Research And Application Of Identity-Based Crytosystem

Identity-based cryptosystem is first proposed by Shamir in 1984. Shamir suggested the information which can be a symbol of user' s identity be used as the public key in the cryptosystem. Such as the user' s name or email address. The main practical benefit of Identity-based cryptosystem is greatly reducing the need for, and reliance on, public key certificates. In 2001, Boneh and Franklin proposed the first secure and practical Identity-based encryption using Parings Technique. This is a milestone in study of Identity-based cryptosystem. From then on, a great deal of Identity-based encryptions and signatures based on pairings technique are proposed one after the other. This dissertation mainly studies the Identity-based cryptosystem. With the development of the Identity-based cryptosystem, Identity-based encryptions and signatures which are implemented in this new cryptosystem will be adopted gradually.First of all, the thesis summarizes Identity-based encryptions and signatures' developing status and research results, on contrasting Identity-based cryptosystem with certificate-based cryptosystem, the summary analyzes typical Identity-based encryptions and signatures on security models and design methods. Secondly, the thesis proposed a new Identity-based signature scheme without trusted party. Besides, the thesis implements a designated-verifier threshold proxy signature in Identity-based cryptosystem for the first time. Lastly, a few of applications are summarized in Identity-based crytosystem.Key-escrow is a problem in Identity-based crytosystem. The former authors mainly used two ways to solve this problem: the one is giving the job of generating key to multi-entities. The method changes the situation that a key generator center is trusted absolutely. The other one is that the user is concerned with the process of generating the key. The private key includes some information which can only be known by user, then not any key generator center need be trusted. The thesis proposed a new Identity-based signature scheme based on Barreto' s Identity-based signature scheme with the second method. The scheme is proved secure against existential forgery on adaptively chosen message and ID attack under random oracle model. With the same security, the scheme is more efficient than Su' s scheme which adopts the same method.Proxy signature is one of the signatures which have properties. The original signer who has the signature right authorizes the proxy signer to generate proxy signature on behalf of him. The threshold proxy signature scheme is a variant of the proxy signature scheme in which the proxy signature key is shared by a group of n proxy signers in such a way that any t or more proxy signers can cooperatively employ the proxy signature key to sign messages on behalf of an original signer. Designated-verifier threshold proxy signature can only be verified by designated-verif ier, any other people cannot verify this signature successfully. This thesis proposed designated-verifier threshold proxy signature scheme for the first time in Identity-based crytosystem. The scheme reduces the need for the computation of bilinear pairings and improves the efficiency. In addition, a relevant security is analyzed and proved.