摘要
主要研究标准模型下基于证书的加密方案(certificate-based encryption,简称CBE)的通用构造,并给出了两个实现方案。首先,以IND-CCA2安全的公钥加密方案、IND-ID-CCA安全的基于身份的加密方案以及强一次性签名方案这3种密码学原型为组件提出了第一个CBE方案的通用构造,并在标准模型下证明了其安全性;其次,针对强一次性签名方案存在的一些问题,以强一次性消息认证码代替一次性签名方案,提出了另一个通用构造。与前者相比,第二个通用构造的性能得到了明显的优化。
The certificate-based encryption (CBE) is a new PKC paradigm which combines public-key encryption (PKE) and identity based encryption (IBE) while preserving their features. CBE provides an efficient implicit certification mechanism for a PKI and allows a form of automatic certificate revocation,while it is not subjected to the private key escrow problem and secret key distribution problem inherent in IBE. This paper firstly proposed a generic construction of CBE scheme based on three general primitives:IBE,PKE and strong one-time signature (SOTS) scheme and proved it to be secure in the standard model. Then, it described how to use message authentication code (MAC) to replace the SOTS scheme to further improve the efficient of the first generic CBE scheme and to achieve another generic CBE scheme. These two generic constructions show that CBE scheme can be constructed in a more general and efficient way.
出处
《计算机科学》
CSCD
北大核心
2009年第6期89-92,共4页
Computer Science
基金
国家高技术研究发展计划(863计划)项目(No.2007AA01Z409)
国家自然科学基金项目(No.60673070)资助
关键词
基于证书的加密方案
通用构造
标准模型
Certificate-based encryption scheme, Generic construction, Standard model
