可实现固定用户安全访问移动终端外包数据的非对称代理重加密系统

doi:10.11959/j.issn.2096-109x.2016.00099

网络与信息安全学报 ›› 2016, Vol. 2 ›› Issue (9): 49-56.doi: 10.11959/j.issn.2096-109x.2016.00099

可实现固定用户安全访问移动终端外包数据的非对称代理重加密系统

郝伟^1,²,王绪安^1,²,杨晓元^1,²(),吴立强^1,²

¹ 武警工程大学电子技术系，陕西西安 710086
² 武警工程大学网络与信息安全武警部队重点实验室，陕西西安 710086

修回日期:2016-09-03 出版日期:2016-09-15 发布日期:2020-03-26
作者简介:郝伟（1990-），男，内蒙古包头人，武警工程大学硕士生，主要研究方向为公钥密码理论与应用。|王绪安（1981-），男，湖北荆州人，博士，武警工程大学副教授，主要研究方向为密码学与信息安全。|杨晓元（1959-），男，湖南湘潭人，武警工程大学教授、博士生导师，主要研究方向为密码学、信息安全、网络安全。|吴立强（1986-），男，陕西蓝田人，硕士，武警工程大学讲师，主要研究方向为格密码学与可证明安全。
基金资助:
：国家自然科学基金资助项目(61272492);：国家自然科学基金资助项目(61572521);陕西省自然科学基金资助项目(2014JM8300);武警工程大学基础研究基金资助项目(WJY201422);武警工程大学基础研究基金资助项目(WJY201523)

Asymmetric proxy re-encryption system achievable for office user to securely sharing outsourcing data of mobile terminal

Wei HAO^1,²,Xu-an WANG^1,²,Xiao-yuan YANG^1,²(),Li-qiang WU^1,²

¹ Electronic Department Engineering,College of Chinese People's Armed Police,Xi'an 710086,China
² Key Laboratory of Network ＆ Information Security Engineering,College of Chinese People's Armed Police,Xi'an 710086,China

Revised:2016-09-03 Online:2016-09-15 Published:2020-03-26
Supported by:
The National Natural Science Foundation of China(61272492);The National Natural Science Foundation of China(61572521);The Natural Science Foundation of Shaanxi Province(2014JM8300);The Basic Research Program of Engineering University of Chinese People's Armed Police(WJY201422);The Basic Research Program of Engineering University of Chinese People's Armed Police(WJY201523)

摘要/Abstract

摘要：

为实现固定用户安全共享移动终端的加密数据，提出了跨加密系统的非对称代理重加密系统。在该系统中，计算能力有限的移动终端使用相对简单的基于身份的加密系统，而服务器和固定用户使用较复杂的基于身份的广播加密系统。该系统基于密文转换机制，使移动终端简单的IBE密文被代理者转换成复杂的IBBE密文，同时代理者不会得知明文的任何信息。该方案的安全性可以归约到底层的IBE和IBBE方案的安全性。理论和实验分析表明，该方案可实现移动终端只需很少的资源便能让固定用户安全地共享其加密数据。

关键词: 代理重加密, 基于身份的加密, 基于身份的广播加密, 安全共享

Abstract:

In order to realize the office users securely share encrypted data of the mobile terminal,an asymmetric cross-cryptosystem proxy re-encryption system is proposed.In this system,mobile terminals who have the limited computing power use relatively simple identity-based encryption system,while the server and office users use more complex identity-based broadcast encryption system.This system is based on the ciphertext conversion mechanism,which enables the simple IBE ciphertext of mobile terminal to be converted into the complex IBBE ciphertext by proxy while the proxy know nothing of the plaintext.The security of this scheme can be reduced to the safety of the IBE and IBBE scheme.Theoretical and experimental analysis indicate that the scheme is useful for the mobile ter-minal to consume less resources to make the fixed users share the data encrypted by mobile terminal,and it is more practical.

