Research On Key Management Of Identity-Based Encryption Mechanism

Due to the management of certificates, PKI mechanism which widely used in the application of information security, will cost a lot in time and space. The concept of identity-based cryptography which was proposed in 1984 by Shamir, uses the string of a user's identity to be the public key.BF-IBE was proposed in 2001, and then a variety of identity-based encryption mechanisms are gradually developed. In particular, the IBE based on elliptic curve is relatively efficient and in the mainstream position. However, due to the fully open of users' public keys, this will be a great challenge for the security of private keys. The private key generator of IBE needs to calculate and transmit private keys so that it is easy to fall into "the crisis of confidence" and bring out the key escrow problem. As a related issue, the issue of key update and repeal and other issues which will easily arise in IBE are referred to as "key management issues".In order to reduce the burden of a single PKG, hierarchical IBE has been proposed then. Hierarchical IBE is the improvement of IBE and suggests a new line. HKM is an improved way of hierarchical key management based on HIBE, which solves complex hierarchy of PKG Hierarchy chart in HIBE and authorization problem between hierarchical users according to hierarchical public keys and private keys.In order to make one-time encryption for user groups of HIBE, IBE with wildcards is proposed.WKU based on WIBE is a key updating mechanism in the measure of years.Senders set up a certain pattern so that users whose keys are in the time period can decrypt. Old public keys will not match the pattern which new public keys can match while new public keys will match the pattern which old public keys can match.HKM has another way to achieve. With small number nodes, HKM sets public keys according to the decryption ability of nodes and control a condition expression to mange authority.Finally, according to both Ciphertext-Policy and Key-Policy, HKM-WKU provides a data encryption way of access control and key updating. HKM-WKU is implemented and some issues that may be worthy of further discussions are proposed.