Identity-based Services Using In The Distribution System

With the development of modern electronic technology, the computer calculations develop from simple stand-alone development of the local area network, and then from the LAN to the Internet development. In the ever-expanding network infrastructure, based on grid computing for its great development potential and important applications become an important Internet application infrastructure. Computer network is an open and universal connectivity features, its original architecture is designed for the good of users and trusted network environment. With the continuous expansion of network scale, and now the Internet already does not have a credible character. People originally designed when the Internet did not consider its safety, security, and now development of the Internet is indeed a bottleneck problem. This makes grid computing system, while taking into account task scheduling should take into account the characteristics of the Internet architecture required for supporting security programs.In the current Internet security architecture, from MIT Kerberos authentication system developed and supported by major companies PKI (Public Key Infrastructure) authentication, and confidentiality of the system in the current application systems, accounting for the most important position. They also can provide the required grid computing, user authentication, confidentiality and integrity of the test, but also in practical applications, there are some issues can not be ignored. Such as: In the Kerberos system, KDC is the bottleneck of the whole system, making more difficult aspects in the management of the user. Between the different units when the need for certification, you need to open some of the secrets of this unit makes it to-point applications in the mainstream can not be large-scale application of grid computing systems. While the system can adapt to peer PKI applications, the implementation of PKI cost more. Although there is no bottleneck in the system the same as the KDC, but the PKI because there are many different manufacturers support different standards result of mutual interconnection between the barrier and other issues have also resulted in practical applications so that a lot of inconvenience.In 1984, the Israeli cryptographer, A. Shamir e-mail, first proposed identity-based cryptography in order to simplify the application of PKI system, the concept and published the first identity-based authentication protocol. The agreement with both the functions that can provide authentication of the PKI to provide security functions compared to the lack of identity-based encryption scheme. In 1987, Shamir proposed a identity-based encryption scheme, but the program has been proven in practical applications is not available. In 2001, the first safe and effective identity-based encryption scheme by Boneh and Franklin presented the program on the use of elliptic curves bilinear map, not only has complete privacy and authentication features, high efficiency, Boneh and Franklin in 2005 was further proposed hierarchical identity-based encryption scheme, making identity-based program that was originally just to simplify the PKI and the birth of a new method of providing a complete security solutions capabilities.In this paper, grid security requirements exist in the Boneh and Franklin's identity-based encryption scheme based on the design of a grid system can provide the necessary secure communication, integrity, authentication, non-repudiation authentication, key updates and other services the identity-based grid security services programs. The program extraction process in the user's identity adds some user-specific additional information so that other people can not fake the user's public information through the verification algorithm. Similarly, because additional information has been protected during the key update operation, it may pass to confirm user identity authentication, and then update the user's keys. For the encryption and decryption algorithms, this paper, the characteristics of the bilinear map to re-designed encryption and decryption process, in order to achieve secure communication and authentication such as functional requirements. Finally, in the random oracle model, the program was the safety analysis, the ultimate security of the program to the Statute of the difficulty of the BDH problem.The program selected four Hash function, computing the exception of the bilinear map is only used outside the exclusive-OR operation, and therefore have a very high operating efficiency. In computing the additional information used in the course does not require users to special memory, not to increase the burden on the consumers but only in the middle of the variable in the application of the algorithm. While without user control also reduced the security of the algorithm outside interference. The basis of the program algorithm, using mixed operation of large numbers of the four basic components of the algorithm is initialized by the PKG, user identity extraction, encryption, decryption four sub-algorithms constitute the initialization algorithm consists of PKG implementation, PKG Management those who enter a security parameter K, initialization algorithm based on K values are the master key and some public parameters of PKG. Extraction algorithm as the master key of PKG and a public argument with the participation of the public based on the user identity information and user generated additional parameters the user's private key. Encryption is required when using the system's public parameters and the user's public identity is generated ciphertext. Decryption, the use of public parameters and its own private key can decrypt the ciphertext to plaintext.This security service designed to encryption and decryption algorithms, based on a grid system to achieve the essential security services. As the algorithm uses only some basic components, the agreement on the computer is relatively simple to achieve and its efficiency in the implementation of existing PKI systems than high. The significance of this is that the algorithm is not only itself, but also in the protocol design used in new ways. In order to meet the needs of key updates to add additional parameters although not present in the user's keys, but the agreement greatly increased flexibility, making it vastly expanded the scope of application of the agreement. This is also for our future design of similar confidential communication protocol provides a new way of thinking. In the protocol design, safety and efficiency in the implementation are two important criteria. When we design an agreement has been reached from the safety performance requirements, how to further reduce the execution time and improve efficiency in the implementation of our agreements in the design of important factors to consider. This article attempts made in this regard in the design of such an agreement has significant value.