无证书密文等值测试签密方案

在云计算应用中,确保消息的机密性和不可伪造性,同时判断不同密文对应明文的等价性显得至关重要.具有密文等值测试功能的签密方案可以实现此类安全目标.该文基于无证书公钥密码环境,设计了一个具有密文等值测试功能的无证书签密方案(CLSCET).首先,提出了无证书密文等值测试签密方案的框架和安全模型,定义了两类具有不同攻击能力的敌手和3类安全目标.然后构造了具体的无证书密文等值测试签密方案,并分析了方案的正确性.最后,基于随机预言模型,证明该文方案满足选择密文攻击下的单向性(OW-CCA)、选择密文攻击下的不可区分性(IND-CCA2)和选择消息攻击下的不可伪造性(EUF-CMA)安全.与现有近似方案相比,该文方案满足IND-CCA2的机密性、EUF-CMA的不可伪造性和OW-CCA的密文单向性.     

无证书密文等值测试签密方案

在云计算应用中,确保消息的机密性和不可伪造性,同时判断不同密文对应明文的等价性显得至关重要。具有密文等值测试功能的签密方案可以实现此类安全目标。该文基于无证书公钥密码环境,设计了一个具有密文等值测试功能的无证书签密方案(CLSCET)。首先,提出了无证书密文等值测试签密方案的框架和安全模型,定义了两类具有不同攻击能力的敌手和3类安全目标。然后构造了具体的无证书密文等值测试签密方案,并分析了方案的正确性。最后,基于随机预言模型,证明该文方案满足选择密文攻击下的单向性(OW-CCA)、选择密文攻击下的不可区分性(IND-CCA2)和选择消息攻击下的不可伪造性(EUF-CMA)安全。与现有近似方案相比,该文方案满足IND-CCA2的机密性、EUF-CMA的不可伪造性和OW-CCA的密文单向性。     

基于NTRU的全同态加密方案

本文提出一种基于公钥密码体制（Number Theory Research Unit,NTRU）选择明文攻击（Chosen Plaintext Attack,CPA）可证明安全的全同态加密方案.首先,对NTRU的密钥生成算法进行改进,通过格上的高斯抽象算法生成密钥对,避免了有效的格攻击,同时,没有改变密钥的分布.然后,基于改进的NTRU加密算法,利用Flattening技术,构造了一个全同态加密体制,并在标准模型下证明方案是选择明文攻击不可区分性IND-CPA安全的.     

无双线性对的门限条件匿名代理重加密方案

条件代理重加密(CPRE)可以根据条件对密文进行细粒度的授权,现有的CPRE方案只检查原密文的条件,忽略了重加密密钥的条件符合性,也不对条件信息进行保护,容易造成隐私泄露.该文构造了基于门限的无双线性对条件匿名代理重加密方案(TB-CAPRE),对密文和重加密密钥的条件同时进行验证,并将敏感的条件信息进行匿名化处理,利用门限将重加密分布到多个代理节点完成,能够抵御合谋攻击.理论分析证明了该方案在随机预言模型下满足适应性选择密文攻击下的不可区分安全性(IND-CCA).效率和计算量分析表明TB-CAPRE在增加安全性和相关功能后并没有引入过大的开销,可以应用到分布式环境中.     

抗选择性公开攻击的身份型广播加密方案

考虑到热点议题“抗选择性公开安全性”近年来一直局限在公钥加密方案(PKE)中很难应用于身份型加密方案的事实,该文结合广播加密模型,采用Waters等人新提出的“线性又随机”的技巧提出一个抗选择性公开攻击的身份型广播加密方案.该方案建立在标准模型下,具有尺寸固定的密文与密钥,同时无需使用随机标签,具有较高的计算效率与存储...     

紧致优化DGHV全同态加密方案

DGHV方案是第一个基于整数的全同态加密方案,但该方案中同态操作导致密文尺寸成倍增长,必须通过同态解密算法,才能够将密文尺寸控制在一个多项式界~O（λ7）以内,而且同态解密算法的内部运算过程中,密文数据的尺寸仍在不断增加。这里给出一个紧致优化技术,控制同态乘和同态加操作中的密文,使得该方案的密文尺寸始终保持在~O（λ5）以内,消除了同态操作对密文尺寸的影响,并进一步分析了优化方案的同态运算能力。     

同态加密的发展及应用

认为密码学中的同态加密技术可以为分布式计算环境的用户隐私保护提供强有力的技术支撑。同态加密方案被分成3种类型:部分同态加密、浅同态加密和全同态加密。同态加密方案在分布式计算环境下的密文数据计算方面有着重要的应用,包括:安全云计算与委托计算、远程文件存储、密文检索等。指出目前全同态加密方案的构造还处于理论阶段,尚不能用于实际的密态数据计算问题,如何设计基于代数系统的(自然)全同态加密方案依然是未来研究的重点。     

