电子学报 ›› 2020, Vol. 48 ›› Issue (9): 1786-1794.DOI: 10.3969/j.issn.0372-2112.2020.09.017

• 学术论文 • 上一篇    下一篇

基于理想格的鲁棒门限代理重加密方案

吴立强, 韩益亮, 杨晓元, 张敏情, 杨凯   

  1. 武警工程大学武警部队网络与信息安全保密重点实验室, 陕西西安 710086
  • 收稿日期:2019-09-27 修回日期:2019-12-03 出版日期:2020-09-25 发布日期:2020-09-25
  • 通讯作者: 韩益亮
  • 作者简介:吴立强 男,1986年7月出生于陕西蓝田.现为武警工程大学密码工程学院讲师.主要研究方向为基于格的密码学和可证明安全理论.E-mail:latticewj@163.com
    杨晓元 男,1959年11月生于湖南湘潭,教授、博士生导师,主要研究领域为网络安全与密码学.E-mail:yxyangyxyang@163.com
    张敏情 女,1967年3月出生于陕西西安,教授、博士生导师,主要研究领域为信息隐藏、密码学.E-mail:api_zmq@126.com
    杨凯 男,1983年10月出生于山东莱芜,讲师,博士,主要研究方向为网络安全.E-mail:sydeny-001@163.com
  • 基金资助:
    国家自然科学基金(No.U1636114,No.61572521,No.61772550);国家社会科学基金项目(No.18XXW015);武警工程大学创新团队科学基金资助(No.KYTD201805);陕西省自然科学基金(No.2018JM6078)

Robust Threshold Proxy Re-encryption Scheme from Ideal Lattices

WU Li-qiang, HAN Yi-liang, YANG Xiao-yuan, ZHANG Min-qing, YANG Kai   

  1. Key Laboratory of Network and Information Security, Engineering University of Chinese Armed Police Force, Xi'an, Shaanxi 710086, China
  • Received:2019-09-27 Revised:2019-12-03 Online:2020-09-25 Published:2020-09-25

摘要: 代理重加密能够实现解密权限的转换,而鲁棒门限代理重加密(Threshold Proxy Re-Encryption,TPRE)不仅支持安全灵活的转化控制,而且支持转化密文的合法性验证.本文利用理想格上工具构造了一种TPRE方案,采用Shamir秘密共享实现门限控制,采用格上同态签名技术实现鲁棒性,可完全抗量子攻击.新方案与标准格上方案相比,密文尺寸小、密钥份额短、计算速度快;基于PRE和TPRE安全模型的差异,证明对TPRE的攻击多项式时间内可转化为对基础PRE方案的攻击,安全性可规约为R-LWE(Learning With Errors over Ring)困难假设;新方案适用于在去中心化环境中实现密文访问控制,可用于基于区块链网络的文件共享和多域网络快速互联等场景.

关键词: 代理重加密, 理想格, 鲁棒性, 同态签名, 访问控制, 量子攻击

Abstract: Proxy re-encryption can achieve decryption permission conversion,while robust threshold proxy re-encryption (TPRE) supports not only secure and flexible conversion control,but also the validity verification of converted ciphertext.An ideal lattices based TPRE was proposed achieving threshold control by Shamir secret sharing and robustness by homomorphic signature technique,which could resist to quantum analysis completely.The new scheme enjoys small ciphertext size,short key share and high calculation speed compared with the similar schemes from standard lattices.Based on the differences between PRE and TPRE security models,attacks on our TPRE can be transformed into corresponding attacks on potential PRE scheme in polynomial time,therefore its security can be reduced to R-LWE (Learning With Errors over Ring) difficult assumption.It provides encryption and cryptographic access control in a decentralized environment,and widely used in scenarios such as file sharing based on blockchain networks and rapid interconnection of multi-domain networks.

Key words: proxy re-encryption, ideal lattices, robustness, homomorphic signature, access control, quantum attack

中图分类号: