摘要
文章提出一种基于国密标识算法SM9的可撤销标识广播加密方案。该方案在SM9标识广播加密方案的基础上,结合可撤销广播加密方案,利用二叉树对用户进行权限管理,实现授权用户的撤销和加入。密钥生成中心利用二叉树为未被撤销的用户更新密钥,用户只能通过该密钥获得相应的会话密钥,从而解密广播密文并获得数据。文章在随机预言模型下证明了该方案满足选择明文攻击下的不可区分性。效率分析表明,该方案效率较高,具有较好的实用性。
This paper proposed an improved revocable broadcast encryption scheme based on the national secret identification algorithm SM9.Based on the SM9 identification broadcast encryption scheme and the revocable broadcast encryption scheme,the scheme manages the user’s rights through a binary tree,and realized the revocation and joining of authorized users.The key generation center used the binary tree to generate an update key for the user who was not revoked.The user can only obtain the corresponding session key through the key,so as to decrypt the broadcast ciphertext to obtain data.In the random oracle model,the scheme is proved to be indistinguishable under the selective plaintext attack.The efficiency analysis shows that this scheme is a revocable broadcast encryption scheme with high efficiency and better practicability.
作者
张雪锋
胡奕秀
ZHANG Xuefeng;HU Yixiu(School of Cyberspace Security,Xi’an University of Posts and Telecommunications,Xi’an 710121,China)
出处
《信息网络安全》
CSCD
北大核心
2023年第1期28-35,共8页
Netinfo Security
基金
陕西省自然科学基础研究计划[2021JQ-722]。
关键词
SM9
标识广播加密
可撤销
二叉树
SM9
identity-based broadcast encryption
revocable
binary tree
