基于SM9的多接收者混沌密钥生成方案

doi:10.3969/j.issn.1671-1122.2024.04.006

信息网络安全 ›› 2024, Vol. 24 ›› Issue (4): 555-563.doi: 10.3969/j.issn.1671-1122.2024.04.006

基于SM9的多接收者混沌密钥生成方案

张雪锋¹, 陈婷婷¹(), 苗美霞¹, 程叶霞²

1.西安邮电大学网络空间安全学院，西安 710121
2.中国移动通信有限公司研究院，北京 100032

收稿日期:2023-10-10 出版日期:2024-04-10 发布日期:2024-05-16
通讯作者: 陈婷婷 ctt1938@163.com
作者简介:张雪锋（1975—），男，陕西，教授，博士，CCF会员，主要研究方向为图像加密和信息安全|陈婷婷（1998—），女，陕西，硕士研究生，主要研究方向为信息安全|苗美霞（1980—），女，陕西，讲师，博士，主要研究方向为数据安全与隐私保护|程叶霞（1987—），女，安徽，高级工程师，博士，主要研究方向为网络与信息安全、量子安全
基金资助:
陕西省自然科学基础研究计划(2022JQ-600)

Multi-Receiver Chaotic Key Generation Scheme Based on SM9

ZHANG Xuefeng¹, CHEN Tingting¹(), MIAO Meixia¹, CHENG Yexia²

1. School of Cyberspace Security, Xi’an University of Posts and Telecommunications, Xi’an 710121, China
2. China Mobile Communications Corporation Research Institute, Beijing 100032, China

Received:2023-10-10 Online:2024-04-10 Published:2024-05-16

摘要/Abstract

摘要：

针对在信息传输过程中保密通信涉及的密钥管理问题，结合混沌保密通信模型，文章提出一种基于SM9的多接收者混沌密钥生成方案。该方案将SM9标识密码算法密钥封装机制进行扩展，构造一个多接收者密钥封装机制，用身份信息生成和封装密钥，并将密文进行发送，只有用户集合中的接收者可以用私钥对密文进行解密获取密钥。为保障通信方能进行混沌保密通信，文章提出一个将二进制数浮点化的数据转换方法，根据参数个数实现生成多个浮点数。发送方和接收方通过对密钥进行数据转换处理实现密钥同步，为混沌保密通信奠定了基础。该方案由多接收者的身份标识信息产生密钥，保证了密钥的安全性和保密性。在随机谕言模型下，证明了文章所提方案具有良好的效率和性能，满足IND-sID-CCA安全性。

关键词: SM9, 密钥封装, 混沌系统, IND-sID-CCA

Abstract:

Aiming at the key management problem involved in secure communication during information transmission, combined with the chaotic secure communication model, a multi-receiver chaotic key generation scheme based on SM9 was proposed. This scheme extended the key encapsulation mechanism of the SM9 identification encryption algorithm to construct a multi-receiver key encapsulation mechanism. That is, the encapsulator selected a group of designated recipients, used their identity information to generate and encapsulate the key, and sent the ciphertext. Only the recipients in the user set can use the private key to decrypt the ciphertext to obtain the key. In order to ensure that the communication party can carry out chaotic secure communication, a data conversion method that converted binary numbers to floating points was proposed, and multiple floating point numbers could be generated according to the number of parameters. The sender and the receiver realized key synchronization through data conversion processing of the key, which caid the foundation for chaotic secure communication. This scheme realized that the key was generated from the identification information of multiple receivers, which ensured the security and confidentiality of the key. Under the random oracle model, it is proved that this scheme has good efficiency and performance,and satisfies the security of IND-sID-CCA.

Key words: SM9, key encapsulation, chaotic system, IND-sID-CCA

中图分类号:

TP309

张雪锋, 陈婷婷, 苗美霞, 程叶霞. 基于SM9的多接收者混沌密钥生成方案[J]. 信息网络安全, 2024, 24(4): 555-563.

ZHANG Xuefeng, CHEN Tingting, MIAO Meixia, CHENG Yexia. Multi-Receiver Chaotic Key Generation Scheme Based on SM9[J]. Netinfo Security, 2024, 24(4): 555-563.

