新的格上多机构属性基加密方案

针对基于双线性映射的属性基加密方案中无法抵抗量子攻击的问题,该文提出一种新的格上多机构属性基加密方案。先利用格上左抽样算法为用户生成密钥,使得用户私钥尺寸与级联矩阵的列数和用户属性个数相关,缩短用户私钥尺寸;然后采用Shamir门限秘密共享技术构造访问树,实现属性的与、或、门限3种操作,密文允许基于任意的访问结构生成,表达能力更加丰富,解决了大多方案中访问策略单一问题;方案证明可在标准模型下归约到判定性带误差学习问题的难解性。对比分析表明,方案系统公私钥、用户私钥和密文尺寸均有所优化,并较优于大多数单机构方案,此外方案存在多个属性机构,支持任意单调访问结构,安全性和实用性更满足云环境需求。     

Multi-authority attribute-based encryption scheme with policy dynamic updating

Attribute-based encryption (ABE) is a new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud environment.However,a key limitation remains,namely policy updating.Thus,a multi-authority attribute-based encryption scheme with policy dynamic updating was proposed.In the scheme,an anonymous key issuing protocol was introduced to protect users’ privacy and resist collusion attack of attribute authority.The scheme with dynamic policy updating technique was secure against chosen plaintext attack under the standard model and can support any types of policy updating.Compared to the existing related schemes,the size of ciphertext and users’ secret key is reduced and can significantly reduce the computation and communication costs of updating ciphertext.It is more effective in the practical application.     

基于理想格的高效密文策略属性基加密方案

已有的基于格的密文策略属性基(CP-ABE)方案只能通过矩阵运算方法进行加解密,加解密效率不高,而效率较高的基于理想格的密钥策略属性基(KP-ABE)方案又存在对各类实际应用场景适应性较差的问题。为解决上述问题,该文利用理想格上的算法生成主密钥和密钥,同时在多项式环上进行运算,极大地提高了加解密效率;通过在原属性集合中添加虚拟属性,方案成功结合访问结构生成密文,同时授权用户可以构建出满足解密条件的子集,从而实现方案的正确解密;还利用单个陷门矩阵生成密钥,有效降低了公共参数和主密钥的数量。最终该文构建了一个基于理想格的支持门限访问结构的高效CP-ABE方案,并证明方案在环上容错学习(R-LWE)假设下是选择性安全的。与现有支持门限访问结构的方案的对比分析表明,该文方案公共参数数量更少、效率更高,且对实际应用场景有更好的适应性。     

Privacy preserving friend discovery cross domain scheme using re-encryption in mobile social networks

In order to guarantee the users’ privacy in the process of making friends in the mobile social networks,a new scheme of proxy re-encryption privacy protection in the cross-domain environment was introduced.The scheme employed the cross-domain multi-authority to sharing secret keys,so as to realize the access and shave of the cross-domain users data.And the secret keys of users’ attributes were re-encrypted,based on the technology of the proxy re-encryption and attribute encryption,to achieve the friends matching under the conditions of extending the access policy.Meanwhile,in purpose of enhancing the privacy of users’ data,the technology which contained the separation of users’ privacy ciphertext and secret keys was adopted.Based on that,problems in the existing system such as user data’s inability to be shared cross-cloud,less matching during the process of making friends and users’ inability to make friends when offline had been addressed.Security and experimental analysis show that this scheme can achieve chosen plaintext attack (CPA) security,ensure the privacy of friend discovery,and that is more effective than existing solutions.     

基于理想格的鲁棒门限代理重加密方案

代理重加密能够实现解密权限的转换,而鲁棒门限代理重加密（Threshold Proxy Re-Encryption,TPRE）不仅支持安全灵活的转化控制,而且支持转化密文的合法性验证.本文利用理想格上工具构造了一种TPRE方案,采用Shamir秘密共享实现门限控制,采用格上同态签名技术实现鲁棒性,可完全抗量子攻击.新方案与标准格上方案相比,密文尺寸小、密钥份额短、计算速度快;基于PRE和TPRE安全模型的差异,证明对TPRE的攻击多项式时间内可转化为对基础PRE方案的攻击,安全性可规约为R-LWE（Learning With Errors over Ring）困难假设;新方案适用于在去中心化环境中实现密文访问控制,可用于基于区块链网络的文件共享和多域网络快速互联等场景.     

支持属性撤销的可验证多关键词搜索加密方案

近年来,可搜索加密技术及细粒度访问控制的属性加密在云存储环境下得到广泛应用。考虑到现存的基于属性的可搜索加密方案存在仅支持单关键词搜索而不支持属性撤销的问题,以及单关键词搜索可能造成返回搜索结果部分错误并导致计算和宽带资源浪费的缺陷,该文提出一种支持属性撤销的可验证多关键词搜索加密方案。该方案允许用户检测云服务器搜索结果的正确性,同时在细粒度访问控制结构中支持用户属性的撤销,且在属性撤销过程中不需要更新密钥和重加密密文。该文在随机预言机模型下基于判定性线性假设被证明具有抵抗选择关键词集攻击安全性及关键词隐私性,同时从理论和实验两方面分析验证了该方案具有较高的计算效率与存储效率。     

Attribute-based fully homomorphic encryption scheme over rings

The fully homomorphic encryption has important applications in the area of data security and privacy security of cloud computing,but the size of secret keys and ciphertext in most of current homomorphic encryption schemes were too large,which restricted its practical.To improve these drawbacks,a recoding scheme and a attribute-based encryption scheme based on learning with errors problem over rings were provided,then a attribute-based fully homomorphic encryption was constructed.The new scheme overcame the above mentioned drawbacks,because it did't need public key certificate,meanwhile,it can achieve the fine-grained access control to the ciphertext.Compared with similar results,proposed method decreases the size of keys and ciphertext greatly.     

Privacy-preserving and efficient user matching based on attribute encryption in mobile social networks

With the rapid popularity of social networking platforms, users can be matched when sharing their profiles. However, there is a risk of leakage of sensitive user information during the user matching process, which leads to the lack of user privacy protection. In this paper, we propose a privacy protection scheme based on the encryption of hidden attributes during user matching in mobile social networks, which uses linear secret sharing scheme (LSSS) as the access structure based on ciphertext policy attribute-based encryption (CP-ABE), and the match server can perform friend recommendation by completing bi-directional attribute matching determination without disclosing user attribute information. In addition, the use of selective keywords protects the privacy of requesters and publishers in selecting keywords and selecting plaintext attacks. The scheme reduces the encryption and decryption overhead for users by dividing encryption into a preparation phase and an online phase and shifting most of the decryption overhead from the requester to the match server. The experimental results show that the scheme ensures user privacy while effectively reducing communication overhead.     

基于访问树的策略隐藏属性加密方案

已有的策略隐藏属性加密（ABE,attribute-based encryption）方案只支持受限的访问结构,策略表达能力弱,基于此提出一种新的访问树结构,使属性隐藏和秘密共享能够应用到“与”门、“或”门和“门限”门中。并且,利用合数阶双线性群构造了一种基于访问树的策略隐藏方案,并通过双系统加密的概念证明了方案的安全性。分析和实验验证表明,方案在实现复杂访问结构的策略隐藏的同时,并没有过多地增加计算开销,在实际应用过程中更加灵活和有效。     

基于PBAC模型和IBE的医疗数据访问控制方案

医疗卫生领域形成的医疗大数据中包含了大量的个人隐私信息,面临着外部攻击和内部泄密的潜在安全隐患。传统的访问控制模型没有考虑用户访问目的在侧重数据隐私的访问控制中的重要作用,现有的对称、非对称加密技术又都存在密钥管理、证书管理复杂的问题。针对这些问题,提出了综合应用PBAC模型和IBE加密技术的访问控制方案,支持针对医疗数据密文的灵活访问控制。通过加入条件目的概念对PBAC模型进行扩展,实现了对目的树的全覆盖;以病患ID、条件访问位和预期目的作为IBE身份公钥进行病患数据加密,只有通过认证并且访问目的符合预期的用户才能获得相应的私钥和加密数据,从而实现对病患信息的访问。实验结果证明,该方案达到了细粒度访问控制和隐私保护的目的,并具有较好的性能。     

