| 摘要 |
A method of generating a public key in a secure digital communication system, having at least one trusted entity CA and subscriber entities A, the method comprising the steps of: for each entity A, the CA selecting a unique identity I A distinguishing the entity A; generating a public key reconstruction public data .gamma. A of entity A by mathematically combining a generator of the trusted party CA with a private value of the entity A, such that the pair (I A, .gamma. A ) serves as A's implicit certificate; combining the implicit certificate information (I A, .gamma. A) in accordance with a mathematical function F(.gamma. A , I A) to derive an entity information .function.; generating a private key a of the entity A by signing the entity information .function. and transmitting the private key a to the entity A, whereby the entity A's public key may be reconstructed from the public information, the generator .gamma. A and the identity I A relatively efficiently. A further aspect of the invention provides for a public key certificate including a plurality of public keys, and wherein at least one of the public keys is an implicitly certified public key. |
