| In 2000, Sakai et al. and Joux independently found that bilinear pairings could be usedin constructive ways to build new cryptographic schemes, by presenting an identity-basedkey sharing scheme and a one-round tripartite key agreement protocol, respectively. Fromthen on, numerous novel and practical schemes has been proposed using bilinear pairings,such as identity-based encryption (IBE) schemes, short signature schemes and two-partyidentity-based key agreement protocols.Bilinear pairings have been used intensively as an important tool to design new crypto-graphic schemes, and recently this area has become a hot spot in public key cryptography.Besides, provable security based on complexity theory has become a prevailing method toevaluate the security of those newly proposed schemes. This thesis focuses on the designand analysis of new pairing-based cryptographic schemes, which is divided into two distinctparts. The first part studies public key encryption schemes, including identity-based encryp-tion schemes and public encryption schemes with two private keys. The second part exploresthe design and analysis of identity-based authenticated key agreement protocols, includingprotocols secure in the random oracle model and the standard model, respectively. The maincontributions of the thesis are as follows:1. The design and analysis of efficient identity-based encryption schemes. Firstly, we in-vestigate the real-world application setting for identity-based encryption schemes, i.e.,the multiple administrator domain environment, and then we propose a new provably-secure scheme based on the Sakai-Ohgishi-Kasahara private-key extraction algorithm.In the new scheme, the encryptor can have the pairing computation pre-computedoff-line and hence is more practical than the famous Boneh-Franklin scheme in themulti-domain environment. We also discuss its applications in global escrow ElGamalencryption, multi-receiver identity-based encryption and proxy re-encryption settings.Notably, our identity-based proxy re-encryption scheme solves the collusion attackproblem in the Green-Ateniese scheme, and to the best our knowledge, ours is the firstsuch scheme that employs the so-called key sharing strategy. 2. The design and analysis of escrowable public key encryption schemes (i.e. public-key encryption schemes with two decryption keys). We propose two efficient suchschemes. And, our second scheme is the most efficient one among all the existingconstructions in the literature. It eliminates pairing evaluation in the encryption pro-cedure and at the same time enables off-line pre-encryption. Besides, it is the firstprovably-secure escrowable public key encryption scheme and its security is based onthe standard bilinear Diffie-Hellman (BDH) assumption.3. The design and analysis of identity-based authenticated key agreement protocols thatare secure in the random oracle model. For the first time, we establish a close rela-tions between authenticated Diffie-Hellman protocols and identity-based authenticatedkey agreement protocols. We put forward a parallel design methodology for identity-based authenticated key agreement protocols. We investigate the forward secrecy ofthe identity-based authenticated key agreement protocols and propose a new efficientprotocol which achieves perfect forward secrecy in the escrowed mode. When pre-computation is possible, our new protocol is more efficient that that of Wang. Lastly,we strictly proved the security of the new protocol by adopting the modular prooftechnique.4. The design and analysis of identity-based authenticated key agreement protocols thatare secure in the standard model. We propose the first identity-based authenticatedkey agreement protocol that can be proven secure in the standard model. Besides, wealso extend our basic protocol to the escrowless model and the across-domain setting,respectively.
|
PDF Full Text Request