图/表 4

图1

图2

表1

表2

参考文献 22

[1]	ZAREBNIA M, PAKMANESH H, PARVAZ R. A Fast Multiple-Image Encryption Algorithm Based on Hybrid Chaotic Systems for Gray Scale Images[J]. Optik, 2019, 179: 761-773.
[2]	ZHANG Xuefeng, WEI Kaili, JIANG Wen. A N-Dimensional Combined Chaotic Map and Its Performance Analysis[J]. Journal of Xi’an University of Posts and Telecommunications, 2020, 25(6): 52-62.
	张雪锋, 卫凯莉, 姜文. 一种n维组合混沌映射及性能分析[J]. 西安邮电大学学报, 2020, 25(6): 52-62.
[3]	CHEN Mingqi, HONG Xuehai, WANG Wei, et al. The Development Trends of the Network Security and Information Technology[J]. Netinfo Security, 2015, 15(4): 1-4.
	陈明奇, 洪学海, 王伟, 等. 关于网络安全和信息技术发展态势的思考[J]. 信息网络安全, 2015, 15(4): 1-4.
[4]	CHEN Huashan, PI Lan, LIU Feng, et al. Research on Frontier and Trends of Science of Cybersecurity[J]. Netinfo Security, 2015, 15(3): 1-5.
	陈华山, 皮兰, 刘峰, 等. 网络空间安全科学基础的研究前沿及发展趋势[J]. 信息网络安全, 2015, 15(3): 1-5.
[5]	SHANNON C E. Communication Theory of Secrecy Systems[J]. The Bell System Technical Journal, 1949, 28(4): 656-715.
[6]	DIFFIE W, HELLMAN M. New Directions in Cryptography[J]. IEEE Transactions on Information Theory, 1976, 22(6): 644-654.
[7]	SHAMIR A. Identity-Based Cryptosystems and Signature Schemes[C]// Springer. Advances in Cryptology-CRYPT0’84. Heidelberg:Springer, 1985: 47-53.
[8]	BONEH D, FRANKLIN M. Identity-Based Encryption from the Weil Pairing[J]. SIAM Journal on Computing, 2003, 32(3): 213-229.
[9]	DELERABLEE C. Identity-Based Broadcast Encryption with Constant Size Ciphertexts and Private Keys[C]// Springer. Advances in Cryptology-ASIACRYPT 2007. Heidelberg: Springer, 2007: 200-215.
[10]	LIU Xiao, LIU Weiran, WU Qianhong, et al. Chosen Ciphertext Secure Identity-Based Broadcast Encryption[J]. Journal of Cryptologic Research, 2015(1): 66-76.
	刘潇, 刘巍然, 伍前红, 等. 选择密文安全的基于身份的广播加密方案[J]. 密码学报, 2015 (1): 66-76. doi: 10.13868/j.cnki.jcr.000061
[11]	GM/T0044-2016 Information Security Technology-Identity Based Cryptographic Algorithms SM9[S]. Beijing: Standards Press of China, 2016.
	GM/T0044-2016 SM9 标识密码算法[S]. 北京: 中国标准出版社, 2016.
[12]	ZHANG Xuefeng, PENG Hua. Blind Signature Scheme Based on SM9 Algorithm[J]. Netinfo Security, 2019, 19(8): 61-67.
	张雪锋, 彭华. 一种基于 SM9 算法的盲签名方案研究[J]. 信息网络安全, 2019, 19(8): 61-67.
[13]	PENG Cong, HE Debiao, LUO Min, et al. An Identity-Based Ring Signature Scheme for SM9 Algorithm[J]. Journal of Cryptologic Research, 2021, 8(4): 724-734.
	彭聪, 何德彪, 罗敏, 等. 基于SM9 标识密码算法的环签名方案[J]. 密码学报, 2021, 8(4): 724-734.
[14]	LAI Jianchang, HUANG Xinyi, HE Debiao, et al. An Efficient Identity-Based Signcryption Scheme Based on SM9[J]. Journal of Cryptologic Research, 2021, 8(2): 314-329.
	赖建昌, 黄欣沂, 何德彪, 等. 基于商密 SM9 的高效标识签密[J]. 密码学报, 2021, 8(2): 314-329. doi: 10.13868/j.cnki.jcr.000440
[15]	ZHANG Chao, PENG Changgen, DING Hongfa, et al. Searchable Encryption Scheme Based on China State Cryptography Standard SM9[J]. Computer Engineering, 2022, 48(7): 159-167. doi: 10.19678/j.issn.1000-3428.0062771
	张超, 彭长根, 丁红发, 等. 基于国密SM9的可搜索加密方案[J]. 计算机工程, 2022, 48 (7): 159-167. doi: 10.19678/j.issn.1000-3428.0062771
[16]	CAMPAGNA M, PETCHER A. Security of Hybrid Key Encapsulation[J]. Cryptology ePrint Archive, 2020, 1364-1379.
[17]	SMART N P. Efficient Key Encapsulation to Multiple Parties[C]// Springer. International Conference on Security in Communication Networks. Heidelberg: Springer, 2004: 208-219.
[18]	BARBOSA M, FARSHIM P. Efficient Identity-Based Key Encapsulation to Multiple Parties[C]// Springer. IMA’05. Heidelberg:Springer, 2005: 428-441.
[19]	FU Xiaotong, XUE Peng. Identity-Based Privacy-Preserving Multi-Receiver Key Encapsulation[J]. Journal of Xidian University, 2014, 41(5): 7-12.
	傅晓彤, 薛鹏. 一种匿名的多接收者密钥封装机制[J]. 西安电子科技大学学报, 2014, 41(5): 7-12.
[20]	KIM J, CAMTEPE S, SUSILO W, et al. Identity-Based Broadcast Encryption with Outsourced Partial Decryption for Hybrid Security Models in Edge Computing[C]// ACM. Asia CCS’19. New York:ACM, 2019: 55-66.
[21]	BARRETO P, LIBERT B, MCCULLAGH N, et al. Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps[C]// Springer. Advances in Cryptology-ASIACRYPT 2005. Heidelberg: Springer, 2005: 515-532.
[22]	DENG Hua, QIN Zheng, WU Qianhong, et al. Identity-Based Encryption Transformation for Flexible Sharing of Encrypted Data in Public Cloud[J]. IEEE Transactions on Information Forensics and Security, 2020, 15: 3168-3180.

