微信服务号

微信订阅号

2025年4月25日 13:26 星期五
首页 > 过刊浏览>2017年第28卷第10期 >2722-2736. DOI:10.13328/j.cnki.jos.005138
PDF HTML阅读 XML下载 导出引用 引用提醒
一种新的密码学原语研究——流程加密
作者:
基金项目:

教育部人文社科研究项目(15YJCZH029);广州市哲学社会科学发展“十三五”规划课题(2016GZYB25,2017GZQN05);国家自然科学基金(61772147,61300204);广东省自然科学基金重大基础研究培育项目(2015A030308016);广东省自然科学基金(2015A030313630);广东省教育厅基础研究重大项目(2014KZDXM044);广东省普通高校创新团队建设项目(2015KCXTD014);国家密码发展基金(MMJJ20170117);广州市教育局协同创新重大项目(1201610005);上海市信息安全综合管理技术研究重点实验室开放课题基金(AGK2015007);广东省科技计划(2016A020210103,2017A020208054)


New Cryptography Primitive Research: Process Based Encryption
Author:
Fund Project:

Humanities and Social Science Research Project of Ministry of Education (15YJCZH029); The Project of “the 13th Five-Year Plan” for the Development of Philosophy and Social Sciences in Guangzhou (2016GZYB25, 2017GZQN05); National Natural Science Foundation of China (61772147, 61300204); Guangdong Province Natural Science Foundation of Major Basic Research and Cultivation Project (2015A030308016); Natural Science Foundation of Guangdong Province of China (2015A030313630); Basic Research Project of Guangdong Provincial Department of Education (2014KZDXM044); Colleges and Universities Innovation Team Construction Project Guangdong Province (2015KCXTD014); National Cryptography Development Fund (MMJJ20170117); Guangzhou City Bureau of Cooperative Innovation Project (1201610005); Information Security Comprehensive Management Technology Research Key Laboratory Open Topic Fund of Shanghai (AGK2015007); Guangdong Science and Technology Plan (2016A020210103, 2017A020208054)

  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [38]
    • |
  • 相似文献 [20]
    • | | |
  • 文章评论
    摘要:

    在许多实际的应用场景中,当用户需要获取敏感数据时,需要判断该用户是否满足某些“流程”的要求.现存的加密方案不能有效应用到以上场景中.为了解决这一新问题,提出了一种新的加密原语:基于流程的加密(process based encryption,简称PBE),并把PBE分成两种类型:密钥策略的PBE(KP-PBE)与密文策略的PBE(CP-PBE).运用双线性映射与线性秘密共享协议的工具,给出了一种KP-PBE的构造方法.随后,把KP-PBE方案与传统属性加密进行对比,指出在描述流程数量方面,KP-PBE与传统属性加密方案存在数量级的差异,从而体现了KP-PBE方案在描述流程方面的优越性.最后,在选择性安全的模型下,证明了该方案的安全性.

    Abstract:

    In many applications, when a user needs to access sensitive information, it is a usual requirement to authenticate whether or not the user satisfies certain processes.Existing encryption schemes are not applicable for this scenario.To adderess this problem, a new cryptography primitive called process pased encryption (PBE) is presented.The application scenario of PBE is demonstrated.PBE is classified into two categories: Key policy process based encryption (KP-PBE) and ciphertext policy process based encryption (CP-PBE).A KP-PBE scheme is constructed utilizing the tools of bilinear map and linear secret sharing scheme (LSSS).Compared to conventional attribute based Eecryption (ABE), the performance of KP-PBE is much better on describing processes.Finally, the security of KP-PBE is proven under the selective security model.

