微信服务号

微信订阅号

2025年5月13日 21:19 星期二
首页 > 过刊浏览>2015年第26卷第5期 >1196-1212. DOI:10.13328/j.cnki.jos.004693
PDF HTML阅读 XML下载 导出引用 引用提醒
密钥弹性泄漏安全的通配模板层次委托加密机制
作者:
基金项目:

国家自然科学基金(61370224, 61272436, 61170135); 湖北省自然科学基金(2013CFA046); 湖北工业大学高层次人才项目; 中国科学院信息工程研究所信息安全国家重点实验实验室开放课题(2014-04)


Key Leakage-Resilient Secure Cryptosystem with Hierarchical Wildcard Pattern Delegation
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [26]
    • |
  • 相似文献
    • |
  • 引证文献
    • | |
  • 文章评论
    摘要:

    传统的密码方案假定密钥对可能的攻击者来说是完全隐藏的(只有算法是公开的),敌手无法获得有关密钥的任何信息.但在实际系统中,攻击者可在噪声信道或由侧信道攻击获得有关密钥的部分信息.密钥弹性泄漏安全的加密方案通过改进密码算法达到在密钥存在可能部分泄漏情况下的语义安全性.设计了一个抗密钥弹性泄漏的可委托层次模板加密方案.在该方案中,用户身份关联到含有通配符的身份模板,并可以实现再次密钥委托.该方案是抗泄漏的层次身份加密方案(hierarchical identity-based encryption,简称HIBE)和隐藏向量加密方案(hidden vector encryption,简称HVE)的一般扩展,可有效地抵抗密钥弹性泄漏,并达到自适应语义安全性.同时给出该方案的安全性证明和系统抗泄漏性能,分析显示,该方案具有较好的密钥泄漏容忍性.

    Abstract:

    In the traditional cryptosystems, secret keys are perfectly hidden for any possible attackers and only the cryptographic algorithms and public parameters are public. However, in practical applications, the attacker can obtain partial information about the matched decryption key from the noise channels or by the side-channel attacks. This study proposes a leakage-resilient hierarchical wildcard pattern encryption in which a user is associated with a wildcard identity pattern. A secret key is derived for a vector of identity strings where entries can be left blank using a wildcard, and this key can then be used to derive keys for any pattern that replaces wildcards with concrete identities. The scheme supports the wildcard pattern key delegation, which is considered as a general extension of leakage-resilient hierarchical IBE (identity-based encryption) and HVE (hidden vector encryption). Moreover, the proposed scheme can tolerate partial key leakage, and the scheme is proven to be leakage-resilient and semantically secure in the standard model under the subgroup decision assumptions.

