Design Of End-to-End Encryption System Based On IBE Technology

With the development of mobile communication and Internet technology, applications on mobile terminals begin to extend to mobile commercial and mobile payment, no longer just used for voice and short message services. Due to the openness of mobile networks, communication data suffers from monitoring, faking and tampering attacks easily, which restrict the development of mobile electronic commercial. Therefore, many researchers spare many efforts on the research of end-to-end encryption to meet the security demands of mobile payment, and the key problem is key management.In recent years, people start to pay more and more attention on IBE based key management, because in IBE, public keys can be any meaningful strings related to user’s identity, such as e-mail addresses, ID numbers and phone numbers. In this way, we can cut the cost of certificate management in traditional Public-key Cryptography and expand the uses of Public-key Cryptography, especially after Boneh and Franklin designed the first practical IBE scheme whose security based on Weil pair, more and more IBE excellent schemes began to appear.In this paper, I make research on IBE and end-to-end key management. Specific works are as follows:analyze the security problems existed in mobile communication network, especially after the analysis of problems existed in some end-to-end key management schemes and the advantages of IBE Public-key Cryptography, I propose an IBE and three-layers key management based end-to-end key management scheme which improves the problem of the master key is not secure enough and key distribution is not flexible enough in TERRA system. In this paper, after I introduce the model and interactive process of the end-to-end key management in details, I design a practical end-to-end encryption system. In this system we divide keys in different classes according to application cycle, and make key update strategy according to key classes. Through the key class division and making different key update strategy according to key class, the system becomes safe and efficient. With the function of two factor authentication, the system can verify users before they login, and achieve crypto system’s and users’authority management by the dividing users into different classes, which ensures the security of system data and avoids users’ invalid access to this data.