抗隐蔽敌手的云外包秘密共享方案

doi:10.11959/j.issn.1000-436x.2017100

通信学报 ›› 2017, Vol. 38 ›› Issue (5): 57-65.doi: 10.11959/j.issn.1000-436x.2017100

抗隐蔽敌手的云外包秘密共享方案

张恩^1,²,耿魁¹,金伟^1,³,李勇俊^1,³,孙韵清⁴,李凤华^1,³

¹ 中国科学院信息工程研究所信息安全国家重点实验室，北京 100195
² 河南师范大学计算机与信息工程学院，河南新乡453007
³ 中国科学院大学网络空间安全学院，北京 100049
⁴ 西安电子科技大学通信工程学院，陕西西安 710071

修回日期:2017-03-21 出版日期:2017-05-01 发布日期:2017-05-28
作者简介:张恩（1974-），男，河南新乡人，博士，中国科学院信息工程研究所副教授、硕士生导师，主要研究方向为密码协议、隐私保护。|耿魁（1989- ），男，湖北红安人，博士，中国科学院信息工程研究所助理研究员，主要研究方向为网络安全。|金伟（1994-），女，北京人，中国科学院信息工程研究所博士生，主要研究方向为访问控制。|李勇俊（1992-），男，浙江丽水人，中国科学院信息工程研究所博士生，主要研究方向为访问控制。|孙韵清（1997-），女，陕西西安人，主要研究方向为网络安全防护。|李凤华（1966-），男，湖北浠水人，博士，中国科学院信息工程研究所副总工程师、研究员、博士生导师，主要研究方向为网络与系统安全、隐私计算、信息保护。
基金资助:
国家高技术研究发展计划（“863”计划）基金资助项目(2015AA016007);国家自然科学基金资助项目(U1401251);国家自然科学基金资助项目(U1604156);中国科学院大学生创新实践训练计划基金资助项目(1188005088);河南省科技攻关基金资助项目(172102210045)

Cloud outsourcing secret sharing scheme against covert adversaries

En ZHANG^1,²,Kui GENG¹,Wei JIN^1,³,Yong-jun LI^1,³,Yun-qing SUN⁴,Feng-hua LI^1,³

¹ State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100195,China
² College of Computer and Information Engineering,Henan Normal University,Xinxiang 453007,China
³ School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China
⁴ School of Telecommunications Engineering,Xidian University,Xi’an 710071,China

Revised:2017-03-21 Online:2017-05-01 Published:2017-05-28
Supported by:
The National High Technology Research and Development Program of China (863 Program)(2015AA016007);The National Natural Science Foundation of China(U1401251);The National Natural Science Foundation of China(U1604156);Innovative Practice Project of College Students in Chinese Academy of Sciences(1188005088);Science and Technology Research Project of Henan Province(172102210045)

摘要/Abstract

摘要：

为了促使计算能力薄弱的云租户有效及公平地重构秘密，结合云外包计算和秘密共享特性，提出一种云外包秘密共享方案。在云外包秘密共享过程中，云租户间无需交互，只需进行少量解密和验证操作，而将复杂耗时的秘密重构计算外包给云服务提供商。该方案无需复杂的交互论证或零知识证明，能够及时发现云租户和云服务提供商的恶意行为，达到抵抗隐蔽敌手攻击的目的，最终每位云租户都能够公平和正确地得到秘密。安全分析和性能比较表明方案是安全和有效的。

关键词: 秘密共享, 外包计算, 隐蔽敌手, 公平性

Abstract:

In order to make computationally weak cloud tenants can reconstruct a secret with efficiency and fairness,a cloud outsourcing secret sharing scheme was proposed,which combined cloud outsourcing computation with secret sharing scheme.In the process of outsourcing secret sharing,cloud tenants just need a small amount of decryption and validation operations,while outsource expensive cryptographic operations to cloud service provider (CSP).The scheme,without complex interactive augment or zero-knowledge proof,could detect malicious behaviors of cloud tenants or cloud service providers.And the scheme was secure against covert adversaries.Finally,every cloud tenant was able to obtain the secret fairly and correctly.Security analysis and performance comparison show that scheme is safe and effective.

