一种可信安全的层次式基于身份加密系统

doi:10.3969/j.issn.0372-2112.2016.07.001

电子学报 ›› 2016, Vol. 44 ›› Issue (7): 1521-1529.DOI: 10.3969/j.issn.0372-2112.2016.07.001

• 学术论文 • 下一篇

一种可信安全的层次式基于身份加密系统

王小峰, 陈培鑫, 周寰, 苏金树

国防科学技术大学计算机学院, 湖南长沙 410073

收稿日期:2015-01-13 修回日期:2015-03-25 出版日期:2016-07-25
- 作者简介:
- 王小峰 男,1982年4月出生,江苏海安人.2009年在国防科技大学计算机学院获博士学位,现为国防科技大学计算机学院助理研究员,主要从事可信网络系统、密码应用、网络安全、智能数据处理研究.E-mail:xf_wang@nudt.edu.cn;陈培鑫 男,1987年6月出生,广东普宁人.2009、2012年毕业于国防科技大学计算机学院,获学士、硕士学位,现为博士研究生,主要从事基于身份的加密、域间路由安全相关研究.E-mail:chenpeixin@nudt.edu.cn
- 基金资助:
- 国家自然科学基金 (No.61103194,No.61202119); 国家863高技术研究发展计划 (No.2011AA01A103)

A Trustworthy and Secure Hierarchical Identity-Based Encryption System

WANG Xiao-feng, CHEN Pei-xin, ZHOU Huan, SU Jin-shu

College of Computer, National University of Defense Technology, Changsha, Hunan 410073, China

Received:2015-01-13 Revised:2015-03-25 Online:2016-07-25 Published:2016-07-25

摘要/Abstract

摘要：

本文提出一种可信安全的层次式基于身份加密系统T-HIBE,通过层次式分布化的用户私钥产生,以及私钥用户盲因子、用户私钥编号因子和PKG私钥编号因子技术,解决了层次式私钥生成机构的密钥托管和私钥安全传输问题,支持系统高效的用户身份一次认证和可追责性.基于标准的BDH难题假设,文章证明了基本T-HIBE机制和完全T-HIBE机制分别具有IND-sID-OWE和IND-sID-CCA安全性.

关键词: 层次化基于身份加密, 密钥托管, 密钥安全传输, 认证可追责, 抗串谋

Abstract:

The paper proposes a trustworthy and secure HIBE (hierarchical identity-based encryption) system named T-HIBE.It generates private keys in a hierarchical and distributed manner.By using the user blinding index,user private key index and PKG private key index,T-HIBE can achieve the trustworthy private key generation and secure private key distribution.Moreover,the T-HIBE system needs one single user authentication whose accountability is traceable.Based on the standard BDH assumption,we prove that the basic T-HIBE and full T-HIBE have the IND-sID-OWE and IND-sID-CCA security respectively.

Key words: HIBE, key escrow, secure key transmission, accountable authentication, collusion resistant

中图分类号:

TN918

王小峰, 陈培鑫, 周寰, 苏金树. 一种可信安全的层次式基于身份加密系统[J]. 电子学报, 2016, 44(7): 1521-1529.

WANG Xiao-feng, CHEN Pei-xin, ZHOU Huan, SU Jin-shu. A Trustworthy and Secure Hierarchical Identity-Based Encryption System[J]. Acta Electronica Sinica, 2016, 44(7): 1521-1529.

