CPK公钥体制与标识鉴别

Contents

Part OneAuthentication Technology

Chapter 1Basic Concepts

1.1 Physical World and Digital World

1.2 A World with Order and without Order

1.3 Selfassured Proof and 3rd Party Proof

1.4 Certification Chain and Trust Chain

1.5 Centralized and Decentralized Management

1.6 Physical Signature and Digital Signature

Chapter 2Authentication Logics

2.1 Belief Logic

2.1.1 The Model

2.1.2 The Formulae

2.1.3 The Characteristics of Belief Logic

2.2 Trust Logic

2.2.1 Direct Trust

2.2.2 Axiomatic Trust

2.2.3 Inference Trust

2.2.4 Behavior Based Trust

2.2.5 Characteristics of Trust Logic

2.3 Truth Logic

2.3.1 The Needs of "Preproof"

2.3.2 Entity Authenticity

2.3.3 The Characteristics of Truth Logic

2.4 Authentication Protocols

2.4.1 Standard Protocol

2.4.2 CPK Protocol

2.5 Authentication Systems

2.5.1 PKI Certification System

2.5.2 CPK Authentication System

Chapter 3Identity Authentication

3.1 Communication Identity Authentication

3.2 Software Identity Authentication

3.3 Electronic Tag Authentication

3.4 Network Management

3.5 Holistic Security

Part TwoCryptosystems

Chapter 4Combined Public Key (v6.0)

4.1 Introduction

4.2 Mapping Functoin

4.3 Computation of Keys

4.3.1 Computation of Identitykey

4.3.2 Computation of Separatingkey

4.3.3 Computation of Generalkey

4.3.4 Computation of Districtkey

4.4 Digital Signature and Key Delivery

4.4.1 Digital Signature

4.4.2 Key Delivery

4.5 Security

4.6 Conclusion

Chapter 5Cryptosystem and Authentication

5.1 New Requirements for Cryptosystem

5.2 Development of Cryptosystems

5.3 Identity Authentication Schemes

5.3.1 Identity Authentication with IBC

5.3.2 Identity Authentication with CPK

5.3.3 Identity Authentication with PKI

5.3.4 Identity Authentication with IBRSA

5.3.5 Identity Authentication with mRSA

5.3.6 Comparison of Schemes

5.4 Key Delivery Schemes

5.4.1 IBE Key Delivery

5.4.2 CPK Key Delivery

5.4.3 Other Key Delivery Schemes

5.4.4 Performance Comparison

5.5 Discussion on Trust Root

Chapter 6Bytes Encryption

6.1 Coding Structure

6.1.1 Permutation Table (disk)

6.1.2 Substitution Table (subst)

6.1.3 Key Structure

6.2 Working Flow

6.2.1 Given Conditions

6.2.2 Key Derivation

6.2.3 Data Expansion

6.2.4 Compound of Data and Key

6.2.5 Left Shift Accumulation

6.2.6 Permutation

6.2.7 Right Shift Accumulation

6.2.8 Data Concentration

6.2.9 Single Substitution

6.2.10 Compound of Data and Key

6.3 Security Analysis

Part ThreeCPK System

Chapter 7CPK Key Management

7.1 CPK Key Distribution

7.1.1 Authentication Network

7.1.2 Communication Key

7.1.3 Classification of Keys

7.2 CPK Signature

7.2.1 Digital Signature and Verification

7.2.2 Signature Format

7.3 CPK Key Delivery

7.4 CPK Data Encryption

7.5 Key Protection

7.5.1 Password Verification

7.5.2 Password Change

Chapter 8CPKchip Design

8.1 Background

8.2 Main Technology

8.3 Chip Structure

8.4 Main Functions

8.4.1 Digital Signature

8.4.2 Data Encryption

Chapter 9CPK IDcard

9.1 Background

9.2 IDcard Structure

9.2.1 The Part of Main Body

9.2.2 The Part of Variables

9.3 IDcard Data Format

9.4 IDcard Management

9.4.1 Administrative Organization

9.4.2 Application for IDcard

9.4.3 Registration Department

9.4.4 Production Department

9.4.5 Issuing Department

Part FourSoftware Authentication

Chapter 10Software ID Authentication

10.1 Technical Background

10.2 Main Technology

10.3 Signing Module

10.4 Verifying Module

10.5 The Feature of Code Signing

Chapter 11Windows Code Authentication

11.1 Introduction

11.2 PE File

11.3 Minifilter

11.3.1 NT I/O Subsystem

11.3.2 File Filter Driving

11.3.3 Minifilter

11.4 Code Authentication of Windows

11.4.1 The System Framework

11.4.2 Characteristics Collecting

11.5 Conclusion

Chapter 12Linux Code Authentication

12.1 General Description

12.2 ELF File

12.3 Linux Security Module (LSM) Framework

12.4 Implementation

Part FiveCommunication Authentication

Chapter 13Phone Authentication

13.1 Main Technologies

13.2 Connecting Procedure

13.3 Data Encryption

13.4 Data Decryption

Chapter 14SSL Communication Authentication

14.1 Layers of Communication

14.2 Secure Socket Layer (SSL)

14.3 Authenticated Socket Layer (ASL)

14.4 ASL Working Principle

14.5 ASL Address Authentication

14.6 Comparison

Chapter 15Router Communication Authentication

……

《CPK公钥体制与标识鉴别（英文）》讨论了未来“网际安全”的关键技术――基于标识鉴别的可信系统，也讨论了与此相关的自证性公钥体制、信任逻辑，以及信任逻辑在可信接入、可信计算、可信交易、可信物流。网络管理中的应用，以及在互联网和物联网构成的网际空间中建立互信的基本技术，也讨论了新一代信息安全的概念和下一代绿色网络安全的发展方向