安全高效的两方协同ECDSA签名方案

为了解决签名私钥易泄露和签名权利过度集中的问题,针对基于区块链技术的网络交易系统,提出了一种安全高效的两方协同ECDSA签名方案。通过预计算一次一密的Beaver三元组,进而利用基于Beaver三元组的安全两方乘法技术,有效避免使用计算繁重的同态加密和通信开销较大的不经意传输等操作,实现高效的两方协同ECDSA签名,保证2个签名参与方在不重构完整签名私钥的情况下输出合法的ECDSA签名。方案的安全性在通用可组合框架中的混合模型下被证明。理论分析与实验结果表明,与现有的2种两方协同ECDSA签名方案相比,所提方案在协同签名运行效率和带宽要求方面均具有明显优势。     

安全的两方协作SM2签名算法

在签名算法中,一旦签名私钥被窃取,敌手就可以随意伪造合法用户的签名,从而致使合法用户的权益受到侵害.为了降低签名私钥泄露的风险,本文提出了一种安全的两方协作SM2数字签名算法,该算法将签名私钥拆分成两个部分,分别交由两方来保管,通过采用零知识证明、比特承诺、同态加密等密码学技术保证了只有合法的通信双方才能安全地协作产生完整的SM2签名,任何一方都不能单独恢复出完整的签名私钥,方案的安全性在通用可组合安全框架下被证明,与已有的SM2协作签名方案相比,本文方案具有交互次数少、协作签名效率高等优势.     

基于LWE问题的关键词可搜索公钥加密方案

针对现有体制中用户生成关键词密文时的计算开销问题,引入全同态加密的思想,提出一种基于LWE问题,具备密文同态运算属性的关键词可搜索公钥加密方案,实现了计算开销由用户端向服务器端的转移。在随机谕示模型下,将体制的安全性归约到LWE问题难解性,并给出证明。     

基于身份签密的安全通信系统

基于身份签密的体制能在一个逻辑步骤内完成加密和签名的功能,其通信成本和计算量都比传统先加密后签名的方案小。利用Ben Lynn的PBC库以及李发根等提出的基于身份签密的算法,实现了用户间的安全通信。该系统较当前提出的基于IBE的安全通信系统操作更为简便,安全性更高。     

基于带宽请求预测和云资源预留的视频移植策略

随着云计算和大数据处理的飞速发展,同态加密和安全多方计算问题引起了广泛关注。分析了ElGamal的同态特性,针对协议设计需要,设计了ElGamal变体加密方案,使其满足加法同态和常数乘法同态。在半诚实模型下,基于这个变体提出了过私有点直线方程同态计算协议,并分析了协议的正确性、安全性、计算和通信复杂性,同时将该协议的应用范围扩展到安全两方线段求交协议等。与解决同类几何问题的协议相比,未采用基于不经意传输和百万富翁协议设计思路,而是基于同态加密体制提出了一种安全两方计算协议,提高了该类协议的执行效率,降低了通信负担。     

基于NTRU的全同态加密方案

本文提出一种基于公钥密码体制（Number Theory Research Unit,NTRU）选择明文攻击（Chosen Plaintext Attack,CPA）可证明安全的全同态加密方案.首先,对NTRU的密钥生成算法进行改进,通过格上的高斯抽象算法生成密钥对,避免了有效的格攻击,同时,没有改变密钥的分布.然后,基于改进的NTRU加密算法,利用Flattening技术,构造了一个全同态加密体制,并在标准模型下证明方案是选择明文攻击不可区分性IND-CPA安全的.     

融合时间戳和同态签名的安全网络编码方法

针对无线多跳网络编码的安全性问题,提出了一种融合时间戳和同态签名的安全网络编码方法。在利用基于RSA的同态签名方案抵御污染攻击的基础上,引入时间戳设计新型同态签名方案来抵御网络中的重放攻击,以时间戳为源生成网络编码的随机系数来保证签名的同态性。重点分析了本方案产生随机系数的方式对网络编码解码概率的影响,并建立了攻击模型证明方案可同时抵御网络中的污染攻击和重放攻击。性能分析表明本方案与基于RSA的同态签名方案开销比值接近于1。     

基于ElGamal变体同态的安全两方计算协议设计

本文分析了ElGamal的同态特性,针对协议设计需要,设计了ElGamal变体加密方案,使其满足加法同态和常数乘法同态。在半诚实模型下,基于这个变体提出了过私有点直线方程同态计算协议,并分析了协议的正确性、安全性、计算和通信复杂性,同时将该协议的应用范围扩展到安全两方线段求交协议等。与解决同类几何问题的协议相比,未采用基于不经意传输和百万富翁协议设计思路,而是基于同态加密体制提出了一种安全两方计算协议,提高了该类协议的执行效率,降低了通信负担。     

源安全的传感器网络数据融合协议

针对源安全需求,构造了同时支持聚合签名、数据融合与批验证的特殊数字签名方案.该数字签名方案与同态加密技术相结合,设计了一个源安全的数据融合协议.安全性分析表明,该数字签名方案的安全性基于CDH问题的难解性,该协议能够同时保障采集数据end-to-end机密性与可认证性.     

一种新的多方多合同签署协议

基于GDH签名方案,结合可验证承诺签名体制,提出了可分密钥的可截取签名体制,并证明了该体制在随机预言模型下是安全的.在此方案的基础上设计了一种一对多的、可以同时对不同合同文本的签名进行交换的合同签署协议,在该协议中协议发起方在最坏情况下签名的信息量与参与方的个数相同;协议中第三方的信息传递量也被有效地减少了,且新的协议避免了已有文献中只有固定集合中的参与方得到合同的局限,具有高效和实用的特点.     

A secure channel code‐based scheme for privacy preserving data aggregation in wireless sensor networks

Data aggregation is an efficient method to reduce the energy consumption in wireless sensor networks (WSNs). However, data aggregation schemes pose challenges in ensuring data privacy in WSN because traditional encryption schemes cannot support data aggregation. Homomorphic encryption schemes are promising techniques to provide end to end data privacy in WSN. Data reliability is another main issue in WSN due to the errors introduced by communication channels. In this paper, a symmetric additive homomorphic encryption scheme based on Rao‐Nam scheme is proposed to provide data confidentiality during aggregation in WSN. This scheme also possess the capability to correct errors present in the aggregated data. The required security levels can be achieved in the proposed scheme through channel decoding problem by embedding security in encoding matrix and error vector. The error vectors are carefully designed so that the randomness properties are preserved while homomorphically combining the data from different sensor nodes. Extensive cryptanalysis shows that the proposed scheme is secure against all attacks reported against private‐key encryption schemes based on error correcting codes. The performance of the encryption scheme is compared with the related schemes, and the results show that the proposed encryption scheme outperforms the existing schemes.     

利用容错学习问题构造基于身份的全同态加密体制简

基于容错学习问题构造的一类全同态加密体制在云计算安全领域具有重要的潜在应用价值,但同时普遍存在着公钥尺寸较大的缺陷,严重影响其身份认证与密钥管理的效率。将基于身份加密的思想与基于容错学习问题的全同态加密相结合,提出一种基于身份的全同态加密体制,能够有效克服公钥尺寸对于全同态加密应用效率的影响。在随机喻示模型下,体制的安全性归约到容错学习问题难解性和陷门单向函数单向性,并包含严格的安全性证明。     

标准模型下基于身份的传递签名

基于waters的签名方案,提出了第一个基于身份的传递签名方案,方案被证明在标准模型下是安全的.与现有的传递签名方案相比,该方案将签名传递的不可伪造性归约到基于双线性配对的CDH问题上,并给出了方案的复杂度分析.     

