可外包解密和成员撤销的身份基加密方案

doi:10.11772/j.issn.1001-9081.2019071215

计算机应用 ›› 2019, Vol. 39 ›› Issue (12): 3563-3568.DOI: 10.11772/j.issn.1001-9081.2019071215

可外包解密和成员撤销的身份基加密方案

王占君¹, 马海英², 王金华¹, 李燕²

1. 南通大学理学院, 江苏南通 226019;
2. 南通大学信息科学技术学院, 江苏南通 226019

收稿日期:2019-07-15 修回日期:2019-09-08 出版日期:2019-12-10 发布日期:2019-10-25
作者简介:王占君(1978-),男,河南鹤壁人,讲师,硕士,主要研究方向:公钥密码学、代数;马海英(1977-),女,河南新乡人,副教授,博士,CCF会员,主要研究方向:公钥密码学、隐私保护;王金华(1962-),男,江苏南通人,教授,博士生导师,博士,主要研究方向:组合数学、密码学;李燕(1996-),女,江苏盐城人,硕士研究生,主要研究方向:密码学、区块链应用。
基金资助:
国家自然科学基金基金项目（61402244）；南通大学自然科学自主研发项目（13230132）；江苏省研究生科研创新计划项目（SJCX19_0981）。

Revocable identity-based encryption scheme with outsourcing decryption and member revocation

WANG Zhanjun¹, MA Haiying², WANG Jinhua¹, LI Yan²

1. School of Sciences, Nantong University, Nantong Jiangsu 226019, China;
2. School of Information Science and Technology, Nantong University, Nantong Jiangsu 226019, China

Received:2019-07-15 Revised:2019-09-08 Online:2019-12-10 Published:2019-10-25
Contact: 马海英
Supported by:
This work is partially supported by the National Natural Science Foundation of China (61402244), the Natural Science Independent Research and Development Project of Nantong University (13230132), the Jiangsu Graduate Research and Innovation Program (SJCX19_0981).

摘要/Abstract

摘要： 针对可撤销成员的身份基加密（RIBE）方案中密钥更新效率较低，且解密的工作量较大，难以应用于轻量级设备的问题，提出了一个可外包解密和成员撤销的身份基加密方案（RIBE-OD）。首先，生成一个完全二叉树，为这棵树的每个节点指定一个一次多项式。然后，将基于指数逆模式构造的身份基加密（IBE）方案和完全子树方法相结合，利用该一次多项式计算所有用户的私钥和未撤销用户的更新密钥，撤销用户因不能获得与之匹配的更新密钥而失去解密能力。其次，利用外包解密技术修改密钥生成算法，增加密文转换算法，从而将大部分解密运算量安全外包给云服务器，轻量级设备仅需少量运算即可解密密文。最后，基于判定双线性Diffie-Hellman逆转（DBDHI）假设，证明了所提方案的安全性。与BGK方案相比，该方案的密钥更新效率提高了85.7%，轻量级设备的解密过程减少到一个椭圆曲线指数运算，非常适合于轻量级设备解密密文。

关键词: 身份基加密, 成员撤销, 完全子树方法, 外包解密技术, 轻量级设备

Abstract: For the drawbacks of low key updating efficiency and high decryption cost of the Revocable Identity-Based Encryption (RIBE), which make it unsuitable for lightweight devices, an RIBE with Outsourcing Decryption and member revocation (RIBE-OD) was proposed. Firstly, a full binary tree was created and a random one-degree polynomial was picked for each node of this tree. Then, the one-degree polynomial was used to create the private keys of all the users and the update keys of the unrevoked users by combining the IBE scheme based on exponential inverse model and the full subtree method, and the revoked users' decryption abilities were deprived due to not obtaining their update keys. Next, the majority of decryption calculation was securely outsourced to cloud servers after modifying the private key generation algorithm by the outsourcing decryption technique and adding the ciphertext transformation algorithm. The lightweight devices were able to decrypt the ciphertexts by only performing a little simple computation. Finally, the proposed scheme was proved to be secure based on the Decisional Bilinear Diffie-Hellman Inversion (DBDHI) assumption. Compared with Boldyreva-Goyal-Kumar (BGK) scheme, the proposed scheme not only improves the efficiency of key updating by 85.7%, but also reduces the decryption cost of lightweight devices to an exponential operation of elliptic curve, so it is suitable for lightweight devices to decrypt ciphertexts.

Key words: Identity-Based Encryption (IBE), member revocation, full subtree method, outsourcing decryption technology, lightweight device

中图分类号:

TP309.7

王占君, 马海英, 王金华, 李燕. 可外包解密和成员撤销的身份基加密方案[J]. 计算机应用, 2019, 39(12): 3563-3568.

WANG Zhanjun, MA Haiying, WANG Jinhua, LI Yan. Revocable identity-based encryption scheme with outsourcing decryption and member revocation[J]. Journal of Computer Applications, 2019, 39(12): 3563-3568.

