學術產出-Theses
Article View/Open
Publication Export
-
題名 基於免憑證的定時釋出加密系統以及其在可認證電子郵件系統之應用
Certificateless timed-release encryption and its application to certified email system作者 林欣瑤 貢獻者 左瑞麟
林欣瑤關鍵詞 免憑證
加密
協定
安全性證明
Certificateless
Encryption
System
security analysis日期 2011 上傳時間 30-Oct-2012 11:28:19 (UTC+8) 摘要 本論文提出了一個免憑證加密系統的方案,並且將此方案實作出來,使得此方案更具實用性。此方案主要架構為免憑證加密系統,利用此系統的特性消除傳統公開金鑰密碼系統中需要公開金鑰憑證認證的麻煩,也不會產生基於身分認證加密系統的私鑰託管問題,有效的結合了兩項系統的優點,並且提高了這兩種系統的安全性及方便性。本論文的協定中,在基於身分認證加密系統的公鑰部分還加入了階級以及時間戳記的概念,用以限制接收方取得部份私鑰的能力,並且也將接收方的部分公鑰加入其中,來增加部份私鑰的安全性。另外此協定也加入了提早解密金鑰的部分,可讓傳送方在傳出密文後更改解密時間,而不需要重新使用新的公鑰加密資訊,便可提早讓接收方取得相對應的明文資訊。
In this paper, we propose a new certificateless public key encryption system, and implement it for securing e-mail systems. Certificateless cryptography, which is in contrast to traditional public key crypto-systems, does not require the use of certificates to guarantee the authenticity of public key. It does rely on the use of a trusted third party (TTP) who is in possession of a master key, just like the identity-based public key cryptography. However, certificateless public key crypto-system does not suffer from the key escrow property, whereas, it is a problem in the identity-based public key crypto-systems. Moreover, in our system, we add some new properties like level and time-stamp to limit the ability of receivers and to promote the safety of the system. Time-stamp ensures that the ciphertext cannot be decrypted before the indicated time and a level ensures that only the user with the corresponding identity and level can decrypt the ciphertext. In addition, a new feature is also introduced which is called the time-release encryption. Time-release encryption allows the encrypter to publish a release key so that the ciphertext can be decrypted by the receiver before the time indicated in the time-stamp when necessary.參考文獻 [1] W. Diffie, M. E. Hellman, “New directions in cryptography”, Information Theory 22(6), IEEE Transactions on, pp.644-654 , 1976.[2] D. Boneh, M. K. Franklin, “Identity-based encryption from the weil pairing”, CRYPTO 2001, LNCS 2139, pp.213-229, 2001.[3] S. S. Al-Riyami, K. G. Paterson,”Certificateless public key cryptography”, ASIACRYPT 2003, Springer-Verlag, LNCS 2894, pp. 452-473,2003.[4] A. Shamir, ”Identity-based cryptosystems and signature schemes”, CRYPTO 1985, LNCS 196 ,pp.47-53, 1985.[5] M. Hou, Q. Xu, “Secure and efficient two-party authenticated key agreement protocol from certificateless public key encryption scheme”, NCM 2009, pp.894-897,2009.[6] A. Kihidis, K. Chalkias, G. Stephanides, “Practical implementation of identity based encryption for secure e-mail communication” Panhellenic Conference on Informatics 2010, pp.101-106,2010.[7] A. Shamir, “On the security of DES”. CRYPTO 1985,LNCS 218, pp.280-281,1985.[8] National Institute of standards and Technology, “The advanced encryption standard”, http://csrc.nist.gov/aes/ , 2000.[9] R. L. Rivest, A. Shamir, L. M. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, Communications, ACM 21(2), pp.120-126, 1978.[10] T. ElGamal,” A public-key cryptosystem and a signature scheme based on discrete logarithms”, CRYPTO 1985, LNCS 196, pp.10-18,1985.