计算机应用 ›› 2016, Vol. 36 ›› Issue (11): 3077-3081.DOI: 10.11772/j.issn.1001-9081.2016.11.3077

• 网络空间安全 • 上一篇    下一篇

前向安全的格上基于身份签密方案

项文, 杨晓元, 王绪安, 吴立强   

  1. 武警工程大学 网络与信息安全武警部队重点实验室, 西安 710086
  • 收稿日期:2016-04-18 修回日期:2016-07-03 出版日期:2016-11-10 发布日期:2016-11-12
  • 通讯作者: 项文
  • 作者简介:项文(1990-),男,湖北襄阳人,硕士研究生,主要研究方向:格密码学;杨晓元(1959-),男,湖南湘潭人,教授,硕士,CCF会员,主要研究方向:密码学、可信计算;王绪安(1981-),男,湖北公安人,副教授,博士研究生,主要研究方向:信息安全、密码学;吴立强(1986-),男,陕西蓝田人,讲师,硕士,CCF会员,主要研究方向:格密码学、可证明安全理论。
  • 基金资助:
    国家自然科学基金资助项目(61272492,61572521);陕西省自然科学基础研究计划项目(2015JM8300);武警工程大学基础研究项目(WJY201422,WJY201523)。

Forward secure identity-based signcryption from lattice

XIANG Wen, YANG Xiaoyuan, WANG Xu'an, WU Liqiang   

  1. Key Laboratory of Network and Information Security under Chinese People's Armed Police Force, Engineering University of Chinese People's Armed Police Force, Xi'an Shaanxi 710086, China
  • Received:2016-04-18 Revised:2016-07-03 Online:2016-11-10 Published:2016-11-12
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China(61272492, 61572521), the Basic Research Project of Natural Science in Shaanxi province (2015JM6353), the basic Research Project of the Engineering University of CAPF(WJY201422, WJY201523).

摘要: 针对目前基于格的签密方案尚不能满足前向安全性,提出一个具有前向安全的基于身份的签密方案。首先,该方案利用格基授权算法对用户和发送者的公私钥对进行更新;其次,结合基于格上错误学习问题的原像采样算法进行用户签名,并利用包含签名信息的哈希值对消息进行加密。在随机预言机模型下,证明该方案是适应性选择身份和选择密文攻击安全(IND-sID-CCA2)和强不可伪造选择消息攻击安全(sUF-CMA)的,同时证明了该方案具有前向安全性。相对于基于配对的签密方案,所提方案在计算速度和密文扩展率的优势都较为明显。

关键词: 前向安全, 基于身份加密, 错误学习, 格基授权, 选择密文攻击

Abstract: To solve the problem that current signcryption schemes based on lattice cannot achieve forward security, a new identity-based signcryption scheme with forward security was proposed. Firstly, lattice basis delegation algorithm was used to update the users' public keys and private keys. Then, the preimage sampleable functions based on Learning With Errors (LWE) over lattice was used to sign the message,and the signature was also used to encrypt the message. The scheme was proved to be adaptive INDistinguishiability selective IDentity and Chosen-Ciphertext Attack (IND-sID-CCA2) secure, strong UnForgeable Chosen-Message Attack (sUF-CMA) secure and forward secure. Compared with the signcryption schemes based on pairings, the proposed scheme has more advantages in computational efficiency and ciphertext extension rate.

Key words: forward secure, identity-based encryption, Learning With Errors (LWE), lattice basis delegation, chosen ciphertext attack

中图分类号: