無證書代理重加密體制的研究
發(fā)布時間:2018-11-27 20:14
【摘要】:代理重加密由Blaze等人在1998年的歐洲密碼年會上提出,它在數(shù)字版權保護、加密電子郵件轉發(fā)和云計算等場合有著廣泛的應用,成為密碼學近年來的一個熱點研究領域。在一個代理重加密方案中,代理者使用由授權人產(chǎn)生的針對被授權人的重加密密鑰,可以將原本針對授權人的密文轉換為針對被授權人的重加密密文,被授權人只需利用其私鑰就可以解密重加密密文。 一些代理重加密方案已經(jīng)在各種文獻中提出,大部分代理重加密方案都是在傳統(tǒng)的公鑰加密的基礎上構建或基于身份標識的加密方案上構建。然而,基于PKI的加密系統(tǒng)存在額外的證書管理工作,而基于身份的加密系統(tǒng)有著固有的密鑰托管問題。為解決此問題,Sur等人在2010年提出了無證書代理重加密的模式,并給出了具體的方案。作者對該方案進行了研究,分析了其安全性模型和安全性證明過程,發(fā)現(xiàn)該方案達不到聲稱的安全性。盡管如此,他們的文章仍然具有建設性,因為他們推出了新穎的無證書代理重加密模式,也給我們留下了一個有趣的問題,即如何構造一個在隨機諭示模型下選擇密文安全的CL-PRE方案。本文重點對無證書代理重加密進行了研究,主要研究內容和創(chuàng)新點歸納如下: 一是提出了一個通用構造方法,可以實現(xiàn)隨機諭示模型下選擇密文安全的無證書代理重加密方案的構建。本文緊緊抓住無證書加密體制和代理重加密體制的特點,研究相應的攻擊手法和對抗方法,圍繞如何對抗兩者疊加帶來的攻擊,分析了無證書加密、代理重加密組件及其他密碼組件之間的關系,提出了解決方案,實現(xiàn)了通用構造方法。該方法可以由基本的公鑰加密和基于身份的加密體制開始,構建一個無證書公鑰加密方案,然后添加代理重加密因子,,得到一個隨機諭示模型下IND-CCA語義安全的無證書代理重加密方案。該方法可以用于構建具體的加密模式,也能用于檢驗現(xiàn)有代理重加密方案的安全性。 二是對Sur-CL-PRE方案進行檢驗,證實該方案達不到聲稱的IND-CCA安全性,提出了改進方案,并證明了改進方案的IND-CCA安全性。本文提出,該通用構造方法可以用于檢驗現(xiàn)有的無證書代理重加密方案,有助于發(fā)現(xiàn)現(xiàn)存方案的薄弱點,以提出攻擊方式,改進現(xiàn)有的方案。通過使用通用構造方法對Sur-CL-PRE方案進行了研究,發(fā)現(xiàn)了具體的攻擊方法,證明該方案并不達到聲稱的IND-CCA安全性。接著分析了其安全性模型和安全性證明過程,定位了缺陷,最后對方案進行了改進,并證明了改進方案具有IND-CCA安全性。 三是按照本文提出的通用構造方法,由基本的公鑰加密體制和基于身份的加密體制開始,完成一個新的無證書代理重加密方案NewCL-PRE的構建,并分析其有效性和正確性,證明了NewCL-PRE在隨機諭示模型下具有IND-CCA語義安全性。同時還分析了該方案的性能和特點。該方案為目前第一個具有選擇密文安全性的無證書代理重加密方案。 四是本文在對于代理重加密因子研究的基礎上,根據(jù)一級密文必須具有公開可驗證因子的原則,對于K.Emura等人提出的具有源隱藏特性的代理重加密方案進行分析,發(fā)現(xiàn)了存在的問題,提出了一個攻破該方案的選擇密文安全性的方法,分析了該方案的缺陷,進行了改進,完成相應的證明。 我們認為,對于代理重加密的構造原則的研究,對于隨機諭示模型下選擇密文安全的無證書代理重加密方案通用構造方法的研究,都將有助于更好的設計更多的方案。我們期待所提出的通用構造方法能有助于得到更多具有更好特點的無證書代理重加密方案。
[Abstract]:The proxy re-encryption is proposed by Blaze et al. in 1998, which has a wide application in digital copyright protection, encrypted e-mail forwarding and cloud computing, and has become a hot research field in recent years. in a proxy re-encryption scheme, the agent uses the re-encryption key for the authorized person generated by the authorized person, and can convert the cipher text originally aiming at the authorized person into the re-encrypted cipher text for the authorized person, and the authorized person can decrypt the re-encrypted cipher text only by using the private key of the authorized person. some proxy re-encryption schemes have been proposed in various documents, and most of the proxy re-encryption schemes are constructed on a traditional public key encryption or on an identity-based encryption scheme However, the PKI-based encryption system has additional certificate management, and the identity-based encryption system has inherent key escrow. In order to solve this problem, Sur et al. proposed a mode of re-encryption of the non-certificate agent in 2010, and given the specific party The author studied the scheme, analyzed its security model and the security certificate process, and found that the scheme could not reach the claimed safety. Sex. Despite this, their articles are still constructive because they have introduced a novel, non-certificate-free, re-encryption model that also leaves us an interesting question, how to construct a CL-PRE that is safe for the selection of the ciphertext under the random access model This paper focuses on the research of the re-encryption of the non-certificate agent, and the main research contents and the innovation points are summarized as follows: next, a general construction method is proposed, which can implement the non-certificate proxy re-encryption scheme of the cipher text security under the random access control model. In this paper, the characteristics of the non-certificate encryption system and the proxy re-encryption system are grasped, the corresponding attack methods and the countermeasures are studied, and the attack caused by the superposition of the two is analyzed, and the non-certificate encryption, the proxy re-encryption component and other cryptographic components are analyzed. In this paper, the solution is put forward, and the general structure is realized. the method can be started by the basic public key encryption and the identity-based encryption system, a certificate-free public key