    参考文献
    [1] Shamir A.Identity-Based cryptosystems and signature schemes.In: Proc.of the CRYPTO 1984.Berlin, Heidelberg: Springer-Verlag, 1985.19-22.[doi: 10.1007/3-540-39568-7_5]
    [2] Sahai A, Waters B.Fuzzy identity-based encryption.In: Proc.of the EUROCRYPT 2005.Berlin, Heidelberg: Springer-Verlag, 2005.457-473.[doi: 10.1007/11426639_27]
    [3] Goyal V, Jain A, Pandey O, Sahai A.Bounded ciphertext policy attribute based encryption.In: Proc.of the Int'l Colloquium on Automata, Languages & Programming.Berlin, Heidelberg: Springer-Verlag, 2008.579-591.[doi: 10.1007/978-3-540-70583-3_47]
    [4] Bethencourt J, Sahai A, Waters B.Ciphertext-Policy attribute-based encryption.In: Proc.of the IEEE Symp.on Security and Privacy.IEEE Computer Society, 2007.321-334.[doi: 10.1109/SP.2007.11]
    [5] Ostrovsky R, Sahai A, Waters B.Attribute-Based encryption with non-monotonic access structures.In: Proc.of the ACM Conf.on Computer and Communications Security.ACM, 2007.195-203.[doi: 10.1145/1315245.1315270]
    [6] Hohenberger S, Waters B.Attribute-Based encryption with fast decryption.In: Proc.of the PKC 2013.Berlin, Heidelberg: Springer-Verlag, 2013.162-179.[doi: 10.1007/978-3-642-36362-7_11]
    [7] Beimel A.Secure schemes for secret sharing and key distribution[Ph.D.Thesis].Haifa: Technion, 1996.
    [8] Waters B.Functional encryption for regular languages.In: Proc.of the CRYPTO 2012.Berlin, Heidelberg: Springer-Verlag, 2012.218-235.[doi: 10.1007/978-3-642-32009-5_14]
    [9] Xiong JB, Yao ZQ, Ma JF, Li FH, Liu XM.A secure self-destruction scheme with IBE for the Internet content privacy.Chinese Journal of Computers, 2014,37(1):139-150 (in Chinese with English abstract).
    [10] Guang Y, Zhu YF, Fei JL, Gu CX, Zheng YH.Identity-Based fully homomorphic encryption from learning with error problem.Journal of Communications, 2014,35(2):111-117 (in Chinese with English abstract).
    [11] Wang SH, Han ZJ, Xiao F, Wang RZ.Identity-Based searchable encryption scheme with a designated tester.Journal of Communications, 2014,35(7):22-32 (in Chinese with English abstract).
    [12] Ming Y, Wang YM.Provable secure identity-based encryption scheme with wildcard in the standard model.Acta Electronica Sinica, 2013,41(10):2082-2086 (in Chinese with English abstract).
    [13] Cocks C.An identity based encryption scheme based on quadratic residues.In: Proc.of the IMA Conf.on Cryptography and Coding.Berlin, Heidelberg: Springer-Verlag, 2001.360-363.[doi: 10.1007/3-540-45325-3_32]
    [14] Boneh D, Franklin MK.Identity-Based encryption from the weil pairing.In: Proc.of the CRYPTO 2001.Berlin, Heidelberg: Springer-Verlag, 2001.213-229.[doi: 10.1007/3-540-44647-8_13]
    [15] Waters B.Efficient identity-based encryption without random oracles.In: Proc.of the EUROCRYPT 2005.Berlin, Heidelberg: Springer-Verlag, 2005.114-127.[doi: 10.1007/11426639_7]
    [16] Shao J, Cao Z.Multi-Use unidirectional identity-based proxy re-encryption from hierarchical identity-based encryption.Information Sciences, 2012,206:83-95.[doi: 10.1016/j.ins.2012.04.013]
    [17] Goyal V, Pandey O, Sahai A, Waters B.Attribute-Based encryption for fine-grained access control of encrypted data.In: Proc.of the ACM Conf.on Computer and Communications Security.ACM, 2006.89-98.[doi: 10.1145/1180405.1180418]
    [18] Chase M.Multi-Authority attribute based encryption.In: Proc.of the TCC 2007.Berlin, Heidelberg: Springer-Verlag, 2007.515-534.[doi: 10.1007/978-3-540-70936-7_28]
