Cryptography Reference
In-Depth Information
v
reuPeQ
=
(, )(
-
P
(4.39)
ID
pub
Accept the signature if and only if v = H ( m, r ).
4.3.5 Key Distribution in IBC
4.3.5.1 Joux's One-Round, Three-Party Key Agreement Protocol
The protocol for Joux's one-round, three-party key agreement is as follows (Joux 2000).
Set-up : Let G 1 , G 2 be two groups of the same prime order q . Let G 1 be an additive
group and G 2 be a multiplicative group. The public parameters are group PP =
( G 1 , G 2 , e , q , P ).
*
Consider A , B , C with secret keys
abc
,,
Î , respectively, where
q
A sends aP to both B , C.
B sends bP to both A , C.
C sends cP to both A , B .
A computes K A = e ( bP , cP ) a .
B computes K B = e ( aP , cP ) b .
C computes K C = e ( aP , bP ) c .
The common agreed key of A , B , C is
K ABC = K A = K B = K C = e ( P , P ) abc
(4.40)
4.3.6 Key Escrow Problem
The general key distribution problem refers to the onerous task of distributing secret
keys between communicating parties to provide security properties such as authentica-
tion or confidentiality or both. However, with the advent of private key distribution,
new problems arose, such as the inherent key escrow problem and the need for secure
distribution of private keys (Lee et al. 2004). Lee et al. came up with a secure private
key distribution algorithm in IBC. We briefly review this algorithm here.
Let H 1 , H 2 , and H 3 be three hash functions such that H 1 : {0, 1} l G 1 , where l is
the length of the plain text. Let H 2 : {0, 1} l × G 2 Z q , where Z q = Z / qZ denotes integers
mod q , where q is a large prime. Therefore Z q denotes the group {0, 1, 2, . . . , q − 1}
and = /
q ZZ Z .
Let
*
HG Z . Let PKG specify two groups G 1 and G 2 of order q , where G 1 is
an additive group and G 2 is a multiplicative group. Let e be a bilinear map such that e :
G 1 × G 1 G 2 with the following properties:
:
3
2
q
Search WWH ::




Custom Search