encryption scheme is constructed, the proxy re-encryption factor is added, and a certificate-free agent re-encryption of the IND-CCA semantic security under a random public key model is obtained, the method can be used for constructing a specific encryption mode and also can be used for checking the existing proxy re-encryption scheme, Safety. Two are to be tested for the Sur-CL-PRE protocol, confirming that the protocol does not reach the claimed IND-CCA safety, and proposes an improved protocol and demonstrates the IND-C of the improved protocol CA Security. This paper proposes that the general construction method can be used to check the existing non-certificate proxy re-encryption scheme, which can help to find the weak points of the existing scheme, so as to propose the attack mode and improve the scheme. By using the general construction method to study the Sur-CL-PRE scheme, a specific method of attack is found to prove that the scheme does not reach the claimed IND-C The security model and the security certification process are then analyzed, the defects are located, the scheme is improved, and the improvement scheme is proved to have the IND-C CA security. Three is the general construction method proposed in this paper, which is based on the basic public key encryption system and the identity-based encryption system to complete the construction of a new non-certificate proxy re-encryption scheme, NewCL-PRE, and analyze it The validity and correctness of the new CL-PRE are proved to be IND-C in the random parametric model. CA semantic security. The party is also analyzed The performance and characteristics of the case. The scheme is the first non-certificate with the choice of the safety of the cipher text. Proxy re-encryption scheme. On the basis of the research of the agent re-encryption factors, the paper analyzes the agent re-encryption scheme with the source hiding property proposed by K. Emura et al. In this paper, we find the existing problems, and put forward a method to break the security of the choice cipher text of the scheme, and analyze the defect of the scheme and carry out the reform. In our opinion, for the research of the construction principle of the re-encryption of the proxy, the research on the general construction method of the non-certificate proxy re-encryption scheme for selecting the cipher text safety under the random access model will help. We look forward to the proposed general construction method to help get a lot of better features
【學位授予單位】:華南理工大學
【學位級別】:博士
【學位授予年份】:2014
【分類號】:TN918.4
本文編號:2361914
[Abstract]:The proxy re-encryption is proposed by Blaze et al. in 1998, which has a wide application in digital copyright protection, encrypted e-mail forwarding and cloud computing, and has become a hot research field in recent years. in a proxy re-encryption scheme, the agent uses the re-encryption key for the authorized person generated by the authorized person, and can convert the cipher text originally aiming at the authorized person into the re-encrypted cipher text for the authorized person, and the authorized person can decrypt the re-encrypted cipher text only by using the private key of the authorized person. some proxy re-encryption schemes have been proposed in various documents, and most of the proxy re-encryption schemes are constructed on a traditional public key encryption or on an identity-based encryption scheme However, the PKI-based encryption system has additional certificate management, and the identity-based encryption system has inherent key escrow. In order to solve this problem, Sur et al. proposed a mode of re-encryption of the non-certificate agent in 2010, and given the specific party The author studied the scheme, analyzed its security model and the security certificate process, and found that the scheme could not reach the claimed safety. Sex. Despite this, their articles are still constructive because they have introduced a novel, non-certificate-free, re-encryption model that also leaves us an interesting question, how to construct a CL-PRE that is safe for the selection of the ciphertext