    参考文献
    [1] Boneh D, Hamburg M. Generalized identity based and broadcast encryption schemes. In: Proc. of the Advances in Cryptology—ASIACRYPT 2008. LNCS 5350, 2008. 455-470. [doi: 10.1007/978-3-540-89255-7_28]
    [2] Shi E, Waters B. Delegating capabilities in predicate encryption systems. In: Proc. of the ICALP 2008. LNCS 5126, Springer- Verlag, 2008. 560-578. [doi: 10.1007/978-3-540-70583-3_46]
    [3] Abdalla M, Kiltz E, Neven G. Generalized key delegation for hierarchical identity-based encryption. In: Proc. of the ESORICS 2007. LNCS 4734, 2007. 139-154. [doi: 10.1007/978-3-540-74835-9_10]
    [4] Abdalla M, Caro AD, Phan DH. Generalized key delegation for wildcarded identity-based and inner-product encryption. IEEE Trans. on Information Forensics and Security, 2012,7(6):1695-1706. [doi: 10.1109/TIFS.2012.2213594]
    [5] Zhang M, Takagi T. GeoEnc: Geometric area based keys and policies in functional encryption systems. In: Proc. of the ACISP 2011. LNCS 6812, 2011. 241-258. [doi: 10.1007/978-3-642-22497-3_16]
    [6] Kang L, Wang ZY. The efficient CCA secure public-key encryption scheme. The Chinese Journal of Computers, 2011,34(2): 236-242 (in Chinese with English abstract). [doi: 10.3724/SP.J.1016.2011.00236]
    [7] Boldyreva A, Fehr S, O'Neill A. On notions of security for deterministic encryption, and efficient constructions without random oracles. In: Proc. of the Advances in Cryptology—CRYPTO 2008. LNCS 5157, 2008. 335-359. [doi: 10.1007/978-3-540-85174- 5_19]
    [8] Lewko AB, Waters B. New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Proc. of the TCC 2010. LNCS 5978, 2010. 455-479. [doi: 10.1007/978-3-642-11799-2_27]
    [9] Abdalla M, Birkett J, Catalano D, Dent AW, Malone-Lee J, Neven G, Schuldt JCN, Smart NP. Wildcarded identity-based encryption. Journal of Cryptography, 2011,24(1):42-82. [doi: 10.1007/s00145-010-9060-3]
    [10] Alwen J, Dodis Y, Naor M. Public-Key encryption in the bounded-retrieval model. In: Proc. of the Advances in Cryptology—EUROCRYPT 2010. LNCS 6110, 2010. 113-134. [doi: 10.1007/978-3-642-13190-5_6]
    [11] Alwen J, Dodis Y, Wichs D. Leakage-Resilient public-key in the bounded-retrieval model. In: Proc. of the Advances in Cryptology—CRYPTO 2009. LNCS 5677, 2009. 36-54. [doi: 10.1007/978-3-642-03356-8_3]
    [12] Brakershi Z, Kalai YT, Katz J, Vaikuntanathan V. Overcoming the hole in the bucket: public-key cryptogaphy resilient to continual memory leakage. In: Proc. of the FOCS 2010. 2010. 501-510. [doi: 10.1109/FOCS.2010.55]
    [13] Chow S, Dodis D, Rouselakis Y, Waters B. Practical leakage-resilient identity-based encryption from simple assumptions. In: Proc. of the ACM-CCS 2010. 2010. 152-161. [doi: 10.1145/1866307.1866325]
    [14] Kiltz E, Pietrzak K. Leakage resilient ElGamal encryption. In: Proc. of the Advances in Cryptology—ASIACRYPT 2010. LNCS 6377, 2010. 595-612. [doi: 10.1007/978-3-642-17373-8_34]
    [15] Liu S,Weng J, Zhao Y. Efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks. In: Proc. of the CT-RSA 2013. LNCS 7779, 2013. 84-100. [doi: 10.1007/978-3-642-36095-4_6]
    [16] Lewko AB, Rouselakis Y, Waters B. Achieving leakage resilience through dual system encryption. In: Proc. of the TCC 2011. LNCS 6597, 2011. 70-88. [doi: 10.1007/978-3-642-19571-6_6]
    [17] Waters B. Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions. In: Proc. of the Advances in Cryptology—CRYPTO 2009. LNCS 5677, 2009. 619-636. [doi: 10.1007/978-3-642-03356-8_36]
    [18] Zhang M, Yang B, Takagi T. Master-Key leakage-resilient and continue leakage-resilient functional encryption in dual affine spaces. Chinese Journal of Computers, 2012,35(9):1856-1867 (in Chinese with English abstract).
    [19] Akavia A, Goldwasser S, Vaikuntanathan V. Simultaneous hardcore bits and cryptography against memory attacks. In: Proc. of the TCC 2009. LNCS 5444, 2009. 474-495. [doi: 10.1007/978-3-642-00457-5_28]
    [20] Dodis V, Haralambier K, Lopez-Alt A, Wichs D. Efficient public-key cryptography in the presence of key leakage. In: Proc. of the Advances in Cryptology—ASIACRYPT 2010. LNCS 6377, 2010. 613-631. [doi: 10.1007/978-3-642-17373-8_35]
    [21] Dodis V, Ostrovsky R, Reyzin L, Smith A. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal of Computers, 2008,38(1):97-119. [doi: 10.1137/060651380]
    [22] Sahai A, Water B. Fuzzy identity-based encryption. In: Proc. of the Advances in Cryptology—EUROCRYPT 2005. LNCS 3494, 2005. 457-473. [doi: 10.1007/11426639_27]
    [23] Zhang M, Yang B, Takagi T. Bounded leakage-resilient functional encryption with hidden vector predicate. The Computer Journal, 2013,56(4):464-477. [doi: 10.1093/comjnl/bxs133]
    [24] Yu J, Cheng XG, Li FG, Pan ZK, Kong FY, Hao R. Provably secure intrusion-resilient public-key encryption scheme in the standard model. Ruan Jian Xue Bao/Journal of Software, 2013,24(2):266-278 (in Chinese with English abstract). http://www.jos. org.cn/1000-9825/4324.htm [doi: 10.3724/SP.J.1001.2013.04324]
    [25] Yu J, Kong FY, Cheng XG, Hao R, Guo XF. A provably secure intrusion-resilient signature scheme. Ruan Jian Xue Bao/Journal of Software, 2010,21(9):2352-2366 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/3772.htm [doi: 10.3724/SP.J. 1001.2010.03772]
    [26] Li X, Yang B, Guo Y, Yao J. A new key hiding scheme based on fingerprint. Journal of Computer Research and Development, 2013,50(3):532-539 (in Chinese with English abstract).
    相似文献
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

张明武,王春枝,杨波,高木刚.密钥弹性泄漏安全的通配模板层次委托加密机制.软件学报,2015,26(5):1196-1212

复制
相关视频

分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2013-04-03
  • 最后修改日期:2014-07-09
  • 在线发布日期: 2015-05-06
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19936852位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号