格上基于身份的广播加密方案

针对Wang等(WANG J, BI J. Lattice-based identity-based broadcast encryption. https://eprint.iacr.org/2010/288.pdf.)在随机预言机下提出的格基广播加密方案安全性较低且实用性较差的问题,利用盆景树扩展控制算法和一次签名算法构造了一个标准模型下基于格上错误学习(LWE)问题的身份基广播加密方案。首先利用一个编码函数替换随机预言机,将方案置于标准模型下;然后运行盆景树扩展控制算法生成用户的私钥和广播公钥;最后在加密阶段加入一次签名算法,提高方案的安全性。分析表明,相对于已有同类方案,新方案安全性较高达到了适应性攻击下选择密文安全(IND-ID-CCA)且方案具有动态扩展特性,能够通过用户身份矩阵的伸缩来实现用户的添加或删除,因此实用性较强。

Identity-based broadcast encryption based on lattice

Focusing on the issue of low security and poor practicability in the lattice-based broadcast encryption scheme proposed by Wang et al. (WANG J, BI J. Lattice-based identity-based broadcast encryption. https://eprint.iacr.org/2010/288.pdf.) in the random oracle, an identity-based broadcast encryption shceme based on Learning With Errors (LWE) in the standard model was constructed by expanding control algorithm of bonsai tree and one-time signature algorithm. Firstly, the random oracle was replaced by a coding function to make the scheme be in the standard model. Then, the bonsai tree expanding control algorithm was used to generate the private keys of users and public key. Finally, the one-time signature algorithm was added to improve the security. Analysis shows that compared with existed similar schemes, the scheme gets stronger security, achieves adaptively indistinguishable-chosen ciphertext attack security with dynamic extension, which means the users can be added or deleted by expanding or contracting the identity matrix. Hence it has strong practicability.