信息网络安全 ›› 2018, Vol. 18 ›› Issue (8): 17-24.doi: 10.3969/j.issn.1671-1122.2018.08.003

• • 上一篇    下一篇

面向云数据共享的量子安全的无证书双向代理重加密

江明明1,4, 赵利军2, 王艳3, 王保仓4   

  1. 1.淮北师范大学计算机科学与技术学院,安徽淮北 235000
    2. 陕西省渭南市公安局网安支队,陕西渭南 714000
    3.淮北师范大学数学科学学院,安徽淮北 235000
    4.西安电子科技大学综合业务网理论及关键技术国家重点实验室,陕西西安 710071
  • 收稿日期:2018-06-10 出版日期:2018-08-20 发布日期:2020-05-11
  • 作者简介:

    作者简介:江明明(1984—),男,安徽,讲师,博士,主要研究方向为密码学、信息安全等;赵利军(1973—),男,陕西,工程师,本科,主要研究方向为网络安全管理;王艳(1983—),女,安徽,助教,硕士,主要研究方向为信息安全;王保仓(1979—),男,陕西,教授,博士,主要研究方向为公钥密码学、无线网络安全、信息安全。

  • 基金资助:
    国家自然科学基金[61572390];安徽省自然科学基金[1708085QF154];安徽省高校自然科学基金重点项目[KJ2016A627,KJ2018A0398];安徽省高校自然科学基金重大项目[KJ2017ZD32]

Quantum-security Certificateless Bidirectional Proxy Re-encryption for Cloud Data Sharing

Mingming JIANG1,4, Lijun ZHAO2, Yan WANG3, Baocang WANG4   

  1. 1. School of Computer Science and Technology, Huaibei Normal University, Huaibei Anhui 235000, China
    2.Weinan Municipal Public Security Bureau, Weinan Shaanxi 714000, China
    3. School of Mathematical Science, Huaibei Normal University, Huaibei Anhui 235000, China
    4. State Key Lab of Integrated Service Networks, Xidian University, Xi’an Shaanxi 710071, China;
  • Received:2018-06-10 Online:2018-08-20 Published:2020-05-11

摘要:

针对开放式云计算环境下的云数据共享的安全性与隐私问题,文章基于带差错的学习问题(LWE)困难性假设,利用高斯抽样技术,提出一个无证书代理重加密方案。在该方案中,云服务器可以利用两个用户授权的代理重加密密钥将两个用户的密文进行相互转换,不但实现了云存储中的数据共享问题,还解决了用户数据的隐私保护问题。该方案不仅实现了代理重加密功能,而且解决了公钥基础设施中的证书管理问题与基于身份密码体制中的密钥托管问题,且证明了在标准模型下基于LWE问题是选择明文攻击(CPA)安全的。更重要的是,该方案在量子环境下也是安全的。

关键词: 代理重加密, 格密码, 高斯抽样, 无证书密码体制

Abstract:

For the security and private of cloud data sharing in the open cloud computing, this paper uses the Gauss sample technology to construct a certificateless proxy re-encryption scheme based on learning with errors (LWE) problem. In this scheme, the cloud server can use the proxy re-encryption keys by two users authorized to convert ciphertexts of one user to each other, which not only realizes the data sharing problem in cloud storage, but also solves the privacy protection problem of user data. The scheme not only realizes the function of proxy re-encryption, but also solves the certificate management problem in public key infrastructure and the key escrow problem in identity-based cryptosystem. The proposed scheme is proved semantic secure against adaptive chosen plaintext attack in the standard mode based on learning with errors(LWE) problem. More importantly, the scheme is also safe in the quantum environment.

Key words: proxy re-encryption, lattice cryptography, Gaussian sampling, certificateless cryptography

中图分类号: