摘要
为了避免现有秘密共享方案中的秘密份额分发机制的不足,结合基于身份(ID)的公钥密码技术,提出了利用参与者私钥作为其主份额的秘密份额分发方法.首先,对Zheng提出的签密方案进行了安全分析,发现其不具备前向保密性,并针对该安全问题,提出了一个改进的签密方案.同时,在所提出的改进方案的基础上,结合基于ID的公钥密码系统,提出了一个新的门限多重秘密共享方案.该方案有效地解决了秘密份额的安全分发问题,不需要秘密分发者和参与者之间事先进行任何信息交互,能够在分发秘密的同时分发秘密份额.该方案还具有前向保密性,即使秘密分发者的私钥被泄漏,也不会影响之前所共享秘密的安全性.因此,所提出的基于身份的秘密共享方案具有更高的安全性和有效性,能够更好地满足应用需求.
In order to avoid the flaw of the secret shadow distribution method in the existing secret sharing schemes, a secret shadow distribution method is proposed with the ID-based public key technology integrated, which uses the participant's private key as his master shadow. Firstly, security analyses are made on Zheng's signcryption scheme, which shows his scheme does not offer forward secrecy. Then, an improvement is made on Zheng's signcryption scheme and a new scheme is proposed. Based on the proposed signcryption scheme and the ID-based public key cryptosystem, a new threshold multi-secret sharing scheme is proposed. The problem of the secret shadow distribution is well resolved, and no information exchange is needed between the secret dealer and each participant in advance. The secret shadow distribution can be processed during the secret distribution. At the same time, the proposed scheme offers forward secrecy. That is to say, even if the private key of the secret dealer is exposed, the security of the shared secrets will not be threatened. Therefore, the proposed ID-based secret sharing scheme is more secure and effective than others, and it can be more applicable.
出处
《软件学报》
EI
CSCD
北大核心
2008年第10期2739-2745,共7页
Journal of Software
基金
国家自然科学基金
国家高技术研究与发展计划(863)
中国博士后科学基金
陕西省自然科学基金
高等学校学科创新引智计划~~
