共查询到17条相似文献,搜索用时 171 毫秒
1.
泄露攻击的出现,导致在传统理想安全模型下已证明安全的密码机制在实际应用中不再保持其所声称的安全性;并且现有基于双线性映射构造的抗泄露无证书密钥封装机制(certificateless key-encapsulation mechanism,CL-KEM)的计算效率较低.针对上述不足,在不使用双线性映射的前提下本文设计了... 相似文献
2.
隐私信息的泄露已成为密码系统当前的严重安全性隐患,因此抗泄露性将是密码机制必备的安全属性之一.目前,通常基于非交互式零知识论证系统、一次性损耗滤波器、强一次性签名等密码基础工具来实现选择密文攻击(chosen-ciphertext attack,CCA)安全的抗泄露身份基加密(identity-based encryp... 相似文献
3.
现有的多数抗泄露加密机制的研究均假设敌手的泄露是来自收到挑战密文之前,并禁止敌手在挑战后进行泄露操作.然而,在现实中敌手往往是接触到密文数据后会通过各种手段获取相应密钥的泄露信息,因此挑战后的泄露容忍性更符合实际环境的真实应用需求.针对上述不足,本文将对身份基加密(identity-based encryption, IBE)机制的挑战后泄露容忍性展开研究,提出IBE机制熵泄露容忍性的属性要求和安全性定义;并在状态分离模型中联合熵泄露容忍的IBE机制和二源提取器设计抗挑战后泄露攻击的IBE机制,对上述构造在选择明文攻击下的安全性进行了形式化证明.此外,为了获得具有更优安全性的IBE机制,在上述构造的基础上,通过增加消息验证码设计选择密文攻击安全的挑战后泄露容忍的IBE机制. 相似文献
4.
5.
传统公钥基础设施中的证书复杂管理和身份基密码体制中的密钥托管等问题在基于证书的密码体制下得到了很好的解决,因此无证书密码体制近年来得到了广泛关注.此外,在现实应用中,攻击者基于冷启动、边信道等各种各样的泄露攻击获得密码机制内部敏感状态(如秘密钥等)的泄露信息,导致在传统理想模型下被证明安全的密码机制不再具有相应的安全性.此外,由于广播通信模式具有较高的消息通信效率,多个具有广播通信功能的密码原语相继被提出.针对基于证书密钥封装机制对泄露容忍性和广播通信等性能的需求,提出抗泄露的基于证书的广播密钥封装机制的实例化构造,并基于判定的Diffie-Hellman困难性假设对其选择密文攻击下的安全性进行了证明.此外,为进一步增强该构造的实用性,研究了广播密钥封装机制的连续泄露容忍性,通过定期更新用户密钥的方式实现了对连续泄露攻击的抵抗目标.与现有工作的分析对比表明,该构造在保证安全性可证明的基础上,不仅实现了抵抗泄露攻击和广播通信的功能,而且拥有较高的计算效率. 相似文献
6.
基于证书密码体制有机结合了传统公钥密码体制和基于身份密码体制,不仅克服了基于身份密码体制固有的密钥托管和密钥分发问题,而且简化了传统公钥基础设施中复杂的公钥证书管理,是一种颇受关注的新型公钥密码体制.基于证书密钥封装机制,将密钥封装机制与基于证书密码体制相结合,具备基于证书密码体制的优良特性.基于双线性对,提出了一个高效的并且可证明安全的基于证书密钥封装机制方案.在标准模型下基于判定性截断q-ABDHE问题和判定性1-BDHI问题的困难性,该方案被证明满足适应性选择密文攻击下的不可区分安全性,即满足选择密文安全性.与已有的标准模型下安全的基于证书密钥封装机制方案相比,该方案具有更高的计算效率和更低的通信带宽要求. 相似文献
7.
8.
陈明 《计算机工程与科学》2015,37(4):719-725
签密密钥封装机制能同时实现封装密钥的机密性和认证性。以Wa-IBE加密方案和PS-IBS签名机制为基础,提出一种标准模型下的身份基签密密钥封装机制(IBSC-KEM)和多接收者签密密钥封装机制(mIBSC-KEM)。新方案中的签名算法直接采用了PS-IBS签名,密钥封装算法采用了变形的WaIBE加密方案。因此,新方案的不可伪造性和机密性在标准模型下分别被规约为破解PS-IBS签名与WaIBE加密,具有可证明安全性。新方案可用于构建标准模型下安全的一对一和多对一认证与密钥交换方案。 相似文献
9.
密码工作流(cryptographic workflow)是多用户环境下一种特殊的密码系统工作模式,在这种工作模式下,加密消息需要依据某种策略进行,因此只有履行这一策略的实体才能进行消息解密.为保证在密码工作流模式下密钥封装能够同时实现密钥免托管性和密钥封装传递的不可伪造性,基于签密的思想定义了一个新的密码工作流模式下的密钥封装机制.首先定义了密码工作流模式下基于签密的密钥封装一般模型,并给出了相应的安全模型;其次,结合秘密共享方案、基于身份加密方案和签密方案,提出一个新的结构方案,并在标准模型(standard model)下利用序列游戏证明方法对该结构方案的安全性进行了详细证明.证明结果表明,该密钥封装结构方案能够达到密码工作流模式下要求的接收者安全和外部安全. 相似文献
10.
认证密钥协商协议在网络安全通信中用于实现用户之间的相互认证和密钥协商。一些大规模网络应用中通常设置了多重PKG,高层的PKG认证下属的低层级PKG的身份并负责为它们生成私钥。目前适用于多重PKG环境的身份基认证密钥协商协议大多利用双线性对设计,运算效率较低,同时还存在安全性问题。为提高已有方案的安全性和效率,基于椭圆曲线密码体制提出了一种多重PKG环境中的身份基认证密钥协商协议,该协议中多个PKG之间不是相互独立的,而是具有层级隶属关系,更贴近实际应用。对该协议进行安全性分析,分析结果表明该协议能弥补已有方案的安全漏洞,满足抗临时密钥泄露、前向安全性、抗假冒攻击等安全属性,并且协商双方的计算中均不含双线性对运算,与同类方案相比具有更高的运算效率。 相似文献
11.
