第八章基于身份的密码学和无证书密码学讲述.ppt

October 2006 Pairing Based Cryptography Workshop Melbourne Identity-Based Cryptography and Certificateless Public Key Cryptography Public Key Cryptography (PKC) Also known as asymmetric cryptography. Each user has two keys: public and private. Alices public key typically used for: encryption to Alice by Bob. verification of Alices signatures by Bob. Alices private key typically used for: decryption by Alice. signing by Alice. No need for Alice and Bob to share a common key before they begin secure communications! Compare with symmetric key cryptography. The Need for PKI We need some way of enabling Bob to actually find Alice’s key. A directory service for encryption applications. Or delivered as part of a protocol, or along with a signature. But how does Bob know that Alices public key really is Alices (and not Eves)? We need some way of binding public keys with identities. Certificates in most circumstances. We will also need some way of signalling that a public key is no longer to be relied upon. Alice’s private key might become exposed, or she might change roles or leave the company. A revocation mechanism. Public Key Infrastructures Definition: A Public Key Infrastructure (PKI) is any system supporting the deployment of Public Key Cryptography By the term “traditional PKI” we mean: a combination of hardware, software and policies; needed to deploy and manage certificates; to produce trust in public keys; used in a particular application or set of applications. PKI Components Registration Authority (RA). Authenticates individuals/entities, optionally checks for possession of private key matching public key. Passes off result to Certification Authority. Certification Authority (CA). Issues certificates: CA issues signatures binding public keys and identities. Relying parties need authentic copy of CA’s public key… Directory Service. Directory of public keys/certificates. Revocation Service. May involve distribution of Certificate Revocation List (CRL) or on-li