安全随机数部分重用及在多接收方签密的应用

Secure Re-use of Partial Randomness and its Application in Multi-receiver Signcryption Scheme

为了在构造多接收方签密方案时,既不牺牲安全性又可以节约通信和计算开销,首先将随机数重用的安全理论丰富到另一种常见情况,提出了随机数部分重用的概念,并以签密体制为研究对象,定义了随机数部分重用的多接收方签密方案、随机数部分重用可再生的签密方案及安全模型;然后给出并证明了可再生性定理——随机数部分重用的安全条件为方案是可再生的;最后证明了LWWD16的格基签密方案是一个随机数部分重用可再生的签密方案,并基于LWWD16首次构造了一个基于格的随机数部分重用的多消息多接收方签密方案,证明了方案满足抗自适应选择密文攻击不可区分(IND-CCA2)和抗自适应选择消息攻击不可伪造(euf-CMA)安全性.效率分析表明,基于随机数部分重用构造的多消息多接收方签密方案可以有效地节约系统计算和通信开销.为多消息多接收方签密的构造提供了一种通用方法.

To save bandwidth and computation without sacrificing security while constructing a multi-receiver signcryption scheme,this study extended the paradigm namely the re-use of all randomness to another common scenario,proposed the re-use of partial randomness,and redefined the multi-receiver signcryption scheme,reproducible signcryption scheme,and security model to the re-use of partial randomness.It then given and proved the reproducibility theorem that the security condition of the re-use of partial randomness is that the scheme is reproducible.Finally,it proved that the LWWD16 signcryption scheme based on lattice is a reproducible signcryption scheme with the re-use of partial randomness,and firstly constructed a multi-message to multi-receiver signcryption scheme with the re-use of partial random numbers based on lattice,which satisfied the security of adaptively indistinguishable against chosen ciphertext attacks(IND-CCA2)and existentially unforgeable against chosen message attacks(euf-CMA).Efficiency analysis shows that the multi-message and multi-receiver signcryption scheme with the re-use of partial randomness can effectively save bandwidth and computation,and it provides a general construction method for multi-message to multi-receiver signcryption.