Identity passwords on key management
|School||Huazhong University of Science and Technology|
|Keywords||Identity-Based Encryption Key Management Hierarchical structure Wildcard|
Widely used in public key infrastructure (PKI) certificate as the management mechanism, in time and space takes up a lot of overhead. 1984 Shamir proposed identity-based cryptography concepts, the use of the user's identity string as a user's public key, thus solving the problem of the certificate overhead. Since 2001 BF-IBE scheme proposed various identity-based encryption mechanisms are gradually developed. In particular identity based on elliptic curve encryption scheme is relatively high, in the mainstream position. However, due to the user's public key completely open, IBE mechanisms private key generator (PKG) and transfer the private key needs to be calculated, it is easy to fall into \Related issue, IBE will appear in key update repealing various issues, these are referred to as key management issues. The identity of a hierarchical structure proposed cryptosystem opportunity to be a single large volume of users PKG unable to meet the burden of application environment and security. The identity of a hierarchical structure in the IBE cryptosystem is improved mechanism for key management put forward new ideas. HKM HIBE scheme is based on a hierarchical key management. It solves the PKG HIBE hierarchy diagram there are multiple users of the parent node node complex hierarchical relationships, and solve a class of customer relationship under the licensing issues. By introducing a wildcard, WIBE program can HIBE user groups in a one-time encryption. In WIBE WKU program is based on a kind of life of the unit rekeying mechanism. The sender encrypts set conditional, only time period, users can decrypt the message. New public can meet all the conditions for the old public key type, the old public key can not satisfy the conditions for a new key type which declared expired. HKM scheme is based WIBE there is another way to achieve. Small number of nodes in the hierarchy in the case, according to the node's ability to set a public key decryption, using the conditional WIBE mechanism to decrypt the information rights management node. Finally, HKM-WKU program combines ciphertext-based strategy and based on key capabilities in two ways, as a hierarchy of levels of organization and complexity of the role of the structure of the base to provide data encryption access control, and are able to age as a unit update the key. In the realization of HKM-WKU options, for functional testing and comparing efficiency and propose a meaningful discussion of issues for further study.