Research On Identity-based Cryptography And Its Application In Wireless Mobile Payment

As one of the most important composition of cryptography, the public-key cryptosystem plays a crucial role in security services of integrity, availability, confidentiality, authentication and non-repudiation provided by a number of core technologies such as encryption/decryption, signature, identity authentication and est. In traditional public-key cryptosystem based public key infrastructure (PKI), there is no direct relationship between the user's public key and the user's identity. The public key of the user is essentially a random bit string picked from a given set. This leads to a problem of how the public key is associated with the physical entity to resist the attacks of forgery, tampering and replacement. In these traditional systems the binding between the public key and the identity of the user is obtained via a digital certificate which is distributed by the CA (Certificate Authority). However, the management of certificates is a difficult problem in such a wireless communication environment with billions of users. In 1984, Shamir introduced the concept of identity-based (ID-based) systems to simplify key management procedures of CA-based PKI cryptosystem. Since then, several ID-based stems have been proposed. ID-based systems can be a good alternative for CA-based systems from the viewpoint of efficiency and convenience. ID-based systems have a property that a user's public key can be easily calculated from his/her identity (for example, the e-mail address, IP, ID, the phone number) by a publicly available function, while his private key can be calculated by a trusted Key Generation Center (KGC). They enable any pair of users to communicate securely without exchanging public key certificates, without keeping a public key directory, and without using online service of a third party, as long as a trusted KGC generates a private key for each user.On the work of existing remote authenticated key agreement (AKA) protocols with multi-servers, an efficient remote AKA scheme with multi-servers using identity-based cryptography has been proposed. In the scheme neither servers nor users preserve the password table. Users do not need register to multi-servers when they want to login a new server each time. The proposed scheme provides the explicit key authentication between users and servers. Furthermore, it reduces the communication costs, computation and storage consuming. Additionally, the scheme has been proved secure by the standard B-R security model of AKA.In an identity-based cryptosystem, the KGC has the system primary key and all users' private keys. Once the KGC no longer trusted, the system will be in total collapse. An identity-based signature without the problem of key escrow using CL-PKC has been proposed. It effectively solves the inherent key escrow problem in identity based public key cryptography while keeps its certificate free property. Further, in the proposed scheme user's public key can be directly related with his/her ID, which is different from those schemes of CL-PKC. It has been proven secure in a very strong security model.Standard identity-based signature schemes typically rely on the assumption that secret keys are kept perfectly secure. However, with more and more cryptographic primitives are deployed on insecure devices (e.g. mobile devices), key-exposure seems inevitable. This problem is perhaps the most devastating attack on a cryptosystem since it typically means that security is entirely lost. To minimize the damage caused by key-exposure in ID-based signatures scenarios, an ID based signature scheme with key insulation has been proposed. Furthermore, the secure key updating of the proposed scheme is non-interactived. As a result, there is no communication between the user and the KGC in key update procedures.There are some shortages in those existing electronic payment systems, including limited security, only offering micro-payments and too complexity of the payments. Identity-based signature has been applied in the fields of wireless mobile payment. A secure wireless mobile payment scheme using identity-based signature technology has been presented. The scheme provides security during the payment procedure by the identity-based signature without the problem of key escrow described above.