基于无证书的门限条件代理重加密方案

北京邮电大学学报 ›› 2023, Vol. 46 ›› Issue (1): 44-49,83.

基于无证书的门限条件代理重加密方案

李兆斌,张璐,赵洪,魏占祯

北京电子科技学院

收稿日期:2021-11-26 修回日期:2022-05-12 出版日期:2023-02-28 发布日期:2023-02-22
通讯作者: 张璐 E-mail:bestizhangl@126.com
基金资助:
教育部产学合作协同育人项目

Certificateless Threshold-Based Conditional Proxy Re-Encryption Scheme

Beijing Electronic Science and Technology Institute

Received:2021-11-26 Revised:2022-05-12 Online:2023-02-28 Published:2023-02-22

摘要/Abstract

摘要： 条件代理重加密可以根据条件对密文进行细粒度的授权,现有的方案多数是基于公钥基础设施或身份公钥来实现,存在证书管理和密钥托管问题。为了解决这些问题,提出了一种新的无证书门限条件代理重加密方案,在生成原密文和重加密密钥时加入条件信息,代理服务器在重加密前先对条件符合性进行验证,确保只有条件匹配的密文才能被重加密。利用门限技术实现对重加密密钥和授权者私钥的保护,同时可以抵御替换用户公钥的第一类敌手和掌握系统主密钥的第二类敌手的攻击。仿真结果表明,所提方案在重加密密钥生成与重加密过程中计算效率较高,为分布式云存储等应用中的密文共享提供了基础。

关键词: 条件代理重加密 , 无证书 , 门限 , 分布式数据共享

Abstract:

Conditional proxy re-encryption can grant fine-grained authorization to ciphertext according to conditional information. Most of the existing conditional proxy re-encryption schemes are based on traditional public key infrastructure or identity public key, therefore bringing the problems of certificate management and key escrow. To solve these problems, a new certificateless threshold conditional proxy re-encryption scheme is constructed, in which the conditional information is added when the original ciphertext and re-encryption key are generated, and the proxy node verifies the condition compliance before re-encryption to ensure that only the matching ciphertext can be re-encrypted. Threshold technology is used to protect re-encryption key and private key. Theoretical analysis shows that the proposed scheme is able to resist two types of adversary attacks,the first type-I adversary replaces the user's public key and the type-II adversary holds the system's master key. The simulation results demonstrate that the proposed scheme has high efficiency in key operations such as re-encryption key generation and re-encryption, therefore, providing the basis for ciphertext sharing in applications such as distributed cloud storage.

Key words: conditional proxy re-encryption , certificateless , threshold , distributed data sharing

中图分类号:

TP309.7

李兆斌张璐赵洪魏占祯. 基于无证书的门限条件代理重加密方案[J]. 北京邮电大学学报, 2023, 46(1): 44-49,83.

LI Zhaobin, ZHANG Lu, ZHAO Hong, WEI Zhanzhen. Certificateless Threshold-Based Conditional Proxy Re-Encryption Scheme[J]. Journal of Beijing University of Posts and Telecommunications, 2023, 46(1): 44-49,83.

[1]	吴玄姬伟峰翁江李映岐申秀雨. 面向网络切片的无证书切换认证与密钥协商协议[J]. 北京邮电大学学报, 2023, 46(4): 103-108.
[2]	史瑞, 封化民, 杨旸, 袁峰, 刘飚. 强隐私保护的移动群智感知方案[J]. 北京邮电大学学报, 2021, 44(5): 114-120.
[3]	刘宁春, 郜帅, 侯心迪, 国兴昌. 一种信息中心移动自组网中的数据访问控制机制[J]. 北京邮电大学学报, 2021, 44(2): 54-60.
[4]	李增鹏, 王九如, 张问银, 马春光. 一种基于对偶Regev加密的门限公钥加密方案[J]. 北京邮电大学学报, 2020, 43(4): 83-87.
[5]	吴新忠, 夏令祥, 张旭, 周成. 基于谱熵梅尔积的语音端点检测方法[J]. 北京邮电大学学报, 2019, 42(2): 83-89.
[6]	查雅行, 罗守山, 李伟, 卞建超. 基于属性门限签名的动态群组共享数据公开审计方案[J]. 北京邮电大学学报, 2017, 40(5): 43-49.
[7]	倪水平, 常慧刚. 基于能量和小波变换的双门限联合频谱感知[J]. 北京邮电大学学报, 2017, 40(4): 117-121.
[8]	汤永利, 王菲菲, 叶青, 闫玺玺. 改进的可证明安全无证书签名方案[J]. 北京邮电大学学报, 2016, 39(1): 112-116.
[9]	常利伟, 郑世慧, 邢友松, 金磊, 杨义先. 可验证多次使用动态门限大秘密共享方案[J]. 北京邮电大学学报, 2015, 38(5): 86-90.
[10]	翟双, 钱志鸿, 王雪, 孙大洋. IR-UWB系统中基于归一化门限的TOA估计[J]. 北京邮电大学学报, 2015, 38(4): 19-23.
[11]	卜祥元, 唐平, 张黎, 梁丹丹. 一种低复杂度的正六边形星座信号的解调算法[J]. 北京邮电大学学报, 2015, 38(2): 16-20,44.
[12]	申滨, 王舒, 黄琼, 陈前斌. 认知无线电最优用户选择协作频谱感知[J]. 北京邮电大学学报, 2014, 37(2): 32-37.
[13]	刘雯雯, 袁龙, 刘子扬, 彭涛, 王文博. 宽频信号能量检测最优判决门限[J]. 北京邮电大学学报, 2014, 37(1): 25-30.
[14]	许瑞琛, 蒋挺. 认知无线电自适应频谱感知时间分配机制[J]. 北京邮电大学学报, 2013, 36(5): 56-60.
[15]	黄海平, 吴万烽, 王汝传, 李玲娟. 可再生Hash链对SEAD协议的安全性改进[J]. 北京邮电大学学报, 2013, 36(4): 99-103.