Certificate-based encryption method and system for n layers of CA structures
A certificate and key technology, applied in the field of certificate-based encryption of n-tier CA structure, can solve problems such as difficult to meet the needs of large-scale network applications, system paralysis, and low work efficiency
Inactive Publication Date: 2014-11-26
HOHAI UNIV
View PDF1 Cites 7 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0005] (1) It is difficult to meet the needs of large-scale network applications
Because the existing method adopts a centralized working method, that is, only a single CA completes tasks such as user authentication, certificate generation, distribution, and revocation, so the calculation and communication costs of the CA are relatively high
In particular, when the number of system users is large, the work efficiency of a single CA is relatively low, and it is easy to become the bottleneck of the entire system
[0006] (2) Low ability to resist denial of service attacks
In an open network environment, CAs will inevitably suffer malicious attacks, so once the only CA suffers a denial of service attack and cannot work normally, the entire system will be paralyzed and cannot continue to work
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0061] Below in conjunction with accompanying drawing, technical scheme of the present invention is described in further detail:
[0062] The certificate-based encryption method of the hierarchical CA structure of the present invention can be realized based on bilinear pairing. The basic definition of bilinear pairing and the properties it satisfies will be briefly introduced below.
[0063] Let G 1 is an additive cyclic group of order q, G 2 is a multiplicative cyclic group of order q, and P is the group G 1 The generator of , where q is a large prime number. Suppose G 1 and G 2 The discrete logarithm problem on both groups is hard. If defined in group G 1 and group G 2 Previous Mapping e:G 1 ×G 1 →G 2 Satisfy the following three properties, then the mapping is called a valid bilinear pairing. bilinear pair e:G 1 ×G 1 →G 2 is group G 1 Cartesian product G with itself 1 ×G 1 to group G 2 The mapping, that is, the bilinear pair e:G 1 ×G 1 →G 2 Refers to the...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a certificate-based encryption method and system for n layers of CA structures. A layered thought is introduced into a certificate-based cryptosystem. The method comprises the steps of generating system parameters, generating a public key and a main key of the low-layer CA, generating a public key and a private key of a user, generating a certificate of the low-layer CA and a certificate of the user, encrypting messages and recovering the messages. The invention further provides the certificate-based encryption system for the layered CA structures. The system comprises a system parameter generation module, a low-layer CA parameter generation module, a user key generation module, a certificate generation module, an encryption module and a decryption module. According to the technical scheme, the tasks of certification of the system user, certificate issuance, certificate evocation and the like are completed by means of a layered CA tree, so that the burden of calculation and communication of each CA is reduced, and the efficiency and the ability to resist and deny service attacks of the system are improved.
Description
technical field [0001] The invention relates to the technical field of data encryption in information security, in particular to a certificate-based encryption method and system of an n-layer CA structure. Background technique [0002] In modern communication systems protected by cryptographic technology, cryptographic algorithms are usually public, and their security depends on the protection of keys, so key management is particularly important. In the public key cryptosystem, the user's public key can be disseminated publicly, which has a profound impact on secure communication, key distribution, digital signature and authentication on the open network. Therefore, since it was proposed by Diffie and Hellman in 1976, the public key cryptosystem has been widely used. Public key infrastructure (PKI) is the main means of deploying public key cryptography systems, and it is also the foundation and core of current computer network security construction. It provides a reliable s...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32
Inventor 陆阳张全领李继国
Owner HOHAI UNIV