由于P2P网络中的节点具有高度的自治性和随意性,使得网络的内部安全隐患突出.本文提出一种基于椭圆曲线数字签名和门限密钥分享的分布式认证服务模型.模型取代了传统CA的集中式服务器,具有低成本、高可扩展性、高可用性和容侵性.同时采用可验证门限技术确保CA私钥的安全.%In the P2P network, nodes can join in or leave freely, and they are highly autonomic. Therefore, the dangerous from the network inside should be noticed. In this paper a decentralized authentication mode, which is based on eclipse curve cryp-tosystem and threshold secret sharing scheme,is proposed. This system replaces the Certificate Authority (CA) central server and has many advantages such as low cost, high adaptation, high availability, and intrusion-tolerance. At the same time, verified secret sharing is used to protect the secret key of CA.
展开▼