[11] Y. H. Hwang, D. H. Yum, P. J. Lee, “Timed-release encryption with pre-open capability and its application to certified e-mail system”, ISC 2005, LNCS 3650, pp.344-358, 2005.[12] M. Geng, F. Zhang, M. Gao, “A secure certificateless authenticated group key agreement protocol”, Multimedia Information Networking and Security 2009, International Conference on , pp. 342−346, 2009. [13] C. Wang, D. Long, Y. Tang, “An efficient certificateless signature from pairings”, Data, Privacy, and E-Commerce, 2007, The First International Symposium on, pp.236-238 ,2007. [14] M. Bellare, P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols”, Computer and Communications Security 1993, ACM Conference on, pp.62-73, 1993.[15] 詹省三,可訊息回覆之免憑證簽章機制之研究,國立政治大學資訊科學系碩士論文,2011年[16] 林欣瑤,左瑞麟,關於免憑證密鑰交換機制的一些安全性分析,全國計算機會議,2011年 描述 碩士
國立政治大學
資訊科學學系
99753009
100資料來源 http://thesis.lib.nccu.edu.tw/record/#G0099753009 資料類型 thesis dc.contributor.advisor 左瑞麟 zh_TW dc.contributor.author (Authors) 林欣瑤 zh_TW dc.creator (作者) 林欣瑤 zh_TW dc.date (日期) 2011 en_US dc.date.accessioned 30-Oct-2012 11:28:19 (UTC+8) - dc.date.available 30-Oct-2012 11:28:19 (UTC+8) - dc.date.issued (上傳時間) 30-Oct-2012 11:28:19 (UTC+8) - dc.identifier (Other Identifiers) G0099753009 en_US dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/54650 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 資訊科學學系 zh_TW dc.description (描述) 99753009 zh_TW dc.description (描述) 100 zh_TW dc.description.abstract (摘要) 本論文提出了一個免憑證加密系統的方案,並且將此方案實作出來,使得此方案更具實用性。此方案主要架構為免憑證加密系統,利用此系統的特性消除傳統公開金鑰密碼系統中需要公開金鑰憑證認證的麻煩,也不會產生基於身分認證加密系統的私鑰託管問題,有效的結合了兩項系統的優點,並且提高了這兩種系統的安全性及方便性。本論文的協定中,在基於身分認證加密系統的公鑰部分還加入了階級以及時間戳記的概念,用以限制接收方取得部份私鑰的能力,並且也將接收方的部分公鑰加入其中,來增加部份私鑰的安全性。另外此協定也加入了提早解密金鑰的部分,可讓傳送方在傳出密文後更改解密時間,而不需要重新使用新的公鑰加密資訊,便可提早讓接收方取得相對應的明文資訊。 zh_TW dc.description.abstract (摘要) In this paper, we propose a new certificateless public key encryption system, and implement it for securing e-mail systems. Certificateless cryptography, which is in contrast to traditional public key crypto-systems, does not require the use of certificates to guarantee the authenticity of public key. It does rely on the use of a trusted third party (TTP) who is in possession of a master key, just like the identity-based public key cryptography. However, certificateless public key crypto-system does not suffer from the key escrow property, whereas, it is a problem in the identity-based public key crypto-systems. Moreover, in our system, we add some new properties like level and time-stamp to limit the ability of receivers and to promote the safety of the system. Time-stamp ensures that the ciphertext cannot be decrypted before the indicated time and a level ensures that only the user with the corresponding identity and level can decrypt the ciphertext. In addition, a new feature is also introduced which is called the time-release encryption. Time-release encryption allows the encrypter to publish a release key so that the ciphertext can be decrypted by the receiver before the time indicated in the time-stamp when necessary. en_US dc.description.tableofcontents 第一章 緒論 11.1研究背景 11.2研究動機與目的 41.3本文貢獻 51.4論文架構 6第二章 背景介紹 72.1雙線性配對 72.1.1 雙線性配對(Bilinear Pairing) 72.1.2相關數論介紹 82.2近代密碼學簡介 102.2.1對稱式金鑰加密系統(Symmetric Key Encryption Cryptography): 112.2.2公開金鑰加密系統(Public Key Encryption Cryptography): 