Research On Identity-Based Authentication Model In Multi-Trust Domain Grid

Grid technology is the research hot spot in recent years. It gathers varies of resources, such as calculating resource, storage resource, information resource, knowledge resource, and equipment resources into an organic whole by internet to provide service for users. Team working and sharing information under grid environment can eliminate information-isolated and realize the most adequate information sharing.Authentication technology plays an important role in grid application. Authentication is the basis of secure communication, and users can prove the identity of each other by authentication. The traditional grid authentication technology adopts GSI authentication mechanism, which is based on the X.509 certificate. Lots of research and analysis show that the GSI authentication mechanism requires large communication and calculation volume in the certification process and has certain delay condition. The application of identity-based Cryptography on authentication system used in the grid will greatly improve this problem.This thesis studies the existing identity-based grid authentication model, and points out that the safety excessively depends on PKG or GTA, and the authentication efficiency is too low under one-to-many condition. This thesis puts forward a non-trusted PKG identity-based multi-trust domain grid authentication model. This model is based on identity-based public key cryptosystem using signcryption technology. Authentication agreement is based on Diffie-Hellman key exchange protocol. Signcryption accomplishes signature and encryption at the same time under a reasonable logical procedure. Signcryption realizes through symmetric encryption system. The thesis analyzes this model. The analysis shows that the model gets rid of the influence of traditional PKG to grid system security, and not only has lower communication traffic but also shorter authentication time. In order to make the model has the universal applicability, this thesis introduces the idea of multi-receiver signcryption scheme, greatly improves the certification efficiency of one to many, which enabling the model can be better applied in the large interactive grid environment.