一种基于SM9的可撤销标识广播加密方案

doi:10.3969/j.issn.1671-1122.2023.01.004

信息网络安全 ›› 2023, Vol. 23 ›› Issue (1): 28-35.doi: 10.3969/j.issn.1671-1122.2023.01.004

一种基于SM9的可撤销标识广播加密方案

张雪锋, 胡奕秀()

西安邮电大学网络空间安全学院，西安 710121

收稿日期:2022-11-20 出版日期:2023-01-10 发布日期:2023-01-19
通讯作者: 胡奕秀 E-mail:huyix11@163.com
作者简介:张雪锋（1975—），男，陕西，教授，博士，主要研究方向为数字图像加密和数据安全|胡奕秀（1998—），女，河南，硕士研究生，主要研究方向为信息安全
基金资助:
陕西省自然科学基础研究计划(2021JQ-722)

A Revocable Identity-Based Broadcast Encryption Scheme Based on SM9

ZHANG Xuefeng, HU Yixiu()

School of Cyberspace Security, Xi’an University of Posts and Telecommunications, Xi’an 710121, China

Received:2022-11-20 Online:2023-01-10 Published:2023-01-19
Contact: HU Yixiu E-mail:huyix11@163.com

摘要/Abstract

摘要：

文章提出一种基于国密标识算法SM9的可撤销标识广播加密方案。该方案在SM9标识广播加密方案的基础上，结合可撤销广播加密方案，利用二叉树对用户进行权限管理，实现授权用户的撤销和加入。密钥生成中心利用二叉树为未被撤销的用户更新密钥，用户只能通过该密钥获得相应的会话密钥，从而解密广播密文并获得数据。文章在随机预言模型下证明了该方案满足选择明文攻击下的不可区分性。效率分析表明，该方案效率较高，具有较好的实用性。

关键词: SM9, 标识广播加密, 可撤销, 二叉树

Abstract:

This paper proposed an improved revocable broadcast encryption scheme based on the national secret identification algorithm SM9. Based on the SM9 identification broadcast encryption scheme and the revocable broadcast encryption scheme, the scheme manages the user’s rights through a binary tree, and realized the revocation and joining of authorized users. The key generation center used the binary tree to generate an update key for the user who was not revoked. The user can only obtain the corresponding session key through the key, so as to decrypt the broadcast ciphertext to obtain data. In the random oracle model, the scheme is proved to be indistinguishable under the selective plaintext attack. The efficiency analysis shows that this scheme is a revocable broadcast encryption scheme with high efficiency and better practicability.

Key words: SM9, identity-based broadcast encryption, revocable, binary tree

中图分类号:

TP309

张雪锋, 胡奕秀. 一种基于SM9的可撤销标识广播加密方案[J]. 信息网络安全, 2023, 23(1): 28-35.

ZHANG Xuefeng, HU Yixiu. A Revocable Identity-Based Broadcast Encryption Scheme Based on SM9[J]. Netinfo Security, 2023, 23(1): 28-35.

图/表 6

图1

图2

图3

图4

表1

表2

参考文献 17

[1]	SHAMIR A. Identity-Based Cryptosystems and Signature Schemes[C]//Springer. Advances in Cryptology-CRYPT0’84. Heidelberg:Springer, 1985: 47-53.
[2]	GM/T0044-2016 Information Security Technology-IdentityBased Cryptographic Algorithms SM9[S]. Beijing: Standards Press of China, 2016.
	GM/T0044-2016 SM9标识密码算法[S]. 北京: 中国标准出版社, 2016.
[3]	CHENG Zhaohui. Security Analysis of SM9 Key Agreement and Encryption[C]// Springer. The 14th International Conference on Information Security and Cryptology. Heidelberg: Springer, 2018: 3-25
[4]	ZHANG Xuefeng, PENG Hua. Blind Signature Scheme Based on SM9 Algorithm[J]. Netinfo Security, 2019, 19(8): 61-67.
	张雪锋, 彭华. 一种基于SM9算法的盲签名方案研究[J]. 信息网络安全, 2019, 19(8): 61-67.
[5]	YANG Yatao, CAI Juliang, ZHANG Xiaowei, et al. Privacy Preserving Scheme in Block Chain with Provably Secure Based on SM9 Algorithm[J]. Journal of Software, 2019, 30(6): 1692-1704.
	杨亚涛, 蔡居良, 张筱薇, 等. 基于SM9算法可证明安全的区块链隐私保护方案[J]. 软件学报, 2019, 30(6):1692-1704.
[6]	LAI Jianchang, HUANG Xinyi, HE Debiao. An Efficient Identity-Based Broadcast Encryption Scheme Based on SM9[J]. Chinese Journal of Computers, 2021, 44(5): 897-907.
	赖建昌, 黄欣沂, 何德彪. 一种基于商密SM9的高效标识广播加密方案[J]. 计算机学报, 2021, 44(5):897-907.
[7]	ZHANG Chao, PENG Changgen, DING Hongfa, et al. Searchable Encryption Scheme Based on China State Cryptography Standard SM9[J]. Computer Engineering, 2022, 48(7): 159-167.
	张超, 彭长根, 丁红发, 等. 基于国密SM9的可搜索加密方案[J]. 计算机工程, 2022, 48(7):159-167.
[8]	ZHANG Boxin, GENG Shengling, QIN Baodong. Efficient Revocable SM9 Identity-Based Signature Algorithm[J]. Application Research of Computers, 2022, 39(9): 2837-2842, 2849.
	张博鑫, 耿生玲, 秦宝东. 高效的可撤销SM9标识签名算法[J]. 计算机应用研究, 2022, 39(9):2837-2842,2849.
[9]	ZHAO Chenyang, KE Pinhui, LIN Changlu. SM9 Identity-Based Encryption Algorithm with Deniable Authenticatison[EB/OL]. (2022-10-26)[2022-11-08]. http://kns.cnki.net/kcms/detail/11.5602.TP.20221025.1814.006.html.
	赵晨阳, 柯品惠, 林昌露. 具有否认认证的SM9标识加密算法[EB/OL]. (2022-10-26)[2022-11-08]. http://kns.cnki.net/kcms/detail/11.5602.TP.20221025.1814.006.html.
[10]	ZHU Liufu, LI Jiguo, LAI Jianchang, et al. Attribute-Based Online/Offline Signature Scheme Based on SM9[EB/OL]. (2022-10-28)[2022-11-08]. http://kns.cnki.net/kcms/detail/11.1777.TP.20221027.1044.006.html.
	朱留富, 李继国, 赖建昌, 等. 基于商密SM9的属性基在线/离线签名方案[EB/OL]. (2022-10-28)[2022-11-08]. http://kns.cnki.net/kcms/detail/11.1777.TP.20221027.1044.006.html.
[11]	BONEH D, FRANKLIN M. Identity-Based Encryption from the Weil Pairing[J]. SIAM Journal on Computing, 2003, 32(3): 213-229.
[12]	BOLDYREVA A, GOYAL V, KUMAR V. Identity-Based Encryption with Efficient Revocation[C]// ACM. The 15th ACM Conference on Computer and Communications Security. New York: ACM, 2008: 417-426.
[13]	SAHAI A, WATERS B. Fuzzy Identity-Based Encryption[C]// Springer. The 11th Advances in Cryptology-Eurocrypt. Heidelberg: Springer, 2005: 457-473.
[14]	FIAT A, NAOR M. Broadcast Encryption[J]. Lecture Notes in Computer Science, 1994, 773(1): 480-491.
[15]	NAOR D, NAOR M, LOTSPIECH J. Revocation and Tracing Schemes for Stateless Receivers[C]// Springer. Advances in Cryptology-CRYPTO 2001. Heidelberg: Springer, 2001: 41-62.
[16]	DELERABLEE C. Identity-Based Broadcast Encryption with Constant Size Ciphertexts and Private Keys[C]// Springer. Advances in Cryptology-ASIACRYPT 2007. Heidelberg: Springer, 2007: 200-215.
[17]	JIANG Peng, GUO Fuchun, MU Yi. Efficient Identity-Based Broadcast Encryption with Keyword Search Against Insider Attacks for Database Systems[J]. Theoretical Computer Science, 2019, 767: 51-72. doi: 10.1016/j.tcs.2018.09.030 URL

