| Recently the security of information systems receives more and more attention. The cryptographic technology containing two important parts, public key encryption and digital signature, is an important guarantee for the information system security. To identify the relationship between user's identity and user's public key, there are three basic techniques, one based on the certification in public key infrastructure (PKI), the second on the trusted author in identity-based cryptosystem and the third on the authenticator in certificated-based cryptosystem. For analyzing the security of public key cryptography scheme, in the standard model, the formal way to prove the security of the scheme will be adopted.In this thesis, the application and improvement of the identity functions in the identity-based encryption schemes will be concentrated on. The identity function can directly encrypt the identity information as usual. If the ciphertext is regarded as a one-time identity, then it can be used to deal with the one-time identity for verifying the integrity of ciphertext. Based on this idea, a new public-key encryption scheme will be proposed and proved; the existing identity-based encryption scheme will be improved to achieve chosen-ciphertext attack security and proved; based on different identity-based encryption schemes two certificated-based encryption schemes will be given and analyzed; the existing identity-based signature scheme will be improved and proved. The following are the specific innovation:In chapter III, based on the well-known Boneh and Boyen CPA selective IBE scheme and Waters CPA IBE scheme, a new CCA secure hybrid encryption scheme and a public key encryption scheme will be proposed. The hybrid encryption scheme can achieve CCA security on the condition that the employed one-time symmetric encryption scheme only needs to satisfy passive attack (PA) security requirement. The hybrid scheme, whose security reduction efficiency closes to Kurosawa and Desmedt's hybrid encryption scheme, supports full public ciphertext integrity verification and has smaller ciphertext overload than KD scheme. The new PKE scheme, whose security reduction efficiency is almost as same as that of CS98 PKE scheme, supports public ciphertext integrity verification and has smaller ciphertext overload than CS98 scheme.In chapter IV, a CCA secure IBE scheme will be achieved by taking use of the secure trapdoor commitment function. The new scheme, having a considerable efficiency with BMW's and Kiltz's hybrid IBE schemes, supports the verification of full public ciphertext integrity, while the BMW's and the Kiltz's hybrid IBE schemes can only support public ciphertext integrity verification on their key encapsulation part. Because the combined BB1 selective-ID algorithm and trapdoor commitment algorithm take the place of the Waters identity function, the new scheme, compared with BMW's and Kiltz's direct IBE schemes, has smaller size of public key and tighter security reduction efficiency.In chapter V, based on Gentry's certificated-based encryption (CBE) scheme model and the existing Waters CPA IBE scheme and Gentry CCA IBE scheme, two CBE schemes will be constructed in the standard model. The new schemes combine the best aspects of identity-based cryptosystem (implicit certification) and public key infrastructure (no key escrow).In chapter VI, a provable identity-based signature (IBS) scheme will be presented in the standard model, which is based on existing Paterson and Schuldt (PS)'s IBS scheme. PS scheme needs two independent Waters identity functions, one for identity and the other for message, which makes inefficient security reduction. The new IBS scheme, not increasing any public key parameter and signature ciphertext overload, will improve the security reduction efficiency by modifying the parameters of Waters identity function which is used to deal with message, so it is more secure and credible.
|
PDF Full Text Request