在许多实际的应用场景中,当用户需要获取敏感数据时,需要判断该用户是否满足某些"流程"的要求.现存的加密方案不能有效应用到以上场景中.为了解决这一新问题,提出了一种新的加密原语:基于流程的加密(process based encryption...在许多实际的应用场景中,当用户需要获取敏感数据时,需要判断该用户是否满足某些"流程"的要求.现存的加密方案不能有效应用到以上场景中.为了解决这一新问题,提出了一种新的加密原语:基于流程的加密(process based encryption,简称PBE),并把PBE分成两种类型:密钥策略的PBE(KP-PBE)与密文策略的PBE(CP-PBE).运用双线性映射与线性秘密共享协议的工具,给出了一种KP-PBE的构造方法.随后,把KP-PBE方案与传统属性加密进行对比,指出在描述流程数量方面,KP-PBE与传统属性加密方案存在数量级的差异,从而体现了KP-PBE方案在描述流程方面的优越性.最后,在选择性安全的模型下,证明了该方案的安全性.展开更多
Two new constructions of chosen-ciphertext secure fuzzy identity-based encryption(fuzzy-IBE) schemes without random oracle are proposed.The first scheme combines the modification of chosen-plaintext secure Sahai and W...Two new constructions of chosen-ciphertext secure fuzzy identity-based encryption(fuzzy-IBE) schemes without random oracle are proposed.The first scheme combines the modification of chosen-plaintext secure Sahai and Waters'"large universe"construction and authenticated symmetric encryption, and uses consistency checking to handle with ill-formed ciphertexts to achieve chosen-ciphertext security in the selective ID model.The second scheme improves the effciency of first scheme by eliminating consistency checking.This improved scheme is more effcient than existing chosen-ciphertext secure fuzzy-IBE scheme in the standard model.展开更多
文摘在许多实际的应用场景中,当用户需要获取敏感数据时,需要判断该用户是否满足某些"流程"的要求.现存的加密方案不能有效应用到以上场景中.为了解决这一新问题,提出了一种新的加密原语:基于流程的加密(process based encryption,简称PBE),并把PBE分成两种类型:密钥策略的PBE(KP-PBE)与密文策略的PBE(CP-PBE).运用双线性映射与线性秘密共享协议的工具,给出了一种KP-PBE的构造方法.随后,把KP-PBE方案与传统属性加密进行对比,指出在描述流程数量方面,KP-PBE与传统属性加密方案存在数量级的差异,从而体现了KP-PBE方案在描述流程方面的优越性.最后,在选择性安全的模型下,证明了该方案的安全性.
基金the National High Technology Research and Development Program (863) of China(No. 2006AA12A106)
文摘Two new constructions of chosen-ciphertext secure fuzzy identity-based encryption(fuzzy-IBE) schemes without random oracle are proposed.The first scheme combines the modification of chosen-plaintext secure Sahai and Waters'"large universe"construction and authenticated symmetric encryption, and uses consistency checking to handle with ill-formed ciphertexts to achieve chosen-ciphertext security in the selective ID model.The second scheme improves the effciency of first scheme by eliminating consistency checking.This improved scheme is more effcient than existing chosen-ciphertext secure fuzzy-IBE scheme in the standard model.