CN108989049A - A kind of the proxy re-encryption system and encryption method of no Bilinear Pairing - Google Patents

A kind of the proxy re-encryption system and encryption method of no Bilinear Pairing Download PDF

Info

Publication number
CN108989049A
CN108989049A CN201810878086.6A CN201810878086A CN108989049A CN 108989049 A CN108989049 A CN 108989049A CN 201810878086 A CN201810878086 A CN 201810878086A CN 108989049 A CN108989049 A CN 108989049A
Authority
CN
China
Prior art keywords
proxy
module
private key
encryption
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810878086.6A
Other languages
Chinese (zh)
Other versions
CN108989049B (en
Inventor
于银辉
任嘉鹏
杨莹
潘昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jilin University
Original Assignee
Jilin University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jilin University filed Critical Jilin University
Priority to CN201810878086.6A priority Critical patent/CN108989049B/en
Publication of CN108989049A publication Critical patent/CN108989049A/en
Application granted granted Critical
Publication of CN108989049B publication Critical patent/CN108989049B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/72Signcrypting, i.e. digital signing and encrypting simultaneously

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of proxy re-encryption systems of no Bilinear Pairing, comprising: system parameter setting module, key production module, encrypting module, proxy re-encrypted private key generation module, proxy re-encryption module and deciphering module.The present invention is applied in proxy re-encryption method by using no bilinearity matching method, the data for allowing cloud storage platform to encrypt the data forwarding that data owner encrypts at data sharer under the authorization of data owner, the ciphertext that data sharer downloads re-encryption directly from cloud storage in this way can decrypt data, this process saves a large amount of resource, and cloud storage platform is unable to get any information of data.

Description

A kind of the proxy re-encryption system and encryption method of no Bilinear Pairing
Technical field
The present invention relates to field of cloud computer technology, more particularly to a kind of proxy re-encryption of no Bilinear Pairing System and encryption method.
Background technique
In recent years, application and the intensification of all things on earth interconnection process with the development of cloud computing technology, the data in cloud storage Safety has received widespread attention.In order to which the encryption data in cloud storage is shared to other users, traditional way is data The owner downloaded from cloud storage encryption data then re-encrypted issue sharer, this process can consume a large amount of network and Computing resource.
In order to improve computational efficiency, proxy re-encryption arithmetic analysis encryption data can be taken, still, existing agency's weight Encryption method generallys use Bilinear Pairing method, and significant drawback is computationally intensive, and enciphering rate is slow, greatly reduces meter Efficiency is calculated, the demand of current big data era can not be adapted to, practicability is had a greatly reduced quality.
Therefore, how to provide that a kind of computational efficiency is high at the same the not ductility that guarantees ciphertext without Bilinear Pairing The problem of proxy re-encryption system and method is those skilled in the art's urgent need to resolve.
Summary of the invention
In view of this, the present invention provides a kind of proxy re-encryption system of no Bilinear Pairing and encryption methods, by nothing The proxy re-encryption scheme of Bilinear Pairing is combined with no certificate signature scheme, solves agency's weight based on Bilinear Pairing The inefficiency problem of encryption substantially increases computational efficiency, and guarantee ciphertext while guaranteeing chosen ciphertext attacks safety Not ductility.
To achieve the goals above, the present invention adopts the following technical scheme:
A kind of proxy re-encryption system of no Bilinear Pairing, comprising: system parameter setting module, key production module, Encrypting module, proxy re-encrypted private key generation module, proxy re-encryption module and deciphering module;Wherein,
The system parameter setting module sends out system master key for generating system master key and system public parameter It send to the encrypting module, system public parameter is sent to the key production module, the encrypting module, agency weight Encryption key generation module, the proxy re-encryption module and the deciphering module;
The key production module is used to generate the public key, private key and identity information of each user, and by the public key of user It is sent to the encrypting module and the proxy re-encrypted private key generation module, the private key of user is sent to the agency and is added again Close key production module and the deciphering module;
The encrypting module is used to generate the original cipher text for the clear-text message to be sent, and original cipher text is sent to the generation Manage re-encryption module and the deciphering module;
The proxy re-encrypted private key generation module sends out proxy re-encrypted private key according to generation proxy re-encrypted private key It send to the proxy re-encryption module;
The system public parameter and key that the proxy re-encryption module is sent according to system parameter setting module generate mould Generation of the subscriber identity information that block is sent to the encrypting module original cipher text sent and the transmission of proxy re-encrypted private key generation module It manages re-encrypted private key and carries out signature authentication, proxy re-encrypted ciphertext is sent to the deciphering module after authenticating successfully;
The deciphering module restores phase for judging that the ciphertext received is original cipher text or proxy re-encrypted ciphertext The cleartext information answered.
The private key of key production module user generated includes the private key of consigner and the private key of receiving party, the body of user Part information includes the identity information of consigner and the identity information of receiving party.
Invention additionally discloses a kind of proxy re-encryption methods of no Bilinear Pairing, comprising the following steps:
S1, setting system public parameter par and system master key mk;
S2, according to system public parameter par, generate the identity id of consigneri, receiving party identity idj, secret value xi, it is public Key pki, consigner private key skiWith the private key sk of receiving partyj
S3, according to system public parameter par, the identity id of consigneriWith public key pkiIt is encrypted and is signed, obtained original Ciphertext ci
