基于身份的公平不可否认协议

利用基于身份的密码体制,提出了一种基于身份的一次性盲公钥签名方案,并以此为基础提出了一个新的公平不可否认协议,实现了协议中发送方的匿名性,解决了通信中因发方身份公开而带来的信息内容被猜到以至被故意延迟阅读或拒收的问题,保证了收发双方的公平性及不可否认性.分析表明,该一次性盲公钥签名方案及不可否认协议是安全的,且具有较高的效率.     

基于ECC的公平盲签名方案

提出了一种新的基于椭圆曲线密码体制的公平盲签名方案。该方案结合了已有的公平盲签名和基于双线性配对函数的短签名方案。方案中裁判者可在特殊情况下揭示签名文件的原文,可有效阻止利用盲签名的匿名性进行犯罪的行为。最后对方案作了安全性分析。     

基于ECC的公平盲签名方案

提出了一种新的基于椭圆曲线密码体制的公平盲签名方案.该方案结合了已有的公平盲签名和基于双线性配对函数的短签名方案.方案中裁判者可在特殊情况下揭示签名文件的原文,可有效阻止利用盲签名的匿名性进行犯罪的行为.最后对方案作了安全性分析.     

利用双线性聚集签名实现公平的签名交换方案

公平的签名交换方案是实现数字合同签署、电子支付等电子商务活动的一项重要技术,它的有效实现一直是人们追求的目标。利用最近Boneh提出的基于双线性聚集签名的签名可验证加密方案,设计了一种公平的签名交换方案。该方案基于双线性群对上计算co-Diffie-Hellman假设,借助双线性映射实现加密可验证性,具有签名长度短、计算简便等优点,可有效提高公平签名交换的实现效率。     

新的基于Shim签名的可验证加密签名方案

该文利用Shim基于身份的数字签名方案,提出了一个新的基于身份的可验证加密签名方案.作为设计公平交换协议的基本模块,该方案没有使用零知识证明系统提供验证,有效地避免了大量运算.与已有基于身份的可验证加密签名方案相比,该方案效率较高.安全性分析表明,在假设CDH问题是难解的情况下,该方案在随机预言模型中是可证安全的.     

改进的基于身份的代理盲签名方案

盲签名和代理签名在密码学中有各自的特殊用途。结合二者的优点，利用椭圆曲线上的Weil配对的双线性性质，在基于身份的签名基础上构造了一种改进基于身份的代理盲签名方案。该方案继承了前人的基于身份的代理盲签名方案的优点同时，运算效率进一步提高，代理人受到进一步的保护。最后对该方案的安全性进行了简要分析，从而证明了该方案是可行的。     

可验证外包解密的离线/在线属性基加密方案

属性基加密可以为雾-云计算中的数据提供机密性保护和细粒度访问控制,但雾-云计算系统中的移动设备难以承担属性基加密的繁重计算负担。为解决该问题,该文提出一种可验证外包解密的离线/在线属性基加密方案。该方案能够实现离线/在线的密钥生成和数据加密,同时支持可验证外包解密。然后,给出方案的选择明文攻击的安全证明和可验证性的安全证明。之后,该文将转换阶段所需双线性对的计算量降为恒定常数。最后,从理论和实验两方面对所提方案进行性能分析,实验结果表明该方案是有效且实用的。     

基于ABE-IBS的无线传感器网络签名加密一体化方法

为了提高无线传感器网络加密与签名的安全性与效率,结合椭圆曲线上双线性对的基于身份的签名体制(IBS),提出了基于属性的加密和基于身份的签名一体化(ABE-IBS)方法和一个有效的无线传感器网络签密方案,分析与实验结果表明,提出的方案复杂性和存储要求低、效率高,能增强无线传感器网络的安全性.     

基于矢量空间的属性基签密方案

本文提出了属性基签密方案,通过引入签密思想,将属性基加密ABE改造为属性基签密ABSC,使其可以近似一次加密运算的代价完成加密和签名,或以近似一次签名运算的代价完成双向认证;通过在矢量空间上对ABSC进行的门限构造,打破了阈值对算法执行的限制;并且基于离散对数问题进行了可验证性构造,可以发现和避免来自于协议执行方内部的欺骗.     

对一种代理盲多重签名的分析与改进

分析了Wang等人提出的一种基于椭圆曲线密码体制的代理盲多重签名方案,指出在该方案中代理签名人通过自己保留的盲签名信息和消息拥有者公布的签名消息,可以确定自己的代理盲签名行为和公布的签名信息之间的联系,从而达到对消息拥有者身份的追踪,即不满足盲签名方案的不可追踪性.在此基础上给出了一种改进的方案,安全性分析表明,改进后的代理盲多重签名方案满足不可追踪性和其他安全特性.     

