共查询到19条相似文献,搜索用时 656 毫秒
1.
公钥加密等值测试(PKEET)可以实现云环境下不同公钥加密数据之间的密文等值比较,即不对密文解密的情况下测试两个密文对应的明文是否一致。但是,密文等值测试加密不提供关键字密文搜索功能。已有密文等值测试加密方案直接以消息生成陷门作为等值测试的凭证,测试的准确度不高,搜索效率较低。针对此问题,该文首先提出了支持关键字搜索的无证书密文等值测试加密(CLEETS)方案。方案通过关键字检索判断是否包含自己需要的信息,根据判断结果选择执行等值测试,从而避免无效测试。然后,在随机预言机模型下证明该方案满足适应性选择关键词不可区分性。最后,对方案进行功能和效率对比。对比结果表明,该文方案的计算代价略高,但是方案在密文等值测试加密中实现了关键字的检索功能,弥补了效率低的不足。 相似文献
2.
2004年的欧密会上,Canetti, Halevi和Katz提出了将Selective-ID安全的基于身份加密方案转化为选择密文安全(即, CCA安全)的公钥加密方案的方法。但由于该方法需要用到一次性签名,给所基于的方案增加了明显的通信和计算负载。该文由Waters提出的Adaptive-ID安全的基于身份加密(IDE)方案构造了一个新的CCA安全公钥加密方案。这里的身份由前两部分密文的hash值得到,密文合法性由双线性映射来验证。其效率比直接利用CHK的一般转化得到方案有明显提高。新方案的安全性在标准的决定性双线性Diffie-Hellman假设下被证明。 相似文献
3.
4.
2003年,Gentry提出基于认证的公钥加密方案.在基于认证的公钥加密方案中,第三方对认证申请者的公钥和/或身份进行签名,并将签名作为认证发送给申请者,申请者保存该认证作为解密时的部分私钥.接收方对密文解密需要同时拥有第三方对其公钥和/或身份的认证和接收方公钥对应的私钥,因此基于认证的加密方案同时具备基于身份加密方案的公钥可认证性和传统公钥方案中的私钥免撤销性.本文提出一种高效、紧凑的基于认证的公钥混合加密算法,新算法能在非随机预言机模型下被证明满足选择密文攻击安全. 相似文献
5.
随着云计算的发展,以密文检索为核心的安全和搜索性能问题成为研究的重点。在传统的加密方案中,大多只解决了抵御外部关键字猜测攻击问题,往往忽视了诚实且好奇的云服务器问题。为了提高密文安全性,该文提出快速搜索的抵御内部关键字攻击方案。首先,引入高效的加密倒排索引结构的公钥密文搜索方案,实现关键字的并行搜索任务。其次,在构建密文倒排索引时加入数据拥有者的私钥抵御恶意云服务器的关键字攻击。与传统的公钥可搜索加密相比,该方案在很大程度上增强了搜索系统的安全性和搜索效率。 相似文献
6.
随着云计算的发展,以密文检索为核心的安全和搜索性能问题成为研究的重点.在传统的加密方案中,大多只解决了抵御外部关键字猜测攻击问题,往往忽视了诚实且好奇的云服务器问题.为了提高密文安全性,该文提出快速搜索的抵御内部关键字攻击方案.首先,引入高效的加密倒排索引结构的公钥密文搜索方案,实现关键字的并行搜索任务.其次,在构建密文倒排索引时加入数据拥有者的私钥抵御恶意云服务器的关键字攻击.与传统的公钥可搜索加密相比,该方案在很大程度上增强了搜索系统的安全性和搜索效率. 相似文献
7.
在加密邮件系统中,公钥可搜索加密技术可以有效地解决在不解密的情况下搜索加密邮件的问题。针对公钥可搜索加密复杂的密钥管理问题,该文在加密邮件系统中引入了基于身份的密码体制。针对可搜索加密的离线关键字猜测攻击问题,该文采用了在加密关键字和生成陷门的同时进行认证,并且指定服务器去搜索加密电子邮件的方法。同时,在随机预言机模型下,基于判定性双线性Diffie-Hellman假设,证明方案满足陷门和密文不可区分性安全。数值实验结果表明,在陷门生成和关键字密文检测阶段,该方案与现有方案相比在计算效率上较高。 相似文献
8.
目前的公钥加密方案受到来自量子计算的威胁,研究在量子计算下安全的公开加密算法具有重要的意义.本文提出了遍历矩阵的概念,并给出了遍历矩阵的性质.同时提出了基于有限域上遍历矩阵的双侧幂乘问题(TEME:Two-side Ergodic Matrices Exponentiation),并证明了求解TEME问题是NP完全的.据此,本文提出了一个新的公钥加密方案,并在标准模型下,证明了该方案基于TEME问题的安全性,即该方案具有适应性选择密文攻击下的不可区分性. 相似文献
9.
10.
利用双线性配对技术提出一个新的基于身份的广播加密方案。在标准模型下,证明了该方案具有适应性攻击安全模型下选择明文安全性。方案中的公钥参数和用户私钥均为固定长度,密文长度较短,并且,新方案还满足完全抗同谋攻击。与现有的广播加密方案相比,新方案更适用于存储量小的系统。 相似文献
11.
As the basis for secure public-key encryption under various cases, the learning with errors (LWE) problem has proved to be versatile for encryption schemes. Unfortunately, it tends not to be efficient enough for practical applications. For improving the efficiency issues and quickening the practical applications of the lattice-based public-key cryptosystems, an efficient homomorphic encryption scheme is presented in this paper, which is based on the learning with errors over rings (R-LWE) assumption, and its security is reducible to the hardness of the shortest vector problem in the worst case on ideal lattices. Furthermore, the scheme possesses homomorphism feature that encryption operations are consistent with message operations. The security analysis shows that the proposed encryption scheme is secure against chosen-plaintext attacks in the standard model. At the same time, the efficiency analysis and simulation results indicate that the scheme is much more efficient than previous lattice-based cryptosystems. 相似文献
12.