    [19] Lewko AB, Waters B.Unbounded HIBE and attribute-based encryption.In: Proc.of the EUROCRYPT 2011.Berlin, Heidelberg: Springer-Verlag, 2011.547-567.[doi: 10.1007/978-3-642-20465-4_30]
    [20] Wan Z, Liu JE Deng RH.HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing.IEEE Trans.on Information Forensics and Security, 2012,7(2):743-754.[doi: 10.1109/TIFS.2011.2172209]
    [21] Wang G, Liu Q, WUJ, Guo M.Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers.Computers & Security, 2011,30(5):320-331.[doi: 10.1016/j.cose.2011.05.006]
    [22] Deng H, Wu Q, Qin B, Josep D, Lei Z, Liu JW, Shi WC.Ciphertext-Policy hierarchical attribute-based encryption with short ciphertexts.Information Sciences, 2014,275(12):370-384.[doi: 10.1016/j.ins.2014.01.035]
    [23] Xiong JB, Yao ZQ, Ma JF, Li FH, Liu XM, Li Q.A secure self-destruction scheme for composite documents with attribute based encryption.Acta Electronica Sinica, 2014,42(2):366-376 (in Chinese with English abstract).
    [24] Guan ZT, Yang TT, Xu RZ, Wang ZX.Multi-Authority attribute-based encryption access control model for cloud storage.Jounnal of Communications, 2015,36(6):116-126 (in Chinese with English abstract).
    [25] Chen JH, Chen KF, Long Y, Wan ZM, Yu K, Sun CF, Chen LQ.Ciphertext policy attribute-based parallel keyinsulated encryption.Ruan Jian Xue Bao/Journal of Software, 2012,23(10):2795-2804 (in Chinese with English abstract).http://www.jos.org.cn/1000-9825/4183.htm[doi: 10.3724/SP.J.1001.2012.04183]
    [26] Wang PP, Feng DG, Zhang LW.CP-ABE scheme supporting fully fine-grained attribute revocation.Ruan Jian Xue Bao/Journal of Software, 2012,23(10):2805-2816 (in Chinese with English abstract).http://www.jos.org.cn/1000-9825/4184.htm[doi: 10.3724/SP.J.1001.2012.04184]
    [27] Boneh D, Sahai A, Waters B.Functional encryption: Definitions and challenges.In: Proc.of the TCC 2011.Berlin, Heidelberg: Springer-Verlag, 2011.253-273.[doi: 10.1007/978-3-642-19571-6_16]
    [28] Goldwasser S, Goyal V, Jain A, Sahai A.Multi-Input functional encryption.IACR Cryptology ePrint Archive, 2013, 727.http://eprint.iacr.org/2013/727
    [29] Waters B.Ciphertext policy attribute based encryption: An expressive, efficient, and provably secure realization.In: Proc.of the PKC 2011.Berlin, Heidelberg: Springer-Verlag, 2011.53-70.[doi: 10.1007/978-3-642-19379-8_4]
    [30] Waters B.Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions.In: Proc.of the CRYPTRO 2009.Berlin, Heidelberg: Springer-Verlag, 2009.619-636.[doi: 10.1007/978-3-642-03356-8_36]
    [9] 熊金波,姚志强,马建峰,李凤华,刘西蒙.面向网络内容隐私的基于身份加密的安全自毁方案.计算机学报,2014,37(1):139-150.
    [10] 光焱,祝跃飞,费金龙,顾纯祥,郑永辉.利用容错学习问题构造基于身份的全同态加密体制.通信学报,2014,35(2):111-117.
    [11] 王少辉,韩志杰,肖甫,王汝传.指定测试者的基于身份可搜索加密方案.通信学报,2014,35(7):22-32.
    [12] 明洋,王育民.标准模型下可证安全的通配符基于身份加密方案.电子学报,2013,10:2082-2086.
    [23] 熊金波,姚志强,马建峰,李凤华,刘西蒙,李琦.基于属性加密的组合文档安全自毁方案.电子学报,2014,42(2):366-376.
    [24] 关志涛,杨亭亭,徐茹枝,王竹晓.面向云存储的基于属性加密的多授权中心访问控制方案.通信学报,2015,36(6):116-126.
    [25] 陈剑洪,陈克非,龙宇,万中美,于坤,孙成富,陈礼清.密文策略的属性基并行密钥隔离加密.软件学报,2012,23(10):2795-2804.http://www.jos.org.cn/1000-9825/4183.htm [doi: 10.3724/SP.J.1001.2012.04183]
    [26] 王鹏翩,冯登国,张立武.一种支持完全细粒度属性撤销的CP-ABE 方案.软件学报,2012,23(10):2805-2816. http://www.jos.org.cn/1000-9825/4184.htm [doi: 10.3724/ SP.J.1001.2012.04184]
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

邓宇乔,唐春明,宋歌,温雅敏.一种新的密码学原语研究——流程加密.软件学报,2017,28(10):2722-2736

复制
分享
文章指标
  • 点击次数:2229
  • 下载次数: 4715
  • HTML阅读次数: 1964
  • 引用次数: 0
历史
  • 收稿日期:2016-05-22
  • 最后修改日期:2016-08-18
  • 在线发布日期: 2017-09-30
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19870596位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号