Identity-Based Proxy Re-Encryption (IB-PRE) allows a semi-trusted proxy to convert the ciphertext encrypted under Alice’s identity into Bob’s ciphertext of the same message without leaking plaintext. Lattice-based c...Identity-Based Proxy Re-Encryption (IB-PRE) allows a semi-trusted proxy to convert the ciphertext encrypted under Alice’s identity into Bob’s ciphertext of the same message without leaking plaintext. Lattice-based cryptography enjoys potential resistance to quantum analysis and low computational complexity. A multi-hop and unidirectional IB-PRE from lattices is presented. We split the functions of decryption and ciphertext transformation separately, and design the double private keys mechanism, where two keys are generated for each user, one key is used to decrypt the ciphertext by Pre-Image Sampling technique, and the other is used to generate the re-encryption key by Bonsai Trees technique. The generation of the re-encryption key is non-interactive and collusion resistant. Moreover, its IND-sID-CPA security over the decisional Learning With Errors (LWE) assumption under the standard model is proved. Compared with some previous IBPRE schemes from Bilinear Pairings, the format of transformed ciphertext in our scheme remains unchanged, furthermore, it can also resist quantum analysis. Compared with some existing IB-PRE schemes from lattices with similar properties, the space of the message in our scheme is a vector of length l and the encryption process remains a lower encryption blowup factor. At last, a proof-of-concept implementation is provided.展开更多
IB-PRE can perform fine-grained access control on the user’s decryption rights based on the identity of the delegatee,while the proxy cannot obtain the identity information of the delegator and delegatee.The current ...IB-PRE can perform fine-grained access control on the user’s decryption rights based on the identity of the delegatee,while the proxy cannot obtain the identity information of the delegator and delegatee.The current identity-based proxy re-encryption scheme achieves the ciphertext conversion between users at the same level,while it does not further distinguish between different levels of user identity,which is not suitable for hierarchical user management system.This paper combines hierarchical identity encryption with proxy re-encryption,and uses RLWE encryption system and NTRU variant as the underlying encryption scheme.According to the difference of the key reversibility and the ciphertext share between the two systems,the control of the decryption authority of users’different levels was realized.The transformed cipher text still satisfies the rules of higher level to decrypt lower level cipher,and constructs a unidirectionality,collusion resistant,and non-interactive hierarchical identity-based conditional proxy re-encryption scheme(HIB-CPRE),which is IND-sid-CPA security under the RLWE difficult assumption.展开更多
基金supported by the National Natural Science Foundation of China under grant No.(U1636114, 61572521,61772550)Natural Science of Shaanxi Province of China under grant No.2018JM6078Innovative Research Team in Engineering University of PAP (KYTD201805)
文摘Identity-Based Proxy Re-Encryption (IB-PRE) allows a semi-trusted proxy to convert the ciphertext encrypted under Alice’s identity into Bob’s ciphertext of the same message without leaking plaintext. Lattice-based cryptography enjoys potential resistance to quantum analysis and low computational complexity. A multi-hop and unidirectional IB-PRE from lattices is presented. We split the functions of decryption and ciphertext transformation separately, and design the double private keys mechanism, where two keys are generated for each user, one key is used to decrypt the ciphertext by Pre-Image Sampling technique, and the other is used to generate the re-encryption key by Bonsai Trees technique. The generation of the re-encryption key is non-interactive and collusion resistant. Moreover, its IND-sID-CPA security over the decisional Learning With Errors (LWE) assumption under the standard model is proved. Compared with some previous IBPRE schemes from Bilinear Pairings, the format of transformed ciphertext in our scheme remains unchanged, furthermore, it can also resist quantum analysis. Compared with some existing IB-PRE schemes from lattices with similar properties, the space of the message in our scheme is a vector of length l and the encryption process remains a lower encryption blowup factor. At last, a proof-of-concept implementation is provided.
文摘IB-PRE can perform fine-grained access control on the user’s decryption rights based on the identity of the delegatee,while the proxy cannot obtain the identity information of the delegator and delegatee.The current identity-based proxy re-encryption scheme achieves the ciphertext conversion between users at the same level,while it does not further distinguish between different levels of user identity,which is not suitable for hierarchical user management system.This paper combines hierarchical identity encryption with proxy re-encryption,and uses RLWE encryption system and NTRU variant as the underlying encryption scheme.According to the difference of the key reversibility and the ciphertext share between the two systems,the control of the decryption authority of users’different levels was realized.The transformed cipher text still satisfies the rules of higher level to decrypt lower level cipher,and constructs a unidirectionality,collusion resistant,and non-interactive hierarchical identity-based conditional proxy re-encryption scheme(HIB-CPRE),which is IND-sid-CPA security under the RLWE difficult assumption.
