基于RLWE的密文策略属性代理重加密

doi:10.11959/j.issn.1000-436x.2018239

通信学报 ›› 2018, Vol. 39 ›› Issue (11): 129-137.doi: 10.11959/j.issn.1000-436x.2018239

基于RLWE的密文策略属性代理重加密

张恩^1,²(),裴瑶瑶^1,²,杜蛟³

¹ 河南师范大学计算机与信息工程学院，河南新乡 453007
² “智慧商务与物联网技术”河南省工程实验室，河南新乡 453007
³ 河南师范大学数学与信息科学学院，河南新乡 453007

修回日期:2018-05-19 出版日期:2018-11-01 发布日期:2018-12-10
作者简介:张恩（1974?），男，河南新乡人，博士，河南师范大学副教授、硕士生导师，主要研究方向为密码协议、隐私保护、云计算安全。|裴瑶瑶（1992?），男，河南南阳人，河南师范大学硕士生，主要研究方向为密码协议。|杜蛟（1978?），男，湖北英山人，博士，河南师范大学讲师，主要研究方向为密码学与应用数学。
基金资助:
国家自然科学基金资助项目(U1604156);国家自然科学基金资助项目(61772176);国家自然科学基金资助项目(61602158);河南省科技攻关计划基金资助项目(172102210045)

RLWE-based ciphertext-policy attribute proxy re-encryption

En ZHANG^1,²(),Yaoyao PEI^1,²,Jiao DU³

¹ College of Computer and Information Engineering,Henan Normal University,Xinxiang 453007,China
² Engineering Lab of Intelligence Bussiness ＆Internet of Things of Henan Province,Xinxiang 453007,China
³ College of Mathematics and Information Science,Henan Normal University,Xinxiang 453007,China

Revised:2018-05-19 Online:2018-11-01 Published:2018-12-10
Supported by:
The National Natural Science Foundation of China(U1604156);The National Natural Science Foundation of China(61772176);The National Natural Science Foundation of China(61602158);The Science and Technology Research Project of Henan Province(172102210045)

摘要/Abstract

摘要：

针对现有基于 LWE 的代理重加密方案存在无法实现细粒度访问及效率低的问题，结合线性秘密共享方案、RLWE和属性加密，提出一种密文策略属性代理重加密方案。该方案可以缩短密钥尺寸、减小密文空间、提高加解密效率，同时利用线性秘密共享矩阵作为访问矩阵，满足授权人细粒度委托控制的需求，抵抗代理服务器和被授权人之间的合谋。安全分析表明，在基于RLWE假设的标准模型下，所提方案是安全的。

关键词: 代理重加密, RLWE, 属性加密, 线性秘密共享方案, 细粒度访问

Abstract:

To solve LWE-based proxy re-encryption schemes cannot achieve fine-grained access and low efficiency problem,a ciphertext-policy attribute-based proxy re-encryption scheme was proposed.The scheme based on linear secret sharing scheme,RLWE and attribute encryption could shorten the key size,reduce the ciphertext space and improve the efficiency of encryption and decryption.At the same time,the linear secret sharing matrix was used as an access matrix to meet the requirements of authorized person fine-grained commissioning control and to resist the collusion between the agent and the authorized person.In addition,the proposed scheme is shown to be secure under the ring learning with errors assumption in the standard model.

Key words: proxy re-encryption, RLWE, attribute encryption, linear secret sharing scheme, fine-grained access

中图分类号:

TP309.2

张恩,裴瑶瑶,杜蛟. 基于RLWE的密文策略属性代理重加密[J]. 通信学报, 2018, 39(11): 129-137.

En ZHANG,Yaoyao PEI,Jiao DU. RLWE-based ciphertext-policy attribute proxy re-encryption[J]. Journal on Communications, 2018, 39(11): 129-137.

图/表 4

参考文献 37

[1]	BLAZE M , BLEUMER G , STRAUSS M . Divertible protocols and atomic proxy cryptography[C]// Advances in Cryptology EUROCRYPT. 1998: 127-144.
[2]	IVAN A A , DODIS Y . Proxy cryptography revisited[C]// Network and Distributed System Security Symposium. 2003.
[3]	ATENIESE G , FU K , GREEN M ,et al. Improved proxy re-encryption schemes with applications to secure distributed storage[J]. ACM Transactions on Information and System Security (TISSEC), 2006,9(1): 1-30.
[4]	CANETTI R , HOHENBERGER S . Chosen-ciphertext secure proxy re-encryption[C]// The 14th ACM Conference on Computer and Communications Security. 2007: 185-194.
[5]	LIBERT B , VERGNAUD D . Unidirectional chosen-ciphertext secure proxy re-encryption[C]// International Workshop on Public Key Cryptography. 2008: 360-379.
[6]	SAHAI A , WATERS B . Fuzzy identity-based encryption[C]// International Conference on the Theory and Applications of Cryptographic Techniques. 2005: 457-473.
[7]	GOYAL V , PANDEY O , SAHAI A ,et al. Attribute-based encryption for fine-grained access control of encrypted data[C]// The 13th ACM Conference on Computer and Communications Security. 2006: 89-98.
[8]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// IEEE Symposium on Security and Privacy. 2007: 321-334.
[9]	GREEN M , ATENIESE G . Identity-based proxy re-encryption[C]// Applied Cryptography and Network Security. 2007: 288-306.
[10]	JIN C C , FENG X Y , SHEN Q N . Fully secure hidden ciphertext policy attribute-based encryption with short ciphertext size[C]// The 6th International Conference on Communication and Network Security. 2016: 91-98.
[11]	LIANG X , CAO F Z , LIN H ,et al. Attribute based proxy re-encryption with delegating capabilities[C]// The 4th International Symposium on Information,Computer,and Communications Security. 2009: 276-286.
[12]	WENG J , DENG R H , DING X ,et al. Conditional proxy re-encryption secure against chosen-ciphertext attack[C]// The 4th International Symposium on Information,Computer,and Communications Security. 2009: 322-332.
[13]	LUO S , HU J , CHEN Z . Ciphertext policy attribute-based proxy re-encryption[C]// Information and Communications Security. 2010: 401-415.
[14]	SEO H.J , KIM H . Attribute-based proxy re-encryption with a constant number of pairing operations[J]. Journal of Information and Communication Convergence Engineering, 2012,10(1): 53-60.
[15]	WUNGPORNPAIBOON G , VASUPONGAYYA S . Two-layer ciphertext-policy attribute-based proxy re-encryption for supporting PHR delegation[C]// Computer Science and Engineering Conference. 2016: 1-6.
[16]	LIANG K , FANG L , SUSILO W ,et al. A ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security[C]// The 5th International Conference on Intelligent Networking and Collaborative Systems. 2013: 552-559.
[17]	XU X L , ZHOU J L , WANG X H ,et al. Multi-authority proxy re-encryption based on CPABE for cloud storage systems[J]. Journal of Systems Engineering and Electronics, 2016,27(1): 211-223.
[18]	REGEV O , . On lattices,learning with errors,random linear codes,and cryptography[C]// The 37th Annual ACM Symposium on Theory of Computing (STOC’05). 2005: 84-93.
[19]	SHOR P W . Polynomial-time algorithms for prime factorizetion and discrete logarithms on a quantum computer[J]. SIAM Review, 1999,41(2): 303-332.
[20]	AJTAI M , . Generating hard instances of lattice problems[C]// The 28th Annual ACM Symposium on Theory of Computing. 1996: 99-108.
[21]	GENTRY C , PEIKERT C , VAIKUNTANATHAN V . Trapdoors for hard lattices and new cryptographic constructions[C]// The 40th Annual ACM Symposium on Theory of Computing. 2008: 197-206.
[22]	AGRAWAL S , BOYEN X , VAIKUNTANATHAN V ,et al. Fuzzy identity based encryption from lattices[J]. IACR Cryptology ePrint Archive, 2011:414.
[23]	BOYEN X . Attribute-based functional encryption on lattices[J]. Lecture Notes in Computer Science:Theory of Cryptography, 2013,7785: 122-142.
[24]	DAN B , GENTRY C , GORBUNOV S ,et al. Fully key-homomorphic encryption,arithmetic circuit ABE and compact garbled circuits[C]// Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2014: 533-556.
[25]	KIRSHANOVA E , . Proxy re-encryption from lattices[C]// Public Key Cryptography. 2014: 77-94.
[26]	FAN X , LIU F H . Various proxy re-encryption schemes from lattices[J]. IACR Cryptology ePrint Archive, 2016:278.
[27]	SINGH K , RANGAN C P , BANERJEE A K . Lattice based identity based proxy re-encryption scheme[J]. Journal of Internet Services and Infor- mation Security, 2013,3(3/4): 38-51.
[28]	KIM K S , JEONG I R . Collusion-resistant unidirectional proxy re-encryption scheme from lattices[J]. Journal of Communications and Networks, 2016,18(1): 1-7.
[29]	JIANG M M , HU Y P , WANG B C ,et al. Lattice-based multiuse unidirectional proxy re-encryption[J]. Security and Communication Networks, 2015,8(18): 3796-3803.
[30]	ZHANG E , LI F , NIU B ,et al. Server-aided private set intersection based on reputation[J]. Information Sciences, 2017,387: 180-194.
[31]	LI Z P , MA C G , WANG D ,et al. Toward proxy re-encryption from learning with errors in the exponent[C]// Trustcom/BigDataSE/ICESS. 2017: 683-690.
[32]	LYUBASHEVSKY V , PEIKERT C , REGEV O . On ideal lattices and learning with errors over rings[C]// Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2010: 1-23.
[33]	TAN S F , SAMSUDIN A . Lattice ciphertext-policy attribute-based encryption from ring-LWE[C]// International Symposium on Technology Management and Emerging Technologies. 2015: 258-262.
[34]	孙泽栋, 祝跃飞, 顾纯祥 ,等. 基于RLWE的密钥策略属性加密体制[J]. 通信学报, 2016,37(S1): 125-131.
	SUN Z D , ZHU Y F , GU C X ,et al. RLWE-based key-policy ABE scheme[J]. Journal on Communications, 2016,37(S1): 125-131.
[35]	郑永辉, 康元基, 顾纯祥 ,等. 环上基于属性的全同态加密体制设计[J]. 通信学报, 2017,38(4): 55-63.
	ZHENG Y H , KANG Y J , GU C X ,et al. Attribute-based fully homomorphic encryption scheme over rings[J]. Journal on Communications, 2017,38(4): 55-63.
[36]	张恩, 耿魁, 金伟 ,等. 抗隐蔽敌手的云外包秘密共享方案[J]. 通信学报, 2017,38(5): 57-65.
	ZHANG E , GENG K , JIN W ,et al. Cloud outsourcing secret sharing scheme against covert adversaries[J]. Journal on Communications, 2017,38(5): 57-65.
[37]	POLYAKOV Y , KURT R . Fast proxy re-encryption for publish/subscribe systems[J]. ACM Transactions on Privacy and Security, 2017,20(4): 1-31.

