计算机应用 ›› 2019, Vol. 39 ›› Issue (8): 2326-2332.DOI: 10.11772/j.issn.1001-9081.2019010188

• 网络空间安全 • 上一篇    下一篇

多跳多策略属性基全同态加密方案

余卿斐1, 涂广升2,3, 李宁波2, 周潭平2,3   

  1. 1. 武警安徽省总队 参谋部, 合肥 230031;
    2. 网络和信息安全武警部队重点实验室(武警工程大学), 西安 710086;
    3. 武警工程大学 密码工程学院, 西安 710086
  • 收稿日期:2019-01-24 修回日期:2019-03-13 出版日期:2019-08-10 发布日期:2019-04-15
  • 通讯作者: 涂广升
  • 作者简介:余卿斐(1985-),女,安徽六安人,工程师,硕士,主要研究方向:密码学、信息安全;涂广升(1992-),男,河南驻马店人,硕士研究生,主要研究方向:信息安全、同态密码;李宁波(1992-),男,河南三门峡人,博士研究生,主要研究方向:信息安全、密码学;周潭平(1989-),男,江西贵溪人,讲师,博士,主要研究方向:信息安全、公钥密码。
  • 基金资助:
    国家重点研发计划项目(2017YFB0802000);国家自然科学基金资助项目(U1636114)。

Multi-hop multi-policy attributed-based fully homomorphic encryption scheme

YU Qingfei1, TU Guangsheng2,3, LI Ningbo2, ZHOU Tanping2,3   

  1. 1. Staff Headquarters, The Anhui Provincial Corps of Chinese People's Armed Police Force, Hefei Anhui 230031, China;
    2. Key Laboratory of Network and Information Security of the Chinese People's Armed Police Force(Engineering University of the Chinese People's Armed Police Force), Xi'an Shaanxi 710086, China;
    3. College of Cryptographic Engineering, Engineering University of the Chinese People's Armed Police Force, Xi'an Shaanxi 710086, China
  • Received:2019-01-24 Revised:2019-03-13 Online:2019-08-10 Published:2019-04-15
  • Supported by:
    This work is partially supported by the National Key R&D Program of China (2017YFB0802000), the National Natural Science Foundation of China (U1636114).

摘要: 为解决单策略属性基全同态加密方案无法对不同策略函数对应的属性向量下的密文进行同态运算和访问控制,并且新的参与方密文无法动态地加入同态运算的问题,提出了一个基于误差学习(LWE)问题的高效的多跳多策略属性基全同态加密方案。首先,对单策略属性基全同态加密方案适当变形;其次,将方案对应到多用户场景;最后,利用多跳多密钥全同态转化机制来实现新的参与方密文加入后的同态运算。结果表明,该方案在功能上兼具属性基加密和多跳多密钥全同态加密的优势,并被证明为选择属性下的选择明文攻击不可区分性(IND-CPA)安全。与利用目标策略函数集合构造的多策略属性基全同态加密方案相比,该方案在不改变单个参与方私钥尺寸的情况下,密文/明文比明显降低,效率更高。

关键词: 多跳, 多策略, 多密钥, 属性基加密, 全同态加密

Abstract: The single-policy attribute-based fully homomorphic encryption scheme cannot perform homomorphic operation and access control of ciphertexts under different attribute vectors corresponding to different policy functions, and new participant ciphertexts cannot dynamically join into the homomorphic operation. In order to solve the above problems, an efficient multi-hop multi-policy attribute-based fully homomorphic encryption scheme based on Learning with Error (LWE) problem was proposed. Firstly, the single-policy attribute-based fully homomorphic encryption scheme was appropriately modified. Secondly, the scheme was mapped to multi-user scenarios. Finally, a multi-hop multi-policy fully homomorphic transformation mechanism was used to realize the homomorphic operation after adding new participant ciphertexts. The proposed scheme is proved to be INDistinguishability under Chosen Plaintext Attack (IND-CPA) secure under the chosen attribute, and has advantages of attribute-based encryption and multi-hop multi-key fully homomorphic encryption. Compared with multi-policy attribute-based fully homomorphic encryption scheme constructed by using target policy function set, the ciphertext/plaintext ratio of the proposed scheme is significantly reduced without changing the size of the individual participant's secret key.

Key words: multi-hop, multi-policy, multi-key, Attribute-Based Encryption (ABE), Fully Homomorphic Encryption (FHE)

中图分类号: