基于容错学习的GSW-型全同态层次型IBE方案
|
摘要
针对传统的基于身份的加密(IBE)方案不能够对密文直接进行计算这一功能上的缺陷,提出了一个新的IBE方案。该方案利用Gentry等提出的同态转化机制,结合Agrawal等构造的层次型IBE方案,构造了一个具有全同态性质的层次型IBE方案。与Gentry等提出的全同态加密(GSW)方案(GENTRY C,SAHAI A,WATERS B.Homomorphic encryption from learning with errors:conceptually-simpler,asymptotically-faster,attribute-based.CRYPTO2013:Proceedings of the 33rd Annual Cryptology Conference on Advances in Cryptology.Berlin:Springer,2013:75-92)和Clear等提出的全同态IBE(CM)方案(CLEAR M,MCGOLDRICK C.Bootstrappable identity-based fully homomorphic encryption.CANS 2014:Proceedings of 13th International Conference on Cryptology and Network Security.Berlin:Springer,2014:1-19)相比,该方案构造方法更加自然,空间复杂度由立方级降低到平方级,效率更高。在当前云计算背景下,有助于基于容错学习(LWE)的全同态加密方案从理论向实践转化。通过性能分析并在随机预言机模型下验证了所提方案具有完全安全下的选择明文攻击(IND-ID-CPA)安全性。
Focusing on the function defect of the traditional Identity-Based Encryption( IBE) scheme that the ciphertexts can not be calculated directly, a new IBE scheme was proposed. The homomorphism transformation mechanism proposed by Gentry was used to transform the hierarchical IBE scheme proposed by Agrawal into a homomorphic hierarchical IBE scheme.Compared with the GSW( Gentry, Sahai, Waters) scheme( GENTRY C, SAHAI A, WATERS B. Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. CRYPTO 2013: Proceedings of the33 rd Annual Cryptology Conference on Advances in Cryptology. Berlin: Springer, 2013: 75- 92) and CM( Clear,Mcgoldrick) scheme( CLEAR M, MCGOLDRICK C. Bootstrappable identity-based fully homomorphic encryption. CANS2014: Proceedings of 13 th International Conference on Cryptology and Network Security. Berlin: Springer, 2014: 1- 19),the construction method of the proposed scheme was more natural, the level of space complexity was reduced from cubic to square with higher efficiency. In the current environment of cloud computing, the proposed scheme can contribute to the transformation from theory to practice of fully homomorphic encryption scheme based on Learning With Errors( LWE)problem. The performance analysis and the verification results under the random oracle model prove the security for Indistinguishability of the Identity-Based Encryption Scheme under Chosen-Plaintext Attack( IND-ID-CPA) of the proposed scheme.
Focusing on the function defect of the traditional Identity-Based Encryption( IBE) scheme that the ciphertexts can not be calculated directly, a new IBE scheme was proposed. The homomorphism transformation mechanism proposed by Gentry was used to transform the hierarchical IBE scheme proposed by Agrawal into a homomorphic hierarchical IBE scheme.Compared with the GSW( Gentry, Sahai, Waters) scheme( GENTRY C, SAHAI A, WATERS B. Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. CRYPTO 2013: Proceedings of the33 rd Annual Cryptology Conference on Advances in Cryptology. Berlin: Springer, 2013: 75- 92) and CM( Clear,Mcgoldrick) scheme( CLEAR M, MCGOLDRICK C. Bootstrappable identity-based fully homomorphic encryption. CANS2014: Proceedings of 13 th International Conference on Cryptology and Network Security. Berlin: Springer, 2014: 1- 19),the construction method of the proposed scheme was more natural, the level of space complexity was reduced from cubic to square with higher efficiency. In the current environment of cloud computing, the proposed scheme can contribute to the transformation from theory to practice of fully homomorphic encryption scheme based on Learning With Errors( LWE)problem. The performance analysis and the verification results under the random oracle model prove the security for Indistinguishability of the Identity-Based Encryption Scheme under Chosen-Plaintext Attack( IND-ID-CPA) of the proposed scheme.
