首页 | 本学科首页   官方微博 | 高级检索  
     

适应性安全的离线证据加密
引用本文:刘牧华,王琳,朱军龙,邢玲,张明川,吴庆涛.适应性安全的离线证据加密[J].软件学报,2023,34(2):884-898.
作者姓名:刘牧华  王琳  朱军龙  邢玲  张明川  吴庆涛
作者单位:河南科技大学 信息工程学院, 河南 洛阳 471023;河南科技大学 数学与统计学院, 河南 洛阳 471023
基金项目:国家自然科学基金(61871430,61971458);中原科技创新领军人才(214200510012);河南省高校科技创新团队(20IRTSTHN018,21IRTSTHN015);河南省高校基础研究专项(19zx010)
摘    要:离线证据加密通过将复杂的计算移到初始化算法提升加密算法的效率,相比证据加密具有更广泛的应用.然而,已有的离线证据加密方案大多满足选择安全性,即敌手在得到公共参数之前必须输出一对挑战明文(m0,m1)和一个命题实例x.Chvojka等人通过引入可穿孔加密构造了半适应安全的离线证据加密方案,该安全性允许敌手适应性选择挑战密文,但是敌手得到公共参数(ppe,ppd)之前需要输出挑战密文对应的命题实例x,将构造完全适应安全的离线证据加密方案作为“Open Problem”提了出来.首次构造了满足完全适应安全的离线证据加密方案.初始化算法输出一对公共参数(ppe,ppd),其中加密密钥ppe包含两个公钥,一个公共参考串和一个承诺,解密密钥ppd是一个混淆电路.该算法只需运行一次,公共参数可以使用任意多次.加密算法利用密钥封装机制和证据不可区分证明系统构造一个Naor-Yung形式的密文.通过提前选定封装的密钥解决在选择安全性中敌手需要提前输出挑战明文的问题.另外,所提构造可以直接转化为适应性安全的离线函数证据加密,密钥生成阶段将函数f嵌入到解密私钥中,...

关 键 词:适应性安全  密钥封装机制  公钥加密  不可区分的混淆  承诺方案
收稿时间:2021/4/27 0:00:00
修稿时间:2021/6/27 0:00:00

Offline Witness Encryption with Fully Adaptive Security
LIU Mu-Hu,WANG Lin,ZHU Jun-Long,XING Ling,ZHANG Ming-Chuan,WU Qing-Tao.Offline Witness Encryption with Fully Adaptive Security[J].Journal of Software,2023,34(2):884-898.
Authors:LIU Mu-Hu  WANG Lin  ZHU Jun-Long  XING Ling  ZHANG Ming-Chuan  WU Qing-Tao
Affiliation:School of Information Engineering, Henan University of Science and Technology, Luoyang 471023, China;School of Mathematics and Statistics, Henan University of Science and Technology, Luoyang 471023, China
Abstract:Compared with witness encryption, offline witness encryption is more extensive in the practical applications because of its high-efficiency by transferring the hard computation work to setup phase. However, most of the current offline witness encryption schemes only satisfy the selective security, that is, the adversary must commit a pair of challenge messages (m0, m1) and an instance x before obtaining the public parameters. Chvojka et al. proposed an offline witness encryption construction that achieves semi-adaptive security by introducing the puncturable encryption. The semi-adaptive security permits the adversary to choose challenge messages adaptively. However, the instance of the considered NP language that is used to create the challenge ciphertext must be fixed before the adversary gets the public parameters (ppe, ppd). Therefore, they leave it as an open problem to construct offline witness encryption schemes with fully adaptive security. This study firstly proposes an offline witness encryption scheme that achieves the fully adaptive security. The setup algorithm outputs public parameters (ppe, ppd), where ppe, the encryption key, contains two public keys, a common reference, and a commitment, and the decryption key ppd is an obfuscated circuit. This algorithm needs to be run only once, and the parameters can be used for arbitrary many encryptions. The encryption algorithm outputs a Naor-Yung''s ciphertext by using key encapsulation mechanism and non-interactive witness indistinguishable proofs system. The problem of outputting the challenge plaintext in advance during the proving process of selective security have solved by selecting the encapsulation key in advance. In addition, the proposed scheme can also be turned into a functional offline witness encryption scheme directly to realize the reuse of the decryption key for the function f by embedding f into the decryption key in the key generation phase.
Keywords:fully adaptive security  key encapsulated mechanism  public key encryption  indistinguishability obfuscation  commitment
点击此处可从《软件学报》浏览原始摘要信息
点击此处可从《软件学报》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号