Identity-Based Encryption Schemes That Update Keys Over Time

Due to its unique advantages,the identity-based cryptosystem has attracted a lot of attention in recent years,and has developed rapidlv.The cryptosystem uses the unique information of a user's identity(such as the user's mobile number,email address,name,etc.)instead of using any certificate,which directly simplifies the key management process and reduces the cost of establishing the public key infrastructure in the traditional public key cryptosystem.In an ident,ity-based encryption scheme,the sender who has access to the system's public parameters can encrypt the message using the text value of the receiver's name or email address as the key.In a public key cryptosvstem,it is important to protect the session key and prevent it from being exposed.Once the session key is exposed,all messages encrypted using this system will become unsafe during the effective life of the system.In this thesis,we first construct an identity-based encryption scheme that can update the keys over time in the random oracle model.The difficulty of the scheme is based on learning with errors(LWE)problem.The effective life of the scheme is divided into a number of mutually disjoint time intervals.The user's identity and each time interval are used together as the public key of each user in each time interval.The private key of the user in each time interval is generated using the lattice delegation algorithm BasisDel.In this way,different users have different public keys and different private keys in different time intervals.In addition,even if the key of the current time interval leaks,the adversary will not obtain the key of other time intervals,thus will not expose the session content in other time intervals.And the lattice delegation algorithm BasisDel is better to protect the master key.Then,using a random function,we extend the encryption scheme to an identity-based encryption scheme that updates keys over time in the standard model.Although the identity-based cryptosystenm has eliminated the certificate system,it also brings the key escrow problem.In the identitry-based cryptosystem,if the private key generator is compromised,all messages protected during the effective period of the public-private key pair used by the server will be compromised,which makes the private key generator become a high-value target for the adversary.Threshold cryptography can prevent a single private key generator from having the keys and causing excessive power concentration,which can reduce the risk of key escrow problem and protect the key.Threshold cryptography is an effective combination of secret sharing and cry ptographie algorithms The core idea is to spread a secret,into a group rather than to an individual.Baseed on the identity-based encrypt,ion scheme in the raiindom oracle model constructed in this thesis and Shamir secret sharing algorithm,a(k,l)threshold deeryption,scheume is constructed.Different from divi(ding the user's private key,the scheme uses Shamir secret sharing algorithm to divide a public parameter that is updated over time into l shares,and distributes the.se shares to l decryption servers.By using SamplePre algorithm,the public shares and the user's private key,we can obtain the private key share of each decryption server.In this way,the user's private key is effectively hidden.which makes the user's private key more secure and the security of the scheme is improved.The thesis has four chapters.The first chapter briefly introduees the background of identity-based encryption scheme and threshold decryption scheme and the main work of this thesis.The second chapter introduces prelinminary knowledge.The third chapter constructs the identity-based encryption scheme and threshold decryption scheme that both update keys over time.The last chapter summarizes the work of this thesis.