Construction method of certificateless public key cryptosystem

Abstract

The invention discloses a construction method of a certificateless public key cryptosystem which belongs to the technical field of information security. The construction method of a certificateless public key cryptosystem comprises the following steps: S1, initializing a system; S2, picking up part of a private key; S3, generating a secret value; S4, generating a public key; S5, generating a private key; S6, performing certificateless signature; and S7, verifying. According to the invention, a certificateless signature system is adopted, when a signature verifier verifies a signature, the condition that the validity of a public key of a signer is needed to be verified in the traditional public key cryptosystem is avoided, so the method is free from a key escrow problem existing in a cryptosystem based on identity. Therefore, a security defect of the private key escrow of the identification cryptosystem can be solved and a better safety performance is realized.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a construction method of a certificateless public key cryptosystem. Background technique [0002] Public key cryptography is a widely used technology for encrypting files, messages and other information sent to designated recipients. The system using this cryptographic technology needs to generate a pair of mathematically associated public key and private key for each user. The key is kept privately by the recipient. [0003] An important security requirement in the application of public key cryptography is to ensure that the public key used exactly belongs to the designated recipient, that is, a security mechanism that binds user identification (ID) and its public key is required. In traditional public key cryptosystems, such as systems using algorithms such as RSA, DSA, and ECC, the generation of the public key has nothing to do with the user's identity, and a th...

AI Technical Summary

Problems solved by technology

In traditional public key cryptosystems, such as systems using algorithms such as RSA, DSA, and ECC, the generation of the public key has nothing to do with the user's identity, and a third-party certification center (CA) needs to issue a certificate, that is, the user's public key and identity Signing and binding the two. This CA-centric system based on the traditional public key cryptography system is called the public key infrastructure. It has two main shortcomings: one is the custody of the user's identification private key in the secret key center , the user’s identity private key must be completed by the secret key center, so the secret key center also has the user’s identity private key like the user. Therefore, strictly speaking, the signature generated by the identity cryptosystem is not non-repudiable, and the corresponding identity cryptosystem The generated ciphertext can be decrypted in the secret key center, and there is a risk of information leakage; second, after the user identification private key is lost, the user identification and public key are bound together in the traditional public key system. If the user private key is lost, the user can Regenerate a pair of public key and private key, and in the identification cryptosystem, the user's identification is the public key, so it cannot be canceled. Therefore, we propose a construction method of the certificateless public key cryptosystem and put it into use, in order to solve the above problems

Images