| Comparing with certificate based cryptography, identity based cryptography (IBC) realizes zero verification of user's public key, and saves certificate management center cost. However, identity based cryptosystem exists the problems of key escrow,key revocation and privacy key distribution, which limit IBC's practicability.The main work in this paper, are as follows:1. Based on the idea of leveled key management and signature technology in IBC, we design an IBC based self-sign public key generation algorithm, analyze the algorithm's security and capability. This algorithm realizes the user key self-renewable, solves the key revocation problem.2. We design a self-sign public key generation algorithm, with the expanded master key. We use the CPK technology to expand system master key, in order to enhance the system master key's capability of resisting attack. We use the threshold secret sharing method, design a multi-PKGs self-sign public key generation algorithm with the expanded master key, and solve the key escrow problem.3. In order to solve the IBC privacy key distribution SAKI scheme's problems of unresisting the dictionary attack and thief verification attack, we propose an improved SAKI scheme, which holds the SAKI's simplification and efficiency features, enhances the scheme's security at the mean time.While, we carry out experiments on an IBC based self-sign public key generation algorithm and a self-sign public key generation algorithm with the expanded master key, analyze the experimental results. |
PDF Full Text Request