A combined public-key scheme in the case of attribute-based for wireless body area networks

The wireless body area networks (WBANs) is a practical application model of Internet of things. It can be used in many scenarios, especially for e-healthcare. The medical data of patients is collected by sensors and transmitted using wireless communication techniques. Different users can access the patient’s data with different privileges. Access control is a crucial problem in WBANs. In this paper, we design a new security mechanism named combined public-key scheme in the case of attribute-based (CP-ABES) to address the user access control in WBANs. Our scheme combines encryption and digital signatures. It uses ciphertext-policy attribute-based encryption to achieve data confidentially, access control, and ciphertext-policy attribute-based signature to realize the identity authentication. The access policy used in our scheme is threshold. Based on this feature, the length of ciphertext and signature of our scheme is constant. Our scheme provides confidentiality, unforgeability, signer privacy and collusion resistance. We prove the efficiency of our scheme theoretically and analyze the security level and energy consumption of our scheme.

     

Traceable attribute-based encryption scheme with key-delegation abuse resistance

Aiming at the problem that the traceability of a traceable attribute-based encryption (ABE) scheme was not sufficient to address the key abuse completely,a traceable ABE scheme against key-delegation abuse was proposed.A secret parameter was be shared to all user private key components corresponding to attributes,and the decryption was completed by using all these components together,such that only parts of them could not realize the decryption and the real key-delegation abuse resistance ability was be obtained consequently.A short signature technique was employed to prevent the tracing parameter embedded in a user private key from being forged,so as to achieve the traceability of the user who leaked his user private key.Supporting both key-delegation abuse resistance and user tracing enhances the security of the proposed scheme.And compared with related schemes,the proposed scheme has better advantage in terms of the parameters size and the computation cost.     

Revocable and traceable key-policy attribute-based encryption scheme

The existing key-policy attribute-based encryption (KP-ABE) scheme can not balance the problem of attribute revocation and user identity tracking.Hence,a KP-ABE scheme which supported revocable and traceable was proposed.The scheme could revoke the user attributes without updating the system public key and user private key with a less update cost.Meanwhile,it could trace the user identity based on decryption key which could effectively prevent anonymous user key leakage problem.The proposed scheme was based on linear secret sharing scheme (LSSS),which was more efficient than tree-based access structure.Based on the deterministic q-BDHE hypothesis,the proposed scheme gave security proof until standard mode.Finally,compared with the existing KP-ABE scheme,the scheme has a shorter public key length,lower computational overhead and realizes the traceability function of user identity based on the revocable attribute,which has obvious advantages.     

基于国产密码算法SM9的可追踪属性签名方案

国产密码算法SM9是我国自主设计的标识密码方案,现已受到各界的广泛关注。为了解决现有属性签名(ABS)方案验签效率不高这一问题,该文基于国密SM9算法构造新的支持树形访问策略的属性签名方案,该方案的验签操作仅需1次双线性对映射和1次指数运算。此外,所提方案具有签名者身份可追踪功能,防止恶意签名者利用属性签名的匿名性进行非法签名操作,从而避免传统属性签名中无条件匿名性下的签名滥用问题。安全分析结果表明所提方案在随机谕言机模型下具有不可伪造性,同时也可抗合谋攻击。与现有的可追踪属性签名方案相比,所提方案的追踪算法效率更高,签名与验签开销也更低。实验结果表明,所提方案验签算法的计算复杂度与策略规模无关,完成1次验签算法仅需2 ms。     

一种支持算术张成程序的密文策略属性加密方案

密文策略属性加密方案适用于云环境中密文数据的访问控制.已有的支持算术张成程序的属性加密方案多是密钥访问策略的方案,且公开参数规模较大.本文利用双对偶向量空间（Dual Pair Vector Space,DPVS）技术,提出了一个公开参数长度固定、支持算术张成程序的密文策略属性加密方案.在新方案中,将密文相关的访问控制向量与随机矩阵结合,密钥相关的属性分量与熵扩张引理中的公开参量结合,设计方法对应了熵扩张引理中给出的密文和密钥分量的形式.最后,基于素数阶双线性熵扩张引理和k-Lin困难假设,证明了该方案具有适应安全性.新方案与已有支持算术张成程序的属性加密方案相比,实现了密文访问策略、公开参数长度固定且满足适应安全性.     

Multi-authority attribute-based access control system in mHealth with traceability

Mobile healthcare (mHealth) is an emerging technology which facilitates the share of personal health records (PHR),however,it also brings the risk of the security and privacy of PHR.Attribute-based encryption (ABE) is regarded as a new cryptology to enhance fine-grained access control over encrypted data.However,existing attribute-based mHealth systems either lack of efficient traceable approach,or support only single authority.A traceable multi-authority attribute-based access control mHealth scheme was proposed,which was constructed over composite order groups and supports any monotonic access structures described by linear secret sharing scheme (LSSS).The adaptive security was proved under subgroup decisional assumptions.The traceability was proved under k-strong Diffie-Hellman (k-SDH) assumption.The performance analysis indicates that the proposed scheme is efficient and available.     

Privacy preserving ciphertext-policy attribute-based broadcast encryption in smart city

With the development and application of information technology, the problem of personal privacy leakage is becoming more and more serious. Most attribute-based broadcast encryption (ABBE) schemes focus on data security, while ignoring the protection of the personal privacy of users in access structure and identity. To address this problem, a privacy preserving ABBE scheme is proposed, which ensures the data confidentiality and protects personal privacy as well. In addition, the authenticity of encrypted data can be verified. It is proved that the proposed scheme achieves full security by dual system encryption.