The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However...The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However,a notable drawback of Cocks’scheme is the significant expansion of the ciphertext,and some of its limitations have been addressed in subsequent research.Recently,Cotan and Teşeleanu highlighted that previous studies on Cocks’scheme relied on a trial-and-error method based on Jacobi symbols to generate the necessary parameters for the encryption process.They enhanced the encryption speed of Cocks’scheme by eliminating this trialand-error method.Based on security analysis,this study concludes that the security of Cotan-Teşeleanu’s proposal cannot be directly derived from the security of the original Cocks’scheme.Furthermore,by adopting the Cotan-Teşeleanu method and introducing an additional variable as a public element,this study develops a similar enhancement scheme that not only accelerates the encryption speed but also provides security equivalent to the original Cocks’scheme.展开更多
A recent proposal by Adams integrates the digital credentials (DC) technology of Brands with the identity-based encryption (IBE) technology of Boneh and Franklin to create an IBE scheme that demonstrably enhances priv...A recent proposal by Adams integrates the digital credentials (DC) technology of Brands with the identity-based encryption (IBE) technology of Boneh and Franklin to create an IBE scheme that demonstrably enhances privacy for users. We refer to this scheme as a privacy-preserving identity-based encryption (PP-IBE) construction. In this paper, we discuss the concrete implementation considerations for PP-IBE and provide a detailed instantiation (based on q-torsion groups in supersingular elliptic curves) that may be useful both for proof-of-concept purposes and for pedagogical purposes.展开更多
Broadcast encryption (BE) allows a sender to broadcast its message to a set of receivers in a single ciphertext. However, in broadcast encryption scheme, ciphertext length is always related to the size of the receiver...Broadcast encryption (BE) allows a sender to broadcast its message to a set of receivers in a single ciphertext. However, in broadcast encryption scheme, ciphertext length is always related to the size of the receiver set. Thus, how to improve the communication of broadcast encryption is a big issue. In this paper, we proposed an identity-based homomorphic broadcast encryption scheme which supports an external entity to directly calculate ciphertexts and get a new ciphertext which is the corresponding result of the operation on plaintexts without decrypting them. The correctness and security proofs of our scheme were formally proved. Finally, we implemented our scheme in a simulation environment and the experiment results showed that our scheme is efficient for practical applications.展开更多
In ACM'CCS 2009,Camenisch,et al.proposed the Oblivious Transfer with Access Control(AC-OT) in which each item is associated with an attribute set and can only be available,on request,to the users who have all the ...In ACM'CCS 2009,Camenisch,et al.proposed the Oblivious Transfer with Access Control(AC-OT) in which each item is associated with an attribute set and can only be available,on request,to the users who have all the attributes in the associated set.Namely,AC-OT achieves access control policy for conjunction of attributes.Essentially,the functionality of AC-OT is equivalent to the sim-plified version that we call AC-OT-SV:for each item,one attribute is associated with it,and it is requested that only the users who possess the associated attribute can obtain the item by queries.On one hand,AC-OT-SV is a special case of AC-OT when there is just one associated attribute with each item.On the other hand,any AC-OT can be realized by an AC-OT-SV.In this paper,we first present a concrete AC-OT-SV protocol which is proved to be secure in the model defined by Camenisch,et al..Then from the protocol,interestingly,a concrete Identity-Based Encryption(IBE) with Anonymous Key Issuing(AKI) is given which is just a direct application to AC-OT-SV.By comparison,we show that the AKI protocol we present is more efficient in communications than that proposed by Chow.展开更多
Identity-Based Encryption (IBE) has seen limited adoption, largely due to the absolute trust that must be placed in the private key generator (PKG)—an authority that computes the private keys for all the users in the...Identity-Based Encryption (IBE) has seen limited adoption, largely due to the absolute trust that must be placed in the private key generator (PKG)—an authority that computes the private keys for all the users in the environment. Several constructions have been proposed to reduce the trust required in the PKG (and thus preserve the privacy of users), but these have generally relied on unrealistic assumptions regarding non-collusion between various entities in the system. Unfortunately, these constructions have not significantly improved IBE adoption rates in real-world environments. In this paper, we present a construction that reduces trust in the PKG without unrealistic non-collusion assumptions. We achieve this by incorporating a novel combination of digital credential technology and bilinear maps, and making use of multiple randomly-chosen entities to complete certain tasks. The main result and primary contribution of this paper are a thorough security analysis of this proposed construction, examining the various entity types, attacker models, and collusion opportunities in this environment. We show that this construction can prevent, or at least mitigate, all considered attacks. We conclude that our construction appears to be effective in preserving user privacy and we hope that this construction and its security analysis will encourage greater use of IBE in real-world environments.展开更多
Yoon and Yoo recently proposed a robust authenticated encryption scheme and claimed their scheme has the properties of forward secrecy and confidentiality. The current paper, however, points out that Yoon-Yoo's schem...Yoon and Yoo recently proposed a robust authenticated encryption scheme and claimed their scheme has the properties of forward secrecy and confidentiality. The current paper, however, points out that Yoon-Yoo's scheme also can not provide forward secrecy and confidentiality such that any adversary can easily recover the transferred message. Based on intractability of reversing the one-way hash function and discrete logarithm problem, an improved authenticated encryption scheme with messages linkage is proposed. The above security faults get solved perfectly. The new scheme is proven to satisfy all the basic security requirements of the authenticated encryption scheme. And by the concrete comparison, it has the similar efficiency of the original scheme.展开更多
In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext unde...In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme.展开更多
Investigated the properties of LUCas sequence(LUC), the paper proposed a new variant of (probabilistic) public-key encryption scheme. Security analysis of the proposed encryption schemes shows that its one-wayness is ...Investigated the properties of LUCas sequence(LUC), the paper proposed a new variant of (probabilistic) public-key encryption scheme. Security analysis of the proposed encryption schemes shows that its one-wayness is equivalent to partial LUC discrete logarithm problem in ZN, and for the proposed probabilistic encryption scheme, its semantic security is equivalent to decisional LUC Diffie-Hellman problem in ZN. At last, the efficiency of the proposed schemes is briefly analyzed.展开更多
To enhance the anti-breaking performance of privacy information, this article proposes a new encryption method utilizing the leaping peculiarity of the periodic orbits of chaos systems. This method maps the secret seq...To enhance the anti-breaking performance of privacy information, this article proposes a new encryption method utilizing the leaping peculiarity of the periodic orbits of chaos systems. This method maps the secret sequence to several chaos periodic orbits, and a short sequence obtained by evolving the system parameters of the periodic orbits in another nonlinear system will be the key to reconstruct these periodic orbits. In the decryption end, the shadowing method of chaos trajectory based on the modified Newton-Raphson algorithm is adopted to restore these system parameters. Through deciding which orbit each pair coordinate falls on, the original digital sequence can be decrypted.展开更多
In the content distribution services,traitor tracing encryption schemes are useful tools to trace illegal users that distribute content illegally to unauthorized users.However,solo use of these schemes does not necess...In the content distribution services,traitor tracing encryption schemes are useful tools to trace illegal users that distribute content illegally to unauthorized users.However,solo use of these schemes does not necessarily work well and has vulnerability.To complement the property of the traitor tracing schemes,it is effective to use watermarking scheme with them and the watermarking schemes with light load are required.A number of video watermarking methods with light load have been proposed that embed information into compressed video streams.When the compression scheme is MPEG2-Video,its codes are mostly pre-defined using coding tables,and therefore,information can be embedded in the compressed stream by substituting some of the codes.On the other hand,HEVC/H.265 uses arithmetic coding(CABAC)and it is not easy to substitute one code for another in a stream.To deal with this problem,a watermarking scheme for HEVC/H.265 video streams is proposed.It embeds information while the video is being encoded.A broadcasting system incorporating the scheme is also proposed.展开更多
