作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2009, Vol. 35 ›› Issue (24): 174-175. doi: 10.3969/j.issn.1000-3428.2009.24.057

• 安全技术 • 上一篇    下一篇

密钥托管可控的跨域通信IBE模型

王 兴1,丁 宏1,李 欣2   

  1. (1. 杭州电子科技大学计算机学院,杭州 310018;2. 公安部第三研究所信息网络安全研发中心,上海 201204)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2009-12-20 发布日期:2009-12-20

IBE Model for Inter-domain Communications with Key Escrow under Control

WANG Xing1, DING Hong1, LI Xin2   

  1. (1. College of Computer & Software, Hangzhou Dianzi University, Hangzhou 310018; 2. Information Network Security Research and Development Center, The Third Research Institute of the Ministry of Public Security, Shanghai 201204)
  • Received:1900-01-01 Revised:1900-01-01 Online:2009-12-20 Published:2009-12-20

摘要: 与传统的公钥密码体系相比,基于身份加密(IBE)具有许多优点,但目前提出的IBE模型都未能消除密钥托管。针对该问题,提出一种新的IBE模型,该模型可以控制密钥托管的范围或完全消除密钥托管,通过区域划分和域间互信,实现跨域互连,并给出在此基础上的对等密钥协商协议。分析结果表明,该模型未增加额外的结构,也未增加密钥协商的计算量或通信开销。

关键词: 密钥管理, 基于身份加密, 密钥托管, 密钥协商

Abstract: Identity-Based Encryption(IBE) provides much more convenience against traditional public key cryptography, but newly proposed schemes can not eliminate key escrow. Aiming at this problem, this paper proposes a new scheme to control key escrow or eliminate it completely. In this model, users are divided into different groups and these groups are associated with each other by inter-trust. A key agreement protocol based on it is provided. Analysis result proves that the model does not need extra infrastructures, and does not increase the cost of computation or communication for key agreement.

Key words: key management, Identity-Based Encryption(IBE), key escrow, key agreement

中图分类号: