基于身份密钥交换的安全模型

研究了基于身份的密钥交换协议的可证明安全问题.在通用可组合安全框架下,提出了基于身份密钥交换协议的模型.在攻击模型中,添加了攻陷密钥生成中心的能力.根据基于身份密钥交换的特点,设计了基于身份密钥交换的理想函数.在新的攻击模型和理想函数下,提出的模型既保证了基于身份密钥交换的通用可组合安全性,又保证了一个重要的安全属性--密钥生成中心前向保密性.此外,带有密钥确认属性的Chen-Kudla协议可以安全实现基于身份密钥交换的理想函数.     

多属性机构环境下的属性基认证密钥交换协议

已有基于属性的认证密钥交换协议都是在单属性机构环境下设计的,而实际应用中不同属性机构下的用户也有安全通信的需求。该文在Waters属性基加密方案的基础上提出了一个多属性机构环境下的属性基认证密钥交换协议,并在基于属性的eCK(extended Canetti-Krawczyk)模型中将该协议的安全性归约到GBDH(Gap Bilinear Diffie-Hellman)和CDH(Computational Diffie-Hellman)假设,又通过布尔函数传输用线性秘密共享机制设计的属性认证策略,在制订灵活多样的认证策略的同时,显著地降低了通信开销。     

支持用户撤销的属性认证密钥协商协议

用户撤销是基于属性的认证密钥协商(ABAKA, attribute-based authenticated key agreement)协议在实际应用中所必需解决的问题。通过将Waters的基于属性的加密方案和Boneh-Gentry-Waters的广播加密方案相结合,提出了一个支持用户撤销的ABAKA协议。该协议能够实现对用户的即时撤销且不需要密钥权威对所有未被撤销的用户私钥进行定期更新。相比于现有的协议,该协议具有较高的通信效率,并能够在标准模型和修改的ABCK模型下可证安全,具有弱的完美前向安全性,并能够抵抗密钥泄露伪装攻击。     

密钥交换协议前向安全性的自动化分析

会话密钥的安全影响了整个通信网络的安全,前向安全性是密钥交换协议中保证会话密钥安全的一种特殊的安全属性。首先扩展了应用PI演算,增加了阶段进程语法描述协议的前向安全性;然后提出了一个基于一阶定理证明器Pro Verif的前向安全性自动化分析方法;最后运用这种方法分析了两种典型的密钥交换协议,STS协议和MTI协议的前向安全性,分析结果表明该方法简单可靠。     

双向匿名的基于属性的密钥隔离签密

为解决发送者和接收者都具有匿名性的基于属性签密方案中密钥泄露的问题,将密钥隔离机制引入到基于属性签密方案中,给出了基于属性密钥隔离签密的形式化定义和安全模型,构建了随机预言模型下安全的基于属性的密钥隔离签密方案。改进后的方案不仅没有失去原有的双向匿名性,而且满足前向安全性和后向安全性的要求,减轻了密钥泄露带来的危害。最后在安全模型的基础上,给出了双向匿名的基于属性的密钥隔离签密的机密性、认证性和匿名性的安全性证明。     

可证明安全的基于位置的Prover-to-Prover密钥交换协议

本文针对两个证明者之间可证明安全的基于位置密钥交换协议展开研究.首次将基于位置密钥交换分为P2V(Prover-to-Verifier)模式和P2P(Prover-to-Prover)模式,并给出P2P模式下基于位置密钥交换的安全定义.随后,在1维空间下设计了可证明安全的基于位置P2P密钥交换协议P2PKE¹,并以此为基础构造了d(1≤d≤3)维空间下基于位置P2P密钥交换协议P2PKE^d.同时,分别提出了具有密钥确认性质的基于位置P2P密钥交换协议P2PKE^d-c和无密钥托管的基于位置P2P密钥交换协议P2PKE^d-e.最后,从安全性和效率两方面对所设计的协议进行了讨论.     

标准模型下完美前向安全的基于身份认证密钥交换

一轮Diffie-Hellman密钥交换(One-Round Diff ie-Hellman key exchange,OR-DHKE)协议被认为无法实现完美的前向安全性(Perfect Forward Secrecy,PFS)。基于身份的OR-DHKE协议也是如此,现有研究仅实现了弱的完美 前向安全性(wPFS)。基于Cremers等人对密钥交换协议完美前向安全性的研究,文章提出 一种新的具有完美前向安全的基于身份认证密钥交换方案。文章首先提出一种较弱安全性的 基于身份 OR-DHKE协议π₀,然后采用Cremers等人提出的SIG变换方法,将π₀转化为具有完美前 向安全的基于身份认 证密钥交换方案π₁。文章简要分析了CK、CK⁺、eCK和eCK-PFS安全模型的异同,在此 基 础上定义了基于身 份认证密钥交换协议分析的强安全模型ID-eCK-PFS。在ID-eCK-PFS模型下,协议π₀和π₁的安全性被规约为 求解判定性BDH(Decisional Bilinear Diffie-Hellman,DBDH)问题,规约过程未使用随 机预言机,实现了在标准模型下的完美前向安全性和可证明安全性。     

物联网移动RFID系统匿名访问控制认证密钥交换协议

针对物联网移动RFID系统标签隐私信息的访问控制以及用户身份隐私保护问题,本文采用身份加密和属性加密相结合的方法,建立了IB-AB-eCK安全模型,设计了基于身份及属性的认证密钥交换协议IB-AB-AKE。基于IB-AB-AKE协议,提出了移动RFID手机与信息服务器之间认证密钥交换协议,实现了在保护移动RFID手机用户身份隐私的同时,根据标签所有者定制的访问控制策略进行标签信息的访问控制认证和会话密钥交换,防止了隐私信息被非法访问。分析表明,IB-AB-AKE协议在IB-AB-eCK模型下是安全的,且在通信次数、通信量及计算量方面具有优势。      

基于验证元的三方口令认证密钥交换协议

基于验证元的口令认证密钥交换协议的最基本安全目标是抵抗字典攻击和服务器泄露攻击.利用双线性对的性质给出了一个基于验证元的三方口令认证密钥交换协议,有如下特点:能够抵抗字典攻击和服务器泄露攻击;保持密钥秘密性,提供前向安全性;确保无密钥控制;抵抗已知密钥攻击和中间人攻击;协议执行一次可以生成4个会话密钥等.     

基于双线性配对的密钥树口令认证组密钥交换协议

针对组密钥交换协议存在的安全性及执行效率问题,提出了基于双线性配对的密钥树口令认证组密钥交换协议nPAKE'.协议中使用双线性配对取代了一般组密钥交换协议中的幂指数运算,并为协议的参与方建立了二叉密钥树结构.对协议的安全性及效率进行的分析表明协议中所采用的双线性配对技术能够满足对组密钥交换协议的安全性要求,并且协议在执行效率上相对于其他组密钥交换协议有很大的提高.     

RLWE-based key-policy ABE scheme

Based on the attribute-based encryption(ABE) scheme which was proposed by Brakerski and constructed on the LWE problem,a RLWE-based key-policy ABE scheme was presented.Efficiency and key size of this scheme over-takes old ones which are based on the LWE problem.Under the RLWE assumption,this scheme supports attributes of unbounded length and semi-adaptive security.Moreover,a compiler was constructed and could compile ABE scheme that meets its demand into an attribute-based fully homomorphic encryption (ABFHE) scheme.     

Attribute-based fully homomorphic encryption scheme over rings

The fully homomorphic encryption has important applications in the area of data security and privacy security of cloud computing,but the size of secret keys and ciphertext in most of current homomorphic encryption schemes were too large,which restricted its practical.To improve these drawbacks,a recoding scheme and a attribute-based encryption scheme based on learning with errors problem over rings were provided,then a attribute-based fully homomorphic encryption was constructed.The new scheme overcame the above mentioned drawbacks,because it did't need public key certificate,meanwhile,it can achieve the fine-grained access control to the ciphertext.Compared with similar results,proposed method decreases the size of keys and ciphertext greatly.     

一种支持算术张成程序的密文策略属性加密方案

密文策略属性加密方案适用于云环境中密文数据的访问控制.已有的支持算术张成程序的属性加密方案多是密钥访问策略的方案,且公开参数规模较大.本文利用双对偶向量空间（Dual Pair Vector Space,DPVS）技术,提出了一个公开参数长度固定、支持算术张成程序的密文策略属性加密方案.在新方案中,将密文相关的访问控制向量与随机矩阵结合,密钥相关的属性分量与熵扩张引理中的公开参量结合,设计方法对应了熵扩张引理中给出的密文和密钥分量的形式.最后,基于素数阶双线性熵扩张引理和k-Lin困难假设,证明了该方案具有适应安全性.新方案与已有支持算术张成程序的属性加密方案相比,实现了密文访问策略、公开参数长度固定且满足适应安全性.     