Key words: secret sharing, outsourcing computation, covert adversaries, fairness

中图分类号:

TP309.2

张恩,耿魁,金伟,李勇俊,孙韵清,李凤华. 抗隐蔽敌手的云外包秘密共享方案[J]. 通信学报, 2017, 38(5): 57-65.

En ZHANG,Kui GENG,Wei JIN,Yong-jun LI,Yun-qing SUN,Feng-hua LI. Cloud outsourcing secret sharing scheme against covert adversaries[J]. Journal on Communications, 2017, 38(5): 57-65.

图/表 2

参考文献 38

[1]	SHAMIR A . How to share a secret[J]. Communications of the ACM, 1979,22(1): 612-613.
[2]	BLAKELEY G R , . Safeguarding cryptographic keys[C]// The National Computer Conference. 1979. 313-317.
[3]	CHOR B , GOLDWASSER S , MICALI S ,et al. Verifiable secret sharing and achieving simultaneity in the presence of faults[C]// 26th IEEE Annual Symposium on Foundations of Computer Science. 1985: 383-395.
[4]	FELDMAN P , . A practical scheme for non-interactive verifiable secret sharing[C]// 28th IEEE Annual Symposium Foundations of Computer Science. 1987: 427-438.
[5]	PEDERSEN T P , . Distributed provers with applications to undeniable signatures[C]// Advances in Cryptology—EUROCRYPT’91. 1991: 221-242.
[6]	ZHANG F T , ZHANG J . Efficient and information-theoretical secure verifiable secret sharing over bilinear groups[J]. Chinese Journal of Electronics, 2014,23(1): 13-17.
[7]	MAHABIR P J , AYINEEDI V , REIHANEH S N . Paillier-based publicly verifiable (non-interactive) secret sharing[J]. Designs Codes and Cryptography, 2014,73(2): 529-540.
[8]	刘木兰, 肖亮亮, 张志芳 . 一类基于图上随机游动的密钥共享体制[J]. 中国科学E辑：信息科学, 2007,37(2): 199-208.
	LIU M L , XIAO L L , ZHANG Z F . Secret sharing schemes based on random walks on graphs[J]. Science in China (Series E), 2007,37(2): 199-208.
[9]	HOU Y C , QUAN Z Y , TSAI C F ,et al. Block-based progressive visual secret sharing[J]. Information Sciences, 2013,233(1): 290-304.
[10]	DEHKORDI M H , FARZANEH Y . A new verifiable multi-secret sharing scheme realizing adversary structure[J]. Wireless Personal Communications, 2015,82(3): 1749-1758.
[11]	FATEMI M , GHASEMI R , EGHLIDOS T ,et al. Efficient multistage secret sharing scheme using bilinear map[J]. Information Security,IET, 2014,8(4): 224-229.
[12]	MASHHADI S , DEHKORDI M H . Two verifiable multi secret sharing schemes based on nonhomogeneous linear recursion and LFSR public-key cryptosystem[J]. Information Sciences, 2015,294(2): 31-40.
[13]	LIU Y H , ZHANG F T , ZHANG J . Attacks to some verifiable multi-secret sharing schemes and two improved schemes[J]. Information Sciences, 2016,329(1): 524-539.
[14]	CRAMER R , DAMG?RD I B , D?TTLING N ,et al. Linear secret sharing schemes from error correcting codes and universal hash functions[C]// Advances in Cryptology-EUROCRYPT 2015. Springer Berlin Heidelberg, 2015: 313-336.
[15]	MOHAMMA H T , HADI K , MOHAMMAD S H . Dynamic and verifiable multi-secret sharing scheme based on hermite interpolation and bilinear maps[J]. Information security,IET, 2015,9(4): 234-239.
[16]	KOMARGODSKI I , ZHANDRY M . Cutting-edge cryptography through the lens of secret sharing[C]// Theory of Cryptography. 2016: 449-479.
[17]	TOMPA M , WOLL H . How to share a secret with cheaters[J]. Journal of Cryptology, 1989,1(3): 133-138.
[18]	HARN L , LIN C , LI Y . Fair secret reconstruction in (t,n ) secret sharing[J]. Journal of Information Security ＆ Applications, 2015,23(C): 1-7.
[19]	HALPERN J , TEAGUE V . Rational secret sharing and multiparty computation[C]// The 6th Annual ACM Symposium on Theory of Computing. ACM, 2004: 623-632.
