Cryptography algorithm based on bilinear pairing

1. Data encryption principle

We will build an efficient and undocumented bookmark scheme. Because conversion does not recognize the paradigm of cryptographic and signature schemes into combinatorial certificate protocols, we use the practice of extending the traditional signing method with the certificate-free key authentication mechanism to pair authentication with identity-based technology to authenticate the associated public key.

The traditional password system calculates the corresponding public key in accordance with the user's choice of the private key paradigm, and submits it to the certification authority to verify their identity and issue a certificate to connect these identities and public keys. This in creating a certified infrastructure requires digital certificate management (also known as a public key infrastructure, or PKI) that may prove cumbersome to maintain. The concept of identity-based (IB) cryptography introduced by Shamir is trying to mitigate the burden of PKI. In IB Encryption, the private key is not selected by the user, but is issued by a trusted authority called the Key Generation authority (KGB) or a trust agency (TA ) and the public key are replaced by any string representing the user's identity, avoiding the need for a certificate to be complete. On the other hand, it has the disadvantage of implicitly establishing a key escrow institution, since the KGB has the ability to recover confidential information from any user.

We have followed a fairly unique approach to designing an undocumented bookmark method. Instead of the same identity-based signature scheme combined with the identity-based encryption method, and converting the results to a certificate-free protocol, we extend the certificate's encryption method scheme with the traditional signature, but avoid using the certificate whose component uses identity-based technology to validate the public authentication key.

The

Non-certificate public key cryptosystem is a new type of public-key cryptosystem based on the identity-based public key cryptosystem. It maintains the advantages of the identity-based public key cryptography without the use of public key certificates ,  . Signing secret public key cryptography and digital signature organically together ,  ,  " After signing, encrypt mode .

In the identity-based encryption system, the sender can encrypt a message to the receiver without the private key, and the receiver can only request the private key for the PKG after receiving the ciphertext, which is an important feature of the identity-based cryptosystem. Without the certificate encryption system, set the private key and set the public key after setting the secret value to run, all have the user to complete, the user's private key actually has two parts, solves the identity-based cipher system The secret key escrow problem, also eliminated the PKI -based The public key certificate in the cryptography system.

2, encryption algorithm improvement

A non-certificate signature scheme that combines blmq system signatures,Schorr signatures, and Zheng signatures, and references to Al-riyami and Paterson 's original CL-PKC model, allowing users to choose common but unauthenticated key pairs for identity-based keys and their identities. These keys can be verified as valid through identity-based principles.

In view of the application scenario of the system, the original scheme was optimized, the parameters were added, the decryption scheme was first verified in the decrypted part, the purpose was to improve the efficiency of encryption and decryption, and only to decrypt the message which was verified as real.

3, encryption algorithm aspects

(1) This project constructs an efficient non-certificate encryption scheme, which, relative to the general paradigm, transforms the identity-based encryption and signature scheme into a combined certificate-free protocol, and uses the non-certificate encryption authentication mechanism to extend the traditional signature encryption method, which is used to verify the relevant public key based on the basic identity authentication technology. As long as the amortization cost of this verification is low, the results will be as efficient as the underlying encryption.

(2) It not only maintains the advantage of the identity-based public key cryptography, but also solves the problem of the key escrow which is inherent in it. Signing secret the combination of public key encryption and digital signature can be used to complete both public key and digital signature functions in a reasonable logical step. and the computational and communication costs are lower than the traditional "signature after encryption" mode.

(3) using the non-certificate signature encryption algorithm based on bilinear pairing to the wireless sensor network. The paper constructs an efficient non-certificate encryption scheme, which transforms the identity-based encryption and signature scheme into a combined non-certificate protocol, and uses the non-certificate encryption authentication mechanism to extend the traditional signature encryption method, according to the Basic authentication-based technology, the pairing is used to verify the relevant public key. As long as the amortization cost of this verification is low, the results will be as efficient as the underlying encryption.

(4) when the PBC encryption algorithm is implanted into the wireless sensor with limited memory and processing speed (the wireless sensor uses the kernel), the ROM is only 4K It also handles the sensor's own information transmission, sensor signal detection and peripheral device status supervision, so it is very challenging to use in wireless sensor networks.

Cryptography algorithm based on bilinear pairing