	文献[6]	文献[10]	本文方案
系统主公钥长度	(m+1)\|G₁\|+\|G₂\|+\|G_T\|	(m+1)\|G₁\|+\|G₂\|+\|G_T\|	(m+1)\|G₁\|+\|G₂\|+\|G_T\|
系统主私钥长度	\|G₂\|	\|G₂\|	\|G₂\|
用户私钥长度	\|G₂\|	\|G₂\|	\|G₂\|
更新私钥长度	—	O(N-R)\|G₂\|	O(R log(N/R))\|G₂\|
密文长度	\|G₁\|+\|G₂\|+\|K\|	\|G₁\|+\|G₂\|+\|K\|	2\|G₁\|+2\|G₂\|+2\|K\|
更新私钥生成时间	—	O(N-R)t₂	O(R log(N/R))t₂+t_B
加密时间	(n+1)t₁+t₂+t_E	(n+1)t₁+t₂+t_E	2(n+1)t₁+2t₂+2t_E
解密时间	(n-1)t₁+2t_P+t_E	(n-1)t₁+2t_P+t_E	2(n-1)t₁+4t_P+2t_E

方案	密钥更新复杂度
方案	$R=0$	$1<R\le N/2$	$N/2<R\le N$
文献[10]	$o(N)$	$o(N-R)$	$o(N-R)$
本文方案	$o(1)$	$o(R\log (N/R))$	$o(N-R)$

一种基于SM9的可撤销标识广播加密方案

A Revocable Identity-Based Broadcast Encryption Scheme Based on SM9

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 6

参考文献 17

相关文章 9

编辑推荐

Metrics

本文评价

[1]	王圣雯, 胡爱群. 基于SM9算法的邮件加密系统设计[J]. 信息网络安全, 2022, 22(6): 53-60.
[2]	吴克河, 程瑞, 郑碧煌, 崔文超. 电力物联网安全通信协议研究[J]. 信息网络安全, 2021, 21(9): 8-15.
[3]	张昱, 孙光民, 李煜. 基于SM9算法的移动互联网身份认证方案研究[J]. 信息网络安全, 2021, 21(4): 1-9.
[4]	张雪锋, 彭华. 一种基于SM9算法的盲签名方案研究[J]. 信息网络安全, 2019, 19(8): 61-67.
[5]	黎琳, 张旭霞. zk-snark的双线性对的国密化方案[J]. 信息网络安全, 2019, 19(10): 10-15.
[6]	赵洋, 陈阳, 熊虎, 任化强. 云环境下一种可撤销授权的数据拥有性证明方案[J]. 信息网络安全, 2015, 15(8): 1-7.
[7]	唐宇, 刘嘉勇, 汤殿华. 一种可撤销的指纹模板保护方案[J]. 信息网络安全, 2015, 15(1): 72-75.
[8]	. Windows环境下进程空间信息深度挖掘方法研究[J]. , 2014, 14(4): 31-.
[9]	关欣;朱冰;陈震;彭雪海. 基于特征码病毒扫描技术的研究[J]. , 2013, 13(4): 0-0.