| 一种安全高效的入侵容忍CA方案 |
| |
| 引用本文: | 韩卫 白灵. 一种安全高效的入侵容忍CA方案[J]. 科学技术与工程, 2005, 5(12): 819-823 |
| |
| 作者姓名: | 韩卫 白灵 |
| |
| 作者单位: | 燕山大学信息科学与工程学院,秦皇岛,066004;燕山大学信息科学与工程学院,秦皇岛,066004 |
| |
| 基金项目: | 河北省教育厅自然科学项目(2004467)资助 |
| |
| 摘 要: | CA是PKI中的关键设施。CA的私钥一旦泄漏,该CA签发的所有证书就只能全部作废;因此,保护在线CA私钥的安全是非常重要的。将CA的私钥以门限密码技术分享在n个部件中,不仅保证了CA私钥的机密性和可用性,同时使CA具备了入侵容忍性。所提出的CA方案,私钥以Shamir的拉格朗日多项式方式分享,更适合实际需求,实验表明具有良好的性能。
|
| 关 键 词: | 人侵容忍 CA 秘密分享 门限签名 RSA |
| 修稿时间: | 2005-01-31 |
A Secure and High Efficient Intrusion Tolerance CA Scheme |
| |
| HAN Wei,BAI Ling. A Secure and High Efficient Intrusion Tolerance CA Scheme[J]. Science Technology and Engineering, 2005, 5(12): 819-823 |
| |
| Authors: | HAN Wei BAI Ling |
| |
| Abstract: | CA(certificate authority) is a critical component in PKI. When the private key of a CA is compromised, all the certificates issued by that CA should be revoked. Keeping the private key secret while providing service online is very important for a CA. Distributing private key of CA into n components via threshold cryptography can not only make the private key of CA secret and usability, but also make CA can tolerate some intrusion. A CA scheme and its private key distribute with Shamir's Lagarange polynomial secret shares, suit needs more practically. At last, security, efficiency and usability of the CA scheme are analyzed security. Through analysis, the scheme has good performance. |
| |
| Keywords: | intrusion tolerance CA secret sharing threshold digital signature RSA |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《科学技术与工程》浏览原始摘要信息 |
|
点击此处可从《科学技术与工程》下载全文 |
|
