Cryptography Reference
In-Depth Information
the modulus
n
(or, in other words, the public master key) and the identity string given
as an ordinary 8-bit ASCII string:
> CocksIBEH := proc(n::posint, id::string)
local length, hid, R, jac;
length := intlog[256](n);
hid := messagetohex(id, text);
R := OS2IP(MGF1(hid, length));
jac := -1;
while jac = -1 do
R := R+1;
jac := numtheory:-jacobi(R, n)
end do;
R
end proc:
The function that implements the key derivation algorithm is
CocksIBEDer
below. The required input parameters are the master private key given as a list, the
u
-parameter and the identity string; there is also an optional keyword parameter for
the output format which can be either
hex
(the default) or
decimal
. The output is
the private key of the user with identity
id
.
> CocksIBEDer := proc(msk::list, u::{posint,string},id::string, {format::name:=hex})
local p, q, n, R, v, r;
p := stringposint(msk[1]);
q := stringposint(msk[2]);
n := p*q;
R := CocksIBEH(n, id);
v := stringposint(u);
if numtheory:-legendre(R, p) = -1 then
R := v*R mod n
end if;
r := chrem([numtheory:-msqrt(R, p), numtheory:-msqrt(R, q)], [p, q]);
if format = decimal then
r
elif format = hex then
StringTools:-LowerCase
∼∼
(convert
∼∼
(r, hex))
else
error "Unrecognized key format"
end if
end proc:
Example 10.3
Let us give an example of how the PKG would use the key deriva-
tion algorithm to compute the private key of a user with a given identity. In our
example the identity of the user will be given by the (fictitious) email address
“gomez.pardo@nonexisting.com” and the master key and the
u
-parameter are those
computed in Example 10.2.
> usk := CocksIBEDer(msk, u, "gomez.pardo@nonexisting.com");
"597699e3c2140a4bfac17a066f2d92addfb9b686ceddf9674b3160253a35de5b4a96973f276e06f9d\
bbb71e242177559c6ebeaee149afa4a710ec53e61b3d67c7579c79404c7b882faf5027ecc2bf01cd\
cc3f36c0f803fb47deaf67c35686649ec36f80f47bd0212df39678d46ea01f1c9575506b3c64b3f2\
b28bc2bd41fdb5888b4a29eae5050419f14b94c9cd4d0dcf3fb4c92907767ec14c388c32b5253fa1\
0a73021348b7f089b9517f409c0c5831cd0da99c8697c211279f6e71b6a2e5ff464edd1b6efd6e91\
921bda57e6d1f1bb2213293cc488cae1c389e6c2b616688b6078e4ef995e856dcf67ad2ca8a9b846\
774e303ca6e38cd530e05470fecd1ce"
Exercise 10.5
Check which of the conditions
r
2
or
r
2
≡
R
(
mod
n
)
≡
uR
(
mod
n
)
holds, when
r
=
mpk
is the master
public key of Example 10.2,
u
is the parameter obtained in this same example, and
R
=
usk
is the user private key of Example 10.3,
n
=
CocksIBEH(n,"gomez.pardo@nonexisting.com")
.