S4, according to system public parameter par, the private key sk of consigneriWith the private key sk of receiving partyjGenerate proxy re-encryption Code key rkij
S5, according to system public parameter par, original cipher text ci, consigner identity idi, receiving party identity idjAnd generation Manage re-encrypted private key rkij, signature authentication is carried out, generates proxy re-encrypted ciphertext c after authenticating successfullyj,
Ciphertext received by S6, judgement is original cipher text or proxy re-encrypted ciphertext, and decryption restoration is bright accordingly Literary information m.
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S1 specifically includes the following steps:
S11, given security parameter k, choose the prime number q that a length is k bit, G is a q rank subgroup of Zq*, and g is G Generation member;
S12, four hash function H1, H2, H3 and H4, H1:{ 0,1 are chosen } * → Zq*, H2:{ 0,1 }n0× { 0,1 }n1× G → Zq*, H3:G → { 0,1 }n0+n1, H4:{ 0,1 } and * × G → Zq*;Wherein no, n1 are security parameters, and plaintext space is { 0,1 }n0
S13, Random select system master key mk, and meet mk ∈ Zq*, calculate Z=mk*g, secrecy system master key mk;
S14, open system parameter par { q, G, g, z, H1, H2, H3, H4, n0, n1 }.
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S2 specifically includes the following steps:
S21, input system disclose parameter par, give the identity id of consigneri, consigner public key pkiAnd commission The private key sk of sidei
S22, x is randomly selectedi, make xi∈Zq*;
S23, the public key pk that consigner is seti=gxi, the private key sk of consigner is seti=xi
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S3 specifically includes the following steps:
S31, input system disclose the identity id of parameter par, cleartext information m, consigneriWith the public key of consigner pki
S32, it randomly selectsCalculate t=H2 (m, r, pki), c1=pki t
S33, calculating
Public private key pair (the spk that S34, selection need to signi, sski), randomly select ui∈ Zq* calculates Ui=g × ui, Di =ui+mk×H4(idi, Ui), Xi=xi× g, spki=(Xi, Ui), sski=(xi, Di), c3=sski
S35, operation signature algorithm, randomly select integer ei∈ Zq* calculates Ei=ei× g, fi=H1 (Ei||Xi||idi|| M), hi=e/ (xi+fi+Di), vi=xi/(xi+fi+Di), obtain signature Si=(fi, hi, vi);
S36, output original cipher text ci=(c1, c2, c3, Si)。
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S4 specifically includes the following steps:
S41, the private key sk for inputting consigneri=xiWith the private key sk of receiving partyj=xj
S42, proxy re-encryption code key rk is generatedij=skj/ski=xj/ximod q。
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S5 specifically includes the following steps:
S51, input system disclose parameter par, original cipher text ci, consigner identity idi, the identity mark of receiving party Know idjWith proxy re-encrypted private key rkij
S52, signature verification calculate ai=H4 (idi,Ui), examine hi×(Ui+Xi+ai*Z+fi* g)=EiAnd vi×(Ui+Xi +ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, carry out carry out next step if setting up;
S53, calculating
Public private key pair (the spk that S54, selection need to signj, sskj), randomly select uj∈ Zq* calculates Uj=g × uj, Dj =uj+mk×H4(idj, Uj), Xj=xj× g, spkj=(Xj, Uj), sskj=(xj, Dj), c3'=sskj
S55、c4=pki
S56, operation signature algorithm, randomly select integer ej∈ Zq* calculates Ej=ej× g, fj=H1 (Ej||Xj||idj|| M), hj=e/ (xj+fj+Dj), vj=xj/(xj+fj+Dj), obtain signature Sj=(fj, hj, vj);
S57, output agent re-encryption ciphertext cj=(c1’,c2,c3’,c4,sj)。
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S6 specifically includes the following steps:
S61, judge that ciphertext form is original cipher text or re-encryption ciphertext;
If S62, ciphertext are original cipher text, signature verification is carried out, calculates ai=H4 (idi,Ui), examine hi×(Ui+Xi+ ai*Z+fi* g)=EiAnd vi×(Ui+Xi+ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, if setting up Carry out next step;
S63, inspectionIt is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S64, calculatingExport clear-text message m;
The encrypted cipher text if S65, ciphertext are attached most importance to carries out signature verification, calculates aj=H4 (idj,Uj), examine hj×(Uj+Xj +aj*Z+fj* g)=EjAnd vj×(Uj+Xj+aj*Z+fj* g)=XjWhether two formulas are true, and ⊥ is exported if invalid, if setting up Carry out next step;
S66, c is examined1'=c4H2(m,r,c4)It is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S67, calculatingExport clear-text message m.