指定测试者的基于身份可搜索加密方案

对指定测试者的基于身份可搜索加密(dIBEKS)方案进行了研究。指出Tseng等人所提dIBEKS方案并不是完全定义在基于身份密码系统架构上,而且方案不能满足dIBEKS密文不可区分性。首次提出了基于身份密码系统下的指定测试者可搜索加密方案的定义和安全需求,并设计了一个高效的dIBEKS新方案。证明了dIBEKS密文不可区分性是抵御离线关键字猜测攻击的充分条件,并证明了新方案在随机预言模型下满足适应性选择消息攻击的dIBEKS密文不可区分性、陷门不可区分性,从而可以有效抵御离线关键字猜测攻击。     

基于LWE问题的关键词可搜索公钥加密方案

针对现有体制中用户生成关键词密文时的计算开销问题,引入全同态加密的思想,提出一种基于LWE问题,具备密文同态运算属性的关键词可搜索公钥加密方案,实现了计算开销由用户端向服务器端的转移。在随机谕示模型下,将体制的安全性归约到LWE问题难解性,并给出证明。     

无双线性对的门限条件匿名代理重加密方案

条件代理重加密(CPRE)可以根据条件对密文进行细粒度的授权,现有的CPRE方案只检查原密文的条件,忽略了重加密密钥的条件符合性,也不对条件信息进行保护,容易造成隐私泄露。该文构造了基于门限的无双线性对条件匿名代理重加密方案(TB-CAPRE),对密文和重加密密钥的条件同时进行验证,并将敏感的条件信息进行匿名化处理,利用门限将重加密分布到多个代理节点完成,能够抵御合谋攻击。理论分析证明了该方案在随机预言模型下满足适应性选择密文攻击下的不可区分安全性(IND-CCA)。效率和计算量分析表明TB-CAPRE在增加安全性和相关功能后并没有引入过大的开销,可以应用到分布式环境中。     

An IND-CCA2 Secure Certificateless Hybrid Signcryption

This article proposes a hybrid certificateless signcryption scheme that is secure against adaptive chosen ciphertext adversary in the random oracle model. The scheme combines an asymmetric encryption which is one way against chosen plaintext attack and any One-Time secure symmetric encryption scheme, combined using Fujisaki–Okamoto transformation. Uncommon to many Fujisaki–Okamoto based constructions which ensure message integrity alone, this scheme provides entity authentication in addition. By the choice of a hash function that utilizes the advantage of sponge based construction, the scheme enables the user to incorporate any One-Time secure symmetric encryption by re-configuring the input/output parameters. Fujisaki–Okamoto transformation, which is currently a standard in hybrid constructions, guarantees the indistinguishability against adaptive chosen ciphertext attack. The provision for choosing symmetric encryption in the scheme enables it to be implemented in all sort of cryptographic requirements including those in wireless communication.

     

Cryptanalyzing an Encryption Scheme Based on Blind Source Separation

Recently, there was a proposal of using the underdetermined blind source separation (BSS) principle to design image and speech encryption. In this paper, we report a cryptanalysis of this BSS-based encryption scheme and point out that it is not secure against known-/chosen-plaintext attack and chosen-ciphertext attack. In addition, we discuss some other security defects of the schemes: (1) it has a low sensitivity to part of the key and to the plaintext; (2) it is weak against a ciphertext-only differential attack; and (3) a divide-and-conquer (DAC) attack can be used to break part of the key. We finally analyze the role of BSS in this approach towards cryptographically secure ciphers.     

Provably Secure Length‐Saving Public‐Key Encryption Scheme under the Computational Diffie‐Hellman Assumption

Design of secure and efficient public‐key encryption schemes under weaker computational assumptions has been regarded as an important and challenging task. As far as ElGamal‐type encryption schemes are concerned, some variants of the original ElGamal encryption scheme based on weaker computational assumption have been proposed: Although security of the ElGamal variant of Fujisaki‐Okamoto public‐key encryption scheme and Cramer and Shoup's encryption scheme is based on the Decisional Diffie‐Hellman Assumption (DDH‐A), security of the recent Pointcheval's ElGamal encryption variant is based on the Computational Diffie‐Hellman Assumption (CDH‐A), which is known to be weaker than DDH‐A. In this paper, we propose new ElGamal encryption variants whose security is based on CDH‐A and the Elliptic Curve Computational Diffie‐Hellman Assumption (EC‐CDH‐A). Also, we show that the proposed variants are secure against the adaptive chosen‐ciphertext attack in the random oracle model. An important feature of the proposed variants is length‐efficiency which provides shorter ciphertexts than those of other schemes.     

