Study on the ID-Based Signature Scheme
|Course||Computer Software and Theory|
|Keywords||identity based signature key escrow key share IBE system anonymous identity|
With the fast development of the E-Commerce and Electronic Government Affair, information security becomes more and more important. On the one hand, they bring us much conveniency and advantage. On the other hand, they bring an unparalleled threat. The Confidentiality, Integrity, Authenticity and Non-repudiation should be satisfied because some important data are transferred by network. Digital signature plays a key role in real life, and more and more new security requirement have been proposed. The main content of authentication system is digital signature. It resolves the problem of how to replace traditional handwritten signature and seal with e-signature rapidly from a distant place.As a special digital signature, IDPKC(identity-based public key cryptosystem) is different from general digital signature in the aspects below: the public key of general signature scheme is stochastic and is binded with signer through digital certificate. In IDPKC, public key of user can be determined by his public identity information (such as ID or email address). Shamir first presented identity-based public key cryptosystem in 1984. Compare with the traditional cryptographic system based on digital certificate, any pair of users can communicate securely without exchanging public key certificates, keeping a public key directory, or using online service of a third party.In IDPKC, we need not to pay the cost for certificate management . So, the salient features of IDPKC make it attractive for many specialized applications. But there are still some problems need to be resolved before IDPKC is applied in practice. How to resolve the question on key escrow, key update and key revocation are important issues in designing IDPKC signature schemes. Up to now, there are few schemes that can resolve these problems all have drawbacks.Key escrow means that private keys and symmetric keys of user are generated and managed by Trusted Third Party(TTP). In IDPKC, user’s private keys are generated by Key Generator Center(KGC), and that should be avoided for the private key for signature. So, with the key escrow problem, IDPKC does not adapt to open system environment. To design an ID-based signature scheme without that problem is a work that offers a challenge. In this dissertation, three improved schemes that based on HESS signature scheme have been proposed and analysis work of performance and security on them also has been done.A blind signature scheme is a protocol that involves two entities: the sender and the signer. Without leak of any information about the message and the signature, the sender could get the signature on the given message from the signer through a blind signature scheme. The concept of the blind signature was firstly proposed by Chaum in 1982. It can protect the privacy of the user effectively, so the blind signature was widely applied in many electronic payment systems. Identity-based blind signature (IBBS) is attractive since one’s public key is simply his/her identity.The information about identity and position of a user should be kept secret for the motivation of justness, business secret and privacy protection. The demand for information security and anonymity service has made anonymity technique developed quickly. Chaum had begun to realize the demand for anonymity in security application in 1980, and more and more scholars had begun to study on that. In this dissertation, a blind parameters signature scheme has been improved and combined with BLS scheme, last a anonymous ID signature scheme with identity provable is proposed.As a rule, Bob should create a channel that connected to Alice for key exchange firstly if he wants to send a message to her using cryptographic technique. In traditional cryptosystem based on digital certificate, the channel for key exchange perhaps rely on directory service. In IDPKC, it is not necessary to create a such channel, that is, when Bob and Alice have registered their public key based on their identity, they could make a security channel without any communications. This characteristic could bring us low costs on communication channel in key share protocol, and could prevent to be attacked in the key share process.In traditional cryptosystem based on digital certificate, with the binding between key and user certificate, key update and revocation can be realized by certificate update and revocation. But in IDPKC, key update and revocation can not result in the alteration of user identity, otherwise, IBE would lost its prime advantage. So, it is incapable of migrating the algorithms and protocols in cryptosystem based on certificate into IBE system. And it would be a very significative work to design and realize an IBE cryptosystem that can provide the elementary functions, such as key issue, key update, key revocation, key recover and cross authentication.The main work in this paper is to research on the ID-based signature scheme above-mentioned. The main results are as follows:1. We have researched on key escrow problem in IBE cryptosystem and pointed out that HESS scheme does not resolve it after analyzing on the scheme’s security. To resolve the problem, three improved schemes are presented and security analysis on them are also proposed.2. We have researched on ID-based blind signature scheme. An anonymous ID signature scheme with identity provable that based on a blind parameters signature scheme and complemented with BLS scheme is presented. In the scheme, anonymous user can perform normal signature operation, and his genuine identity can not be revealed by any other user even the KGC. The user can provide the evidence information to KGC to prove his genuine identity to be legal when disputation occurs.3. We have researched on ID-based key share protocols. Have analyzed on SOK non-interaction key share scheme and pointed out there are several security problems in the scheme. Then two improved schemes are presented, one is the non-interaction scheme that can resolve known-key security problem in SOK scheme. The other one is one-round scheme that can resolve the forward secrecy and key control problems in SOK scheme.4. Two biometric identity based signature schemes are proposed. In first scheme, private key is constructed by the biometric information of signer, this can make the "key roaming" to satisfy the practical applies. And private key does not rely on hardware token that can avoid the inconvenience and loss caused by damage and lost of the private key. In second scheme, public key is constructed by biometric information of signer. When verifier finished the verification on the signature, he can compare the biometric information converted by public key with that provided by signer to ensure the relationship between the public key and signer. So, this makes the verification more convenient and intuitionistic. Finally, describe possible attacks on the two schemes and suggest ways to combat it.5. With the research work on tradition PKI based digital certificate, we present a IBE-PKI system that based on Boneh-Franklin scheme and Yum Lee IBE model. We have analyzed and improved the existing schemes and algorithms in five aspects below: key issue, key update, key revocation, key recover and cross authentication. At last, we present the analysis work on performance and security of the IBE-PKI system.