基于遍历矩阵的公钥加密方案

 目前的公钥加密方案受到来自量子计算的威胁,研究在量子计算下安全的公开加密算法具有重要的意义.本文提出了遍历矩阵的概念,并给出了遍历矩阵的性质.同时提出了基于有限域上遍历矩阵的双侧幂乘问题(TEME:Two-side Ergodic Matrices Exponentiation),并证明了求解TEME问题是NP完全的.据此,本文提出了一个新的公钥加密方案,并在标准模型下,证明了该方案基于TEME问题的安全性,即该方案具有适应性选择密文攻击下的不可区分性.     

可证安全的高效可托管公钥加密方案

可托管公钥加密方案中一个公钥对应于2个解密私钥,它可大大减少公钥基础设施PKI中公钥证书的数目,从而降低其公钥证书管理的负荷。同时对于用户端来说,它也能减小所需私钥存储空间,减轻用户的私钥管理负担。提出2个新的可托管公钥加密方案,其中第二个方案是文献中所有现存同类方案中最为高效的一个。它也是第一个可证安全的方案,其安全性基于标准的双线性Diffie-Hellman假设。     

Provably Secure Length‐Saving Public‐Key Encryption Scheme under the Computational Diffie‐Hellman Assumption

Design of secure and efficient public‐key encryption schemes under weaker computational assumptions has been regarded as an important and challenging task. As far as ElGamal‐type encryption schemes are concerned, some variants of the original ElGamal encryption scheme based on weaker computational assumption have been proposed: Although security of the ElGamal variant of Fujisaki‐Okamoto public‐key encryption scheme and Cramer and Shoup's encryption scheme is based on the Decisional Diffie‐Hellman Assumption (DDH‐A), security of the recent Pointcheval's ElGamal encryption variant is based on the Computational Diffie‐Hellman Assumption (CDH‐A), which is known to be weaker than DDH‐A. In this paper, we propose new ElGamal encryption variants whose security is based on CDH‐A and the Elliptic Curve Computational Diffie‐Hellman Assumption (EC‐CDH‐A). Also, we show that the proposed variants are secure against the adaptive chosen‐ciphertext attack in the random oracle model. An important feature of the proposed variants is length‐efficiency which provides shorter ciphertexts than those of other schemes.     

带消息恢复的可证明安全自证书签名方案

To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key escrow problem. This paper proposes a Self-Certified Signature (SCS) scheme with message recovery and two variants without using bilinear pairings: one is the authenticated encryption scheme in which only the designated receiver can verify the signature, and the other is the authenticated encryption scheme with message linkage that deals with large messages. These three SCS schemes are provably secure in the random oracle model and are more efficient than previous schemes.     

Certificate‐Based Signcryption Scheme without Pairing: Directly Verifying Signcrypted Messages Using a Public Key

To achieve confidentiality, integrity, authentication, and non‐repudiation simultaneously, the concept of signcryption was introduced by combining encryption and a signature in a single scheme. Certificate‐based encryption schemes are designed to resolve the key escrow problem of identity‐based encryption, as well as to simplify the certificate management problem in traditional public key cryptosystems. In this paper, we propose a new certificate‐based signcryption scheme that has been proved to be secure against adaptive chosen ciphertext attacks and existentially unforgeable against chosen‐message attacks in the random oracle model. Our scheme is not based on pairing and thus is efficient and practical. Furthermore, it allows a signcrypted message to be immediately verified by the public key of the sender. This means that verification and decryption of the signcrypted message are decoupled. To the best of our knowledge, this is the first signcryption scheme without pairing to have this feature.     

Efficient threshold public key encryption with full security based on dual pairing vector spaces

Most robust and noninteractive threshold public key encryption (PKE) schemes have only been proven secure against chosen‐ciphertext attacks under the static corruption model; yet, the dynamic corruption model is more reasonable. In this paper, on the basis of bilinear groups of prime order and dual pairing vector spaces, we propose a threshold PKE scheme that is noninteractive, robust and, secure against adaptive chosen‐ciphertext attacks under the dynamic corruption model without random oracles. Moreover, our scheme is shown to be more efficient than currently existing fully secure threshold PKE schemes. Copyright © 2013 John Wiley & Sons, Ltd.     

Secure and Efficient Code Encryption Scheme Based on Indexed Table

Software is completely exposed to an attacker after it is distributed because reverse engineering is widely known. To protect software, techniques against reverse engineering are necessary. A code encryption scheme is one of the techniques. A code encryption scheme encrypts the binary executable code. Key management is the most important part of the code encryption scheme. However, previous schemes had problems with key management. In an effort to solve these problems in this paper, we survey the previous code encryption schemes and then propose a new code encryption scheme based on an indexed table. Our scheme provides secure and efficient key management for code encryption.     

Elliptic Curve Paillier Schemes

This paper is concerned with generalisations of Paillier's probabilistic encryption scheme from the integers modulo a square to elliptic curves over rings. Paillier himself described two public key encryption schemes based on anomalous elliptic curves over rings. It is argued that these schemes are not secure. A more natural generalisation of Paillier's scheme to elliptic curves is given. Received January 2001 and revised June 2001 Online publication 23 November 2001     

云计算平台下基于属性加密的动态版权使用控制方案（英文）

In order to achieve fine-grained access control in cloud computing,existing digital rights management(DRM) schemes adopt attribute-based encryption as the main encryption primitive.However,these schemes suffer from inefficiency and cannot support dynamic updating of usage rights stored in the cloud.In this paper,we propose a novel DRM scheme with secure key management and dynamic usage control in cloud computing.We present a secure key management mechanism based on attribute-based encryption and proxy re-encryption.Only the users whose attributes satisfy the access policy of the encrypted content and who have effective usage rights can be able to recover the content encryption key and further decrypt the content.The attribute based mechanism allows the content provider to selectively provide fine-grained access control of contents among a set of users,and also enables the license server to implement immediate attribute and user revocation.Moreover,our scheme supports privacy-preserving dynamic usage control based on additive homomorphic encryption,which allows the license server in the cloud to update the users' usage rights dynamically without disclosing the plaintext.Extensive analytical results indicate that our proposed scheme is secure and efficient.     

Tag-KEM/DEM: A New Framework for Hybrid Encryption

This paper presents a novel framework for the generic construction of hybrid encryption schemes which produces more efficient schemes than the ones known before. A previous framework introduced by Shoup combines a key encapsulation mechanism (KEM) and a data encryption mechanism (DEM). While it is sufficient to require both components to be secure against chosen ciphertext attacks (CCA-secure), Kurosawa and Desmedt showed a particular example of KEM that is not CCA-secure but can be securely combined with a specific type of CCA-secure DEM to obtain a more efficient, CCA-secure hybrid encryption scheme. There are also many other efficient hybrid encryption schemes in the literature that do not fit into Shoup’s framework. These facts serve as motivation to seek another framework. The framework we propose yields more efficient hybrid scheme, and in addition provides insightful explanation about existing schemes that do not fit into the previous framework. Moreover, it allows immediate conversion from a class of threshold public-key encryption to a threshold hybrid one without considerable overhead, which may not be possible in the previous approach.