计算机应用 ›› 2016, Vol. 36 ›› Issue (9): 2452-2458.DOI: 10.11772/j.issn.1001-9081.2016.09.2452

• 网络空间安全 • 上一篇    下一篇

条件型非对称跨加密系统的代理重加密方案

郝伟1,2, 杨晓元1,2, 王绪安1,2, 吴立强1,2   

  1. 1. 武警工程大学 电子技术系, 西安 710086;
    2. 武警部队网络与信息安全保密重点实验室, 西安 710086
  • 收稿日期:2016-01-27 修回日期:2016-03-15 出版日期:2016-09-10 发布日期:2016-09-08
  • 通讯作者: 郝伟
  • 作者简介:郝伟(1990-),男,内蒙古包头人,硕士研究生,主要研究方向:代理重加密体制;杨晓元(1959-),男,湖南湘潭人,教授,硕士,CCF会员,主要研究方向:密码学、信息安全;王绪安(1981-),男,湖北公安人,副教授,博士研究生,CCF会员,主要研究方向:密码学、信息安全;吴立强(1986-),男,陕西蓝田人,讲师,硕士,CCF会员,主要研究方向:格密码学、可证明安全。
  • 基金资助:
    国家自然科学基金资助项目(61272492,61572521)。

Proxy re-encryption scheme based on conditional asymmetric cross-cryptosystem

HAO Wei1,2, YANG Xiaoyuan1,2, WANG Xu'an1,2, WU Liqiang1,2   

  1. 1. Department of Electronic Technology, Engineering University of Chinese People's Armed Police Force, Xi'an Shaanxi 710086, China;
    2. Key Laboratory of Network and Information Security, Chinese People's Armed Police Force, Xi'an Shaanxi 710086, China
  • Received:2016-01-27 Revised:2016-03-15 Online:2016-09-10 Published:2016-09-08
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China (61272492, 61572521).

摘要: 为了减轻云应用中移动设备解密的负担,利用基于身份的广播加密(IBBE)、基于身份的加密(IBE)、基于身份的条件型广播代理重加密方案,提出了多条件型非对称跨加密系统的代理重加密方案。该方案允许发送方将信息加密成IBBE密文,一次性发送给多个接收方,其中任一接收方又可以授权给代理者一个多条件型的重加密密钥,代理者利用该多条件型重加密密钥,能将符合多个条件的原始密文重加密成一个新的接收方可以解密的IBE密文。该方案实现了从IBBE加密系统到IBE加密系统的非对称代理重加密,而且代理者可以根据条件将最初的原始密文进行重加密,避免了不需要进行重加密的原始密文被代理者重加密,提高了代理者重加密的效率,同时节约了接收方获悉正确明文的时间。

关键词: 基于身份的加密, 基于身份的广播加密, 基于身份的条件型广播代理重加密, 代理重加密

Abstract: In order to reduce the decryption burden of the mobile device in cloud application, using Identity-Based Broadcast Encryption (IBBE) scheme, Identity-Based Encryption (IBE) scheme and conditional identity-based broadcast proxy re-encryption scheme, an asymmetric cross-cryptosystem proxy re-encryption scheme with multiple conditions was proposed. In this scheme, the sender is allowed to encrypt information into IBBE ciphertext, which can be sent to multiple recipients at a time. Anyone of the receivers can authorize a multi-condition re-encryption key to the proxy to re-encrypt the original ciphertext which meets the conditions into the IBE ciphertext that a new receiver can decrypt. The scheme realizes asymmetric proxy re-encryption from IBBE encryption system to IBE encryption system and allows the proxy to re-encrypt the original ciphertext according to the conditions, which avoids the proxy to re-encrypt the unnecessary original ciphertext. The scheme not only improves the re-encryption efficiency of the proxy, but also saves the time of the receiver to get the correct plaintext.

Key words: Identity-Based Encryption (IBE), Identity-Based Broadcast Encryption (IBBE), conditional identity-based broadcast proxy re-encryption, proxy re-encryption

中图分类号: