èŠ‚ç‚¹æ–‡çŒ®

è‹¥å¹²å¯†é’¥éš”ç¦»å¯†ç ä½“åˆ¶çš„ç ”ç©¶

Study on Several Key-Insulated Cryptographic Schemes

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ é™ˆå‰‘æ´ªï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ ä¸Šæµ·äº¤é€šå¤§å¦ ï¼Œ è®¡ç®—æœºç³»ç»Ÿç»“æž„ï¼Œ 2011ï¼Œ åšå£«

ã€æ‘˜è¦ã€‘ éšç€è®¡ç®—æœºå’Œç½‘ç»œé€šä¿¡æŠ€æœ¯çš„å‘å±•,å…¬é’¥å¯†ç å¦å¾—åˆ°äº†å¹¿æ³›çš„åº”ç”¨ã€‚ç„¶è€Œ,ç”±äºŽç—…æ¯’ã€æœ¨é©¬æˆ–æ“ä½œç³»ç»Ÿæ¼æ´žç‰å¼•èµ·çš„å¯†é’¥æ³„æ¼ä¹Ÿå˜å¾—è¶Šæ¥è¶Šå¹¿æ³›ã€‚å¯¹äºŽå…¬é’¥å¯†ç ä½“åˆ¶æ¥è¯´,ç§é’¥æ³„æ¼æ˜¯ä¸€ä¸ªååˆ†ä¸¥é‡çš„å¨èƒã€‚å¯¹äºŽä¼ ç»Ÿå¯†ç ä½“åˆ¶è€Œè¨€,å¯ä»¥é€šè¿‡æ’¤é”€å…¬é’¥æ¥åº”å¯¹ç§é’¥æ³„æ¼ã€‚ä½†æ˜¯,å¯¹äºŽåŸºäºŽèº«ä»½çš„å¯†ç ç³»ç»Ÿæ¥è¯´,å…¬é’¥ç”±ç”¨æˆ·èº«ä»½ä¿¡æ¯(æ¯”å¦‚ç”µåé‚®ä»¶åœ°å€)è¡¨ç¤º,è¿™äº›ä¿¡æ¯çš„æ’¤é”€æ˜¯ä¸å¤ªå¯è¡Œçš„ã€‚å¯¹äºŽåŸºäºŽå±žæ€§çš„å¯†ç ç³»ç»Ÿæ¥è¯´,å…¬é’¥ç”±å±žæ€§é›†åˆ(æ¯”å¦‚ç”¨æˆ·çš„æ€§åˆ«ã€å¹´é¾„ã€å·¥ä½œå•ä½ç‰å¯ä»¥ä½œä¸ºå±žæ€§)è¡¨ç¤º,è¿™äº›å±žæ€§é›†åˆçš„æ’¤é”€ä¹Ÿæ¯”è¾ƒå›°éš¾ã€‚ç›®å‰,å¯†é’¥éš”ç¦»æœºåˆ¶æ˜¯å‡è½»å¯†é’¥æ³„æ¼æ‰€å¸¦æ¥å±å®³çš„ä¸€ç§æœ‰æ•ˆæ–¹æ³•ã€‚åœ¨æœ¬æ–‡,æˆ‘ä»¬ä¸»è¦å…³æ³¨å¯è¯å®‰å…¨çš„åŸºäºŽèº«ä»½çš„å¯†é’¥éš”ç¦»å¯†ç ä½“åˆ¶å’ŒåŸºäºŽå±žæ€§çš„å¯†é’¥éš”ç¦»å¯†ç ä½“åˆ¶,å–å¾—äº†å¦‚ä¸‹ç ”ç©¶æˆæžœï¼š1.å°½ç®¡å·²æœ‰ä¸å°‘åŸºäºŽèº«ä»½çš„å¯†é’¥éš”ç¦»åŠ å¯†(IBKIE)å’ŒåŸºäºŽèº«ä»½çš„å¯†é’¥éš”ç¦»ç¾å(IBKIS)æ–¹æ¡ˆè¢«æå‡ºæ¥,ä½†æ˜¯æŠŠIBKISå’ŒIBKIEçœ‹ä½œä¸€ä¸ªæ•´ä½“ä½¿å¾—äºŒè€…æ‹¥æœ‰å…±åŒçš„ç³»ç»Ÿå‚æ•°é›†åˆçš„ç ”ç©¶è¿˜æœ‰å¾…åŽ»å¼€å±•ã€‚ä¸ºæ¤,æœ¬æ–‡æå‡ºäº†åŸºäºŽèº«ä»½çš„å¯†é’¥éš”ç¦»ç¾å¯†(Identity-Based Key-Insulated Sign-cryption, IBKISC)çš„æ¦‚å¿µã€‚åœ¨ç»™å‡ºIBKISCçš„å½¢å¼åŒ–å®šä¹‰å’Œå®‰å…¨æ¨¡åž‹çš„åŸºç¡€ä¸Š,æž„å»ºäº†ä¸€ä¸ªæ ‡å‡†æ¨¡åž‹ä¸‹å¯è¯å®‰å…¨çš„IBKISCæ–¹æ¡ˆã€‚æ‰€æå‡ºçš„IBKISCæ–¹æ¡ˆèƒ½å¤Ÿåœ¨ä¸€ä¸ªåˆç†çš„é€»è¾‘æ¥éª¤å†…åŒæ—¶å®ŒæˆIBKISå’ŒIBKIEä¸¤é¡¹åŠŸèƒ½,è€Œå…¶è®¡ç®—é‡å’Œé€šä¿¡æˆæœ¬éƒ½è¦ä½ŽäºŽä¼ ç»Ÿçš„â€œå…ˆIBKISåŽIBKIE"ã€‚2.