| 一种新的密码学原语研究——流程加密 |
| |
| 引用本文: | 邓宇乔,唐春明,宋歌,温雅敏.一种新的密码学原语研究——流程加密[J].软件学报,2017,28(10):2722-2736. |
| |
| 作者姓名: | 邓宇乔 唐春明 宋歌 温雅敏 |
| |
| 作者单位: | 广东财经大学 数学与统计学院, 广东 广州 510320,广州大学 数学与信息科学学院, 广东 广州 510006,华南农业大学 数学与信息学院, 广东 广州 510120,广东财经大学 数学与统计学院, 广东 广州 510320 |
| |
| 基金项目: | 教育部人文社科研究项目(15YJCZH029);广州市哲学社会科学发展“十三五”规划课题(2016GZYB25,2017GZQN05);国家自然科学基金(61772147,61300204);广东省自然科学基金重大基础研究培育项目(2015A030308016);广东省自然科学基金(2015A030313630);广东省教育厅基础研究重大项目(2014KZDXM044);广东省普通高校创新团队建设项目(2015KCXTD014);国家密码发展基金(MMJJ20170117);广州市教育局协同创新重大项目(1201610005);上海市信息安全综合管理技术研究重点实验室开放课题基金(AGK2015007);广东省科技计划(2016A020210103,2017A020208054) |
| |
| 摘 要: | 在许多实际的应用场景中,当用户需要获取敏感数据时,需要判断该用户是否满足某些“流程”的要求.现存的加密方案不能有效应用到以上场景中.为了解决这一新问题,提出了一种新的加密原语:基于流程的加密(process based encryption,简称PBE),并把PBE分成两种类型:密钥策略的PBE(KP-PBE)与密文策略的PBE(CP-PBE).运用双线性映射与线性秘密共享协议的工具,给出了一种KP-PBE的构造方法.随后,把KP-PBE方案与传统属性加密进行对比,指出在描述流程数量方面,KP-PBE与传统属性加密方案存在数量级的差异,从而体现了KP-PBE方案在描述流程方面的优越性.最后,在选择性安全的模型下,证明了该方案的安全性.
|
| 关 键 词: | 流程加密 密钥策略 密文策略 属性加密 选择性安全模型 |
| 收稿时间: | 2016/5/22 0:00:00 |
| 修稿时间: | 2016/8/18 0:00:00 |
New Cryptography Primitive Research: Process Based Encryption |
| |
| DENG Yu-Qiao,TANG Chun-Ming,SONG Ge and WEN Ya-Min.New Cryptography Primitive Research: Process Based Encryption[J].Journal of Software,2017,28(10):2722-2736. |
| |
| Authors: | DENG Yu-Qiao TANG Chun-Ming SONG Ge and WEN Ya-Min |
| |
| Affiliation: | School of Mathematics and Statistics, Guangdong University of Finance and Economics, Guangzhou 510320, China,School of Mathematics and Computer Science, Guangzhou University, Guangzhou 510006, China,College of Mathematics and Informatics, South China Agricultural University, Guangzhou 510120, China and School of Mathematics and Statistics, Guangdong University of Finance and Economics, Guangzhou 510320, China |
| |
| Abstract: | In many applications, when a user needs to access sensitive information, it is a usual requirement to authenticate whether or not the user satisfies certain processes.Existing encryption schemes are not applicable for this scenario.To adderess this problem, a new cryptography primitive called process pased encryption (PBE) is presented.The application scenario of PBE is demonstrated.PBE is classified into two categories: Key policy process based encryption (KP-PBE) and ciphertext policy process based encryption (CP-PBE).A KP-PBE scheme is constructed utilizing the tools of bilinear map and linear secret sharing scheme (LSSS).Compared to conventional attribute based Eecryption (ABE), the performance of KP-PBE is much better on describing processes.Finally, the security of KP-PBE is proven under the selective security model. |
| |
| Keywords: | process based encryption key policy ciphertext policy attribute-based encryption selective security model |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
