| With the development and popularity of the Internet, the advancement of the Internet technology and the application of the Web-based system, the network security received more and more regards.Especially the appearance of the finance transaction or other finance processes on the network let people understand the importance of the transaction security and the information security of the data delivery.Using the technology of cryptography to encrypt the data to be transferred is the easiest and most directive method to ensure the security of information.Traditional cryptography is used as the simple character substitution method to express encryption, data confidentiality is not enough. With the progress of mathematical knowledge, the symmetric cryptography is appeared. That is, use a key for encryption and decryption, in the design of algorithms to use unsolved mathematics problem for a length of the key, making it more difficult to crack the code, to some extent the key is not be broken. Data confidentiality is increased, but encryption system needs huge quantities key, but the key distribution problem would become a headache.The emergence of the asymmetric encryption technologies solve the symmetric encryption technology's drawbacks, the number of the key is well controlled, and the pair of the "public key-private key" to solve the key distribution problem. Data confidentiality is up to a certain height. But for the better use of information technology to password security benefits, we must control and management of all keys of all entities participating in the secret transfer, including the problem of distribution, modifies, maintenance, authentication, revocation, and so on.The appearance of PKI well resolved the management and modification of the keys. This system uses the regime of certification to distribute the key. Thus, the distribution, modification, revocation, maintenance, and management of the key correspond with the requirement of systematization. Among all these functions mentioned above, the most cardinal is the management and authentication of the certification. Furthermore, the whole regime operates smoothly. At the same time, the level certification is also taken into consideration. However, PKI has some shortcomings, cumbersome and complex, the high costs, the immense amounts data of the certification, and the inconvenience of internet transmission. Along with the development of internet technology, these shortcomings expose more and more.Due to the widespread application of the Internet, the former slack practice of security facing Internet cannot sufficiently ensure the security of information. PKI proved not to be a reliable system. The business community is aware of this, at least the cumbersome and complex, the high cost exiting in the process of the implementation and use. As a newer technology of encryption in the cryptography, the appearance of IBE provides the communication of information with more convenience. Since the emergence of IBE, the application of it in the internet security has been attracting the notice of many experts. People want to combine the IBE technology with the exploitation of e-commerce and e-government systems. All of them hope to achieve the security of the data transmission and the normal operation of e-commerce by the use of new technology and new mode. It is precisely because of the importance of the IBE, it is necessary to study it.IBE technology is mainly use arbitrary string as a public key to encryption. And as other non-symmetric encryption technology, it solves the problem of the key's quantity. Its main characteristic is the choice for the public key, it can use arbitrary strings. It relieves the emergence of a certificate, This is obviously to reduce the amount of authentication information among entities during data transmission process .It also reduce the need for cross-certification by the joint structure, decrease the demand for the bandwidth of net, decrease the communication entity authentication calculation which narrow the space of the storage certificate and achieved the function of decryption offline. The process of IBE system model implementation is using AES encryption technology to encrypt the data delivering on the net, Using IBE technology to encrypt the AES key "through the opponent's identity". And decrypt cipher text must know AES key, to solve AES key must have the private key relative to the identification of the receiver. And this private key is calculated by the PKG, using system the overall parameters on initialization time and the identification of receiver.Technology continues to improve, thereby, people's demand of it also increases. Traditional technologies have not been able to adapt to the new needs of market. The problems exiting in the PKI system has begun restricting the development of network applications. To resolve this, the new technology must be integrated to bring about the new energy in order to better serve the network applications.This paper describes the IBE technology in details, analyses the advantages of it and proposes the realization of IBE model system. Implementation of IBE simplified model system can be used for the safe transmission of data. Its application is widespread, especially for the online transactions and e-commerce; it could keep the better safeguard of data. |
PDF Full Text Request