Authors: Qi Feng, Debiao He, Zhe Liu, Ding Wang, Kim-Kwang Raymond Choo

Title: Multi-party key generation protocol for the identity-based signature scheme in the IEEE P1363 standard for public key cryptography

Journal: IET Information Security

 

Abstract: Identity-based cryptography (IBC) is considered as a promising mechanism in the Internet of Things (IoT) and ad-hoc networks, providing lightweight authentication and powerful access control. However, it suffers from two inherent problems, i.e., key escrow and the requirement of secure channel, that are not always good properties in many realistic scenarios. Thus, effective key issuing protocol in a distributed setting without the assumption of secure channel is needed. In this paper, we give a special attention to the identity-based cryptography standardized in IEEE P1363 and design a multi-party setup and key issuing protocol for it. Our protocol is proven to be malicious secure by simulation under weaker assumptions. Contrast to prior works that rely on a trusted party for key distribution or the strong assumption of secure channel, we provide the first practical solution for the distributed architectures.

摘要：基于身份的加密体制（Identity-based cryptography, IBC）可以提供轻量级的身份验证和访问控制，在物联网、自组织网络等分布式环境中具有广泛的应用前景。但是它的两个强安全假设，即密钥托管和安全通道，成为其在实际应用中的固有瓶颈。基于以上思考，本文致力于研究无安全信道的分布式密钥发布协议。具体来讲，本文以IEEE P1363中关于IBC的标准算法为实例，设计了一个高效的多方密钥发布协议，并且基于模拟模型将协议的安全性归约到较弱的安全假设，证明所提协议可以低于恶意敌手的攻击。相比以前依赖可信方进行密钥分发或安全通道的研究工作，本文为分布式体系架构提供了一个实际可行的IBC解决方案。