The existing homomorphie eneryption scheme is based on ring of the integer, and the possible operators are restricted to addition and multiplication only. In this paper, a new operation is defined Similar Modul. Base ...The existing homomorphie eneryption scheme is based on ring of the integer, and the possible operators are restricted to addition and multiplication only. In this paper, a new operation is defined Similar Modul. Base on the Similar Modul, the number sets of the homomorphic encryption scheme is extended to real number, and the possible operators are extended to addition, subtraction, multiplication and division. Our new approach provides a practical ways of implementation because of the extension of the operators and the number sets.展开更多
This paper proposed an identity-based steganographic scheme, where a receiver with certain authority can recover the secret message ready for him, but cannot detect the existence of other secret messages. The proposed...This paper proposed an identity-based steganographic scheme, where a receiver with certain authority can recover the secret message ready for him, but cannot detect the existence of other secret messages. The proposed scheme created several separate covert communication channels tagged by the Fuzzy Identity-Based Encryption (FIBE) in one grayscale image. Then each channel is used to embed one secret message by using any content-aware steganographic scheme. Receivers with different attributes can extract different messages corresponded. The Experiments illustrated the feasibility of this identity-based secret message extraction. Further, the proposed scheme presents high undetectability against steganalytic attack launched by receivers without corresponded attributes.展开更多
This paper presents a ZUC-256 stream cipher algorithm hardware system in order to prevent the advanced security threats for 5 G wireless network.The main innovation of the hardware system is that a six-stage pipeline ...This paper presents a ZUC-256 stream cipher algorithm hardware system in order to prevent the advanced security threats for 5 G wireless network.The main innovation of the hardware system is that a six-stage pipeline scheme comprised of initialization and work stage is employed to enhance the solving speed of the critical logical paths.Moreover,the pipeline scheme adopts a novel optimized hardware structure to fast complete the Mod(231-1)calculation.The function of the hardware system has been validated experimentally in detail.The hardware system shows great superiorities.Compared with the same type system in recent literatures,the logic delay reduces by 47%with an additional hardware resources of only 4 multiplexers,the throughput rate reaches 5.26 Gbps and yields at least 45%better performance,the throughput rate per unit area increases 14.8%.The hardware system provides a faster and safer encryption module for the 5G wireless network.展开更多
Identity-based hash proof system is a basic and important primitive. Ittographic schemes and protocols that are secure against key-leakage attacks. In thisupdatable identity-based hash proof system, in which the relat...Identity-based hash proof system is a basic and important primitive. Ittographic schemes and protocols that are secure against key-leakage attacks. In thisupdatable identity-based hash proof system, in which the related master secret keyis widely utilized to construct cryp-paper, we introduce the concept ofand the identity secret key can beupdated securely. Then, we instantiate this primitive based on lattices in the standard model. Moreover, we introduce anapplication of this new primitive by giving a generic construction of leakage-resilient public-key encryption schemes withanonymity. This construction can be considered as the integration of the bounded-retrieval model and the continual leakagemodel. Compared with the existing leakage-resilient schemes, our construction not only is more efficient but also can resistmuch more key leakage.展开更多
为解决医疗云平台共享个人健康档案(personal health record,PHR)存在的隐私泄露和加解密效率不理想的问题,以医疗云平台中帕金森病患者的转诊场景为例,提出了一种基于线性秘密共享的改进密文属性代理重加密方案(improved linear secret...为解决医疗云平台共享个人健康档案(personal health record,PHR)存在的隐私泄露和加解密效率不理想的问题,以医疗云平台中帕金森病患者的转诊场景为例,提出了一种基于线性秘密共享的改进密文属性代理重加密方案(improved linear secret sharing based ciphertext attribute proxy re-encryption scheme,LCPS)。该方案利用线性秘密共享技术来隐藏访问策略中的隐私属性,降低因访问策略暴露引发的隐私泄露风险;该方案还对代理重加密算法进行改进,通过减少复杂的双线性运算,提高了加解密效率。结果表明,LCPS在加解密方面的表现要优于其他方案。在判定性q-BDHE(q-decisional bilinear Diffie-Hellman exponent)困难假设下具有选择明文攻击时的不可区分性(indistinguishability under chosen-plaintext attack,IND-CPA)。该方案具有可移植性,同样适用于医疗云中其他病症转诊时的个人健康档案安全共享。展开更多
In this article, based on Chatterjee-Sarkar' hierarchical identity-based encryption (HIBE), a novel identity-based encryption with wildcards (WIBE) scheme is proposed and is proven secure in the standard model (...In this article, based on Chatterjee-Sarkar' hierarchical identity-based encryption (HIBE), a novel identity-based encryption with wildcards (WIBE) scheme is proposed and is proven secure in the standard model (without random oracle). The proposed scheme is proven to be secure assuming that the decisional Bilinear Diffie-Hellman (DBDH) problem is hard. Compared with the Wa-WIBE scheme that is secure in the standard model, our scheme has shorter common parameters and ciphertext length.展开更多
基金Rising-Star Program of Shanghai 2023 Science and Technology Innovation Action Plan(Yangfan Special Project),China(No.23YF1401000)Fundamental Research Funds for the Central Universities,China(No.2232022D-25)。
文摘The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However,a notable drawback of Cocks’scheme is the significant expansion of the ciphertext,and some of its limitations have been addressed in subsequent research.Recently,Cotan and Teşeleanu highlighted that previous studies on Cocks’scheme relied on a trial-and-error method based on Jacobi symbols to generate the necessary parameters for the encryption process.They enhanced the encryption speed of Cocks’scheme by eliminating this trialand-error method.Based on security analysis,this study concludes that the security of Cotan-Teşeleanu’s proposal cannot be directly derived from the security of the original Cocks’scheme.Furthermore,by adopting the Cotan-Teşeleanu method and introducing an additional variable as a public element,this study develops a similar enhancement scheme that not only accelerates the encryption speed but also provides security equivalent to the original Cocks’scheme.
文摘A recent proposal by Adams integrates the digital credentials (DC) technology of Brands with the identity-based encryption (IBE) technology of Boneh and Franklin to create an IBE scheme that demonstrably enhances privacy for users. We refer to this scheme as a privacy-preserving identity-based encryption (PP-IBE) construction. In this paper, we discuss the concrete implementation considerations for PP-IBE and provide a detailed instantiation (based on q-torsion groups in supersingular elliptic curves) that may be useful both for proof-of-concept purposes and for pedagogical purposes.
文摘Broadcast encryption (BE) allows a sender to broadcast its message to a set of receivers in a single ciphertext. However, in broadcast encryption scheme, ciphertext length is always related to the size of the receiver set. Thus, how to improve the communication of broadcast encryption is a big issue. In this paper, we proposed an identity-based homomorphic broadcast encryption scheme which supports an external entity to directly calculate ciphertexts and get a new ciphertext which is the corresponding result of the operation on plaintexts without decrypting them. The correctness and security proofs of our scheme were formally proved. Finally, we implemented our scheme in a simulation environment and the experiment results showed that our scheme is efficient for practical applications.
文摘In ACM'CCS 2009,Camenisch,et al.proposed the Oblivious Transfer with Access Control(AC-OT) in which each item is associated with an attribute set and can only be available,on request,to the users who have all the attributes in the associated set.Namely,AC-OT achieves access control policy for conjunction of attributes.Essentially,the functionality of AC-OT is equivalent to the sim-plified version that we call AC-OT-SV:for each item,one attribute is associated with it,and it is requested that only the users who possess the associated attribute can obtain the item by queries.On one hand,AC-OT-SV is a special case of AC-OT when there is just one associated attribute with each item.On the other hand,any AC-OT can be realized by an AC-OT-SV.In this paper,we first present a concrete AC-OT-SV protocol which is proved to be secure in the model defined by Camenisch,et al..Then from the protocol,interestingly,a concrete Identity-Based Encryption(IBE) with Anonymous Key Issuing(AKI) is given which is just a direct application to AC-OT-SV.By comparison,we show that the AKI protocol we present is more efficient in communications than that proposed by Chow.
文摘Identity-Based Encryption (IBE) has seen limited adoption, largely due to the absolute trust that must be placed in the private key generator (PKG)—an authority that computes the private keys for all the users in the environment. Several constructions have been proposed to reduce the trust required in the PKG (and thus preserve the privacy of users), but these have generally relied on unrealistic assumptions regarding non-collusion between various entities in the system. Unfortunately, these constructions have not significantly improved IBE adoption rates in real-world environments. In this paper, we present a construction that reduces trust in the PKG without unrealistic non-collusion assumptions. We achieve this by incorporating a novel combination of digital credential technology and bilinear maps, and making use of multiple randomly-chosen entities to complete certain tasks. The main result and primary contribution of this paper are a thorough security analysis of this proposed construction, examining the various entity types, attacker models, and collusion opportunities in this environment. We show that this construction can prevent, or at least mitigate, all considered attacks. We conclude that our construction appears to be effective in preserving user privacy and we hope that this construction and its security analysis will encourage greater use of IBE in real-world environments.