Cryptographic computations are often carried out on insecure devices for which the threat of key exposure represents a serious
concern. Forward security allows one to mitigate the damage caused by exposure of secret keys. In a forward-secure scheme,
secret keys are updated at regular periods of time; exposure of the secret key corresponding to a given time period does not
enable an adversary to "break" the scheme (in the appropriate sense) for any prior time period. We present the first constructions
of (non-interactive) forward-secure public-key encryption schemes. Our main construction achieves security against chosen-plaintext
attacks in the standard model, and all parameters of the scheme are poly-logarithmic in the total number of time periods.
Some variants and extensions of this scheme are also given. We also introduce the notion of binary tree
encryption and construct a binary tree encryption scheme in the standard model. Our construction implies the first hierarchical
identity-based encryption scheme in the standard model. (The notion of security we achieve, however, is slightly weaker than
that achieved by some previous constructions in the random oracle model.) 相似文献
13.
14.
15.
This paper presents a novel framework for the generic construction of hybrid encryption schemes which produces more efficient
schemes than the ones known before. A previous framework introduced by Shoup combines a key encapsulation mechanism (KEM)
and a data encryption mechanism (DEM). While it is sufficient to require both components to be secure against chosen ciphertext
attacks (CCA-secure), Kurosawa and Desmedt showed a particular example of KEM that is not CCA-secure but can be securely combined
with a specific type of CCA-secure DEM to obtain a more efficient, CCA-secure hybrid encryption scheme. There are also many
other efficient hybrid encryption schemes in the literature that do not fit into Shoup’s framework. These facts serve as motivation
to seek another framework.
The framework we propose yields more efficient hybrid scheme, and in addition provides insightful explanation about existing
schemes that do not fit into the previous framework. Moreover, it allows immediate conversion from a class of threshold public-key
encryption to a threshold hybrid one without considerable overhead, which may not be possible in the previous approach. 相似文献
16.
通过分析基于大整数分解、离散对数和双线性对等数学问题的特殊可传递签名方案,抽象出了可传递签名实现方法的共性。以此为基础,提出了一个基于同态加密体制的通用可传递签名方案,该方案利用同态加密体制能支持密文运算的特性实现了可传递签名及验证的一般模型,为基于同态密码体制构造安全可靠的可传递签名方案提供了一种通用框架。其次,通过适当定义安全目标和设计安全性实验,完成了该通用可传递签名方案的可证明安全性,指出若使用的同态加密方案是CPA安全而标准签名是CMA安全的,则所提出的方案就达到CMA安全。最后,给出了该通用可传递签名方案并进行了性能分析与比较。 相似文献
17.
Motivated by applications in large storage systems, we initiate the study of incremental deterministic public-key encryption. Deterministic public-key encryption, introduced by Bellare, Boldyreva, and O’Neill (CRYPTO ’07), provides an alternative to randomized public-key encryption in various scenarios where the latter exhibits inherent drawbacks. A deterministic encryption algorithm, however, cannot satisfy any meaningful notion of security for low-entropy plaintexts distributions, but Bellare et al. demonstrated that a strong notion of security can in fact be realized for relatively high-entropy plaintext distributions. In order to achieve a meaningful level of security, a deterministic encryption algorithm should be typically used for encrypting rather long plaintexts for ensuring a sufficient amount of entropy. This requirement may be at odds with efficiency constraints, such as communication complexity and computation complexity in the presence of small updates. Thus, a highly desirable property of deterministic encryption algorithms is incrementality: Small changes in the plaintext translate into small changes in the corresponding ciphertext. We present a framework for modeling the incrementality of deterministic public-key encryption. Our framework extends the study of the incrementality of cryptography primitives initiated by Bellare, Goldreich and Goldwasser (CRYPTO ’94). Within our framework, we propose two schemes, which we prove to enjoy an optimal tradeoff between their security and incrementality up to lower-order factors. Our first scheme is a generic method which can be based on any deterministic public-key encryption scheme, and, in particular, can be instantiated with any semantically secure (randomized) public-key encryption scheme in the random-oracle model. Our second scheme is based on the Decisional Diffie–Hellman assumption in the standard model. The approach underpinning our schemes is inspired by the fundamental “sample-then-extract” technique due to Nisan and Zuckerman (JCSS ’96) and refined by Vadhan (J. Cryptology ’04), and by the closely related notion of “locally computable extractors” due to Vadhan. Most notably, whereas Vadhan used such extractors to construct private-key encryption schemes in the bounded-storage model, we show that techniques along these lines can also be used to construct incremental public-key encryption schemes. 相似文献
18.
We provide a provable-security treatment of “robust” encryption. Robustness means it is hard to produce a ciphertext that is valid for two different users. Robustness makes explicit a property that has been implicitly assumed in the past. We argue that it is an essential conjunct of anonymous encryption. We show that natural anonymity-preserving ways to achieve it, such as adding recipient identification information before encrypting, fail. We provide transforms that do achieve it, efficiently and provably. We assess the robustness of specific encryption schemes in the literature, providing simple patches for some that lack the property. We explain that robustness of the underlying anonymous IBE scheme is essential for public-key encryption with keyword search (PEKS) to be consistent (meaning, not have false positives), and our work provides the first generic conversions of anonymous IBE schemes to consistent (and secure) PEKS schemes. Overall, our work enables safer and simpler use of encryption. 相似文献
