摘要
提出一种自产生证书的公钥密码系统。在该系统中,用户借助于与可信第三方的交互得到部分私钥。与自己产生的部分私钥进行整合,产生自己的完整私钥和相应的公钥及公钥证书。用户将自己的公钥证书存放在由可信第三方维护的数据库中,并对自己的证书进行维护、上载、更新和销毁。可信第三方虽然协商用户生成自己的私钥,但并不知道用户私钥的值。这种新型的分散式的证书管理方法克服了传统公钥基础架构中由证书机构统一集中进行管理的弱点。
This paper proposes a public key cryptosystem with self-generated certificate. In the system, a user obtains partial private keys from an interaction with a Trusted Third Party(TTP). The user integrates the partial keys to derive a complete private key and the corresponding public key and certificate. The public key certificate is stored by the user in a database run by the TTP. The user is responsible for the management of his own public key certificate, including generation, upload, update, and removal of the certificate. The TTP does not know the private key of the user, even if it is involved in the generation of the partial key. The new system with distributed management of self-generated certificates overcomes the weakness of certificate authority's integrated management of all certificate in the traditional public key infrastructure.
出处
《计算机工程》
CAS
CSCD
北大核心
2009年第11期16-19,共4页
Computer Engineering
基金
国家自然科学基金资助项目(60673077)
关键词
公钥密码系统
证书
自产生
public key cryptosystem
certificate
self-genearation
