| To meet the needs of rapid developments in the IT society, the governments attempt to build a monitoring security system. With the massive application of key escrow technology, different kinds of key escrow policy are carried out.Key escrow technology is a kind of new technology which aims to access decoding information in emergency. The technology is used to save user's private key backup either when the judicatory or security acquires the original resource in need, or when the user restores the private information in case of losing and destroying his/her own private key. Key escrow technology is a negotiation between the user's privacy protection and the government's rights of monitoring, therefore, it attracts increasingly attention in cryptography in recent years.In General Threshold Scheme, different numbers of private key fragments are distributed based on the differences of the privilege of escrow in which the greater privilege escrow can access to more fragments. However, general escrow scheme does not take the respective importance of escrow agents into consideration, in particularly, the following cases: a. one escrow agent is so worthy and important that the joint stratagem of all other agents is not workable over monitoring users without its participation; b. practice of monitoring user is on condition that Q official escrow agents in P (Q≤P)cooperate S unofficial escrow agents in R (S≤R) .Based on threshold ideology and advanced threshold scheme, this thesis proposes a key scheme which places the respective importance of escrow agents flexibly by employing ElGamal public key cryptosystem. The major contributions are as follows:1) A flexible key scheme is designed on the basis of threshold ideology and advanced threshold scheme. The descriptions of performances in the scheme are on the following: (1)the participation of one certain escrow agent is must (2)The cooperation of both the official escrow agent and unofficial escrow agent. The scheme makes an effective solution to flexible design by placing respective importance of escrow agents, which enable the system to possess more flexibilities and adaptabilities.2) Considered the difficulty of solving the discrete logarithm in ElGamal cryptosystem, a proposal is made that issuing of user's public key certificate is approachable provided that validities of all escrow key fragments have been tested by KMC which ensures effective practice of lawful monitoring.3) Once-monitoring in term of validity and perpetual offline monitoring can confine...
|
PDF Full Text Request