基于理想格的鲁棒门限代理重加密方案

代理重加密能够实现解密权限的转换,而鲁棒门限代理重加密（Threshold Proxy Re-Encryption,TPRE）不仅支持安全灵活的转化控制,而且支持转化密文的合法性验证.本文利用理想格上工具构造了一种TPRE方案,采用Shamir秘密共享实现门限控制,采用格上同态签名技术实现鲁棒性,可完全抗量子攻击.新方案与标准格上方案相比,密文尺寸小、密钥份额短、计算速度快;基于PRE和TPRE安全模型的差异,证明对TPRE的攻击多项式时间内可转化为对基础PRE方案的攻击,安全性可规约为R-LWE（Learning With Errors over Ring）困难假设;新方案适用于在去中心化环境中实现密文访问控制,可用于基于区块链网络的文件共享和多域网络快速互联等场景.     

Efficient Linear Homomorphic Encryption from LWE Over Rings

As the basis for secure public-key encryption under various cases, the learning with errors (LWE) problem has proved to be versatile for encryption schemes. Unfortunately, it tends not to be efficient enough for practical applications. For improving the efficiency issues and quickening the practical applications of the lattice-based public-key cryptosystems, an efficient homomorphic encryption scheme is presented in this paper, which is based on the learning with errors over rings (R-LWE) assumption, and its security is reducible to the hardness of the shortest vector problem in the worst case on ideal lattices. Furthermore, the scheme possesses homomorphism feature that encryption operations are consistent with message operations. The security analysis shows that the proposed encryption scheme is secure against chosen-plaintext attacks in the standard model. At the same time, the efficiency analysis and simulation results indicate that the scheme is much more efficient than previous lattice-based cryptosystems.     

基于格签名的安全网络编码（英文）

To provide a high-security guarantee to network coding and lower the computing complexity induced by signature scheme,we take full advantage of homomorphic property to build lattice signature schemes and secure network coding algorithms.Firstly,by means of the distance between the message and its signature in a lattice,we propose a Distance-based Secure Network Coding(DSNC) algorithm and stipulate its security to a new hard problem Fixed Length Vector Problem(FLVP),which is harder than Shortest Vector Problem(SVP)on lattices.Secondly,considering the boundary on the distance between the message and its signature,we further propose an efficient Boundary-based Secure Network Coding(BSNC)algorithm to reduce the computing complexity induced by square calculation in DSNC.Simulation results and security analysis show that the proposed signature schemes have stronger unforgeability due to the natural property of lattices than traditional Rivest-Shamir-Adlcman(RSA)-based signature scheme.DSNC algorithm is more secure and BSNC algorithm greatly reduces the time cost on computation.     

Stateless Transitive Signature Schemes

A new practical method is introduced to transform the stateful transitive signature scheme to stateless one with-out the loss of security.According to the approach,two concrete stateless transitive signature schemes based on Factoringand RSA are presented respectively.Under the assumption of the hardness of factoring and one-more-RSA-inversion prob-lem,both two schemes are secure under the adaptive chosen-message attacks in random oracle model.     

Hybrid cloud approach for block-level deduplication and searchable encryption in large universe

Ciphertext-policy attribute-based searchable encryption (CP-ABSE) can achieve fine-grained access control for data sharing and retrieval, and secure deduplication can save storage space by eliminating duplicate copies. However, there are seldom schemes supporting both searchable encryption and secure deduplication. In this paper, a large universe CP-ABSE scheme supporting secure block-level deduplication are proposed under a hybrid cloud mechanism. In the proposed scheme, after the ciphertext is inserted into bloom filter tree (BFT), private cloud can perform fine-grained deduplication efficiently by matching tags, and public cloud can search efficiently using homomorphic searchable method and keywords matching. Finally, the proposed scheme can achieve privacy under chosen distribution attacks block-level (PRV-CDA-B) secure deduplication and match-concealing (MC) searchable security. Compared with existing schemes, the proposed scheme has the advantage in supporting fine-grained access control, block-level deduplication and efficient search, simultaneously.