标准模型下可公开验证的匿名IBE方案的安全性分析

doi:10.3969/j.issn.0372-2112.2020.02.010

电子学报 ›› 2020, Vol. 48 ›› Issue (2): 291-295.DOI: 10.3969/j.issn.0372-2112.2020.02.010

标准模型下可公开验证的匿名IBE方案的安全性分析

杨启良^1,2, 周彦伟^1,2, 杨坤伟¹, 王涛¹

1. 陕西师范大学计算机科学学院, 陕西西安 710062;
2. 密码科学技术国家重点实验室, 北京 100878

收稿日期:2019-01-11 修回日期:2019-07-04 出版日期:2020-02-25
- 通讯作者:
- 周彦伟
- 作者简介:
- 杨启良 男,1991年6月出生于陕西省西安市.现为陕西师范大学计算机科学学院博士生.从事密码学、信息安全的研究工作E-mail:yangqiliang@snnu.edu.cn
- 基金资助:
- 国家重点研发计划 (No.2017YFB0802000）; 国家自然科学基金 (No.61802242，No.61572303，No.61772326，No.61872087，No.61802241，No.61702259）; 陕西省自然科学基础研究计划 (No.2018JQ6088）; "十三五"国家密码发展基金 (No.MMJJ20180217）; 中央高校基本科研业务费项目 (No.GK201803064）

On the Security of Publicly Verifiable Anonymous IBE Scheme in the Standard Model

YANG Qi-liang^1,2, ZHOU Yan-wei^1,2, YANG Kun-wei¹, WANG Tao¹

1. School of Computer Science, Shaanxi Normal University, Xi'an, Shaanxi 710062, China;
2. State Key Laboratory of Cryptology, Beijing 100878, China

Received:2019-01-11 Revised:2019-07-04 Online:2020-02-25 Published:2020-02-25
- Corresponding author:
- ZHOU Yan-wei
- Supported by:
- National Key Research and Development Program of China (No.2017YFB0802000); National Natural Science Foundation of China (No.61802242, No.61572303, No.61772326, No.61872087, No.61802241, No.61702259); Natural Science Basic Research Program of Shaanxi Province (No.2018JQ6088); National Cryptography Development Fund during 13th Five-year Plan (No.MMJJ20180217); Program of Fundamental Research Funds for the Central Universities (No.GK201803064)

摘要/Abstract

摘要： 现有的可公开验证的匿名基于身份的加密（Identity-Based Encryption，IBE）机制声称解决了在静态困难性假设之上构造紧的选择密文安全的IBE机制的困难性问题.然而，本文发现，由于该机制的密文不具备防扩展性，使得任何敌手可基于已知的有效密文生成任意消息的合法加密密文，导致该机制无法满足其所声称的选择密文安全性.我们根据不同的密文相等判定条件分别提出两种方法对原始方案的安全性进行了分析，同时在分析基础上指出原始安全性证明过程中所存在的不足.

关键词: 基于身份的密码学, 基于身份的加密, 公开可验证, 选择密文安全, 判定性双线性Diffie-Hellman假设, 标准模型, 双线性映射

Abstract: How to create an identity-based encryption (IBE) scheme with tight chosen-ciphertext attacks (CCA) security based on the static assumption is an open problem. A publicly verifiable anonymous IBE scheme designed in the standard model claimed that the CCA security of proposed scheme was proved based on the classic static assumption. However, in this paper, we demonstrate that the previous IBE scheme cannot achieve the claimed CCA security because the ciphertext was extensile. In other words, a valid encrypted ciphertext can be forged by any adversary from a known ciphertext. To analyze the security of the previous IBE scheme, two methods are proposed based on the criterion of ciphertext equality. Additionally, based on the analysis of the previous IBE scheme, we point out the shortcomings of the original security proof.

Key words: identity-based cryptography, identity-based encryption, anonymous, publicly verifiable, chosen-ciphertext security, decisional bilinear Diffie-Hellman assumption, standard model, bilinear pairing

中图分类号:

TP309.7

杨启良, 周彦伟, 杨坤伟, 等. 标准模型下可公开验证的匿名IBE方案的安全性分析[J]. 电子学报, 2020, 48(2): 291-295.

YANG Qi-liang, ZHOU Yan-wei, YANG Kun-wei, et al. On the Security of Publicly Verifiable Anonymous IBE Scheme in the Standard Model[J]. Acta Electronica Sinica, 2020, 48(2): 291-295.

