| Network technology has developed rapidly,and network communication has become the m ainstream communication method.How to realize secure communication is a very importa nt research direction in cryptography.The traditional communication encryption system ad opts a public key infrastructure?PKI?-based cryptosystem.In the PKI,the user identity inf ormation is bound with the user's public key by means of a certificate,which brings a very complicated certificate management.problem.In response to this problem,cryptographer Shamir proposed an identity-based cryptosystem in 1984,in which the user's public key is directly served by a meaningful string that identifies the user's identity,avoiding certificate management and storage.The problem is to improve the efficiency of authentication durin g the communication process.The identity-based encryption system solves the problem of certificate management on the one side,but on the other side it also has its key escrow problem.Because the user's private key is completely determined by the system master key.When the PKG is maliciously attacked or PKG itself is not credible,it will bring an incalculable risk to the system.In order to solve this problem,after in-depth study of relevant knowledge and solutions,this paper proposes two improved solutions,one based on partial key escrow and the other based on multi-party co-management,and the improvement plan based on multi-party co-management is applied to the cloud environment.The main research work is as follows:Firstly,the existing partial key escrow-based solutions are studied.Based on the advantages of the original scheme,an improved scheme is proposed.The main idea of the improved scheme is as follows:A master key generation center and n subkey generation centers CPKG are set up.The system master key s is composed of two parts,one part is s1 selected by MPKG,MPKG distributes the part to n CPKGs in a secret sharing manner,and the other part s2 is selected by the user,the user will host it to their most trusted hosting agency EA.When the user needs to generate his own private key,first obtain the fragmentation information from CPKG and reconstruct s1 by using the threshold idea after passing the authentication,and then combine the selected s2 and the user's public key to obtain the final result through certain operations.In this way,the user no longer obtains the key from the PKG,and then does some transformation to obtain his own private key,but directly determines the system master key s together with the PKG.The need to introduce new identity information reduces the system overhead.In addition,the program also sets up the most trusted escrow agent for the user,which better guarantees the user's rights in the monitoring,and can flexibly perform single,partial or all update of the user key in the system according to the actual situation.,with very good dynamics.Secondly,after conducting in-depth research on the existing multi-party co-management scheme,an improvement scheme is proposed for some problems existing.The main idea of the improvement scheme is:set an authoritative trusted MPKG and n CPKG.MPKG is responsible for user identity authentication and ensuring that users legally use CPKG to generate partial keys.n CPKGs will only generate partial copies in response to the user's key generation request after proving that the user has obtained the authorized key issued by the authoritative MPKG.The key is calculated by the user using the authentication key obtained from the MPKG and the partial key obtained from the n CPKGs to obtain his final private key.Thirdly,after solving the key escrow problem in the identity-based encryption system by using the above-mentioned multi-party co-management-based improvement scheme,combined with the knowledge and characteristics of cloud storage,a cloud storage implementation based on identity cryptosystem is proposed.The program specifically introduces the implementation process of the solution and analyzes the solution in detail in combination with the cloud environment. |
PDF Full Text Request