第八章基于身份的密码学和无证书密码学试卷.ppt

* ZWXF—Setup Let G1 be a cyclic additive group generated by P, whose order is a prime q, and G2 be a cyclic multiplicative group of the same order q. ê :G1×G1→G2 is a bilinear map. Define two hash function H1,H2, H3：{0,1}*→G1* 。 KGC chooses a master secret key s∈Zq* randomly and computes Ppub=sP。 KGC publishes system parameters {G1, G2, q, ê, P, Ppub, H1, H2,H3} and keeps the master key s secret。 ZWXF—Partial-Private-Key-Extract Given an identity ID , the KGC computes the corresponding private key SID=sQID and sends it to its owner in a secure way. Here QID =H1 (ID). Set-Secret-Value: user chooses a random number xID ∈Zq* Set-Private-Key:DID=(xID, SID) Set-Public-Key:PKID=xIDP Sign: Choose a random number r ∈Zq* Compute U=rP V= SID +rH2(m, ID,PKID,U)+x H3(m, ID,PKID) The signature of m is (U,V) Verify: ê(V, P)=ê(QID, Ppub) ê(U, H2(m, ID,PKID,U)) ê(PKID, H3(m, ID,PKID)) 人有了知识，就会具备各种分析能力， 明辨是非的能力。 所以我们要勤恳读书，广泛阅读， 古人说“书中自有黄金屋。 ”通过阅读科技书籍，我们能丰富知识， 培养逻辑思维能力； 通过阅读文学作品，我们能提高文学鉴赏水平， 培养文学情趣； 通过阅读报刊，我们能增长见识，扩大自己的知识面。 有许多书籍还能培养我们的道德情操， 给我们巨大的精神力量， 鼓舞我们前进。 Syntax for identity-based encryption Identity-Based Encryption Setup Extract Encrypt Decrypt A sender does not need to look up the recipient’s public key before sending out an encrypted message. The encryption steps PKG s Alice Bob Ppub m C IDBob skBob m Identity-based encryption-BF scheme It was proposed by Boneh and Franklin in Crypto 2001. It uses bilinear maps over supersingular elliptic curves. Let G1 be a cyclic additive group generated by P, whose order is a prime q, and G2 be a cyclic multiplicative group of the same order q. A bilinear pairing is a map ê :G1×G1→G2 with the following properties: Bilinearity: ê (aP, bQ)= ê (P,Q)ab for all P, Q∈G1, and a,b∈ Zq*. Non-degeneracy: There exists P and Q in G1 such that ê(P,Q) ≠1. Computability: There is an efficient algorithm to compute ê(P,Q) for all P,Q in G1. BF scheme—Setup Let G1 be a cyclic additive group generated by P, whose order is a pr