参考文献

[1] SHAMIR A.Identity-based cryptosystems and signature schemes[A].Annual International Cryptology Conference on the Theory and Applications of Cryptographic Techniques[C].Berlin Heidelberg:Springer,1985.47-53.
[2] BONEH D,FRANKLIN M.Identity-based encryption from the weil pairing[A].Annual International Cryptology Conference on the Theory and Applications of Cryptographic Techniques[C].Berlin Heidelberg:Springer,2001.213-229.
[3] BONEH D,BOYEN X.Efficient selective-ID secure identity-based encryption without random oracles[A].International Conference on the Theory and Applications of Cryptographic Techniques[C].Berlin Heidelberg:Springer,2004.223-238.
[4] BONEH D,BOYEN X.Secure identity-based encryption without random oracles[A].Annual International Cryptology Conference on the Theory and Applications of Cryptographic Techniques[C].Berlin Heidelberg:Springer,2004.443-459.
[5] WATERS B.Efficient identity-based encryption without random oracles[A].International Conference on the Theory and Applications of Cryptographic Techniques[C].Berlin Heidelberg:Springer,2005.114-127.
[6] GENTRY C.Practical identity-based encryption without random oracles[A].International Conference on the Theory and Applications of Cryptographic Techniques[C].Berlin Heidelberg:Springer,2006.445-464.
[7] 李大伟,杨庚,朱莉.一种基于身份加密的可验证秘密共享方案[J].电子学报,2010,38(9):2059-2065. LI Da-wei,YANG Gen,ZHU Li. An ID-based verifiable secret sharing scheme[J].Acta Electronica Sinica,2010,38(9):2059-2065.(in Chinese)
[8] 明洋,王育民.标准模型下可证安全的通配符基于身份加密方案[J].电子学报,2013,41(10):2082-2086. MING Yang,WANG Yu-min.Provably secure identity-based encryption scheme with wildcard in the standard model[J].Acta Electronica Sinica,2013,41(10):2082-2086.(in Chinese)
[9] HU M X,Ye Q,Tang Y L.Efficient batch identity-based fully homomorphic encryption scheme in the standard model[J].IET Information Security,2018,12(6):475-483.
[10] LI X G,XIANG T,CHEN F,GUO S W.Efficient biometric identity-based encryption[J].Information Sciences,2018,465:248-264.
[11] WU L B,ZHANG Y B,CHOO K K,HE D B.Efficient and secure identity-based encryption scheme with equality test in cloud computing[J].Future Generation Computer Systems,2017,73:22-31.
[12] HAN S,LIU S L,QIN B D,GU D W.Tightly CCA-secure identity-based encryption with ciphertext pseudorandomness[J].Designs,Codes and Cryptography,2018,86(3):517-554.
[13] 李顺东,杨坤伟,巩林明,毛庆,刘新.标准模型下可公开验证的匿名IBE方案[J].电子学报,2016,44(3),673-678. LI Shun-dong,YANG Kun-wei,GONG Lin-ming,MAO Qing,LIU Xin.A publicly verifiable anonymous IBE scheme in the standard model[J].Acta Electronica Sinica,2016,44(3),673-678.(in Chinese)

[1]	戚珉, 陈明. 标准模型下基于身份的混淆乐观公平交换方案[J]. 电子学报, 2020, 48(8): 1516-1527.
[2]	丁勇, 王冰尧, 袁方, 王玉珏, 张昆, 田磊. 支持第三方仲裁的智能电网数据安全聚合方案[J]. 电子学报, 2020, 48(2): 350-358.
[3]	巩林明, 李顺东, 窦家维, 王道顺. 标准模型下抗CPA与抗CCA2的RSA型加密方案[J]. 电子学报, 2018, 46(8): 1938-1946.
[4]	赵艳琦, 来齐齐, 禹勇, 杨波, 赵一. 标准模型下基于身份的环签名方案[J]. 电子学报, 2018, 46(4): 1019-1024.
[5]	莫若, 马建峰, 刘西蒙, 张涛. 一种支持树形访问结构的属性基可净化签名方案[J]. 电子学报, 2017, 45(11): 2715-2720.
[6]	李顺东, 杨坤伟, 巩林明, 毛庆, 刘新. 标准模型下可公开验证的匿名IBE方案[J]. 电子学报, 2016, 44(3): 673-678.
[7]	陈明. 标准模型下可托管的基于身份认证密钥协商[J]. 电子学报, 2015, 43(10): 1954-1962.
[8]	李琦, 马建峰, 熊金波, 刘西蒙, 马骏. 一种素数阶群上构造的自适应安全的多授权机构CP-ABE方案[J]. 电子学报, 2014, 42(4): 696-702.
[9]	马春光, 石岚, 周长利, 汪定. 属性基门限签名方案及其安全性研究[J]. 电子学报, 2013, 41(5): 1012-1015.
[10]	明洋, 王育民. 标准模型下可证安全的通配符基于身份加密方案[J]. 电子学报, 2013, 41(10): 2082-2086.
[11]	葛爱军, 马传贵, 程庆丰. 标准模型下CCA2安全且固定密文长度的模糊基于身份加密方案[J]. 电子学报, 2013, 41(10): 1948-1952.
[12]	李继国, 杨海珊, 张亦辰. 标准模型下安全的基于证书密钥封装方案[J]. 电子学报, 2012, 40(8): 1577-1583.
[13]	李继国;孙刚;张亦辰. 标准模型下可证安全的本地验证者撤销群签名方案[J]. 电子学报, 2011, 39(7): 1618-1623.
[14]	赵菁;冯登国;杨林;马琳茹. 一个高效的选择密文安全的分类代理重加密方案[J]. 电子学报, 2011, 39(11): 2513-2519.
[15]	蔡永泉, 刘岩. 一种基于身份信息无可信中心无随机预言的群签名[J]. 电子学报, 2009, 37(S1): 87-91.

标准模型下可公开验证的匿名IBE方案的安全性分析

On the Security of Publicly Verifiable Anonymous IBE Scheme in the Standard Model

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics