首页 | 官方网站   微博 | 高级检索  
     

标准模型下可证明安全的入侵容忍公钥加密方案
引用本文:于佳,程相国,李发根,潘振宽,孔凡玉,郝蓉.标准模型下可证明安全的入侵容忍公钥加密方案[J].软件学报,2013,24(2):266-278.
作者姓名:于佳  程相国  李发根  潘振宽  孔凡玉  郝蓉
作者单位:青岛大学 信息工程学院,山东 青岛 266071;信息安全国家重点实验室(中国科学院 信息工程研究所),北京 100093;青岛大学 信息工程学院,山东 青岛 266071;电子科技大学 计算机科学与工程学院,四川 成都 610054;Faculty of Mathematics, Kyushu University, Fukuoka 819-0395, Japan;青岛大学 信息工程学院,山东 青岛 266071;山东大学 网络信息安全研究所,山东 济南 250100;密码技术与信息安全教育部重点实验室(山东大学),山东 济南 250100;青岛大学 信息工程学院,山东 青岛 266071
基金项目:国家自然科学基金(61272425,60703089,61073176,61202475);山东省自然科学基金(ZR2010FQ019,ZR2009GQ008,ZR2010FQ015);青岛市科技计划(12-1-4-2-(16)-jch);华为科技基金;信息安全国家重点实验室开放课题
摘    要:在传统的公钥加密方案中,一旦解密密钥泄漏,系统的安全性将完全丧失.特别是随着越来越多的加密系统被应用到移动的、安全性低的设备中,密钥泄漏显得难以避免.入侵容忍公钥加密的提出就是为了减小密钥泄漏对加密系统的危害,具有比前向安全加密、密钥隔离加密更强的安全性.在这种体制下,整个生命周期被分割成离散的时间阶段,公钥固定不变,密钥信息分享在解密者和基地中,前者独立完成解密操作,而后者则在每个时间周期中提供一个更新信息来帮助演化解密密钥.此外,每个时间段内有多次密钥刷新的操作,可以刷新解密者的密钥和基密钥.当解密者和基地被入侵时,只要不是同时被入侵,安全性就可以得到保证.即使入侵者同时入侵解密者和基地,也不会影响以前时间段密文的安全性.提出了一个入侵容忍公钥加密方案,所有费用参数关于总共时间段数的复杂性均不超过对数的平方.证明了该方案是标准模型下安全的.这是一个不需要随机预言的可证明安全的入侵容忍公钥加密方案.

关 键 词:密钥泄漏  前向安全加密  密钥隔离加密  入侵容忍加密  标准模型
收稿时间:2012/3/25 0:00:00
修稿时间:2012/9/13 0:00:00

Provably Secure Intrusion-Resilient Public-Key Encryption Scheme in the Standard Model
YU Ji,CHENG Xiang-Guo,LI Fa-Gen,PAN Zhen-Kuan,KONG Fan-Yu and HAO Rong.Provably Secure Intrusion-Resilient Public-Key Encryption Scheme in the Standard Model[J].Journal of Software,2013,24(2):266-278.
Authors:YU Ji  CHENG Xiang-Guo  LI Fa-Gen  PAN Zhen-Kuan  KONG Fan-Yu and HAO Rong
Affiliation:College of Information Engineering, Qingdao University, Qingdao 266071, China;State Key Laboratory of Information Security (Institute of Information Engineering, The Chinese Academy of Sciences), Beijing 100093, China;College of Information Engineering, Qingdao University, Qingdao 266071, China;School of Computer Science and Engineering, University of Electronic Science and Technology, Chengdu 610054, China;Faculty of Mathematics, Kyushu University, Fukuoka 819-0395, Japan;College of Information Engineering, Qingdao University, Qingdao 266071, China;Institute of Network Security, Shandong University, Ji'nan 250100, China;Key Laboratory of Cryptographic Technology and Information Security (Shandong University), Ministry of Education, Ji'nan 250100, China;College of Information Engineering, Qingdao University, Qingdao 266071, China
Abstract:In traditional public-key encryption schemes, security guarantees will be fully lost once decryption secret keys are exposed. With the ever-increase in encryption systems used in mobile and low secuirity devices, key exposure seems unavoidable. An intrusionresilient public-key encryption is proposed to mitigate the damage for the encryption systems brought by key exposure, which provides more security than the forward-secure encryption and key-insulated encryption. In its primitive, the whole lifetime is divided into discrete periods where the public key is fixed. Secret keys are shared in a decrypter and a base. The former performs the decrypting operations on his own while the latter provides an updated message to help evolve secret keys in each period. Furthermore, multiple operations of refresh secret keys are performed to refresh decrypter and base secrets periodically. The security can be preserved when both the user and base are compromised, as long as they are not compromised simultaneously. In addition, the simultaneous compromise doesn't affect the security of the ciphertext generated in previous periods. This paper proposes an intrusion-resilient public-key encryption scheme. All the parameters in this scheme have at most a log-squared complexity in terms of the total number of time periods. The proposed scheme is proven to be secure in the standard model and is a provably secure intrusion-resilient public-key encryption scheme without random oracles.
Keywords:key exposure  forward secure encryption  key-insulated encryption  intrusion-resilient encryption  standard model
点击此处可从《软件学报》浏览原始摘要信息
点击此处可从《软件学报》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司    京ICP备09084417号-23

京公网安备 11010802026262号