条件型非对称跨加密系统的代理重加密方案

doi:10.11772/j.issn.1001-9081.2016.09.2452

计算机应用 ›› 2016, Vol. 36 ›› Issue (9): 2452-2458.DOI: 10.11772/j.issn.1001-9081.2016.09.2452

条件型非对称跨加密系统的代理重加密方案

郝伟^1,2, 杨晓元^1,2, 王绪安^1,2, 吴立强^1,2

1. 武警工程大学电子技术系, 西安 710086;
2. 武警部队网络与信息安全保密重点实验室, 西安 710086

收稿日期:2016-01-27 修回日期:2016-03-15 出版日期:2016-09-10 发布日期:2016-09-08
通讯作者: 郝伟
作者简介:郝伟(1990-),男,内蒙古包头人,硕士研究生,主要研究方向:代理重加密体制;杨晓元(1959-),男,湖南湘潭人,教授,硕士,CCF会员,主要研究方向:密码学、信息安全;王绪安(1981-),男,湖北公安人,副教授,博士研究生,CCF会员,主要研究方向:密码学、信息安全;吴立强(1986-),男,陕西蓝田人,讲师,硕士,CCF会员,主要研究方向:格密码学、可证明安全。
基金资助:
国家自然科学基金资助项目（61272492，61572521）。

Proxy re-encryption scheme based on conditional asymmetric cross-cryptosystem

HAO Wei^1,2, YANG Xiaoyuan^1,2, WANG Xu'an^1,2, WU Liqiang^1,2

1. Department of Electronic Technology, Engineering University of Chinese People's Armed Police Force, Xi'an Shaanxi 710086, China;
2. Key Laboratory of Network and Information Security, Chinese People's Armed Police Force, Xi'an Shaanxi 710086, China

Received:2016-01-27 Revised:2016-03-15 Online:2016-09-10 Published:2016-09-08
Supported by:
This work is partially supported by the National Natural Science Foundation of China (61272492, 61572521).

摘要/Abstract

摘要： 为了减轻云应用中移动设备解密的负担，利用基于身份的广播加密（IBBE）、基于身份的加密（IBE）、基于身份的条件型广播代理重加密方案，提出了多条件型非对称跨加密系统的代理重加密方案。该方案允许发送方将信息加密成IBBE密文，一次性发送给多个接收方，其中任一接收方又可以授权给代理者一个多条件型的重加密密钥，代理者利用该多条件型重加密密钥，能将符合多个条件的原始密文重加密成一个新的接收方可以解密的IBE密文。该方案实现了从IBBE加密系统到IBE加密系统的非对称代理重加密，而且代理者可以根据条件将最初的原始密文进行重加密，避免了不需要进行重加密的原始密文被代理者重加密，提高了代理者重加密的效率，同时节约了接收方获悉正确明文的时间。

关键词: 基于身份的加密, 基于身份的广播加密, 基于身份的条件型广播代理重加密, 代理重加密

Abstract: In order to reduce the decryption burden of the mobile device in cloud application, using Identity-Based Broadcast Encryption (IBBE) scheme, Identity-Based Encryption (IBE) scheme and conditional identity-based broadcast proxy re-encryption scheme, an asymmetric cross-cryptosystem proxy re-encryption scheme with multiple conditions was proposed. In this scheme, the sender is allowed to encrypt information into IBBE ciphertext, which can be sent to multiple recipients at a time. Anyone of the receivers can authorize a multi-condition re-encryption key to the proxy to re-encrypt the original ciphertext which meets the conditions into the IBE ciphertext that a new receiver can decrypt. The scheme realizes asymmetric proxy re-encryption from IBBE encryption system to IBE encryption system and allows the proxy to re-encrypt the original ciphertext according to the conditions, which avoids the proxy to re-encrypt the unnecessary original ciphertext. The scheme not only improves the re-encryption efficiency of the proxy, but also saves the time of the receiver to get the correct plaintext.

Key words: Identity-Based Encryption (IBE), Identity-Based Broadcast Encryption (IBBE), conditional identity-based broadcast proxy re-encryption, proxy re-encryption

中图分类号:

TP309

郝伟, 杨晓元, 王绪安, 吴立强. 条件型非对称跨加密系统的代理重加密方案[J]. 计算机应用, 2016, 36(9): 2452-2458.

HAO Wei, YANG Xiaoyuan, WANG Xu'an, WU Liqiang. Proxy re-encryption scheme based on conditional asymmetric cross-cryptosystem[J]. Journal of Computer Applications, 2016, 36(9): 2452-2458.

