摘要
该文基于 El Gamal密码体制提出了一个门限密钥托管方案 .这个方案不仅有效地解决了“一次监听 ,永久监听”问题 ,而且每个托管代理能够验证他所托管的子密钥的正确性 ,并且在监听阶段 ,监听机构能够确切地知道门限密钥托管方案中哪些托管代理伪造或篡改子密钥 .由于该方案是门限密钥托管方案 ,所以在各托管代理中有一个或几个托管代理不愿合作或无法合作时 ,监听机构仍能很容易地重构出会话密钥 .此外 ,还具有抵抗 L
In order to protect sensitive information against unauthorized interception, the communication can be encrypted before they are transmitted and decrypted upon receipt. At the same time, encryption also is used to conceal criminal and terrorist activities. On April 16, 1993, the U.S. Government announced a new encryption initiative aimed at providing a high level of communication security and privacy without jeopardizing effective law enforcement, public safety, and national security. The initiative is based on a special tamper resistant hardware encryption device (Clipper Chip) and a key escrow system. In the existing most (threshold) key escrow schemes, the monitor agency firstly recovers the system key and then decrypts LEAF to obtain session key. Once the monitor agency monitors a user, it may monitor communications of all users, namely 'once monitor, monitor for ever'. In this paper, we propose a threshold key escrow schemes based on ElGamal cryptosystem. In our scheme, every escrow agency gets sub message using his secret shadow. Each time monitor agency can recover the whole message (session key) by using k sub messages. But nothing about the whole message can be obtained when the number of the sub messages is less then k . The attacker cannot get any information about system key and secret shadow by the known sub messages. The proposed scheme not only solves the problem of 'once monitor, monitor for ever', but also solves the Shamir's problem. In the scheme, every escrow agency can verify correctness of the secret shadow that he escrows during secret shadow distribution and monitor agency can exactly decide which escrow agency forges or tampers secret shadow during monitor procedure. Thus the scheme has the property of robustness. Since the proposed theme is threshold key escrow scheme, monitor agency can easily reconstruct session key sk when an escrow agency or few agencies is not cooperating. In addition, it can also resist LEAF Feedback attacks.
出处
《计算机学报》
EI
CSCD
北大核心
2002年第4期346-350,共5页
Chinese Journal of Computers
基金
国家自然科学基金 (60 0 72 0 18)资助
