摘要 |
A method and system for encrypting a first piece of information M to be sent by a sender [ 100 ] to a receiver [ 110 ] allows both sender and receiver to compute a secret message key using identity-based information and a bilinear map. In a one embodiment, the sender [ 100 ] computes an identity-based encryption key from an identifier ID associated with the receiver [ 110 ]. The identifier ID may include various types of information such as the receiver's e-mail address, a receiver credential, a message identifier, or a date. The sender uses a bilinear map and the encryption key to compute a secret message key g<SUB>ID</SUB><SUP>r</SUP>, which is then used to encrypt a message M, producing ciphertext V to be sent from the sender [ 100 ] to the receiver [ 110 ] together with an element rP. An identity-based decryption key d<SUB>ID </SUB>is computed by a private key generator [ 120 ] based on the ID associated with the receiver and a secret master key s. After obtaining the private decryption key from the key generator [ 120 ], the receiver [ 110 ] uses it together with the element rP and the bilinear map to compute the secret message key g<SUB>ID</SUB><SUP>r</SUP>, which is then used to decrypt V and recover the original message M. According to one embodiment, the bilinear map is based on a Weil pairing or a Tate pairing defined on a subgroup of an elliptic curve. Also described are several applications of the techniques, including key revocation, credential management, and return receipt notification.
|