摘要
代理重加密能够实现解密权限的转换,而鲁棒门限代理重加密(Threshold Proxy Re-Encryption,TPRE)不仅支持安全灵活的转化控制,而且支持转化密文的合法性验证.本文利用理想格上工具构造了一种TPRE方案,采用Shamir秘密共享实现门限控制,采用格上同态签名技术实现鲁棒性,可完全抗量子攻击.新方案与标准格上方案相比,密文尺寸小、密钥份额短、计算速度快;基于PRE和TPRE安全模型的差异,证明对TPRE的攻击多项式时间内可转化为对基础PRE方案的攻击,安全性可规约为R-LWE(Learning With Errors over Ring)困难假设;新方案适用于在去中心化环境中实现密文访问控制,可用于基于区块链网络的文件共享和多域网络快速互联等场景.
Proxy re-encryption can achieve decryption permission conversion,while robust threshold proxy re-encryption(TPRE)supports not only secure and flexible conversion control,but also the validity verification of converted ciphertext.An ideal lattices based TPRE was proposed achieving threshold control by Shamir secret sharing and robustness by homomorphic signature technique,which could resist to quantum analysis completely.The new scheme enjoys small ciphertext size,short key share and high calculation speed compared with the similar schemes from standard lattices.Based on the differences between PRE and TPRE security models,attacks on our TPRE can be transformed into corresponding attacks on potential PRE scheme in polynomial time,therefore its security can be reduced to R-LWE(Learning With Errors over Ring)difficult assumption.It provides encryption and cryptographic access control in a decentralized environment,and widely used in scenarios such as file sharing based on blockchain networks and rapid interconnection of multi-domain networks.
作者
吴立强
韩益亮
杨晓元
张敏情
杨凯
WU Li-qiang;HAN Yi-liang;YANG Xiao-yuan;ZHANG Min-qing;YANG Kai(Key Laboratory of Network and Information Security,Engineering University of Chinese Armed Police Force,Xi’an,Shaanxi 710086,China)
出处
《电子学报》
EI
CAS
CSCD
北大核心
2020年第9期1786-1794,共9页
Acta Electronica Sinica
基金
国家自然科学基金(No.U1636114,No.61572521,No.61772550)
国家社会科学基金项目(No.18XXW015)
武警工程大学创新团队科学基金资助(No.KYTD201805)
陕西省自然科学基金(No.2018JM6078)。
关键词
代理重加密
理想格
鲁棒性
同态签名
访问控制
量子攻击
proxy re-encryption
ideal lattices
robustness
homomorphic signature
access control
quantum attack