基金Supported by the National Natural Science Foun-dation of China (60473072)
文摘Yoon and Yoo recently proposed a robust authenticated encryption scheme and claimed their scheme has the properties of forward secrecy and confidentiality. The current paper, however, points out that Yoon-Yoo's scheme also can not provide forward secrecy and confidentiality such that any adversary can easily recover the transferred message. Based on intractability of reversing the one-way hash function and discrete logarithm problem, an improved authenticated encryption scheme with messages linkage is proposed. The above security faults get solved perfectly. The new scheme is proven to satisfy all the basic security requirements of the authenticated encryption scheme. And by the concrete comparison, it has the similar efficiency of the original scheme.
基金the Natural Science Foundation of Shandong Province (Y2007G37)the Science and Technology Development Program of Shandong Province (2007GG10001012)
文摘In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme.
基金Supported by the 973 State Key Project of China (No.G1999035803)the National Natural Science Foundation of China (No.69931010).
文摘Investigated the properties of LUCas sequence(LUC), the paper proposed a new variant of (probabilistic) public-key encryption scheme. Security analysis of the proposed encryption schemes shows that its one-wayness is equivalent to partial LUC discrete logarithm problem in ZN, and for the proposed probabilistic encryption scheme, its semantic security is equivalent to decisional LUC Diffie-Hellman problem in ZN. At last, the efficiency of the proposed schemes is briefly analyzed.
基金This project was supported by the National Natural Science Foundation of Shaan'Xi Province, China (2003F40).
文摘To enhance the anti-breaking performance of privacy information, this article proposes a new encryption method utilizing the leaping peculiarity of the periodic orbits of chaos systems. This method maps the secret sequence to several chaos periodic orbits, and a short sequence obtained by evolving the system parameters of the periodic orbits in another nonlinear system will be the key to reconstruct these periodic orbits. In the decryption end, the shadowing method of chaos trajectory based on the modified Newton-Raphson algorithm is adopted to restore these system parameters. Through deciding which orbit each pair coordinate falls on, the original digital sequence can be decrypted.
文摘In the content distribution services,traitor tracing encryption schemes are useful tools to trace illegal users that distribute content illegally to unauthorized users.However,solo use of these schemes does not necessarily work well and has vulnerability.To complement the property of the traitor tracing schemes,it is effective to use watermarking scheme with them and the watermarking schemes with light load are required.A number of video watermarking methods with light load have been proposed that embed information into compressed video streams.When the compression scheme is MPEG2-Video,its codes are mostly pre-defined using coding tables,and therefore,information can be embedded in the compressed stream by substituting some of the codes.On the other hand,HEVC/H.265 uses arithmetic coding(CABAC)and it is not easy to substitute one code for another in a stream.To deal with this problem,a watermarking scheme for HEVC/H.265 video streams is proposed.It embeds information while the video is being encoded.A broadcasting system incorporating the scheme is also proposed.
基金Supported by the National Natural Science Foun-dation of China (90104005)
文摘The existing homomorphie eneryption scheme is based on ring of the integer, and the possible operators are restricted to addition and multiplication only. In this paper, a new operation is defined Similar Modul. Base on the Similar Modul, the number sets of the homomorphic encryption scheme is extended to real number, and the possible operators are extended to addition, subtraction, multiplication and division. Our new approach provides a practical ways of implementation because of the extension of the operators and the number sets.
文摘This paper proposed an identity-based steganographic scheme, where a receiver with certain authority can recover the secret message ready for him, but cannot detect the existence of other secret messages. The proposed scheme created several separate covert communication channels tagged by the Fuzzy Identity-Based Encryption (FIBE) in one grayscale image. Then each channel is used to embed one secret message by using any content-aware steganographic scheme. Receivers with different attributes can extract different messages corresponded. The Experiments illustrated the feasibility of this identity-based secret message extraction. Further, the proposed scheme presents high undetectability against steganalytic attack launched by receivers without corresponded attributes.