参考文献

[1] BLAZE M, BLEUMER G, STRAUSS M. Divertible protocols and atomic proxy cryptography [C]// Proceedings of Advances in Cryptology — European Cryptology Conference ' 98, LNCS 1403. Berlin: Springer, 1998: 127-144.
[2] BOLDYREVA A, FISCHLIN M, PALACIO A, et al. A closer look at PKI: security and efficiency [C]// PKC '07: Proceedings of the 10th International Conference on Practice and Theory in Public-Key Cryptography. Berlin: Springer, 2007: 458-475.
[3] WANG L, WANG L, MAMBO M, et al. Identity-based proxy cryptosystems with revocability and hierachical confidentialities [C]// SORIANO M, QING S, LÓPEZ J. Information and Communications Security, LNCS 6476. Berlin: Springer, 2010:383-400.
[4] CHU C K, WENG J, CHOW S S M, et al. Conditional proxy broadcast re-encryption [C]// Proceedings of the 2009 Information Security and Privacy, LNCS 5594. Berlin: Springer, 2009: 327-342.
[5] XU P, JIAO T, WU Q, et al. Conditional identity-based broadcast proxy re-encryption and its application to cloud e-mail [J]. IEEE Transactions on Computers, 2016, 65(1): 66-79.
[6] SHAO J, WEI G, LING Y, et al. Identity-based conditional proxy re-encryption [C]// Proceedings of the 2011 IEEE International Conference on Communications. Piscataway, NJ: IEEE, 2011: 1-5.
[7] LIANG K, LIU Z, TAN X, et al. A CCA-secure identity-based conditional proxy re-encryption without random oracles [C]// ICISC '12: Proceedings of the 15th International Conference on Information Security and Cryptology, LNCS 7839. Berlin: Springer, 2013: 231-246.
[8] LIANG K, HUANG Q, SCHLEGEL R, et al. A conditional proxy broadcast re-encryption scheme supporting timed-release [C]// ISPEC 2013: Proceedings of the International Conference on Information Security Practice and Experience, LNCS 7863. Berlin: Springer, 2013: 132-146.
[9] LIANG K, CHU C K, TAN X, et al. Chosen-ciphertext secure multi-hop identity-based conditional proxy re-encryption with constant-size ciphertext [J]. Theoretical Computer Science, 2014, 539(9): 87-105.
[10] LI J, ZHAO X, ZHANG Y. Certificate-based Conditional Proxy Re-encryption [M]// AU M H, CARMINATI B, KOU C C J. Network and System Security, LNCS 8792. Berlin: Springer, 2014: 299-310.
[11] DELERABLÉE C. Identity-based broadcast encryption with constant size ciphertexts and private keys [C]// Proceedings of the 2007 Annual International Conference on the Theory and Application of Cryptology and Information Security, LNCS 4833. Berlin: Springer, 2007: 200-215.
[12] DENG H, WU Q, QIN B, et al. Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data [C]// ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. New York: ACM, 2015: 393-404.
[13] BONEH D, BOYEN X. Efficient selective-id secure identity-based encryption without random oracles [C]// EUROCRYPT 2004: Proceedings of the 2004 European Cryptology Conference, LNCS 3027. Berlin: Springer, 2004: 223-238.

[1]	谷正川, 郭渊博, 方晨. 基于代理重加密的消息队列遥测传输协议端到端安全解决方案[J]. 计算机应用, 2021, 41(5): 1378-1385.
[2]	张利华, 王欣怡, 胡方舟, 黄阳, 白甲义. 基于双联盟链的智能电网数据共享模型[J]. 计算机应用, 2021, 41(4): 963-969.
[3]	李莉, 杨鸿飞, 董秀则. 基于身份多条件代理重加密的文件分级访问控制方案[J]. 《计算机应用》唯一官方网站, 2021, 41(11): 3251-3256.
[4]	罗文俊, 闻胜莲, 程雨. 基于区块链的电子医疗病历共享方案[J]. 计算机应用, 2020, 40(1): 157-161.
[5]	王海勇, 彭垚, 郭凯璇. 云存储中基于代理重加密的CP-ABE访问控制方案[J]. 计算机应用, 2019, 39(9): 2611-2616.
[6]	张恩, 金刚刚. 基于同态加密和Bloom过滤器的云外包多方隐私集合比较协议[J]. 计算机应用, 2018, 38(8): 2256-2260.
[7]	郝伟, 杨晓元, 王绪安, 张英男, 吴立强. 适用于移动用户高效访问外包数据的非对称代理重加密方案[J]. 计算机应用, 2016, 36(8): 2225-2230.
[8]	戴晓明, 张薇, 郑志恒, 李镇林. 基于容错学习的GSW-型全同态层次型IBE方案[J]. 计算机应用, 2016, 36(7): 1856-1860.
[9]	徐海琳, 陈莺, 陆阳. 高效无双线性对的基于证书代理重加密方案[J]. 计算机应用, 2016, 36(5): 1250-1256.
[10]	郎讯魏立线王绪安吴旭光. 基于代理重加密的云存储密文访问控制方案[J]. 计算机应用, 2014, 34(3): 724-727.
[11]	金彪熊金波姚志强刘西蒙. 基于身份的受控文档透明加解密方案[J]. 计算机应用, 2013, 33(11): 3235-3238.
[12]	李海峰蓝才会. 可公开验证的代理重加密签密方案[J]. 计算机应用, 2013, 33(04): 1055-1060.
[13]	屈步云刘连浩. 利用双线性映射构建高效身份认证方案[J]. 计算机应用, 2009, 29(07): 1779-1781.
[14]	张新方徐秋亮. 不使用对的基于身份的广播加密[J]. 计算机应用, 2008, 28(2): 432-433,.

条件型非对称跨加密系统的代理重加密方案

Proxy re-encryption scheme based on conditional asymmetric cross-cryptosystem

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 14

编辑推荐

Metrics