12.
Leakage of private information including private keys of user has become a threat to the security of computing systems. It has become a common security requirement that a cryptographic scheme should withstand various leakage attacks. In the real life, an adversary can break the security of cryptography primitive by performing continuous leakage attacks. Although, some research on the leakage-resilient cryptography had been made, there are still some remaining issued in previous attempts. The identity-based encryption (IBE) constructions were designed in the bounded-leakage model, and might not be able to meet their claimed security under the continuous-leakage attacks. In the real applications, the leakage is unbounded. That is, a practical cryptography scheme should keep its original security in the continuous leakage setting. The previous continuous leakageresilient IBE schemes either only achieve chosen-plaintext attacks security or the chosen-ciphertext attacks (CCA) security is proved in the selective identity model. Aiming to solve these problems, in this paper, we show how to construct the continuous leakage-resilient IBE scheme, and the scheme’s adaptive CCA security is proved in the standard model based on the hardness of decisional bilinear Diffie-Hellman exponent assumption. For any adversary, all elements in the ciphertext are random, and an adversary cannot obtain any leakage on the private key of user from the corresponding given ciphertext. Moreover, the leakage parameter of our proposal is independent of the plaintext space and has a constant size. 相似文献
13.
传统的密码方案假定密钥对可能的攻击者来说是完全隐藏的(只有算法是公开的),敌手无法获得有关密钥的任何信息.但在实际系统中,攻击者可在噪声信道或由侧信道攻击获得有关密钥的部分信息.密钥弹性泄漏安全的加密方案通过改进密码算法达到在密钥存在可能部分泄漏情况下的语义安全性.设计了一个抗密钥弹性泄漏的可委托层次模板加密方案.在该方案中,用户身份关联到含有通配符的身份模板,并可以实现再次密钥委托.该方案是抗泄漏的层次身份加密方案(hierarchical identity-based encryption,简称HIBE)和隐藏向量加密方案(hidden vector encryption,简称HVE)的一般扩展,可有效地抵抗密钥弹性泄漏,并达到自适应语义安全性.同时给出该方案的安全性证明和系统抗泄漏性能,分析显示,该方案具有较好的密钥泄漏容忍性. 相似文献
14.
In recent years, much attention has been focused on designing provably secure cryptographic primitives in the presence of key leakage. Many constructions of leakage-resilient cryptographic primitives have been proposed. However, for any polynomial time adversary, most existing leakage-resilient cryptographic primitives cannot ensure that their outputs are random, and any polynomial time adversary can obtain a certain amount of leakage on the secret key from the corresponding output of a cryptographic primitive. In this study, to achieve better performance, a new construction of a chosen ciphertext attack 2 (CCA2) secure, leakage-resilient, and certificateless public-key encryption scheme is proposed, whose security is proved based on the hardness of the classic decisional Diffie-Hellman assumption. According to our analysis, our method can tolerate leakage attacks on the private key. This method also achieves better performance because polynomial time adversaries cannot achieve leakage on the private key from the corresponding ciphertext, and a key leakage ratio of 1/2 can be achieved. Because of these good features, our method may be significant in practical applications. 相似文献
15.
Updatable Identity-Based Hash Proof System Based on Lattices and Its Application to Leakage-Resilient Public-Key Encryption Schemes 
下载免费PDF全文
下载免费PDF全文 Identity-based hash proof system is a basic and important primitive. It is widely utilized to construct cryptographic schemes and protocols that are secure against key-leakage attacks. In this paper, we introduce the concept of updatable identity-based hash proof system, in which the related master secret key and the identity secret key can be updated securely. Then, we instantiate this primitive based on lattices in the standard model. Moreover, we introduce an application of this new primitive by giving a generic construction of leakage-resilient public-key encryption schemes with anonymity. This construction can be considered as the integration of the bounded-retrieval model and the continual leakage model. Compared with the existing leakage-resilient schemes, our construction not only is more efficient but also can resist much more key leakage. 相似文献
16.
In order to tolerate possible leakage of secret keys, leakage-resilient cryptosystem models a class of attractive leakage output by allowing an adversary to provide any computable leakage function and learning the partial keys or other possible internal states from the output of function. In this work, we present an adaptively secure broadcast encryption resilient to key continual leakage in the standard model. Our scheme provides the tolerance of continual leakage, in which any user can generate multiple private keys per user by periodically updating the key. We use the dual system encryption mechanism to implement the leakage resilience and adaptive security, and intrinsically set an algorithm to refresh a key and produce a same distributed new key. We also give the evaluation of the leakage bound and leakage fraction, and the simulations show that our scheme can tolerate about 71% leakage fraction with 3.34 × 10-52 failure probability in standard 80-bit security level when we adjust the leakage factor to allow the private key to be 100 Kb. 相似文献
17.
指定验证者签名(DVS)克服了传统的数字签名中可公开验证的缺点,可防止验证者向第三方表明他获得了签名方发布的数字签名。但传统的密码方案的安全性依赖理想的假设,即攻击者不能获得保密的密钥的信息,而边信道攻击表明攻击者可以获得部分的秘密信息,因此有必要设计可以容忍信息泄露的指定验证者签名方案。基于“或”证明的技术,把Okamoto认证方案推广到指定验证者签名的情形,并在给定的泄露界下,证明了所提出的指定验证者签名方案在相对泄露模型下是安全的。 相似文献