[20]	TIAN Y L , PENG C G , LIN D D ,et al. Bayesian mechanism for rational secret sharing scheme[J]. Science China Information Sciences, 2015,58(5): 1-13.
[21]	ZHANG Z F , LIU M L . Rational secret sharing as extensive games[J]. Science China Information Sciences, 2013,56(3): 1-13.
[22]	MALEKA S , SHAREEF A , RANGAN C P . Rational secret sharing with repeated games[C]// Information Security Practice and Experience. 2008: 334-346.
[23]	KOL G , NAOR M . Cryptography and game theory:designing protocols for exchanging information[M]// Theory of Cryptography. Springer Berlin Heidelberg, 2008: 320-339.
[24]	ZHANG E , CAI Y Q . Rational multi-secret sharing scheme in standard point-to-point communication networks[J]. International Journal of Foundations of Computer Science, 2013,24(6): 879-897.
[25]	WILLIAM K , MOSES J C , RANGAN P . Rational secret sharing over an asynchronous broadcast channel with information theoretic security[J]. International Journal of Network Security ＆ Its Applications, 2011,3(6): 1-18.
[26]	GENNARO R , GENTRY C , PARNO B . Non-interactive verifiable computing:outsourcing computation to untrusted workers[C]// Advances in Cryptology–CRYPTO 2010. 2010: 465-482.
[27]	PARNO B , RAYKOVA M , VAIKUNTANATHAN V . How to delegate and verify in public:verifiable computation from attribute-based encryption[C]// Theory of Cryptography. 2012: 422-439.
[28]	GOLDWASSER S , KALAI Y , POPA R A ,et al. Reusable garbled circuits and succinct functional encryption[C]// The 44th Annual ACM Symposium on Theory of Computing. 2013: 555-564.
[29]	LóPEZ-ALT A , TROMER E , VAIKUNTANATHAN V . On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption[C]// The 44th Annual ACM Symposium on Theory of Computing. 2012: 1219-1234.
[30]	GORDON S D , KATZ J , LIU F H ,et al. Multi-client verifiable computation with stronger security guarantees[C]// Theory of Cryptography. 2015: 144-168.
[31]	ZHANG E , LI F H , NIU B ,et al. Server-aided private set intersection based on reputation[J]. Information Sciences, 2016,doi:10.1016/j.ins.2016.09.056.
[32]	ZHANG F G , MA X , LIU S L . Efficient computation outsourcing for inverting a class of homomorphic functions[J]. Information Sciences, 2014,286(1): 19-28.
[33]	CHEN X F , HUANG X Y , LI J ,et al. New algorithms for secure outsourcing of large-scale systems of linear equations[J]. IEEE Transactions on Information Forensics and Security, 2015,10(1): 69-78.
[34]	WANG C , REN K , WANG J . Secure optimization computation outsourcing in cloud computing:a case study of linear programming[J]. IEEE Transactions on Computers, 2016,65(1): 216-229.
[35]	REN Y L , DING N , ZHANG X P ,et al. Verifiable outsourcing algorithms for modular exponentiations with improved checkability[C]// The 11th ACM on Asia Conference on Computer and Communications Security. ACM, 2016: 293-303.
[36]	AUMANN Y , LINDELL Y . Security against covert adversaries:efficient protocols for realistic adversaries[J]. Journal of Cryptology, 2010,23(2): 281-343.
[37]	LYUBASHEVSKY V , PEIKERT C , REGEV O . On ideal lattices and learning with errors over ring[J]. Journal of the ACM, 2013,60(6): 1-35.
[38]	STEHLé D , STEINFELD R , . Making NTRU as secure as worst-case problems over ideal lattices[C]// Advances in Cryptology? EUROCRYPT 2011. 2011: 27-47.

