本文選題：身份基密碼　切入點(diǎn)：層次身份基密碼　出處：《燕山大學(xué)》2016年博士論文

【摘要】：在設(shè)計層次身份基密碼(Hierarchical Identity Based Cryptography,HIBC)系統(tǒng)時,隱私和效率是影響所構(gòu)造系統(tǒng)可用性的兩個重要影響因素。隱私問題源于HIBC系統(tǒng)中私鑰委派機(jī)制,通常是實(shí)體的私鑰可被用于推導(dǎo)它的子孫實(shí)體的私鑰,即身份基密碼的固有密鑰托管問題,造成身份基加密系統(tǒng)無法實(shí)現(xiàn)密文的加密隱私以及身份基簽名系統(tǒng)中認(rèn)證性和不可抵賴性的破壞。效率問題關(guān)注的是密碼要素(如密鑰、密文、簽名等)和密碼操作的時間與空間復(fù)雜度;通常要求所構(gòu)建的層次身份基密碼系統(tǒng)中的密碼要素和密碼操作的時間與空間復(fù)雜度與實(shí)體的身份層次深度無關(guān)。雖然層次身份基加密的概念被提出已將近十五年時間了,但是密鑰托管問題和如何實(shí)現(xiàn)定向或獨(dú)立的私鑰委派問題并沒有得到很好地解決;針對層次身份基密碼中固有的密鑰托管、獨(dú)立的私鑰委派、密文的加密隱私和簽名的不可抵賴、以及密碼要素和密碼操作的時空復(fù)雜度等問題,論文展開深入研究,主要完成的工作如下。第一、論文剖析已有的私鑰委派機(jī)制:“無限委派”和“有限委派”,指出基于實(shí)體身份標(biāo)識符的“獨(dú)立隨機(jī)化”和“組合隨機(jī)化”的私鑰構(gòu)造方式造成層次身份基密碼系統(tǒng)中密鑰托管問題惡化和獨(dú)立的私鑰委派無法實(shí)現(xiàn);提出基于獨(dú)立授權(quán)的新的私鑰委派機(jī)制以解決密鑰托管和獨(dú)立的私鑰委派問題,并稱該新機(jī)制為“授權(quán)委派”。授權(quán)委派實(shí)現(xiàn):(1)私鑰不能作為私鑰推導(dǎo)的有效委派憑證,(2)每一份私鑰委派憑證僅能用于推導(dǎo)指定實(shí)體的私鑰,(3)實(shí)體只有擁有由根PKG(Private Key Generator)分發(fā)的有效委派憑證才能推導(dǎo)得到其子孫實(shí)體的私鑰。第二、針對“授權(quán)委派”只是概念性機(jī)制,論文提出了“標(biāo)識符差異化”的私鑰構(gòu)造技術(shù),以構(gòu)造具有授權(quán)委派的HIBC系統(tǒng);其核心在于差異化處理實(shí)體的各層次身份標(biāo)識符以隨機(jī)化HIBC系統(tǒng)主密鑰來構(gòu)造實(shí)體的私鑰。因為得到祖先實(shí)體和子孫實(shí)體私鑰的隨機(jī)化方式不同,使得祖先實(shí)體的私鑰不能被當(dāng)作有效的委派憑證用于推導(dǎo)子孫實(shí)體的私鑰。為了實(shí)現(xiàn)基于授權(quán)的私鑰委派,論文提出基于“身份模式”的被授權(quán)目標(biāo)身份集合的構(gòu)造方法,以便于根PKG的委派密值抽取。第三、論文研究“標(biāo)識符差異化”的具體實(shí)現(xiàn),提出差異化處理實(shí)體的非本地身份標(biāo)識符與本地身份標(biāo)識符,基于實(shí)體非本地身份標(biāo)識定義的組合隨機(jī)化項實(shí)現(xiàn)密碼要素和密碼操作與身份層次深度的無關(guān)性,基于實(shí)體本地身份標(biāo)識獨(dú)立定義的隨機(jī)化項廢止私鑰成為私鑰委派的憑證,進(jìn)而解決固有的密鑰托管問題。基于判定雙線性Diffie-Hellman假設(shè),在標(biāo)準(zhǔn)安全模型下構(gòu)造出一個具有授權(quán)委派和選定身份安全的層次身份基加密系統(tǒng);該系統(tǒng)的密碼要素和密碼操作的時空復(fù)雜度與實(shí)體的身份層次深度無關(guān)。第四、針對依Naor變換由層次加密系統(tǒng)構(gòu)造層次簽名系統(tǒng)引起的私鑰泄露問題,論文研究為簽名者身份引入虛擬層,將被簽名消息看作虛擬層的身份標(biāo)識構(gòu)造虛身份,并由身份虛擬層獨(dú)立隨機(jī)化簽名者私鑰以構(gòu)造層次身份基簽名系統(tǒng);基于雙線性群上的“混合隙Diffie-Hellman”(HGDH)問題,依此方法由已構(gòu)造的層次身份基加密系統(tǒng)在標(biāo)準(zhǔn)模型下構(gòu)造出一個不可抵賴的可證存在性不可偽造的層次身份基簽名系統(tǒng)。最后,為了實(shí)現(xiàn)匿名簽名,通過集成可證存在性不可偽造的層次身份基簽名系統(tǒng)和Groth-Sahai證明系統(tǒng),提出了一個選擇明文匿名和完全可追蹤的層次身份基群簽名的通用構(gòu)造。針對群簽名的匿名驗證問題,提出“簽名驗證憑證”的概念,以可證安全的層次簽名系統(tǒng)來實(shí)例化層次群簽名通用構(gòu)造,并基于Groth-Sahai證明實(shí)現(xiàn)群簽名的匿名證明、匿名驗證和簽名打開。
[Abstract]:In the design of hierarchical identity based password (Hierarchical Identity Based Cryptography, HIBC) system, privacy and efficiency are two important factors influencing the structure of system availability. Privacy issues from the private key assignment mechanism in HIBC system, usually solid private key can be used to derive its descendants entity's private key, namely the inherent key escrow identity based cryptography, identity based encryption system which cannot achieve authentication and non repudiation of the destruction of privacy and identity based encryption cipher signature system. The efficiency problem is concerned with the password elements (such as key ciphertext, signature and password) time and space complexity of operation time and space level; identity based cryptosystem is usually required in the construction of the password and password elements of the operation of the complex identity hierarchy depth and entity independent of the level. Although the concept of identity based. Has been proposed for nearly fifteen years, but the key escrow problem and how to realize the directional or independent private delegate has not been well resolved; in view of the inherent key escrow level identity based passwords, appoint an independent private key encryption, privacy and non repudiation signature ciphertext, and temporal elements and password password the operation complexity, this paper deeply studied, the main work is as follows. First, this paper analyzes the existing key assignment mechanism: "infinite assignment" and "limited delegation" and pointed out that private key construction entity identifier "independent random" and "combination of randomization" based on hierarchical identity based key escrow problem caused by the password system deterioration and independent private key assignment can be realized; the independent authorized a new private key assignment mechanism to solve the key escrow and independence based on The private key assignment problem, and that the new mechanism for "delegation". Delegate: (1) the private key is not as effective delegation credentials are private key (2), a private key can only specify delegation credentials derived entities of the private key is used, (3) entity only owned by root PKG (Private Key Generator) the distribution of effective delegation credentials to derive the descendants of entities of the private key. Second, according to the "delegation" only a conceptual mechanism, the paper proposes a "key construction technology identifier difference", to construct has delegated HIBC system; its core is the level difference processing entity identifier to the master key randomized HIBC system to construct the entity's private key. Because the ancestors and descendants of random way to get real entity key, the ancestral entity as an efficient private key cannot be used to derive sub delegation credentials Sun entity. In order to realize the authorized private key private key based on the proposed based on "identity model" is authorized to set target identity construction method, to appoint PKG for root density extraction. Third, implementation of the research "identifier difference", proposed the difference processing entity identifier and non local identity the local identity identifier, the entity of non local identity defined by the combination of the realization of the password and password random elements operation and identity hierarchy depth independent entity based on local identity defined independently of the randomization to repeal the private key certificate based on the private key is assigned, and then solve the inherent key escrow problem. To determine the bilinear Diffie-Hellman based on the assumption in the standard of safety the model constructed a hierarchical identity based delegation and selected identity security encryption system; the system password Temporal elements and cryptographic operations complex identity hierarchy depth degree and independent entity. In fourth, according to the key exposure in Naor transform by hierarchical encryption system structure signature system caused by the paper for the signer's identity will be the introduction of virtual layer, message layer as virtual identity virtual identity, and identity virtual layer independent randomized signature private key to construct hierarchical identity based signature system; mixed gap Diffie-Hellman bilinear groups "based on" (HGDH), this method has been constructed by hierarchical identity based encryption system in the standard model to construct a non repudiation of hierarchical identity based signature system there is not forged. Finally, in order to achieve the integration of anonymous signature, identity based signature hierarchy system and Groth-Sahai system is proved unforgeability, presented a choice Clear and fully traceable anonymous hierarchical identity based group signature. Aiming at the problem of the general construction of anonymous authentication of group signature, puts forward the concept of "signature verification certificate", the system hierarchical signature provably secure group signature level to instantiate the generic construction, and based on the Groth-Sahai evidence proved to achieve anonymity of group signature, anonymous authentication and open the signature.

【學(xué)位授予單位】：燕山大學(xué)
【學(xué)位級別】：博士
【學(xué)位授予年份】：2016
【分類號】：TP309
，

本文編號：1706789