基于身份加密的装备密钥分布式生成算法

Military Equipment's Distributed Key-generating Algorithm for Identity-based Cryptography

为解决身份加密体制中单一密钥生成中心易遭受攻击的问题,借鉴网络中心战"去中心化"的思想,针对Lewko-Waters身份加密协议,提出了一种分布式密钥生成算法。在算法中,主密钥由密钥生成中心和密钥隐私中心共同掌握,用户密钥在密钥生成中心监管下由分布于网络中的各密钥隐私中心共同生成,有利于增强Lewko-Waters协议密钥管理体系的抗毁性、鲁棒性。最后,在标准模型中证明了该方案在选择明文攻击下的密文不可区分性,并进行了算法性能比较分析。

According to the decentralization theory of network central warfare,we proposed a distributed private-key extraction algorithm for Lewko-Waters' s identity-based encryption because the sole key generating center of identitybased encryption is likely attacked.In this scheme,master key is in charge of both key generating center and key privacy authority.User's private key can be extracted and supervised by key generating center from a number of key privacy authorities distributing all over the network.It could be available to strengthen the survivability and robustness of key management system.Finally we proved their IND-CPA security,i.e.the indistinguishability of ciphertext under chosen plaintext attack,in the normal model and also performed a comparative analysis of the algorithm.As you can see,it can be helpful to accomplish key escrow.