It can be seen via above technical scheme that compared with prior art, the invention has the following beneficial effects: the present invention to adopt With the encryption method of no Bilinear Pairing and without certificate signature authentication mechanism, guaranteeing the same of chosen ciphertext attacks safety When, computational efficiency is substantially increased, and protect the accuracy of information;Its function admirable, convenient for being applied in open network environment.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis The attached drawing of offer obtains other attached drawings.
Fig. 1 attached drawing is the structural schematic diagram of the proxy re-encryption system of the invention without Bilinear Pairing.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
The embodiment of the invention discloses a kind of proxy re-encryption systems of no Bilinear Pairing, comprising: system parameter setting Module 1, key production module 2, encrypting module 3, proxy re-encrypted private key generation module 4, proxy re-encryption module 5 and decryption mould Block 6;Wherein,
System parameter setting module 1 sends system master key for generating system master key and system public parameter To encrypting module 3, system public parameter is sent to 2 key production modules, 3 encrypting modules, 4 proxy re-encrypted private keys and generates mould Block, 5 proxy re-encryption modules and 6 deciphering modules;
Key production module 2 is used to generate public key, private key and the identity information of consigner and public key, the private key of receiving party And identity information, and the public key of the public key of consigner and receiving party is sent to encrypting module 3 and proxy re-encrypted private key generation The private key of the private key of consigner and receiving party is sent to proxy re-encrypted private key generation module 4 and deciphering module 6 by module 4;
Encrypting module 3 is sent by system public parameter, the key production module 2 of the transmission of system parameter setting module 1 The public key and consigner of consigner and receiving party and the identity information of receiving party, to the clear-text message to be sent carry out encryption and Signature generates the original cipher text for the clear-text message to be sent, and original cipher text is sent to proxy re-encryption module 5 and decryption mould Block 6;
System public parameter and user of the proxy re-encrypted private key generation module 4 by the transmission of system parameter setting module 1 The private key for the consigner that key production module 2 is sent and the private key of receiving party generate proxy re-encrypted private key, and agency are added again Key is sent to proxy re-encryption module 5;
System public parameter, key production module 2 of the proxy re-encryption module 5 by the transmission of system parameter setting module 1 Agency's weight that the original cipher text and proxy re-encrypted private key generation module 4 that identity information, the encrypting module 3 of transmission are sent are sent Encryption key carries out signature authentication, proxy re-encrypted ciphertext is generated after authenticating successfully, and the ciphertext is sent to deciphering module 6;
Deciphering module 6 restores corresponding for judging that the ciphertext received is original cipher text or proxy re-encrypted ciphertext Cleartext information;
If ciphertext is original cipher text, carried out according to the family private key of system public parameter, the identity information of consigner, consigner Signature verification restores clear-text message after being proved to be successful;
If ciphertext is proxy re-encrypted ciphertext, pass through system public parameter, the identity of the private key of receiving party and receiving party Information carries out signature verification, restores clear-text message after being proved to be successful.
The embodiment of the invention discloses a kind of proxy re-encryption methods of no Bilinear Pairing, comprising the following steps:
S1, setting system public parameter par and system master key mk;
S2, according to system public parameter par, generate the identity id of consigneri, receiving party identity idj, it is secret Close value xi, public key pki, consigner private key skiWith the private key sk of receiving partyj
S3, according to system public parameter par, the identity id of consigneriWith public key pkiIt is encrypted and is signed, obtained original Ciphertext ci
S4, according to system public parameter par, the private key sk of consigneriWith the private key sk of receiving partyjGenerate proxy re-encryption Code key rkij
S5, according to system public parameter par, original cipher text ci, consigner identity idi, receiving party identity idjAnd generation Manage re-encrypted private key rkij, signature authentication is carried out, generates proxy re-encrypted ciphertext c after authenticating successfullyj,
Ciphertext received by S6, judgement is original cipher text or proxy re-encrypted ciphertext;