Multi-authority attribute-based encryption with efficient revocation

Multi-authority attribute-based encryption was very suitable for data access control in a cloud storage environment.However,efficient user revocation in multi-authority attribute-based encryption remains a challenging problem that prevents it from practical applications.A multi-authority ciphertext-policy attribute-based encryption scheme with efficient revocation was proposed in prime order bilinear groups,and was further proved statically secure and revocable in the random oracle model.Extensive efficiency analysis results indicate that the proposed scheme significantly reduce the computation cost for the users.In addition,the proposed scheme supports large universe and any monotone access structures,which makes it more flexible for practical applications.     

k-times attribute-based authentication scheme using direct anonymous attestation

s: At present, the main drawbacks of existing k-times attribute-based authentication (abbreviated to k-TABA) schemes and related attribute-based authentication schemes are that the computation cost of the authentication process depends on the size of the access formula and none of these schemes considers the problems of member revocation and attribute update. A new k-TABA scheme was constructed based on the building blocks of direct anonymous attestation, set membership proof and ciphertext-policy attribute-based encryption. Moreover, in order to reduce user's calculation as much as possible, the underlying attribute-based encryption scheme was modified, and then the main decryption operations were outsourced by using the key binding technique of Green et al. The new scheme can be deployed on a trusted platform and support expressive authentication policies. In addition, it also satisfies several ideal properties, such as registration process verifiability, member revocation, attribute update, and so on. The significant performance advantage of the new scheme is that the computation overhead of the user in the authentication phase is constant.     

云计算平台下基于属性加密的动态版权使用控制方案（英文）

In order to achieve fine-grained access control in cloud computing,existing digital rights management(DRM) schemes adopt attribute-based encryption as the main encryption primitive.However,these schemes suffer from inefficiency and cannot support dynamic updating of usage rights stored in the cloud.In this paper,we propose a novel DRM scheme with secure key management and dynamic usage control in cloud computing.We present a secure key management mechanism based on attribute-based encryption and proxy re-encryption.Only the users whose attributes satisfy the access policy of the encrypted content and who have effective usage rights can be able to recover the content encryption key and further decrypt the content.The attribute based mechanism allows the content provider to selectively provide fine-grained access control of contents among a set of users,and also enables the license server to implement immediate attribute and user revocation.Moreover,our scheme supports privacy-preserving dynamic usage control based on additive homomorphic encryption,which allows the license server in the cloud to update the users' usage rights dynamically without disclosing the plaintext.Extensive analytical results indicate that our proposed scheme is secure and efficient.     

Encrypted data sharing with multi-owner based on digital rights management in online social networks简

The online social networks（OSNs） offer attractive means for social interactions and data sharing, as well as raise a number of security and privacy issues. Although current solutions propose to encrypt data before sharing, the access control of encrypted data has become a challenging task. Moreover, multiple owners may enforce different access policy to the same data because of their different privacy concerns. A digital rights management（DRM） scheme is proposed for encrypted data in OSNs. In order to protect users＇ sensitive data, the scheme allows users outsource encrypted data to the OSNs service provider for sharing and customize the access policy of their data based on ciphertext-policy attribute-based encryption. Furthermore, the scheme presents a multiparty access control model based on identity-based broadcast encryption and ciphertext-policy attribute-based proxy re-encryption, which enables multiple owners, such as tagged users who appear in a single data, customize the access policy collaboratively, and also allows the disseminators update the access policy if their attributes satisfy the existing access policy. Security analysis and comparison indicate that the proposed scheme is secure and efficient.     

适应性安全的可追踪叛徒的基于属性加密方案

针对基于属性加密(ABE, attribute-base encryption)机制存在的密钥滥用问题,为每个用户增加唯一的身份标识符,将联合安全编码和叛徒追踪机制引入到ABE方案中,给出适应性安全的可追踪叛徒ABE的定义、安全模型和可追踪模型,提出一种适应性安全的可追踪叛徒的ABTT方案,该方案允许适应性追踪指定策略盗版解码器中的叛徒。基于合数阶群上的子群判定假设和DDH假设,证明所提方案是适应性安全和适应性可追踪的。因此,所提方案不仅可以适应性追查指定策略盗版解码器中的叛徒,而且进一步增强了ABE系统的安全性,具有一定的理论和应用价值。     

云环境下基于属性加密体制算法加速方案

云计算为租户提供存储、计算和网络服务，数据安全保护和租户间的数据共享与访问控制是其必不可少的能力。基于属性的加密体制是一种一对多的加密体制，可以根据用户属性实现细粒度访问控制，适用于云计算环境多租户数据共享。但现有的基于属性加密体制的算法效率较低，难以在实际环境中应用。分析了基于属性的加密体制的两种类型及其应用场景，提出一个基于属性加密体制算法的加速方案。通过实验表明，提出的方案可提高基于属性加密体制的密钥生成算法、加密算法和解密算法的效率。