参考文献

[1] SHAMIR A. Identity-based cryptosystems and signature schemes[C]//Proceedings of the 1984 Workshop on the Theory and Application of Cryptographic Techniques, LNCS 196. Berlin:Springer, 1984:47-53.
[2] BONEH D, FRANKLIN M. Identity-based encryption from the Weil pairing[J]. SIAM Journal of Computing, 2001, 32(3):586-615.
[3] WARTERS B. Dual system encryption:realizing fully secure IBE and HIBE under simple assumptions[C]//Proceedings of the 2009 Annual International Cryptology Conference, LNCS 5677. Berlin:Springer, 2009:619-636.
[4] BOYEN X. General Ad Hoc encryption from exponent inversion IBE[C]//Proceedings of the 2007 Annual International Conference on the Theory and Applications of Cryptographic Techniques, LNCS 4515. Berlin:Springer, 2007:394-411.
[5] SAKAI R, KASAHARA M. ID-based cryptosystems with pairing over pairing over elliptic curve[EB/OL].[2019-05-18]. https://eprint.iacr.org/2003/054.pdf.
[6] NAOR D, NAOR M, LOTSPIECH J. Revocation and tracing schemes for stateless receivers[C]//Proceedings of the 2001 Annual International Cryptology Conference, LNCS 2139. Berlin:Springer, 2001:41-62.
[7] BOLDYREVA A, GOYAL V, KUMAR V. Identity-based encryption with efficient revocation[C]//Proceedings of the 15th ACM Conference on Computer and Communications Security. New York:ACM, 2008:417-426.
[8] LIBERT B, VERGNAUD D. Adaptive-ID secure revocable identity-based encryption[C]//Proceedings of the 2009 Cryptographers' Track at the RSA Conference, LNCS 5473. Berlin:Springer, 2009:1-15.
[9] SEO J H, EMURA K. Revocable identity-based encryption revisited:security model and construction[C]//Proceedings of the 2013 International Workshop on Public Key Cryptography, LNCS 7778. Berlin:Springer, 2013:216-234.
[10] LEE K, LEE D H, PARK J H. Efficient revocable identity-based encryption via subset difference methods[J]. Designs, Codes and Cryptography, 2017, 85(1):39-76.
[11] WANG C, LI Y, XIA X, et al. An efficient and provable secure revocable identity-based encryption scheme[J]. PloS One, 2014, 9(9):Article No. e106925.
[12] LEE K. Revocable hierarchical identity-based encryption with adaptive security[EB/OL].[2019-05-18]. https://eprint.iacr.org/2016/749.pdf.
[13] LEE K. A generic construction for revocable identity-based encryption with subset difference methods[EB/OL].[2019-05-19]. https://eprint.iacr.org/2019/798.pdf.
[14] MA X, LIN D. A generic construction of revocable identity-based encryption[EB/OL].[2019-04-15]. https://eprint.iacr.org/2019/299.pdf.
[15] MA H, WANG Z, WANG J. Efficient ciphertext-policy attribute-based online/offline encryption with user revocation[J]. Security and Communication Networks, 2019, 2019:Article No. 8093578.
[16] 马海英,曾国荪,包志华,等.抗连续辅助输入泄漏的属性基加密方案[J].计算机研究与发展,2016,53(8):1867-1878.(MA H Y, ZENG G S, BAO Z H, et al. Attribute-based encryption scheme resilient against continuous auxiliary-inputs leakage[J]. Journal of Computer Research and Development, 2016, 53(8):1867-1878.)
[17] GREEN M, HOHENBERGER S, WATERS B. Outsourcing the decryption of ABE ciphertexts[C]//Proceedings of the 20th USENIX Conference on Security. Berkeley:USENIX Association, 2011:34-34.
[18] WANG Z, MA H, WANG J. Attribute-based online/offline encryption with outsourcing decryption[J]. Journal of Information Science and Engineering, 2016, 32(6):1595-1611.
[19] 王占君,马海英,王金华.移动云计算中基于身份的轻量级加密方案[J].计算机工程与应用,2018,54(19):72-76.(WANG Z J, MA H Y, WANG J H. Identity-based lightweight encryption scheme in mobile cloud computing[J]. Computer Engineering and Applications, 2018, 54(19):72-76.)
[20] WANG D, WANG P. Two birds with one stone:two-factor authentication with security beyond conventional bound[J]. IEEE Transactions on Dependable and Secure Computing, 2018, 15(4):708-722.

可外包解密和成员撤销的身份基加密方案

Revocable identity-based encryption scheme with outsourcing decryption and member revocation

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 2

编辑推荐

Metrics

[1]	涂广升, 杨晓元, 周潭平. 高效的身份基多用户全同态加密方案[J]. 计算机应用, 2019, 39(3): 750-755.
[2]	王占君, 马海英, 王金华. 完全安全的等级身份基在线/离线加密[J]. 计算机应用, 2015, 35(9): 2522-2526.