云环境下基于属性加密体制算法加速方案

云计算为租户提供存储、计算和网络服务，数据安全保护和租户间的数据共享与访问控制是其必不可少的能力。基于属性的加密体制是一种一对多的加密体制，可以根据用户属性实现细粒度访问控制，适用于云计算环境多租户数据共享。但现有的基于属性加密体制的算法效率较低，难以在实际环境中应用。分析了基于属性的加密体制的两种类型及其应用场景，提出一个基于属性加密体制算法的加速方案。通过实验表明，提出的方案可提高基于属性加密体制的密钥生成算法、加密算法和解密算法的效率。     

Analysis and improvement on identity-based cloud data integrity verification scheme

Many individuals or businesses outsource their data to remote cloud.Cloud storage provides users the advantages of economic convenience,but data owners no longer physically control over the stored data,which introduces new security challenges,such as no security guarantees of integrity and privacy.The security of two identity-based cloud data integrity verification schemes by Zhang et al and Xu et al respectively are analysed.It shows that Zhang et al.’s scheme is subjected to secret key recovery attack for the cloud servers can recover user’s private key only utilizing stored data.And Xu et al.’s scheme cannot satisfy security requirements of soundness.Based on Xu et al.'s scheme,a modified identity-based cloud data integrity verification scheme is proposed.A comprehensive analysis shows the new scheme can provide the security requirements of soundness and privacy,and has the same communication overhead and computational cost as Xu et al.’s scheme.     

云计算平台下基于属性加密的动态版权使用控制方案（英文）

In order to achieve fine-grained access control in cloud computing,existing digital rights management(DRM) schemes adopt attribute-based encryption as the main encryption primitive.However,these schemes suffer from inefficiency and cannot support dynamic updating of usage rights stored in the cloud.In this paper,we propose a novel DRM scheme with secure key management and dynamic usage control in cloud computing.We present a secure key management mechanism based on attribute-based encryption and proxy re-encryption.Only the users whose attributes satisfy the access policy of the encrypted content and who have effective usage rights can be able to recover the content encryption key and further decrypt the content.The attribute based mechanism allows the content provider to selectively provide fine-grained access control of contents among a set of users,and also enables the license server to implement immediate attribute and user revocation.Moreover,our scheme supports privacy-preserving dynamic usage control based on additive homomorphic encryption,which allows the license server in the cloud to update the users' usage rights dynamically without disclosing the plaintext.Extensive analytical results indicate that our proposed scheme is secure and efficient.     

基于身份的具有否认认证的关键字可搜索加密方案

云存储技术的发展实现了资源共享,为用户节省了数据管理开销.可搜索加密技术,既保护用户隐私又支持密文检索,方便了用户查找云端密文数据.现有的公钥关键字可搜索加密方案虽然支持身份认证,但未实现否认的属性.为了更好地保护发送者的身份隐私,该文将否认认证与公钥关键字可搜索加密技术相结合,提出一种基于身份的具有否认认证的关键字可...     

保护用户隐私的数据加密与安全存储方案

文中提出了一套保护用户隐私的数据加密与安全存储方案,选择了适合的加密算法和密钥管理方案。通过对比分析不同加密算法的安全性和效率,最终选择了AES 256,RSA等加密算法,并设计了三级密钥管理方案,实现了对密钥的安全存储和分发。在数据存储方面,以eMMC存储器为存储介质,实现了基于角色和权限的访问控制机制,确保用户只能访问其被授权的数据。     

