze privilege management policies for the E-cash system based on RBAC. Access control in different domains is implemented by authorizing roles. Administrative roles are also used in the system to realize self-management in the E-cash system.On the basis of NIST RBAC, an extended RBAC model that can utilize location information in security policy definitions is proposed, which is suited for wireless network.These results above mentioned can be widely applied to the area of certification authority (CA) system, signature systems of bank and e-cash in electronic commerce, secure database system, Web network authentication system, key escrow system, electronic cash system, electronic voting system, user roaming system, etc.