If ciphertext is original cipher text ci, according to system public parameter par, the identity id of consigneri, consigner private key ski Signature verification is carried out, restores clear-text message m after being proved to be successful;
If ciphertext is proxy re-encrypted ciphertext cj, then pass through system public parameter par, the private key sk of receiving partyjAnd receiving party Identity idjSignature verification is carried out, restores clear-text message m after being proved to be successful.
Wherein,
S1 specifically includes the following steps:
S11, given security parameter k, choose the prime number q that a length is k bit, G is a q rank subgroup of Zq*, and g is G Generation member, Zq* is set of integers;
S12, four hash function H1, H2, H3 and H4, H1:{ 0,1 are chosen } * → Zq*, H2:{ 0,1 }n0× { 0,1 }n1× G → Zq*, H3:G → { 0,1 }n0+n1, H4:{ 0,1 } and * × G → Zq*, wherein no, n1 is the parameter determined by security parameter k, bright Literary space is { 0,1 }n0
S13, Random select system master key mk, and meet mk ∈ Zq*, calculate Z=mk*g, secrecy system master key mk;
S14, open system parameter par { q, G, g, Z, H1, H2, H3, H4, n0, n1 }.
S2 specifically includes the following steps:
S21, input system disclose parameter par, give the identity id of consigneri, consigner public key pkiAnd commission The private key sk of sidei
S22, x is randomly selectedi, make xi∈Zq*;
S23, the public key pk that consigner is seti=gxi, the private key sk of consigner is seti=xi
S3 specifically includes the following steps:
S31, input system disclose the identity id of parameter par, cleartext information m, consigneriWith the public key of consigner pki
S32, it randomly selectsCalculate t=H2 (m, r, pki),c1=pki t
S33, calculating
Public private key pair (the spk that S34, selection need to signi, sski), randomly select ui∈ Zq* calculates Ui=g × ui, Di =ui+mk×H4(idi, Ui), Xi=xi× g, spki=(Xi, Ui), sski=(xi, Di), c3=sski, sskiFor consigner's label Name private key;
S35, operation signature algorithm, randomly select integer ei∈ Zq* calculates Ei=ei× g, fi=H1 (Ei||Xi||idi|| M), hi=e/ (xi+fi+Di), vi=xi/(xi+fi+Di), obtain signature Si=(fi, hi, vi);
S36, output original cipher text ci=(c1, c2, c3, Si)。
S4 specifically includes the following steps:
S41, the private key sk for inputting consigneri=xiWith the private key sk of receiving partyj=xj
S42, proxy re-encryption code key rk is generatedij=skj/ski=xj/ximod q。
S5 specifically includes the following steps:
S51, input system disclose parameter par, original cipher text ci, consigner identity idi, the identity mark of receiving party Know idjWith proxy re-encrypted private key rkij
S52, signature verification calculate ai=H4 (idi,Ui), examine hi×(Ui+Xi+ai*Z+fi* g)=EiAnd vi×(Ui+Xi +ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, carry out carry out next step if setting up;
S53, calculating
Public private key pair (the spk that S54, selection need to signj, sskj), randomly select uj∈ Zq* calculates Uj=g × uj, Dj =uj+mk×H4(idj, Uj), Xj=xj× g, spkj=(Xj, Uj), sski=(xj, Dj), c3'=sskj, sskjFor receiving party's label Name private key;
S55, c4=pki
S56, operation signature algorithm, randomly select integer ej∈ Zq* calculates Ej=ej× g, fj=H1 (Ej||Xj||idj|| M), hj=e/ (xj+fj+Dj), vj=xj/(xj+fj+Dj), obtain signature Sj=(fj, hj, vj);
S57, output agent re-encryption ciphertext cj=(c1’,c2,c3’,c4,sj)。
S6 specifically includes the following steps:
S61, judge that ciphertext form is original cipher text or re-encryption ciphertext;
If S62, ciphertext are original cipher text, signature verification is carried out, calculates ai=H4 (idi,Ui), examine hi×(Ui+Xi+ ai*Z+fi* g)=EiAnd vi×(Ui+Xi+ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, if setting up Carry out next step;
S63, inspectionIt is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S64, calculatingExport clear-text message m;
The encrypted cipher text if S65, ciphertext are attached most importance to carries out signature verification, calculates aj=H4 (idj,Uj), examine hj×(Uj+Xj +aj*z+fj* g)=EjAnd vj×(Uj+Xj+aj*z+fj* g)=XjWhether two formulas are true, and ⊥ is exported if invalid, if setting up Carry out next step;
S66, c1 '=c4 is examinedH2(m,r,c4)It is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S67, calculatingExport clear-text message m.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with other The difference of embodiment, the same or similar parts in each embodiment may refer to each other.For device disclosed in embodiment For, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is said referring to method part It is bright.
The foregoing description of the disclosed embodiments enables those skilled in the art to implement or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, as defined herein General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, of the invention It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one The widest scope of cause.