UC安全的高效不经意传输协议

非承诺加密机制是语义安全的,不能抵抗选择密文攻击.在non-erase模型的安全假设下,基于非承诺加密机制的不经意传输协议不能实现自适应攻击者UC(Universally Composable)安全的定义.利用可否认加密体制和可验证平滑投影哈希函数,提出了一个新的不经意传输协议,可否认加密体制通过陷门承诺的双陷门解密技术实现,新协议方案是可证明UC安全的,基于公共参考串模型,安全性可以归约为确定性复合剩余假设.新协议参与方能够处理指数空间的消息,计算效率得到改善,通过两次协议交互可以实现string-OT协议,与bit-OT协议相比单轮通信效率提高O(n)倍.     

Efficient threshold public key encryption with full security based on dual pairing vector spaces

Most robust and noninteractive threshold public key encryption (PKE) schemes have only been proven secure against chosen‐ciphertext attacks under the static corruption model; yet, the dynamic corruption model is more reasonable. In this paper, on the basis of bilinear groups of prime order and dual pairing vector spaces, we propose a threshold PKE scheme that is noninteractive, robust and, secure against adaptive chosen‐ciphertext attacks under the dynamic corruption model without random oracles. Moreover, our scheme is shown to be more efficient than currently existing fully secure threshold PKE schemes. Copyright © 2013 John Wiley & Sons, Ltd.     

基于改进RSA算法的隐私数据集同态加密方法

为提高对数据集的加密效果和保障数据集的安全性,在分析传统非对称密钥(RSA)算法运行原理及其参数选择、素数判定条件的基础上,提出了改进RSA算法。为进一步提升加密速度,引入数据加密(DES)算法。首先利用DES算法实现明文数据集的加密,并针对密钥进行RSA加密;在此基础上,在明文和密文空间中,利用加法同态过程对密文进行计算,并通过对结果的解密操作得到相应的明文计算结果。实验结果表明,与基于传统RSA算法或DES算法的加密方法相比,该方法的加密效率和抵御攻击成功率更高,加密过程耗时5~6 s,抵御攻击成功率保持在95%上下,说明该方法能够有效保护隐私数据集的安全。     

标准模型下安全的基于证书密钥封装方案

混合加密是将公钥加密与对称加密结合的一种加密技术.将密钥封装机制引入到基于证书加密方案中,提出了基于证书密钥封装机制的形式化定义及安全模型,构造了一个基于证书密钥封装方案.基于判定双线性Diffie-Hellman困难问题假定,在标准模型下证明提出的方案是自适应选择密文安全的.     

Multi-authority attribute-based encryption scheme with policy dynamic updating

Attribute-based encryption (ABE) is a new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud environment.However,a key limitation remains,namely policy updating.Thus,a multi-authority attribute-based encryption scheme with policy dynamic updating was proposed.In the scheme,an anonymous key issuing protocol was introduced to protect users’ privacy and resist collusion attack of attribute authority.The scheme with dynamic policy updating technique was secure against chosen plaintext attack under the standard model and can support any types of policy updating.Compared to the existing related schemes,the size of ciphertext and users’ secret key is reduced and can significantly reduce the computation and communication costs of updating ciphertext.It is more effective in the practical application.     

A Simpler Construction of CCA2-Secure Public-Key Encryption under General Assumptions

In this paper we present a simpler construction of a public-key encryption scheme that achieves adaptive chosen ciphertext security (CCA2), assuming the existence of trapdoor permutations. We build on previous works of Sahai and De Santis et al. and construct a scheme that we believe is the easiest to understand to date. In particular, it is only slightly more involved than the Naor--Yung encryption scheme that is secure against passive chosen-ciphertext attacks (CCA1). We stress that the focus of this paper is on simplicity only.     

对一种双陷门加密体制的分析与改进

对一种具有双陷门解密机制的公钥概率加密体制的安全性进行分析,指出它存在三点不安全因素,不能抵抗选择密文攻击,攻击者通过选取适当的密文,在得到解密的明文后,能够计算出用户的私钥或分解模数,运用这些信息,攻击者可恢复所有的明文。同时,也对该加密体制作了改进,给出了一种能够抵抗适应性攻击的加密方案,防止攻击者利用获得的解密信息计算用户的私钥或分解模数,提高了加密体制的安全性。