参考文献

[1] Samir A.Identity-based cryptosystems and signature schemes[A].Advances in Cryptology-Crypto (LNCS 0196)[C].Berlin:Springer-Verlag,1984.47-53.
[2] Boneh D,Franklin M.Identity-based encryption from the Weil pairing[A].A dvances in Cryptology-Crypto (LNCS 2139)[C].Berlin:Springer-Verlag,2001.213-229.
[3] Al-Riyami S S,Paterson K G.Certificateless public key cryptography[A].A dvances in Cryptology-ASIACRYPT (LNCS 2894)[C].Berlin:Springer-Verlag,2003.452-473.
[4] Gentry C.Certificate-based encryption and the certificate Revocation proble m[A].Advances in Cryptology-EUROCRYPT (LNCS 2656)[C].Berlin:Springer-Ver lag,2003.272-293.
[5] Kate A,Goldberg I.A Distributed Private-Key Generator for Identity-Based Cryptography[R].Centre for Applied Cryptographic Research (CACR 2007-33).2007.
[6] Chen L,Harrison K,Soldera D,Smart N P.Applications of multiple trust authorities in pairing based cryptosystems[A].Proceedings of the International Conference on Infrastructure Security (LNCS 2637)[C].Berlin:Springer-Verlag, 2003.260-275.
[7] Wang J,Bai X,Yu J,Li D.Protecting against key escrow and key exposure in identity-based cryptosystem[A].Proceedings of the 4th International Conference on Theory and Applications of Models of Computation-TAMC (LNCS 4484)[C].B erlin:Springer-Verlag,2007.148-158.
[8] Lee B,Boyd C,Dawson E,Kim K,Yang J,Yoo S.Secure key issuing in ID-based cryptography[A].Proceedings of Australasian Information Security Workshop-A ISW[C].Dunedin,New Zealand:IEEE Press,2004.69-74.
[9] 曹丹,王小峰,王飞,胡乔林,苏金树.SA-IBE:一种安全可追责的基于身份加密方案[J].电子与信息学报,2011,33(12):2922-2928. CAO Dan,WANG Xiao-feng,WANG Fei,HU Qiao-lin,SU Jin-su.SA-IBE:A secure and accountable identity-based encryption scheme[J].Journal of Electronics & Inf ormation Technology,2011,33(12):2922-2928.(in Chinese)
[10] 葛爱军,马传贵,程庆丰.标准模型下CCA2安全且固定密文长度的模糊基于身份加密方案[J].电子学报,2013,41(10):1948-1952. GE Ai-jun,MA Chuan-gui,CHENG Qing-feng.CCA2 secure fuzzy identity-based encr yption with constant size ciphertexts in the standard model[J].Acta Electroni ca Sinica,2013,41(10):1948-1952.(in Chinese)
[11] 明洋,王育民.标准模型下可证安全的通配符基于身份加密方案[J].电子学报,2013,41(10):2082-2086. Ming Yang,Wang Yu-min.Provably secure identity-based encryption scheme with wildcard in the standard model[J].Acta Electronica Sinica,2013,41(10):2082-2086.(in Chinese)
[12] Lewko A B,Waters B.Why proving HIBE systems secure is difficult[A].Ad vances in Cryptology-EUROCRYPT (LNCS 8441)[C].Berlin:Springer-Verlag,2014.58-76.
[13] Gentry C,Silverberg A.Hierarchical id-based cryptography[A].Advances in Cryptology-ASIACRYPT (LNCS 2501)[C].Berlin:Springer-Verlag,2002.548-566.
[14] Waters B.Dual system encryption:realizing fully secure IBE and HIBE under simple assumptions[A].Advances in Cryptology-CRYPTO (LNCS 5677)[C].Berlin:Springer-Verlag,2009.619-636.
[15] Lewko A,Waters B.New techniques for dual system encryption and fully secure HIBE with short ciphertexts[A].Theory of Cryptograpy Conference (LNCS 5978)[C].Berlin:Springer-Verlag,2010.455-479.
[16] Fujisaki E,Okamoto T.Secure integration of asymmetric and symmetric encryp tion schemes[J].Journal of cryptology,2013,26(1):80-101.

一种可信安全的层次式基于身份加密系统

A Trustworthy and Secure Hierarchical Identity-Based Encryption System

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 4

编辑推荐

Metrics

[1]	寻甜甜, 于佳, 杨光洋, 江秀秀, 郝蓉. 密钥隔离的无证书聚合签名[J]. 电子学报, 2016, 44(5): 1111-1116.
[2]	陈明. 标准模型下可托管的基于身份认证密钥协商[J]. 电子学报, 2015, 43(10): 1954-1962.
[3]	谢冬青;张大方;李超;冷健. 一种任意数量托管代理的密钥托管方案[J]. 电子学报, 2001, 29(2): 172-174.
[4]	宋荣功;杨义先;胡正名. 软件密钥托管加密系统研究[J]. 电子学报, 2000, 28(8): 132-134.