Claims (9)

1. a kind of proxy re-encryption system of no Bilinear Pairing characterized by comprising system parameter setting module, key Generation module, encrypting module, proxy re-encrypted private key generation module, proxy re-encryption module and deciphering module;Wherein,
System master key is sent to by the system parameter setting module for generating system master key and system public parameter System public parameter is sent to the key production module, the encrypting module, the proxy re-encryption by the encrypting module Key production module, the proxy re-encryption module and the deciphering module;
The key production module is used to generate the public key, private key and identity information of each user, and by the public key of each user It is sent to the encrypting module and the proxy re-encrypted private key generation module, the private key of each user is sent to the agency Re-encrypted private key generation module and the deciphering module;
The encrypting module is used to generate the original cipher text for the clear-text message to be sent, and original cipher text is sent to the agency Re-encryption module and the deciphering module;
Proxy re-encrypted private key is sent to by the proxy re-encrypted private key generation module for generating proxy re-encrypted private key The proxy re-encryption module;
Proxy re-encrypted ciphertext is sent to the decryption for generating proxy re-encrypted ciphertext by the proxy re-encryption module Module;
The deciphering module restores corresponding for judging that the ciphertext received is original cipher text or proxy re-encrypted ciphertext Cleartext information.
2. a kind of proxy re-encryption system of no Bilinear Pairing according to claim 1, which is characterized in that key generates The private key of module user generated includes the private key of consigner and the private key of receiving party, and the identity information of user includes consigner Identity information and receiving party identity information.
3. a kind of proxy re-encryption method of no Bilinear Pairing, which comprises the following steps:
S1, setting system public parameter par and system master key mk;
S2, according to system public parameter par, generate the identity id of consigneri, receiving party identity idj, secret value xi, public key pki, consigner private key skiWith the private key sk of receiving partyj
S3, according to system public parameter par, the identity id of consigneriWith public key pkiIt is encrypted and is signed, obtain original cipher text ci
S4, according to system public parameter par, the private key sk of consigneriWith the private key sk of receiving partyjGenerate proxy re-encryption code key rkij
S5, according to system public parameter par, original cipher text ci, consigner identity idi, receiving party identity idjWith agency's weight Encryption key rkij, signature authentication is carried out, generates proxy re-encrypted ciphertext c after authenticating successfullyj,
Ciphertext received by S6, judgement is original cipher text or proxy re-encrypted ciphertext, and decryption restoration is believed in plain text accordingly Cease m.
4. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 3, which is characterized in that S1 is specifically wrapped Include following steps:
S11, given security parameter k, choose the prime number q that a length is k bit, G is a q rank subgroup of Zq*, and g is the life of G Cheng Yuan;
S12, four hash function H1, H2, H3 and H4, H1:{ 0,1 are chosen } * → Zq*, H2:{ 0,1 }n0× { 0,1 }n1×G→ Zq*, H3:G → { 0,1 }n0+n1, H4:{ 0,1 } and * × G → Zq*;Wherein no, n1 are the security parameters determined by security parameter k, Plaintext space is { 0,1 }n0
S13, Random select system master key mk, and meet mk ∈ Zq*, calculate Z=mk*g, secrecy system master key mk;
S14, open system parameter par { q, G, g, z, H1, H2, H3, H4, n0,n1}。
5. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 4, which is characterized in that S2 is specifically wrapped Include following steps:
S21, input system disclose parameter par, give the identity id of consigneri, consigner public key pkiWith consigner's Private key ski
S22, x is randomly selectedi, make xi∈Zq*;
S23, the public key pk that consigner is seti=gxi, the private key sk of consigner is seti=xi
6. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 5, which is characterized in that S3 is specifically wrapped Include following steps:
S31, input system disclose the identity id of parameter par, cleartext information m, consigneriWith the public key pk of consigneri
S32, it randomly selectsCalculate t=H2 (m, r, pki),c1=pki t
S33, calculating
Public private key pair (the spk that S34, selection need to signi, sski), randomly select ui∈ Zq* calculates Ui=g × ui, Di=ui+ mk×H4(idi, Ui), Xi=xi× g, spki=(Xi, Ui), sski=(xi, Di), c3=sski
S35, operation signature algorithm, randomly select integer ei∈ Zq* calculates Ei=ei× g, fi=H1 (Ei||Xi||idi| | m), hi =e/ (xi+fi+Di), vi=xi/(xi+fi+Di), obtain signature Si=(fi, hi, vi);
S36, output original cipher text ci=(c1, c2, c3, Si)。
7. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 6, which is characterized in that S4 is specifically wrapped Include following steps:
S41, the private key sk for inputting consigneri=xiWith the private key sk of receiving partyj=xj
S42, proxy re-encryption code key rk is generatedij=skj/ski=xj/ximod q。
8. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 7, which is characterized in that S5 is specifically wrapped Include following steps:
S51, input system disclose parameter par, original cipher text ci, consigner identity idi, the identity id of receiving partyj With proxy re-encrypted private key rkij
S52, signature verification calculate ai=H4 (idi,Ui), examine hi×(Ui+Xi+ai*Z+fi* g)=EiAnd vi×(Ui+Xi+ai*Z +fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, carry out carry out next step if setting up;
S53, calculating
Public private key pair (the spk that S54, selection need to signj, sskj), randomly select uj∈ Zq* calculates Uj=g × uj, Dj=uj+ mk×H4(idj, Uj), Xj=xj× g, spkj=(Xj, Uj), sskj=(xj, Dj), c3'=sskj
S55、c4=pki
S56, operation signature algorithm, randomly select integer ej∈ Zq* calculates Ej=ej× g, fj=H1 (Ej||Xj||idj| | m), hj =e/ (xj+fj+Dj), vj=xj/(xj+fj+Dj), obtain signature Sj=(fj, hj, vj);
S57, output agent re-encryption ciphertext cj=(c1’,c2,c3’,c4,sj)。
9. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 8, which is characterized in that S6 is specifically wrapped Include following steps:
S61, judge that ciphertext form is original cipher text or re-encryption ciphertext;
If S62, ciphertext are original cipher text, signature verification is carried out, calculates ai=H4 (idi,Ui), examine hi×(Ui+Xi+ai*Z+ fi* g)=EiAnd vi×(Ui+Xi+ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, carry out down if setting up One step;
S63, inspectionIt is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S64, calculatingExport clear-text message m;
The encrypted cipher text if S65, ciphertext are attached most importance to carries out signature verification, calculates aj=H4 (idj,Uj), examine hj×(Uj+Xj+aj*Z +fj* g)=EjAnd vj×(Uj+Xj+aj*Z+fj* g)=XjWhether two formulas are true, and ⊥ is exported if invalid, carry out if setting up Next step;
S66, inspectionIt is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S67, calculatingExport clear-text message m.
CN201810878086.6A 2018-08-03 2018-08-03 Agent re-encryption system and method without bilinear pairing Active CN108989049B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810878086.6A CN108989049B (en) 2018-08-03 2018-08-03 Agent re-encryption system and method without bilinear pairing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810878086.6A CN108989049B (en) 2018-08-03 2018-08-03 Agent re-encryption system and method without bilinear pairing