SA-IBE:一种安全可追责的基于身份加密方案

基于身份加密(Identity-Based Encryption, IBE)方案中,用户公钥直接由用户身份得到,可以避免公钥基础设施(Public Key Infrastructure, PKI)系统的证书管理负担。但IBE存在密钥托管问题,即私钥生成器(Private Key Generator, PKG)能够解密用户密文或泄漏用户私钥,而现有解决方案一般需要安全信道传输私钥,且存在用户身份认证开销大或不能彻底解决密钥托管问题的缺陷。该文提出一种安全可追责的基于身份加密方案,即SA-IBE方案,用户原私钥由PKG颁发,然后由多个密钥隐私机构并行地加固私钥隐私,使得各机构无法获取用户私钥,也不能单独解密用户密文;设计了高效可追责的单点PKG认证方案;并采用遮蔽技术取消了传输私钥的安全信道。文中基于标准的Diffie-Hellman假设证明了SA-IBE方案的安全性、解决密钥托管问题的有效性以及身份认证的可追责性。     

Efficient identity-based fully homomorphic encryption over NTRU

Fully homomorphic encryption is the best solution for solving privacy concerns for data over cloud so far,while large public key size is a general shortcoming for existing schemes.First,by introducing the concept of Kullback-Leibler divergence,an identity-based public key scheme over NTRU lattice with modified ciphertext form was proposed.Analysis on parameter setting showed its small key size and ciphertext size,and experiments revealed its high computational efficiency.Second,with the idea of approximate eigenvector,an improved method to convert the scheme into an identity-based fully homomorphic encryption one was put forward to further reduce ciphertext size.Compared with existing schemes,the converted scheme not only abandons evaluation keys to make it fully identity-based,but also has smaller keys and ciphertext,which results in higher computational and transmission efficiency.     

快速解密的自适应安全KP-ABE方案

已有的自适应安全ABE(attribute-based encryption)方案的解密开销随着解密时用到的属性数量呈线性增长。针对该问题,提出了一种快速解密的自适应安全key-policy ABE(FKP-ABE)方案,在合数阶群上构造,支持任意可以表达为线性秘密分享体制(LSSS, linear secret sharing schemes)的单调访问策略,将解密开销降为常数级,并在标准模型下证明该方案是自适应安全的。     

A secure channel code‐based scheme for privacy preserving data aggregation in wireless sensor networks

Data aggregation is an efficient method to reduce the energy consumption in wireless sensor networks (WSNs). However, data aggregation schemes pose challenges in ensuring data privacy in WSN because traditional encryption schemes cannot support data aggregation. Homomorphic encryption schemes are promising techniques to provide end to end data privacy in WSN. Data reliability is another main issue in WSN due to the errors introduced by communication channels. In this paper, a symmetric additive homomorphic encryption scheme based on Rao‐Nam scheme is proposed to provide data confidentiality during aggregation in WSN. This scheme also possess the capability to correct errors present in the aggregated data. The required security levels can be achieved in the proposed scheme through channel decoding problem by embedding security in encoding matrix and error vector. The error vectors are carefully designed so that the randomness properties are preserved while homomorphically combining the data from different sensor nodes. Extensive cryptanalysis shows that the proposed scheme is secure against all attacks reported against private‐key encryption schemes based on error correcting codes. The performance of the encryption scheme is compared with the related schemes, and the results show that the proposed encryption scheme outperforms the existing schemes.     

PRA-TPE: Perfectly Recoverable Approximate Thumbnail-Preserving Image Encryption

With the popularity of cloud servers, an increasing number of people are willing to store their images in the cloud due to many conveniences such as online browsing and managing images. On the other hand, this inevitably causes users’ concerns about image privacy leakage. Many image encryption schemes are proposed to prevent privacy leakage, while most of them focus only on privacy protection and ignore the usability of encrypted images. For this purpose, Marohn et al. (2017) designed two approximate thumbnail-preserving encryption (TPE) schemes to balance image privacy and usability. However, the decrypted image in these two schemes are only perceptually close to the original one and the original image cannot be perfectly recovered. To this end, we design a perfectly recoverable approximate TPE scheme in this paper, which combines reversibledata hiding (RDH) with encryption schemes. The thumbnails of the original and processed images are similar to balance image privacy and usability well. Meanwhile, the reversibility of RDH and encryption schemes is utilized to ensure the perfect recoverability in the proposed scheme. Experiments show that the proposed approximate TPE scheme is no longer limited to balancing usability and privacy but attains perfect recovery.