本文已被:浏览 1826次 下载 3845次
Received:May 11, 2010 Revised:June 02, 2010
Received:May 11, 2010 Revised:June 02, 2010
中文摘要: 针对CA 私钥的高安全性需求,提出一种新的(t,n)秘密分享机制保护CA 私钥。首先,使用RSA 算法产生CA 私钥,保证了私钥的不可伪造性;然后基于新的(t,n)秘密共享机制将CA 私钥进行分存,使用其身份作为私钥份额的标识,并使用私钥作为秘密份额。在使用CA 私钥进行签名时,使用Lagrange 插值多项式进行重构,并提供了简单高效的合作者欺骗验证方法;秘密重构中无需真正的秘密份额,因此,无需维护安全通道,提高了效率。理论分析和实验结果表明方案的有效性。
Abstract:For the high-security needs of CA private key, a new (t,n) secret sharing mechanism is proposed. First, the CA private key is generated using the RSA algorithm to ensure its un-Forged; then CA private key is shared based on the new (t,n) secret sharing mechanism. It uses its identification as a share of the private key and the private key as a secret share. It also provides a simple and efficient method to detect partner deceive, there is no real secret share is needed when secret is reconstructed, and without the need to maintain security channel too, so it enhances the efficiency. Applied to CA private key protection, it improves its security.
文章编号: 中图分类号: 文献标志码:
基金项目:基金项目:安徽省高校自然科学研究基金(KJ2009060Z);安徽财经大学校级科研项目(ACKYQ0947ZC)
引用文本:
张子振,毕殿杰.一种基于秘密分享的认证中心私钥保护方案.计算机系统应用,2011,20(1):62-65
ZHANG Zi-Zhen,BI Dian-Jie.Protection for CA Private Key Based on Secret Sharing Scheme.COMPUTER SYSTEMS APPLICATIONS,2011,20(1):62-65
张子振,毕殿杰.一种基于秘密分享的认证中心私钥保护方案.计算机系统应用,2011,20(1):62-65
ZHANG Zi-Zhen,BI Dian-Jie.Protection for CA Private Key Based on Secret Sharing Scheme.COMPUTER SYSTEMS APPLICATIONS,2011,20(1):62-65