Halo:適用於同儕網路中機會性合作的階層式身份基礎公鑰系統

Abstract

同儕網路系統中，因缺乏資訊安全保護，所以無法使其中的服務常常缺乏安全性與強健性。這個問題來自無伺服器 (server-less) 的架構和 ad-hoc 方式操作情境的需求。同時也造成同儕網路無法使用傳統的對稱/不對稱的密碼學技術。我們發現：階層式的身份基礎密碼系統和分散式金鑰產生機制提供了可行的解決之道。在本論文中，我們將提出 Halo 我們設計的一個階層式的身份基礎公開基礎架構。它用到一些新穎的技術來達到遞迴式的 private key generators ( ) 和建立一個無限層數 (unlimited number) 限制的信任階層。因此，這個公開金鑰基礎架構不僅能部屬階層式身份基礎加密、簽章、簽密 (signcryption) ，再加上成對的 (pair-wise) 認證式金鑰協定 (authenticated key agreement) 來保護同儕網路中的應用。

In peer-to-peer network system, services usually fail to provide security and robustness due to the absence of information security. The security weakness is rooted in the server-less architecture and demand for ad-hoc operation scenario. Besides, they also stop us from using scalable key management by traditional symmetric/ asymmetric cryptographic techniques.. We have found that hierarchical identity-based cryptography and distributed key generation scheme provide us possible solution to this problem. In this paper, we present the design of Halo, a hierarchical identity-based public key infrastructure that uses these novel technologies to perform recursive instantia¬tion of private key generators and establish a trust hierarchy with unlimited number of levels. Therefore, The PKI thus enables the employment of hierarchical identity-based public key encryption, signature, and signcryption operation. In addition, pair-wise authenticated key agreement also provided for the protection of peer-to-peer applications.