方案	是否抵抗量子攻击	困难问题	支持的访问门限	密文转换方向	是否抗合谋
文献[1]	否	DDH	无	双向	否
文献[9]	否	DBDH	无	单向	是
文献[11]	否	DBDH	与	单向	是
文献[27]	是	LWE	无	双向	否
文献[28]	是	LWE	无	单向	是
文献[37]	是	RLWE	无	单向	是
所提方案	是	RLWE	与，或	单向	是

方案	公钥的尺寸	私钥的尺寸
文献[25]	O(n²)	O(n²)
文献[26]	O(n²)	O(n²)
文献[28]	O(n²)	O(n²)
文献[29]	O(n²)	O(n²)
所提方案	O(n)	O(n)

基于RLWE的密文策略属性代理重加密

RLWE-based ciphertext-policy attribute proxy re-encryption

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 37

相关文章 15

Metrics

推荐阅读 0

[1]	韩益亮, 郭凯阳, 吴日铭, 刘凯. 格上基于OBDD访问结构的抗密钥滥用属性加密方案[J]. 通信学报, 2023, 44(1): 75-88.
[2]	董江涛, 闫沛文, 杜瑞忠. 雾计算中基于无配对CP-ABE可验证的访问控制方案[J]. 通信学报, 2021, 42(8): 139-150.
[3]	彭长根, 彭宗凤, 丁红发, 田有亮, 刘荣飞. 具有可撤销功能的属性协同访问控制方案[J]. 通信学报, 2021, 42(5): 75-86.
[4]	应作斌, 斯元平, 马建峰, 刘西蒙. 基于区块链的分布式EHR细粒度可追溯方案[J]. 通信学报, 2021, 42(5): 205-215.
[5]	李瑞琪, 贾春福, 王雅飞. 基于NTRU的多密钥同态代理重加密方案及其应用[J]. 通信学报, 2021, 42(3): 11-22.
[6]	杜瑞忠, 闫沛文, 刘妍. 雾计算中细粒度属性更新的外包计算访问控制方案[J]. 通信学报, 2021, 42(3): 160-170.
[7]	杨小东, 席婉婷, 王嘉琪, 陈艾佳, 王彩芬. 基于签密和区块链的车联网电子证据共享方案[J]. 通信学报, 2021, 42(12): 236-246.
[8]	牛淑芬,刘文科,陈俐霞,王彩芬,杜小妮. 基于联盟链的可搜索加密电子病历数据共享方案[J]. 通信学报, 2020, 41(8): 204-214.
[9]	李颖莹,马建峰,苗银宾. 基于边缘计算的支持多密钥的加密图像检索[J]. 通信学报, 2020, 41(4): 14-26.
[10]	冯朝胜,罗王平,秦志光,袁丁,邹莉萍. 支持多种特性的基于属性代理重加密方案[J]. 通信学报, 2019, 40(6): 177-189.
[11]	丁晟,曹进,李晖. 基于OBDD访问结构的无配对CP-ABE方案[J]. 通信学报, 2019, 40(12): 1-8.
[12]	田有亮,杨科迪,王缵,冯涛. 基于属性加密的区块链数据溯源算法[J]. 通信学报, 2019, 40(11): 101-111.
[13]	杜瑞忠,石朋亮,何欣枫. 基于覆写验证的云数据确定性删除方案[J]. 通信学报, 2019, 40(1): 130-140.
[14]	李琦,朱洪波,熊金波,莫若. mHealth中可追踪多授权机构基于属性的访问控制方案[J]. 通信学报, 2018, 39(6): 1-10.
[15]	苏铓,俞研,吴槟,付安民. 面向代理重加密算法的程序设计语言研究[J]. 通信学报, 2018, 39(6): 89-97.