| With the rapid development of the society's informationization, people can get plentiful information resources and service through internet and we have stridden forward the informationization society. It has increased the exploitation extent and information security emerges as time requires. As we know, information security has become the vital guarantee qualification of survivorship and development in information spaces. Identity authentication as the first barrier of information security is an important filiations of the modern cryptology. While designing a safety system, before accessing the entire system, we must identify our figure through the identity authentication system. After that, the safety system will decide whether it can visit certain resource according to the user's identity and the decision of authorization database.The traditional identity authentication system works like that it need a trusted center to award certificate to the user as credence of the user. There is great weakness in this system. It has hidden trouble in its security. The rootstock of it is the trusted center is act as one department or one authority. Its secrecy based on the trusted center's in gear. It's hard to manage the certificate while there are so many partners and will reach the bottle-neck of performance and may be difficult to extend. According to this circs, we can use the trust partaking ideology, which is a single partner is unlikelihood, but the union of partners is credible.The text focuses on the researching of trust partaking and identity authentication without a single trusted center. The main work in this thesis is as follows:(1) Based on the ElGamal cryptology system, the thesis proposes an ElGamal cryptology-based trust partaking identity authentication scheme and describes the initialization phase, key generation phase, sub-certificate generation phase, certificate composition phase in detail. After that, it gives the correctness and security analysis under standard pattern. It is proved to be robust and safe.(2) As the trusted center may be attacked under the opening internet environment, to keep from network spoofing, the certificate from the trusted center needs verification. By using trust partaking ideology, with the participation of trusted CA, the thesis proposes an identity authentication scheme whose security doesn't depend on CA completely and doesn't depend on authentication participant completely. It describes detail from the initialization phase to certificate composition phase and gives the security analysis of the scheme.(3) As we know, if there is a trusted center, it may cause bottle-neck in its function and performance. The thesis proposes a trust partaking identity authentication scheme and gives the analysis of its correctness and security. |
PDF Full Text Request