The Research And Application Of Identity-Based Public Key System

With Internet is used frequently, the problems about network security appear more often. In order to protect data transferred in networks, encryption is a good method. In early time, cryptosystem uses sym-encryption, in which the two communicators use one same key to do encryption and decryption. The system relies on the security of the key too much, and this doesn't benefit the exchange of the key, so people introduce Public-key Cryptosystem. In Public-key Cryptosystem, each communicator has a pair of keys himself. The public key is opened and the private key is only known by the owner. This makes the exchange of the key safer.Public-key Cryptosystem is used in many areas of network security. It can be used for encryption and digital signature. Traditional Public-key Cryptosystem is based on certificates. This means that the distribution of public keys relies on certificates. A certificate contains ID, public key, validation-date and signature of CA. Only the certificates that signed by CA are validated. So CA plays a great role in certificate-based Public-key Cryptosystem. The distribution, update, recall and validation of certificates can't be done without CA.Since the management of certificates costs a lot, CA must manage a large amount of certificates. In addition, validations of the certificates for the two communicators are needed. In order to get rid of these disadvantages, Shamir introduced a cryptosystem based on identity. In this system, the ID is the public key and vice versa. So the ID is associated with the public key naturally, and the association and the validation of certificates are no needed. This simplifies the realization of Public-key Cryptosystem.This paper does a deep research in Identity-based Public-key Cryptosystem, and then realizing this system in a security gateway based on network processor. The usage of network engines can optimize the system. The main work of the paper contains the following four areas: 1) research certificate-based Public-key cryptosystem and Identity-based Public-key cryptosystem, and do comparisons to show the advantages of Identity-based Public-key cryptosystem; 2) introduce the applications of network processor IXP425, and compare it with X86 CPU and general embedded CPU; 3) research the arithmetics of Identity-based Public-key cryptosystem and apply them into security gateway; 4) use network engines of EXP425 to optimize Identity-based Public-key cryptosystem. The usage of Identity-based Public-key cryptosystem and network processor will do a great optimization for the security gateway system, which is an innovation of this paper.