CCA安全的抗连续泄露的广播密钥封装机制

传统公钥基础设施中的证书复杂管理和身份基密码体制中的密钥托管等问题在基于证书的密码体制下得到了很好的解决,因此无证书密码体制近年来得到了广泛关注.此外,在现实应用中,攻击者基于冷启动、边信道等各种各样的泄露攻击获得密码机制内部敏感状态(如秘密钥等)的泄露信息,导致在传统理想模型下被证明安全的密码机制不再具有相应的安全性.此外,由于广播通信模式具有较高的消息通信效率,多个具有广播通信功能的密码原语相继被提出.针对基于证书密钥封装机制对泄露容忍性和广播通信等性能的需求,提出抗泄露的基于证书的广播密钥封装机制的实例化构造,并基于判定的Diffie-Hellman困难性假设对其选择密文攻击下的安全性进行了证明.此外,为进一步增强该构造的实用性,研究了广播密钥封装机制的连续泄露容忍性,通过定期更新用户密钥的方式实现了对连续泄露攻击的抵抗目标.与现有工作的分析对比表明,该构造在保证安全性可证明的基础上,不仅实现了抵抗泄露攻击和广播通信的功能,而且拥有较高的计算效率.

Continuous Leakage-resilient Broadcast Key-encapsulation Mechanism with CCA Security

Certificate-based cryptography which is attracted great interest can solve the certificate management issue of the traditional public-key cryptography system, at the same time, which can also avoid the key escrow in the identity-based cryptography, thus, it has attracted attention of cryptography researchers. The traditional security models assume that any adversary cannot obtain the leakage information on the internal secret states, such as secret keys, however, some leakage can be leaked through various leakage attacks in the actual environment. In addition, many cryptographic schemes with broadcast communication function were created, because broadcast communication has higher efficiency of message transmission. To further provide leakage resilience and broadcast communication for certificate-based broadcast key encapsulation mechanism (CB-BKEM), a concrete construction of CB-BKEM is proposed, and the leakage-resilient chosen-ciphertext attacks security is proved based on decisional Diffie-Hellman assumption. To further improve the practicability of CB-BKEM, continuous leakage-resilient CB-BKEM is researched, and the continuous leakage resilience of CB-BKEM can be obtained by performing key update. The performance analysis shows that the proposed construction has higher computational efficiency while maintaining the provable security, the leakage resilience and the broadcast communication.