ç”±äºŽéšæœºé¢„è¨€æœºæ¨¡åž‹ä¸‹çš„å¯è¯å®‰å…¨åªèƒ½çœ‹ä½œä¸€ç§å¯å‘å¼äº‰è®º,å¹¶ä¸èƒ½ä¿è¯ç³»ç»Ÿåœ¨å…·ä½“å®žçŽ°æ—¶çš„å®‰å…¨æ€§,å› æ¤æœ¬æ–‡æå‡ºäº†ä¸€ä¸ªæ ‡å‡†æ¨¡åž‹ä¸‹å¯è¯å®‰å…¨çš„åŸºäºŽèº«ä»½çš„å¯†é’¥éš”ç¦»ä»£ç†ç¾å(Identity-Based Key-Insulated Proxy Signature, IBKIPS)æ–¹æ¡ˆã€‚3.æœ¬æ–‡å°†é—¨é™å¯†é’¥éš”ç¦»æœºåˆ¶æ‰©å±•åˆ°åŸºäºŽèº«ä»½çš„ç¾åç³»ç»Ÿä¸,å¹¶æå‡ºäº†åŸºäºŽèº«ä»½çš„é—¨é™å¯†é’¥éš”ç¦»ç¾å(Identity-Based Threshold Key-Insulated Signature, IBTKIS)çš„æ¦‚å¿µã€‚åœ¨ç»™å‡ºIBTKISçš„å½¢å¼åŒ–å®šä¹‰å’Œå®‰å…¨æ¨¡åž‹çš„åŸºç¡€ä¸Š,æœ¬æ–‡æž„å»ºäº†ä¸€ä¸ªæ ‡å‡†æ¨¡åž‹ä¸‹å¯è¯å®‰å…¨çš„IBTKISæ–¹æ¡ˆã€‚æ‰€ææ–¹æ¡ˆå¯ä»¥å¢žå¼ºç³»ç»Ÿçš„å®‰å…¨æ€§,åŒæ—¶å…·æœ‰è¾ƒå¥½çš„çµæ´»æ€§å’Œè¾ƒé«˜çš„æ•ˆçŽ‡ã€‚4.æœ¬æ–‡å°†å¯†é’¥éš”ç¦»æœºåˆ¶å¼•å…¥åˆ°é—¨é™ç»“æž„çš„åŸºäºŽå±žæ€§çš„åŠ å¯†ç³»ç»Ÿä¸,æå‡ºäº†é—¨é™ç»“æž„çš„åŸºäºŽå±žæ€§çš„å¯†é’¥éš”ç¦»åŠ å¯†(Threshold Attribute-Based Key-Insulated Encryption, TABKIE)çš„æ¦‚å¿µã€‚åœ¨ç»™å‡ºTABKIEçš„å½¢å¼åŒ–å®šä¹‰å’Œå®‰å…¨æ¨¡åž‹çš„åŸºç¡€ä¸Š,æž„å»ºäº†ä¸€ä¸ªæ ‡å‡†æ¨¡åž‹ä¸‹å¯è¯å®‰å…¨çš„TABKIEæ–¹æ¡ˆã€‚5æœ¬æ–‡å°†å¹¶è¡Œå¯†é’¥éš”ç¦»æœºåˆ¶å¼•å…¥åˆ°å¯†æ–‡ç–ç•¥çš„åŸºäºŽå±žæ€§çš„åŠ å¯†ç³»ç»Ÿä¸,æå‡ºäº†å¯†æ–‡ç–ç•¥çš„åŸºäºŽå±žæ€§çš„å¹¶è¡Œå¯†é’¥éš”ç¦»åŠ å¯†(Ciphertext Pol-icy Attribute-Based Parallel Key-Insulated Encryption, CPABPKIE)çš„æ¦‚å¿µã€‚åœ¨ç»™å‡ºCPABPKIEçš„å½¢å¼åŒ–å®šä¹‰å’Œå®‰å…¨æ¨¡åž‹çš„åŸºç¡€ä¸Š,æž„å»ºäº†ä¸€ä¸ªæ ‡å‡†æ¨¡åž‹ä¸‹å¯è¯å®‰å…¨çš„CPABPKIEæ–¹æ¡ˆã€‚æ‰€ææ–¹æ¡ˆå…è®¸è¾ƒé¢‘ç¹çš„ä¸´æ—¶ç§é’¥æ›´æ–°,åŒæ—¶å¯ä»¥ä½¿ååŠ©å™¨å¯†é’¥æ³„æ¼çš„å‡ çŽ‡ä¿æŒè¾ƒä½Ž,å› æ¤å¢žå¼ºäº†ç³»ç»Ÿé˜²å¾¡å¯†é’¥æ³„æ¼çš„èƒ½åŠ›ã€‚6æœ¬æ–‡å°†å¯†é’¥éš”ç¦»æœºåˆ¶å¼•å…¥åˆ°ç¾åè€…åŒ¿åçš„åŸºäºŽå±žæ€§çš„ç¾åç³»ç»Ÿä¸,æå‡ºäº†ç¾åè€…åŒ¿åçš„åŸºäºŽå±žæ€§çš„å¯†é’¥éš”ç¦»ç¾å(Hidden Attribute-Based Key-Insulated Signature, HABKIS)çš„æ¦‚å¿µã€‚åœ¨ç»™å‡ºHABKISçš„å½¢å¼åŒ–å®šä¹‰å’Œå®‰å…¨æ¨¡åž‹çš„åŸºç¡€ä¸Š,æž„å»ºäº†ä¸€ä¸ªæ ‡å‡†æ¨¡åž‹ä¸‹å¯è¯å®‰å…¨çš„HABKISæ–¹æ¡ˆã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ Due to viruses, worms or other break-ins allowed by operating-system holes, key exposure seems inevitable. To minimize the damage caused by key exposure, we pro-posed several key-insulated schemes.1. Despite the flurry of recent results on identity-based key-insulated encryption (IBKIE) and signature (IBKIS), a problem regarding the security and efficiency of prac-ticing IBKIE and IBKIS as a joint identity-based key-insulated signature/encryption scheme with a common set of parameters and keys remains open. So, we present the primitive of identity-based key-insulated signcryption (IBKISC). We formalize the se-curity notions for IBKISC and then propose the first IBKISC scheme. The security of our proposed IBKISC scheme can be proved in the standard model. Compared with the Sign-then-Encrypt(StE) and Encrypt-then-Sign(EtS) using IBKIE and IBKIS in the standard model, our proposed IBKISC scheme is the fastest with the shortest ciphertext size.2. Since a proof in the random oracle model can only serve as a heuristic argument and can not imply the security in the real implementation, we propose an identity based key-insulated proxy signature (IBKIPS) scheme in the standard model.3. We extend the threshold key-insulated mechanism to identity-based signature scenarios, and then introduce the primitive of identity-based threshold key-insulated signature (IBTKIS). After formalizing the definition and security notions for IBTKIS, a concrete IBTKIS scheme is presented. This new primitive can enhance the security of the system while it can provide flexibility and efficiency. The security of our proposed IBTKIS scheme can be proved in the standard model.4. We extend the key-insulated mechanism to attribute-based encryption scenar-ios, and then introduce the primitive of threshold attribute-based key-insulated encryp-tion (TABKIE). After formalizing the definition and security notions for TABKIE, a concrete TABKIE scheme is presented. The security of our proposed TABKIE scheme can be proved in the standard model. 