122.2.3基於身分認證的加密系統(Identity-based Encryption Cryptography): 132.2.4免憑證公鑰加密系統(Certificateless Public Key Cryptography): 15第三章 相關文獻介紹 173.1 Hwang等學者提出的 Timed-Release Encryption with Pre-open Capability and Its Application to Certified E-mail System 173.2 Al-Riyami等學者提出的 Certificateless Public Key Cryptography 193.3 Yang等學者提出的 An Improved Certificateless Authenticated Key Agreement Protocol 21第四章 研究方法 244.1提案方式 24第五章 安全性分析與系統實作 305.1證明方法介紹 305.1.1攻擊者介紹 305.1.2 Random Oracle Model 315.2安全性證明 325.4系統實作 395.4.1實作環境 395.4.2系統流程 39第六章 結論及未來展望 45第七章 參考文獻 46 zh_TW dc.language.iso en_US - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0099753009 en_US dc.subject (關鍵詞) 免憑證 zh_TW dc.subject (關鍵詞) 加密 zh_TW dc.subject (關鍵詞) 協定 zh_TW dc.subject (關鍵詞) 安全性證明 zh_TW dc.subject (關鍵詞) Certificateless en_US dc.subject (關鍵詞) Encryption en_US dc.subject (關鍵詞) System en_US dc.subject (關鍵詞) security analysis en_US dc.title (題名) 基於免憑證的定時釋出加密系統以及其在可認證電子郵件系統之應用 zh_TW dc.title (題名) Certificateless timed-release encryption and its application to certified email system en_US dc.type (資料類型) thesis en dc.relation.reference (參考文獻) [1] W. Diffie, M. E. Hellman, “New directions in cryptography”, Information Theory 22(6), IEEE Transactions on, pp.644-654 , 1976.[2] D. Boneh, M. K. Franklin, “Identity-based encryption from the weil pairing”, CRYPTO 2001, LNCS 2139, pp.213-229, 2001.[3] S. S. Al-Riyami, K. G. Paterson,”Certificateless public key cryptography”, ASIACRYPT 2003, Springer-Verlag, LNCS 2894, pp. 452-473,2003.[4] A. Shamir, ”Identity-based cryptosystems and signature schemes”, CRYPTO 1985, LNCS 196 ,pp.47-53, 1985.[5] M. Hou, Q. Xu, “Secure and efficient two-party authenticated key agreement protocol from certificateless public key encryption scheme”, NCM 2009, pp.894-897,2009.[6] A. Kihidis, K. Chalkias, G. Stephanides, “Practical implementation of identity based encryption for secure e-mail communication” Panhellenic Conference on Informatics 2010, pp.101-106,2010.[7] A. Shamir, “On the security of DES”. CRYPTO 1985,LNCS 218, pp.280-281,1985.[8] National Institute of standards and Technology, “The advanced encryption standard”, http://csrc.nist.gov/aes/ , 2000.[9] R. L. Rivest, A. Shamir, L. M. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, Communications, ACM 21(2), pp.120-126, 1978.[10] T. ElGamal,” A public-key cryptosystem and a signature scheme based on discrete logarithms”, CRYPTO 1985, LNCS 196, pp.10-18,1985.[11] Y. H. Hwang, D. H. Yum, P. J. Lee, “Timed-release encryption with pre-open capability and its application to certified e-mail system”, ISC 2005, LNCS 3650, pp.344-358, 2005.[12] M. Geng, F. Zhang, M. Gao, “A secure certificateless authenticated group key agreement protocol”, Multimedia Information Networking and Security 2009, International Conference on , pp. 342−346, 2009. [13] C. Wang, D. Long, Y. Tang, “An efficient certificateless signature from pairings”, Data, Privacy, and E-Commerce, 2007, The First International Symposium on, pp.236-238 ,2007. [14] M. Bellare, P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols”, Computer and Communications Security 1993, ACM Conference on, pp.62-73, 1993.[15] 詹省三,可訊息回覆之免憑證簽章機制之研究,國立政治大學資訊科學系碩士論文,2011年[16] 林欣瑤,左瑞麟,關於免憑證密鑰交換機制的一些安全性分析,全國計算機會議,2011年 zh_TW
