| 摘要 |
A method and system for encrypting a first piece of information M to be sent by a sender (100) to a receiver (110) allows both sender and receiver to compute a secret message key using identity-based information and a bilinear map. In a one embodiment, the sender (100) computes an identity-based encryption key from an identifier ID associated with the receiver (110). The identifier ID may include various types of information such as the receiver's e-mail address, a receiver credential, a message identifier, or a date. The sender uses a bilinear map and the encryption key to compute a secret message key g<r>ID, which is then used to encrypt a message M, producing ciphertext V to be sent from the sender (100) to the receiver (110) together with an element rP. An identity-based decryption key dID is computed by a private key generator (120) based on the ID associated with the receiver and a secret master key s. After obtaining the private decryption key from the key generator (120), the receiver (110) uses it together with the element rP and the bilinear map to compute the secret message key g<r>ID, which is then used to decrypt V and recover the original message M. According to one embodiment, the bilinear map is based on a Weil pairing or a Tate pairing defined on a subgroup of an elliptic curve. Also described are several applications of the techniques, including key revocation, credential management, and return receipt notification. |