5. We extend the parallel key-insulated mechanism to ciphertext policy attribute-based encryption scenarios, and then introduce the primitive of ciphertext policy attribute-based parallel key-insulated encryption (CPABPKIE). After formalizing the definition and security notions for CPABPKIE, a concrete CPABPKIE scheme is pre-sented. The security of our proposed CPABPKIE scheme can be proved in the standard model. The new primitive does not increase the risk of helper key-exposure while it allows frequent key updating.6. We extend the key-insulated mechanism to hidden attribute-based signature scenarios, and then introduce the primitive of hidden attribute-based key-insulated signature (HABKIS). After formalizing the definition and security notions for HABKIS, a concrete HABKIS scheme is presented. The security of our proposed HABKIS scheme can be proved in the standard model.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ åŸºäºŽèº«ä»½çš„å¯†ç ä½“åˆ¶ï¼› åŸºäºŽå±žæ€§çš„å¯†ç ä½“åˆ¶ï¼› å¯†é’¥æ³„æ¼ï¼› å¹¶è¡Œå¯†é’¥éš”ç¦»ï¼› é—¨é™å¯†é’¥éš”ç¦»ï¼› åŒçº¿æ€§é…å¯¹ï¼› éšæœºé¢„è¨€æœºæ¨¡åž‹ï¼› æ ‡å‡†æ¨¡åž‹ï¼› ç¾åè€…åŒ¿åï¼›
ã€Key wordsã€‘ identity-based cryptographyï¼› attribute-based cryptographyï¼› key-exposureï¼› parallel key-insulationï¼› threshold key-insulationï¼› bilinear paringï¼› random oracle modelï¼› standard modelï¼› hiddenï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ ä¸Šæµ·äº¤é€šå¤§å¦

ã€åˆ†ç±»å·ã€‘TN918.1
ã€è¢«å¼•é¢‘æ¬¡ã€‘1
ã€ä¸‹è½½é¢‘æ¬¡ã€‘196
æ”»è¯»æœŸæˆæžœ

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®

èŠ‚ç‚¹æ–‡çŒ®

è‹¥å¹²å¯†é’¥éš”ç¦»å¯†ç ä½“åˆ¶çš„ç ”ç©¶

Study on Several Key-Insulated Cryptographic Schemes

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

è‹¥å¹²å¯†é’¥éš”ç¦»å¯†ç ä½“åˆ¶çš„ç ”ç©¶