方案	主公钥长度	主私钥长度	用户私钥长度	密文长度
文献[8]	$(m+1)\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|+\left\| {{G}_{T}} \right\|$	$\left\| {{G}_{2}} \right\|$	$\left\| {{G}_{2}} \right\|$	$\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$
文献[9]	$\left\| {{G}_{1}} \right\|+(m+1)\left\| {{G}_{2}} \right\|+\left\| {{G}_{T}} \right\|$	$\left\| {{G}_{1}} \right\|$	$\left\| {{G}_{1}} \right\|$	$\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$
文献[10]	$\left\| {{G}_{1}} \right\|+(m+1)\left\| {{G}_{2}} \right\|+\left\| {{G}_{T}} \right\|$	$\left\| {{G}_{1}} \right\|$	$\left\| {{G}_{1}} \right\|$	$\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$
本文方案	$(m+1)\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|+\left\| {{G}_{T}} \right\|$	$\left\| {{G}_{2}} \right\|$	$\left\| {{G}_{2}} \right\|$	$\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$

方案	加密开销	解密开销	安全性
文献[8] 方案	$(n+1){{S}_{1}}+{{S}_{2}}+{{S}_{E}}$	$(n-1){{S}_{1}}+2{{S}_{p}}+{{S}_{E}}$	IND-sID-CPA
文献[9] 方案	${{S}_{1}}+(n+1){{S}_{2}}+{{S}_{E}}$	$(n-1){{S}_{2}}+2{{S}_{p}}+{{S}_{E}}$	IND-sID-CPA
文献[10]方案	${{S}_{1}}+(n+2){{S}_{2}}+{{S}_{E}}$	$2n{{S}_{2}}+4{{S}_{p}}+{{S}_{E}}$	IND-sID-CCA
本文方案	$(n+1){{S}_{1}}+{{S}_{2}}+{{S}_{E}}\text{+}{{S}_{f}}$	$(n-1){{S}_{1}}+2{{S}_{p}}+{{S}_{E}}+{{S}_{f}}$	IND-sID-CCA

基于SM9的多接收者混沌密钥生成方案

Multi-Receiver Chaotic Key Generation Scheme Based on SM9

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 22

相关文章 14

编辑推荐

Metrics

本文评价

[1]	杨杰超, 胡汉平, 帅燕, 邓宇昕. 基于时变互耦合双混沌系统的轻量级序列密码[J]. 信息网络安全, 2024, 24(3): 385-397.
[2]	翟鹏, 何泾沙, 张昱. 物联网环境下基于SM9算法和区块链技术的身份认证方法[J]. 信息网络安全, 2024, 24(2): 179-187.
[3]	赵耿, 马英杰, 董有恒. 混沌密码理论研究与应用新进展[J]. 信息网络安全, 2024, 24(2): 203-216.
[4]	朱郭诚, 何德彪, 安浩杨, 彭聪. 基于区块链和SM9数字签名的代理投票方案[J]. 信息网络安全, 2024, 24(1): 36-47.
[5]	周权, 陈民辉, 卫凯俊, 郑玉龙. 基于SM9的属性加密的区块链访问控制方案[J]. 信息网络安全, 2023, 23(9): 37-46.
[6]	安浩杨, 何德彪, 包子健, 彭聪. 一种基于证书的数字签名方案[J]. 信息网络安全, 2023, 23(3): 13-21.
[7]	刘兴斌, 刘聪. 基于级联混沌系统和量子Baker映射的图像加密算法[J]. 信息网络安全, 2023, 23(12): 49-58.
[8]	张雪锋, 胡奕秀. 一种基于SM9的可撤销标识广播加密方案[J]. 信息网络安全, 2023, 23(1): 28-35.
[9]	王圣雯, 胡爱群. 基于SM9算法的邮件加密系统设计[J]. 信息网络安全, 2022, 22(6): 53-60.
[10]	吴克河, 程瑞, 郑碧煌, 崔文超. 电力物联网安全通信协议研究[J]. 信息网络安全, 2021, 21(9): 8-15.
[11]	张昱, 孙光民, 李煜. 基于SM9算法的移动互联网身份认证方案研究[J]. 信息网络安全, 2021, 21(4): 1-9.
[12]	胡刚毅, 彭金. 一种警务图像加密算法[J]. 信息网络安全, 2021, 21(12): 86-90.
[13]	张雪锋, 彭华. 一种基于SM9算法的盲签名方案研究[J]. 信息网络安全, 2019, 19(8): 61-67.
[14]	黎琳, 张旭霞. zk-snark的双线性对的国密化方案[J]. 信息网络安全, 2019, 19(10): 10-15.