方案	期望迭代轮数	是否需要成员交互	计算是否公平	通信开销	秘密重构算法
文献[13]	一轮	是	否	O(t)	用户
文献[14]	一轮	是	否	O(t)	用户
文献[18]	多轮	是	是	O(tk)	用户
文献[20]	多轮	是	是	O(tk)	用户
本文方案	一轮	否	是	O(1)	云端

抗隐蔽敌手的云外包秘密共享方案

Cloud outsourcing secret sharing scheme against covert adversaries

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 2

参考文献 38

相关文章 15

Metrics

推荐阅读 0

[1]	孙彦景, 程枫陟, 周家思, 李松. 公平性驱动的RSMA-SDMA预编码设计[J]. 通信学报, 2022, 43(4): 177-185.
[2]	熊金波, 周永洁, 毕仁万, 万良, 田有亮. 边缘协同的轻量级隐私保护分类框架[J]. 通信学报, 2022, 43(1): 127-137.
[3]	杜瑞忠, 闫沛文, 刘妍. 雾计算中细粒度属性更新的外包计算访问控制方案[J]. 通信学报, 2021, 42(3): 160-170.
[4]	刘海, 田有亮, 唐莹, Jianbing Ni, 马建峰. 面向理性用户的秘密重构设计模型[J]. 通信学报, 2021, 42(11): 54-65.
[5]	叶迎晖,施丽琴,卢光跃. 反向散射辅助的无线供能通信网络中用户能效公平性研究[J]. 通信学报, 2020, 41(7): 84-94.
[6]	王竹,袁青云,郝凡凡,房梁,李凤华. 基于链路容量的多路径拥塞控制算法[J]. 通信学报, 2020, 41(5): 59-71.
[7]	熊金波,毕仁万,陈前昕,刘西蒙. 边缘协作的轻量级安全区域建议网络[J]. 通信学报, 2020, 41(10): 188-201.
[8]	谭国真,韩国栋,张福新,丁男,刘明剑. 基于网络效用最大化理论的分布式车联网拥塞控制策略[J]. 通信学报, 2019, 40(2): 82-91.
[9]	徐渊,杨超,杨力. 基于移动端协助的远程用户单一口令认证方法[J]. 通信学报, 2019, 40(2): 174-187.
[10]	张艳硕,李文敬,陈雷,毕伟,杨涛. 基于特征值的可验证特殊门限秘密共享方案[J]. 通信学报, 2018, 39(8): 169-175.
[11]	张恩,裴瑶瑶,杜蛟. 基于RLWE的密文策略属性代理重加密[J]. 通信学报, 2018, 39(11): 129-137.
[12]	梁建武,刘晓书,程资. 基于图态和中国剩余定理的量子秘密共享方案[J]. 通信学报, 2018, 39(10): 72-78.
[13]	苏成龙,金光,江先亮,钮俊. 公平和低时延的主动队列管理算法研究[J]. 通信学报, 2017, 38(5): 199-206.
[14]	张维纬,张育钊,黄焯,张茹,杨义先. 支持安全外包计算的无线体域网数据共享方案[J]. 通信学报, 2017, 38(4): 64-75.
[15]	伍祈应,马建峰,苗银宾,张俊伟,沈丽敏. 多数据拥有者认证的密文检索方案[J]. 通信学报, 2017, 38(11): 161-170.