Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q b...Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q bits and whose message-ciphertext expansion factor is only log q, where d is the maximum hierarchical depth and(n, m, q)are public parameters. In our construction, a novel public key assignment rule is used to averagely assign one random and public matrix to two identity bits, which implies that d random public matrices are enough to build the proposed HIBE scheme in the standard model, compared with the case in which 2d such public matrices are needed in the scheme proposed at Crypto 2010 whose public key size is(2dm^2+ mn + m) log q. To reduce the message-ciphertext expansion factor of the proposed scheme to log q, the encryption algorithm of this scheme is built based on Gentry's encryption scheme, by which m^2 bits of plaintext are encrypted into m^2 log q bits of ciphertext by a one time encryption operation. Hence, the presented scheme has some advantages with respect to not only the public key size but also the message-ciphertext expansion factor. Based on the hardness of the learning with errors problem, we demonstrate that the scheme is secure under selective identity and chosen plaintext attacks.展开更多
IB-PRE can perform fine-grained access control on the user’s decryption rights based on the identity of the delegatee,while the proxy cannot obtain the identity information of the delegator and delegatee.The current ...IB-PRE can perform fine-grained access control on the user’s decryption rights based on the identity of the delegatee,while the proxy cannot obtain the identity information of the delegator and delegatee.The current identity-based proxy re-encryption scheme achieves the ciphertext conversion between users at the same level,while it does not further distinguish between different levels of user identity,which is not suitable for hierarchical user management system.This paper combines hierarchical identity encryption with proxy re-encryption,and uses RLWE encryption system and NTRU variant as the underlying encryption scheme.According to the difference of the key reversibility and the ciphertext share between the two systems,the control of the decryption authority of users’different levels was realized.The transformed cipher text still satisfies the rules of higher level to decrypt lower level cipher,and constructs a unidirectionality,collusion resistant,and non-interactive hierarchical identity-based conditional proxy re-encryption scheme(HIB-CPRE),which is IND-sid-CPA security under the RLWE difficult assumption.展开更多
基金Project supported by the National Natural Science Foundation of China(Nos.61303198,61471409,61472470,and 61402112) the Natural Science Foundation of Shandong Province,China(No.ZR2013FQ031)
文摘Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q bits and whose message-ciphertext expansion factor is only log q, where d is the maximum hierarchical depth and(n, m, q)are public parameters. In our construction, a novel public key assignment rule is used to averagely assign one random and public matrix to two identity bits, which implies that d random public matrices are enough to build the proposed HIBE scheme in the standard model, compared with the case in which 2d such public matrices are needed in the scheme proposed at Crypto 2010 whose public key size is(2dm^2+ mn + m) log q. To reduce the message-ciphertext expansion factor of the proposed scheme to log q, the encryption algorithm of this scheme is built based on Gentry's encryption scheme, by which m^2 bits of plaintext are encrypted into m^2 log q bits of ciphertext by a one time encryption operation. Hence, the presented scheme has some advantages with respect to not only the public key size but also the message-ciphertext expansion factor. Based on the hardness of the learning with errors problem, we demonstrate that the scheme is secure under selective identity and chosen plaintext attacks.
文摘IB-PRE can perform fine-grained access control on the user’s decryption rights based on the identity of the delegatee,while the proxy cannot obtain the identity information of the delegator and delegatee.The current identity-based proxy re-encryption scheme achieves the ciphertext conversion between users at the same level,while it does not further distinguish between different levels of user identity,which is not suitable for hierarchical user management system.This paper combines hierarchical identity encryption with proxy re-encryption,and uses RLWE encryption system and NTRU variant as the underlying encryption scheme.According to the difference of the key reversibility and the ciphertext share between the two systems,the control of the decryption authority of users’different levels was realized.The transformed cipher text still satisfies the rules of higher level to decrypt lower level cipher,and constructs a unidirectionality,collusion resistant,and non-interactive hierarchical identity-based conditional proxy re-encryption scheme(HIB-CPRE),which is IND-sid-CPA security under the RLWE difficult assumption.