| In traditional certificate-based Public Key Cryptosystems (PKC), the Certifying Authority (CA) and users need a lot of time and storage space for dealing with the certificate and public key, furthermore, the verification of certificate is so troublesome. To simplify the certificate management process and reduce the cost, Adi. Shamir introduced the concept of Identity-based Cryptosystems in 1984. The idea of Identity-based Cryptosystems is from the postal system of our society. In such cryptosystems the public key of a user is derived from his identity information and his private key generated by a trusted third party called Private Key Generator (PKG). For example, the E-mail address or the identity card number can be public key of user. With these advantages, the Identity-based cryptosystems has been the most active area of research and cureently is of great interest to the cryptographic society.The identity-based cryptography overcomes the problem of traditional PKC, but suffers from two inherent problems, key escrow and secure channel requirement. The PKG has the knowledge of user's private key and therefore can decrypt any cipher text or forge signature on any messege which is known as key escrow. Moreover key issuing requires secure channel to avoid eavesdropping.The security of any cryptosystem relies on the security of key, so the key management plays an important role in cryptology. The key management includes key generation, key distribution, key agreement etc. Multi-party key agreement is an important part of key management. Cureently, the identity-based key agreement has many research results, but almost all of identity-based key agreement protocols can not be expanded into the instance in which the mult-party come from different PKG.In this paper, we focus on the key escrow problem of identity-based cryptosystems and identity-based key agreement protocol.1. We have analysed the protocol of secure and efficient threshold key issuing protocol for identity-based cryptosystems, which was proposed by Kumar etc. This protocol is not secure when the PKG is malicious. Then, we propose a method to strengthen the security of Kumar' protocol.2. According to the concept and definition of Certificateless Public Key Cryptography, we proposed a new key extraction scheme. The new extraction meets the security model of CL-PKC, and has no effect on the original encryption scheme. So the new scheme is an alternative to extracting key in CL-PKC.3. We proposed a new multi-party identity-based key agreement protocol in which the entitys can come from different domains in identity-based cryptosystems. Then we present a method that transforms our original protocol to a broadcast protocol. Finaly, we give the security analysis of our protocols.4. We constructed an identity-based group key agreement which made use of MB protocol that is a provable security two party identity-based key agreement. Our new group key agreement is suitable for dynamic groups. |
PDF Full Text Request