Key words: proxy re-encryption, identity-based encryption, identity-based broadcast encryption, securely sharing

中图分类号:

TP309

郝伟,王绪安,杨晓元,吴立强. 可实现固定用户安全访问移动终端外包数据的非对称代理重加密系统[J]. 网络与信息安全学报, 2016, 2(9): 49-56.

Wei HAO,Xu-an WANG,Xiao-yuan YANG,Li-qiang WU. Asymmetric proxy re-encryption system achievable for office user to securely sharing outsourcing data of mobile terminal[J]. Chinese Journal of Network and Information Security, 2016, 2(9): 49-56.

图/表 5

图1

表1

APRE方案各阶段的功耗"

操作	功耗
系统初始化	$(m + 1) t_{e} + t_{p}$
用户注册	$t_{e}$
共享文件产生	$3 t_{e}$
重加密密钥产生	$(n + 3) t_{e}$
代理重加密	$t_{e} + t_{p}$
原始共享文件解密	$t_{e} + t_{p}$
转换后的共享文件解密	$n t_{e} + 3 t_{p}$

表1

表2

图2

图3

参考文献 12

[1]	CHU C K , CHOW S M , TZENG W G , et al. Key-aggregate cryptosystem for scalable data sharing in cloud storage[J]. IEEE Transactions on Parallel and Distributed Systems, 2014,25(2):468-477.
[2]	LEE B . Unified public key infrastructure supporting both certifi-cate-based and id-based cryptography[C]// The International Con-ference on Availability,Reliability,and Security. 2010:54-61.
[3]	DELERABLéE C . Identity-based broadcast encryption with con-stant size ciphertexts and private keys[C]// The 13th International Conference on Theory and Application of Cryptology and Informa-tion Security. 2007:200-215.
[4]	BONEH D , BOYEN X . Efficient selective-id secure identity-based encryption without random oracles[C]// The International Confer-ence on the Theory and Applications of Cryptographic Techniques. 2004:223-238.
[5]	DENG H , WU Q H , QIN B , et al. Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to out-sourced data[C]// The 10th ACM Symposium on Information,Com-puter and Communications Security. 2015:393-404.
[6]	HWU J S , CHEN R J , LIN Y B . An efficient identity-based crypto-system for end-to-end mobile security[J]. IEEE Transactions on Wireless Communications, 2006,5(9):2586-2593.
[7]	DENG H , WU Q , QIN B , et al. Tracing and revoking leaked cre-dentials:accountability in leaking sensitive outsourced data[C]// The 9th ACM Symposium on Information Computer and Communications Security. 2014:425-434.
[8]	ATENIESE G , FU K , GREEN M , et al. Improved proxy re-encryption schemes with applications to secure distributed stor-age[J]. ACM Transactions on Information and System Security(TISSEC), 2006,9(1):1-30.
[9]	CHU C K , TZENG W G . Identity-based proxy re-encryption with-out random oracles[C]// The 10th International Conference on In-formation Security. 2007:189-202.
[10]	MATSUO T . Proxy re-encryption systems for identity-based en-cryption[C]// The First International Conference on Pairing-Based Cryptograph. 2007:247-267.
[11]	SHAO J , LU R , LIN X . Fine-grained data sharing in cloud com-puting for mobile devices[C]// Computer Communications(INFO-COM). 2015:2677-2685.
[12]	[EB/OL]..

方案	公钥长度	私钥长度	原始密文长度	重加密密钥长度	转换后密文长度	解密中的配对运算	非交互	跨加密系统
文献[9]	3	2	3	5	5	3	√	×
文献[10]	PKE:3IBE:4	PKE:3IBE:2	4	3	3	2	×	√
APRE	IBE:4IBBE:m+3	IBE:1IBBE:1	2	4	5	3	√	√

可实现固定用户安全访问移动终端外包数据的非对称代理重加密系统

Asymmetric proxy re-encryption system achievable for office user to securely sharing outsourcing data of mobile terminal

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献 12

相关文章 1

Metrics

推荐阅读 0