The Application Of Identity-Based Signature In Self Test Platform

With rapid popularization of Internet/Intranet, it has completely changed the approaches for people to obtain information, communicate, and study. First and foremost, traditional teaching method is not content with the thirsty of people to knowledge. On the other hand, along with development of network technology and continuously increasing resource of the computer courseware, people can select courses they are interested in, so as to get abundant knowledge. E-learning is a fundamental characteristic of future learning society and a basic requirement of people, and it includes studying, finding materials, scanning information and downloading information from network. The design and implementation of the self-examination system and web-based intelligent answering system has been promoted to an important situation, because it is an important aspect of e-learning. Not only by means of self-examination system and intelligent answering system can students track and test on the knowledge, realize the study status at all times, and adjust the learning emphases in time, in order to study better and improve oneself continuously. But also can make teachers immediately and completely know about the students' understanding situation; Thus the teachers can tune-up teaching content, highlight and difficulty in time. Thereby, how to scientifically manipulate internet on online testing and intelligent answering has become a universal concern of educational supervisors and a lot of students.The traditional security system of Electronic Business guarantees the network information confidentiality, integrity, usability, authentication and non-repudiation mainly through entity authentication, digital signature, encryption by using the Public Key Infrastructure/Certification Authority (PKI/CA) system. However, because of the complexity of the digital certification management in PKI/CA system, it is unsuitable for real-time online exchanges and so on. Therefore, it is necessary to improve the existing PKI/CA system.Current authentication techniques are mainly based on asymmetric cryptography. In 1984, Shamir proposed the idea of identity-based encryption, signatures, and authentication. The kernel of this idea is that a user's public key is not produced by binding a user's public key with the user identity through Certification Authority but extracted directly from the user's identity information (such as ID card number, name, email addresses, IP addresses, etc.). And the user's private key is generated by a trusted centre (Private Key Generator) (referred to as PKG). But until 2001, when Dan Boneh and Matt Franklin proposed a kind of identity-based encryption algorithm, the study of identity-based cryptography has been in full swing up. Now the identity-based cryptography has become a hot topic of cryptography field.Based on the Public Key Infrastructure (PKI) system and asymmetric encryption algorithm, the traditional XML signature has many drawbacks such as complex management process and high computational cost. By the research of XML signature syntax and Identity Based Signature (IBS) scheme without a trusted third-party, the author realized a new XML signature based on the above IBS system and Weil pairing correspondingly, and designed the corresponding XML signature process and structure of XML signature according to the XML signature syntax. The new XML signature overcomes the drawbacks of traditional signature based on the PK1 with good security and high efficiency.This article uses WCF framework, alongside Silverlight and LINQ to construct a distributed College English Test Band-4 Self-Examination system. The system has adopted Identity-Based Signature to improve its security. There is no requirement of the trusted third party Certification (Certification Authority) which is required by the Public Key Infrastructure. At the same time, because only a limited amount of common parameters is needed to be saved up, it does not need a separate directory server to store the public key or a database to support it, and also does not require public key management and certification issues. All these will greatly reduce the complexity of the system.