基金supported in part by the National R&D Program for Major Research Instruments of China(Grant No:62027814)the National Natural Science Foundation of China(Grant No:62104054)+2 种基金the Natural Science Foundation of Heilongjiang Province(Grant No:F2018010)the Postdoctoral Science Foundation of Heilongjiang Province,China(No:LBH-Z20133)the Fundamental Research Funds for The Central Universities,China(3072021CF0806)。
文摘This paper presents a ZUC-256 stream cipher algorithm hardware system in order to prevent the advanced security threats for 5 G wireless network.The main innovation of the hardware system is that a six-stage pipeline scheme comprised of initialization and work stage is employed to enhance the solving speed of the critical logical paths.Moreover,the pipeline scheme adopts a novel optimized hardware structure to fast complete the Mod(231-1)calculation.The function of the hardware system has been validated experimentally in detail.The hardware system shows great superiorities.Compared with the same type system in recent literatures,the logic delay reduces by 47%with an additional hardware resources of only 4 multiplexers,the throughput rate reaches 5.26 Gbps and yields at least 45%better performance,the throughput rate per unit area increases 14.8%.The hardware system provides a faster and safer encryption module for the 5G wireless network.
基金This work was supported by the National Key Research and Development Program of China under Grant No. 2017YFt30802000, the National Natural Science Foundation of China under Grant Nos. 61802241, 61772326, 61572303, 61872229, 61802242, and 61602290, the National Natural Science Foundation of China for International Young Scientists under Grant No. 61750110528, the National Cryp-tographv Development Fund during the 13th Five-Year Plan Period of China under Grant Nos. MMJJ20170216 and MMJJ20180217, the Foundation of State Key Laboratory of Information Security of China under Grant No. 2017-MS-03, and the Fundamental Re- search Funds for the Central Universities of China under Grant Nos. GK201603084, GK201702004, GK201603092, GK201603093, and GK201703062.
文摘Identity-based hash proof system is a basic and important primitive. Ittographic schemes and protocols that are secure against key-leakage attacks. In thisupdatable identity-based hash proof system, in which the related master secret keyis widely utilized to construct cryp-paper, we introduce the concept ofand the identity secret key can beupdated securely. Then, we instantiate this primitive based on lattices in the standard model. Moreover, we introduce anapplication of this new primitive by giving a generic construction of leakage-resilient public-key encryption schemes withanonymity. This construction can be considered as the integration of the bounded-retrieval model and the continual leakagemodel. Compared with the existing leakage-resilient schemes, our construction not only is more efficient but also can resistmuch more key leakage.
文摘为解决医疗云平台共享个人健康档案(personal health record,PHR)存在的隐私泄露和加解密效率不理想的问题,以医疗云平台中帕金森病患者的转诊场景为例,提出了一种基于线性秘密共享的改进密文属性代理重加密方案(improved linear secret sharing based ciphertext attribute proxy re-encryption scheme,LCPS)。该方案利用线性秘密共享技术来隐藏访问策略中的隐私属性,降低因访问策略暴露引发的隐私泄露风险;该方案还对代理重加密算法进行改进,通过减少复杂的双线性运算,提高了加解密效率。结果表明,LCPS在加解密方面的表现要优于其他方案。在判定性q-BDHE(q-decisional bilinear Diffie-Hellman exponent)困难假设下具有选择明文攻击时的不可区分性(indistinguishability under chosen-plaintext attack,IND-CPA)。该方案具有可移植性,同样适用于医疗云中其他病症转诊时的个人健康档案安全共享。
基金supported by the National Natural Science Foundation of China (60473027).
文摘In this article, based on Chatterjee-Sarkar' hierarchical identity-based encryption (HIBE), a novel identity-based encryption with wildcards (WIBE) scheme is proposed and is proven secure in the standard model (without random oracle). The proposed scheme is proven to be secure assuming that the decisional Bilinear Diffie-Hellman (DBDH) problem is hard. Compared with the Wa-WIBE scheme that is secure in the standard model, our scheme has shorter common parameters and ciphertext length.
