Research And Implement Of IBE Cryptosystem Based On Mobile Terminal

As the advent of electronic commerce and electronic government affairs,the network security has been becoming the focus of public attention.Currently,as the most widely used mobile security standard,the USBKEY,which based on public key infrastructure of PKI system,faces many problems in practical application,for instance,high complexity of certificate management,inconvenience of carrying,easy to be lost,restriction of expandability.In order to address these problems at most,a comprehensive security identity system based on IBE(Identity Based Encryption)protocal has been proposed in this work.The targeted platforms are mobile users,tablet computer and etc.The IBE protocal is a recent developed public key infrastructure which implements the unique user identity information as the public key.The private key is produced by a trusty third-party PKG(Private Key Generator)according to user identity information.The security infrastructure provided by the singularity of public key provides potential solutions to the problems in key distribution and key exchange.Furthermore,the communication security can be guaranteed when there is no key exchange available on both sides.In this work,a comprehensive IBE security identity that based on mobile users has been discussed,which consists of three core functional modules.The first module is the design and practice of security programming,which guarantees the normal operation of software program in mobile users.The second is the design and practice of IBE CSP cypher module,which realizes the normal operation and computation of IBE.The computation of IBE deciphering is conducted by calling the mobile cypher functions provided by related cyher programs.The objective of designing the IBE CSP cypher module is to achieve the mobile cyphering programs calling by the standard cypher applications.The last module is the design and practice of IBE cypher server.IBE CSP cypher module is able to conduct distant connection with mobile users via the IBE CSP cypher server built in the data network,under the worse condition that no direct link can be applied to point-to-point communication.In order to support the cypher security application of digital certificate,a Pseudo RSA digital certificate is implemented to realize the IBE cypher application.The Pseudo RSA certificate is not the true RSA cypher,but a pseudo cypher which consists of the identity related to IBE cypher key and IBE feature information.The innovations of this thesis are as follows.Firstly,realized IBE cryptography function in users' common mobile terminal,it can not only connect with PC through point to point communication method,but also can support remote connection of data network,which improved applicability on the basis of security.Secondly,expanded the index strategy and time strategy of user identification to achieve the updating,recovery and revocation of key,and lowered the risk brought by key exposure at the same time.The last,by designing pseudo RSA digital certificate and realizing IBE CSP cryptography module,realized the call of mobile cryptography function by the standard cryptography application under many current PKI systems.