under the random access model This paper focuses on the research of the re-encryption of the non-certificate agent, and the main research contents and the innovation points are summarized as follows: next, a general construction method is proposed, which can implement the non-certificate proxy re-encryption scheme of the cipher text security under the random access control model. In this paper, the characteristics of the non-certificate encryption system and the proxy re-encryption system are grasped, the corresponding attack methods and the countermeasures are studied, and the attack caused by the superposition of the two is analyzed, and the non-certificate encryption, the proxy re-encryption component and other cryptographic components are analyzed. In this paper, the solution is put forward, and the general structure is realized. the method can be started by the basic public key encryption and the identity-based encryption system, a certificate-free public key encryption scheme is constructed, the proxy re-encryption factor is added, and a certificate-free agent re-encryption of the IND-CCA semantic security under a random public key model is obtained, the method can be used for constructing a specific encryption mode and also can be used for checking the existing proxy re-encryption scheme, Safety. Two are to be tested for the Sur-CL-PRE protocol, confirming that the protocol does not reach the claimed IND-CCA safety, and proposes an improved protocol and demonstrates the IND-C of the improved protocol CA Security. This paper proposes that the general construction method can be used to check the existing non-certificate proxy re-encryption scheme, which can help to find the weak points of the existing scheme, so as to propose the attack mode and improve the scheme. By using the general construction method to study the Sur-CL-PRE scheme, a specific method of attack is found to prove that the scheme does not reach the claimed IND-C The security model and the security certification process are then analyzed, the defects are located, the scheme is improved, and the improvement scheme is proved to have the IND-C CA security. Three is the general construction method proposed in this paper, which is based on the basic public key encryption system and the identity-based encryption system to complete the construction of a new non-certificate proxy re-encryption scheme, NewCL-PRE, and analyze it The validity and correctness of the new CL-PRE are proved to be IND-C in the random parametric model. CA semantic security. The party is also analyzed The performance and characteristics of the case. The scheme is the first non-certificate with the choice of the safety of the cipher text. Proxy re-encryption scheme. On the basis of the research of the agent re-encryption factors, the paper analyzes the agent re-encryption scheme with the source hiding property proposed by K. Emura et al. In this paper, we find the existing problems, and put forward a method to break the security of the choice cipher text of the scheme, and analyze the defect of the scheme and carry out the reform. In our opinion, for the research of the construction principle of the re-encryption of the proxy, the research on the general construction method of the non-certificate proxy re-encryption scheme for selecting the cipher text safety under the random access model will help. We look forward to the proposed general construction method to help get a lot of better features
【學位授予單位】:華南理工大學
【學位級別】:博士
【學位授予年份】:2014
【分類號】:TN918.4
【參考文獻】
相關期刊論文 前4條
1 賴俊祚;朱文濤;鄧慧杰;劉勝利;寇衛(wèi)東;;New Constructions for Identity-Based Unidirectional Proxy Re-Encryption[J];Journal of Computer Science & Technology;2010年04期
2 DENG Robert;;CCA-secure unidirectional proxy re-encryption in the adaptive corruption model without random oracles[J];Science China(Information Sciences);2010年03期
3 洪澄;張敏;馮登國;;面向云存儲的高效動態(tài)密文訪問控制方法[J];通信學報;2011年07期
4 王會歌;曹浩;劉斌;沈峰;;基于雙線性對的代理重加密方案(英文)[J];河北北方學院學報(自然科學版);2012年04期
相關博士學位論文 前1條
1 周德華;代理重加密體制的研究[D];上海交通大學;2013年
本文編號:2361914
本文鏈接:http://sikaile.net/kejilunwen/wltx/2361914.html
最近更新
教材專著
