Analysis And Design Of Identity-Based Digital Signature

With the Internet development and increasing of global informationization,electronic trading over the network, for example electronic commerce and Electronic Government ,is gradually being accepted and obtaining a wide range of development. However, these activities offer convenience for our life, also brought a series of aninignorable network security issues. The information distortion and denied will bring the huge safe hidden danger for the information network. How to ensure the security of online data and the identity of the communication is the key problem of electronic commerce and electronic government whether can be to promote a wider range. In other words, the key question of electronic commerce and electronic government is security. Digital Signature technology is an effective solution to ensure the confidentiality of information transmission, the integrity of the data exchange, information nonrepudiable and the identity of trader. It is an important part of network security.Digital signature is a string got form a one-way function on the transporting message using to approve the source of the message and verify the message change or not. There are a lot of ways to achieve digital signature. At present the most popular is public encryption technology. So the security of digital signature is based on public cryptography. Public Key Infrastructure (PKI) as one important technology of public cryptography offers security services, integrity services, certification services and nonrepudiable services to Internet application. But we found that there are many problems to be solved when using PKI. The public key and the public key owner are bounded by the digital certification in PKI system,and a serial of operations, such as certification register, management, storage, dispatch, revocation certification, and so on, should be done, at the same time. And PKI uses the RSA algorithm. But because of the development of the computer, RSA is suffering form a big threat.Considering those problems, IBE is first proposed by Shamir to solve the certificate management problem in 1984. The first fully functional secure IBE scheme been designed by D.Boneh and M.Franklin using bilinear maps. Then they proved the security of their scheme in the random oracle model. Since then, a large number of works have been published in this area. The Identity-Based Cryptography has been the top of cryptography. In IBE scheme, any string like telephone number, email address or IP address can be as a public key, and the corresponding private key compute by Private Key Generator (PKG). So compared with PKI, the most advantage of IBE is without certification management. The IBE scheme use discrete logarithm problem with higher computational complexity. It can ensure the scheme more secure with shorter key.In this paper I research Identity-Based Signature based on IBE scheme. An Identity-Based Signature is specified by four algorithms: Setup, Extract, Sign, and Verify. The same as IBE scheme, the Setup and Extract are run by PKG. With the input of a secure parameter, Setup output the public parameters and the master-key. The public parameters are published and the master-key is keep by PKG. Given an identity, Extract product the private key of the identity using master-key, and then distribute it to the user. On input a private key, an identity, a message, and public parameters, Sign output a signature of the identity on the message. On input a signature, a message, a singer identity and public parameters, Verity justify the identity and message.Now we have known the structure of Identity-based signature. To combine with BF-IBE scheme and our early work, this paper bring forward and achieve an Identity-based Signature arithmetic, named BF-IBS. This arithmetic based on Bilinear Diffie-Hellman problem and hash function to ensure the security. Through the analysis of this algorithm, this paper proves the feasible and security of the algorithm and analyses the efficiency. Based above work, this paper improves the Identity-Based Cryptography.In the process of analyzing and proving the BF-IBS algorithm, we got the conclusion that the security of BF-IBS algorithm is closely related to hash function. Hash function in information security is widespread and important application. Its main role is to ensure data integrity and message authentication. It has an application like fingerprint, so it is also called digital fingerprint. Because it has the following characteristics: a little change on the original information, not even a few bits, the corresponding message digest will change largely. A hash function maps the input of any length to a fixed-length. Therefore the hash function is an"n-to-1"mapping. So a collision may occur. An security hash function designed must suffice two requirements: the first is looking for two input get the same output values in the calculation is not feasible, this is the usually called anti-collision. The second one is look for an input which can obtain the assignment output in the computation is not feasible, namely cannot infer its original state from the result. MD5 and SHA-1 as the typical hash function once considered to be very safe. Over the years many people have carried on the analysis and the attack to them, and they propose famous"the birthday attack"and"the kangaroo attack"and so on a series of method of attack, but essentially there are no breakthroughs. Therefore the MD5 lasted for many years,and also because it is easy to implement, and the algorithm is relatively simple to understand, so at home and abroad it has a very wide range of application. But Professor Wang Xiaoyun discovers a way to find the collision of MD5, which could make two deferent files have the same fingerprint. As a result of that, to research a new signature algorithm is very important.Based on above consider, through study Strong Diffie-Hellman Assumption and Gentry's IBE scheme, this paper designs a new Identity-Based Signature without oracle model and proves the feasible and security of the algorithm and analyses the efficiency. All those work improve the security of Identity-Based Signature scheme.