基于SM9的CCA安全广播加密方案
作者:
作者单位:

作者简介:

通讯作者:

中图分类号:

基金项目:

国家自然科学基金(61902191,62032005,61972294,61972094,61932016);江苏省自然科学基金(BK20190696);福建省科技厅科学基金(2020J02016);山东省重点研发计划(2020CXGC010115)


CCA Secure Identity-Based Broadcast Encryption Based on SM9
Author:
Affiliation:

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    选择密文安全模型能有效刻画主动攻击,更接近现实环境.现有抵抗选择密文攻击的密码算法以国外算法为主,缺乏我国自主设计且能抵抗选择密文攻击的密码算法.虽然实现选择密文安全存在通用转化方法,代价是同时增加计算开销和通信开销.本文基于国密SM9标识加密算法,提出一种具有选择密文安全的标识广播加密方案.方案的设计继承了SM9标识加密算法结构,用户密钥和密文的大小都是固定的,其中用户密钥由一个群元素组成,密文由三个元素组成,与实际参与加密的接收者数量无关.借助随机谕言器,基于GDDHE困难问题可证明方案满足CCA安全.加密算法的设计引入虚设标识,通过该标识可成功回复密文解密询问,实现CCA的安全性.分析表明,本文方案与现有高效标识广播加密方案在计算效率和存储效率上相当.

    Abstract:

    The security against chosen-ciphertext attack (CCA) can effectively figure active attacks in reality. The existing cryptosystems against chosen-ciphertext attack are mainly designed by the foreign and there is a lack of CCA secure cryptosystems designed by our people. Although there are several generic transformation approaches to achieve CCA security, the price to pay is the growth of both computational overhead and communication overhead. In this paper, based on SM9, we propose a new identity-based broadcast encryption which is secure against chosen-ciphertext attack. The scheme construction is derived from SM9 encryption algorithm. The private key size and ciphertext size are of constant which is independent of the number of receivers chosen in data encryption phase. Precisely, the private key consists of one element and the ciphertext is composed of three elements only. If the GDDHE assumption holds, we prove that the proposed scheme is selective secure under chosen-ciphertext attack in the random oracle model. To achieve CCA security, we embed a dummy identity in the ciphertext generation, which can be used to answer the decryption query successfully. Analysis shows that the proposed scheme is comparable to the existing efficient identity-based broadcast encryption schemes in terms of computational efficiency and storage efficiency.

    参考文献
    相似文献
    引证文献
引用本文

赖建昌,黄欣沂,何德彪,宁建廷.基于SM9的CCA安全广播加密方案.软件学报,,():0

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2021-06-21
  • 最后修改日期:2021-10-01
  • 录用日期:
  • 在线发布日期: 2022-09-20
  • 出版日期:
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号