引文
[1]RIVEST R L,ADLEMAN L,DERTOUZOS M L.On data banks and privacy homomorphisms[J].Foundations of Secure Computation,1978,4(11):169-180.
[2]BENALOH J.Dense probabilistic encryption[C]//Proceedings of the 1994 Workshop on Selected Areas of Cryptography.Berlin:Springer,1994:120-128.
[3]PAILLIER P.Public-key cryptosystems based on composite degree residuosity classes[C]//EUROCRYPT'99:Proceedings of the17th International Conference on Theory and Application of Cryptographic Techniques.Berlin:Springer,1999:223-238.
[4]BONEH D,GOH E J,NISSIM K.Evaluating 2-DNF formulas on ciphertexts[C]//TCC'05:Proceedings of the Second International Conference on Theory of Cryptography.Berlin:Springer,2005:325-341.
[5]GENTRY C.Fully homomorphic encryption using ideal lattices[C]//Proceedings of the 41st ACM Symposium on Theory of Computing.New York:ACM,2009:169-178.
[6]VAN DIJK M,GENTRY C,HALEVI S,et al.Fully homomorphic encryption over the integers[C]//EUROCRYPT'10:Proceedings of the 29th Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin:Springer,2010:24-43.
[7]SMART N P,VERCAUTEREN F.Fully homomorphic encryption with relatively small key and ciphertext sizes[C]//PKC'10:Proceedings of the 13th International Conference on Practice and Theory in Public Key Cryptography.Berlin:Springer,2010:420-443.
[8]GENTRY C,HALEVI S,SMART N P.Fully homomorphic encryption with polylog overhead[C]//EUROCRYPT'12:Proceedings of the 31st Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin:Springer,2012:465-482.
[9]GENTRY C,SAHAI A,WATERS B.Homomorphic encryption from learning with errors:conceptually-simpler,asymptotically-faster,attribute-based[C]//CRYPTO 2013:Proceedings of the 33rd Annual Cryptology Conference on Advances in Cryptology.Berlin:Springer,2013:75-92.
[10]SHAMIR A.Identity-based cryptosystems and signature schemes[C]//Proceedings of CRYPTO 84 on Advances in Cryptology.Berlin:Springer,1984:47-53.
[11]GENTRY C,HALEVI S,VAIKUNTANATHAN V.A simple BGN-type cryptosystem from LWE[C]//EUROCRYPT'10 Proceedings of the 29th Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin:Springer,2010:506-522.
[12]CLEAR M,HUGHES A,TEWARI H.Homomorphic encryption with access policies:characterization and new constructions[C]//AFRICACRYPT 2013:Proceedings of the 6th International Conference on Cryptology in Africa.Berlin:Springer,2013:61-87.
[13]COCKS C.An identity based encryption scheme based on quadratic residues[C]//Proceedings of the 8th IMA International Conference on Cryptography and Coding.Berlin:Springer,2001:360-363.
[14]CLEAR M,MCGOLDRICK C.Bootstrappable identity-based fully homomorphic encryption[C]//CANS 2014:Proceedings of 13th International Conference on Cryptology and Network Security.Berlin:Springer,2014:1-19.
[15]AGRAWAL S,BONEH D,BOYEN X.Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE[C]//CRYPTO 2010:Proceedings of the 30th Annual Cryptology Conference on Advances in Cryptology.Berlin:Springer,2010:98-115.
[16]REGEV O.On lattices,learning with errors,random linear codes,and cryptography[J].Journal of the ACM,2009,56(6):Article No.34.
[17]BRAKERSKI Z,LANGLOIS A,PEIKERT C,et al.Classical hardness of learning with errors[C]//Proceedings of the 2013Forty-fifth Annual ACM Symposium on Theory of Computing.New York:ACM,2013:575-584.Background This work is partially supported by the National Natural Science Foundation of China(61272492,61103230),the Natural Science Foundation of Shaanxi Province(2016JQ6037).DAI Xiaoming,born in 1991,M.S.candidate.His research interests include cryptology.ZHANG Wei,born in 1976,Ph.D.,associate professor.Her research interests include cryptology,information security.ZHENG Zhiheng,born in 1992,M.S.candidate.His research interests include cryptology.LI Zhenlin,born in 1992,M.S.candidate.His research interests include cryptology.
[2]BENALOH J.Dense probabilistic encryption[C]//Proceedings of the 1994 Workshop on Selected Areas of Cryptography.Berlin:Springer,1994:120-128.
[3]PAILLIER P.Public-key cryptosystems based on composite degree residuosity classes[C]//EUROCRYPT'99:Proceedings of the17th International Conference on Theory and Application of Cryptographic Techniques.Berlin:Springer,1999:223-238.
[4]BONEH D,GOH E J,NISSIM K.Evaluating 2-DNF formulas on ciphertexts[C]//TCC'05:Proceedings of the Second International Conference on Theory of Cryptography.Berlin:Springer,2005:325-341.
[5]GENTRY C.Fully homomorphic encryption using ideal lattices[C]//Proceedings of the 41st ACM Symposium on Theory of Computing.New York:ACM,2009:169-178.
[6]VAN DIJK M,GENTRY C,HALEVI S,et al.Fully homomorphic encryption over the integers[C]//EUROCRYPT'10:Proceedings of the 29th Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin:Springer,2010:24-43.
[7]SMART N P,VERCAUTEREN F.Fully homomorphic encryption with relatively small key and ciphertext sizes[C]//PKC'10:Proceedings of the 13th International Conference on Practice and Theory in Public Key Cryptography.Berlin:Springer,2010:420-443.
[8]GENTRY C,HALEVI S,SMART N P.Fully homomorphic encryption with polylog overhead[C]//EUROCRYPT'12:Proceedings of the 31st Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin:Springer,2012:465-482.
[9]GENTRY C,SAHAI A,WATERS B.Homomorphic encryption from learning with errors:conceptually-simpler,asymptotically-faster,attribute-based[C]//CRYPTO 2013:Proceedings of the 33rd Annual Cryptology Conference on Advances in Cryptology.Berlin:Springer,2013:75-92.
[10]SHAMIR A.Identity-based cryptosystems and signature schemes[C]//Proceedings of CRYPTO 84 on Advances in Cryptology.Berlin:Springer,1984:47-53.
[11]GENTRY C,HALEVI S,VAIKUNTANATHAN V.A simple BGN-type cryptosystem from LWE[C]//EUROCRYPT'10 Proceedings of the 29th Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin:Springer,2010:506-522.
[12]CLEAR M,HUGHES A,TEWARI H.Homomorphic encryption with access policies:characterization and new constructions[C]//AFRICACRYPT 2013:Proceedings of the 6th International Conference on Cryptology in Africa.Berlin:Springer,2013:61-87.
[13]COCKS C.An identity based encryption scheme based on quadratic residues[C]//Proceedings of the 8th IMA International Conference on Cryptography and Coding.Berlin:Springer,2001:360-363.
[14]CLEAR M,MCGOLDRICK C.Bootstrappable identity-based fully homomorphic encryption[C]//CANS 2014:Proceedings of 13th International Conference on Cryptology and Network Security.Berlin:Springer,2014:1-19.
[15]AGRAWAL S,BONEH D,BOYEN X.Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE[C]//CRYPTO 2010:Proceedings of the 30th Annual Cryptology Conference on Advances in Cryptology.Berlin:Springer,2010:98-115.
[16]REGEV O.On lattices,learning with errors,random linear codes,and cryptography[J].Journal of the ACM,2009,56(6):Article No.34.
[17]BRAKERSKI Z,LANGLOIS A,PEIKERT C,et al.Classical hardness of learning with errors[C]//Proceedings of the 2013Forty-fifth Annual ACM Symposium on Theory of Computing.New York:ACM,2013:575-584.Background This work is partially supported by the National Natural Science Foundation of China(61272492,61103230),the Natural Science Foundation of Shaanxi Province(2016JQ6037).DAI Xiaoming,born in 1991,M.S.candidate.His research interests include cryptology.ZHANG Wei,born in 1976,Ph.D.,associate professor.Her research interests include cryptology,information security.ZHENG Zhiheng,born in 1992,M.S.candidate.His research interests include cryptology.LI Zhenlin,born in 1992,M.S.candidate.His research interests include cryptology.