Publications (2)

Publication Number Publication Date
CN108989049A true CN108989049A (en) 2018-12-11
CN108989049B CN108989049B (en) 2021-11-30

Family

ID=64554591

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810878086.6A Active CN108989049B (en) 2018-08-03 2018-08-03 Agent re-encryption system and method without bilinear pairing

Country Status (1)

Country Link
CN (1) CN108989049B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109586903A (en) * 2018-12-19 2019-04-05 南京航空航天大学 A kind of restructural encryption method of the Agent advertisement of hazy condition
CN110110554A (en) * 2019-04-04 2019-08-09 安徽大学 A kind of cloud storage data integrity detection method based on agency
CN113268764A (en) * 2021-02-24 2021-08-17 西安交通大学 Personal credit data authorization method for mixed chain and threshold proxy re-encryption
CN114338229A (en) * 2022-01-27 2022-04-12 华东师范大学 Lightweight dynamic broadcast agent re-encryption and cloud data sharing method
CN114629901A (en) * 2020-12-14 2022-06-14 北京金山云网络技术有限公司 BaaS-based block chain data sharing method, device and equipment
WO2022155811A1 (en) * 2021-01-20 2022-07-28 深圳技术大学 Multi-receiver proxy re-encryption method and system, and electronic apparatus and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105025024A (en) * 2015-07-22 2015-11-04 河海大学 Certificateless condition based proxy re-encryption system and method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105025024A (en) * 2015-07-22 2015-11-04 河海大学 Certificateless condition based proxy re-encryption system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
黄萍 等: "无双线性对的基于身份代理重签名方案", 《无双线性对的基于身份代理重签名方案 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109586903A (en) * 2018-12-19 2019-04-05 南京航空航天大学 A kind of restructural encryption method of the Agent advertisement of hazy condition
CN110110554A (en) * 2019-04-04 2019-08-09 安徽大学 A kind of cloud storage data integrity detection method based on agency
CN110110554B (en) * 2019-04-04 2023-03-21 安徽大学 Agent-based cloud storage data integrity detection method
CN114629901A (en) * 2020-12-14 2022-06-14 北京金山云网络技术有限公司 BaaS-based block chain data sharing method, device and equipment
WO2022155811A1 (en) * 2021-01-20 2022-07-28 深圳技术大学 Multi-receiver proxy re-encryption method and system, and electronic apparatus and storage medium
CN113268764A (en) * 2021-02-24 2021-08-17 西安交通大学 Personal credit data authorization method for mixed chain and threshold proxy re-encryption
CN114338229A (en) * 2022-01-27 2022-04-12 华东师范大学 Lightweight dynamic broadcast agent re-encryption and cloud data sharing method
CN114338229B (en) * 2022-01-27 2022-10-04 华东师范大学 Lightweight dynamic broadcast agent re-encryption and cloud data sharing method

Also Published As

Publication number Publication date
CN108989049B (en) 2021-11-30

Similar Documents

Publication Publication Date Title
CN108292402B (en) Determination of a common secret and hierarchical deterministic keys for the secure exchange of information
CN105024994B (en) Without the safety to computing label decryption method is mixed without certificate
CN108989049A (en) A kind of the proxy re-encryption system and encryption method of no Bilinear Pairing
CN103647642B (en) A kind of based on certification agency re-encryption method and system
US7634085B1 (en) Identity-based-encryption system with partial attribute matching
CN110113155B (en) High-efficiency certificateless public key encryption method
CN110958219B (en) SM2 proxy re-encryption method and device for medical cloud shared data
CN101977112B (en) Public key cipher encrypting and decrypting method based on neural network chaotic attractor
CN102523093B (en) Encapsulation method and encapsulation system for certificate-based key with label
CN104320393B (en) The controllable efficient attribute base proxy re-encryption method of re-encryption
CN105025024B (en) One kind is based on no certificate conditions proxy re-encryption System and method for
CN101166088A (en) Encryption and decryption method based on user identity identifier
CN105933345B (en) It is a kind of that outsourcing attribute base encryption method can verify that based on linear privacy sharing
CN110719295B (en) Identity-based food data security-oriented proxy re-encryption method and device
CN110830236A (en) Identity-based encryption method based on global hash
CN104767611B (en) It is a kind of from PKIX environment to the label decryption method without certificate environment
CN106713349B (en) Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text
CN113297633B (en) Quantum digital signature method
CN110851845A (en) Light-weight single-user multi-data all-homomorphic data packaging method
CN110784314A (en) Certificateless encrypted information processing method
CN110999202A (en) Computer-implemented system and method for highly secure, high-speed encryption and transmission of data
CN116846556A (en) SM 9-based data condition proxy re-encryption method, system and equipment
CN114095171A (en) Identity-based wearable proxy re-encryption method
CN113343258B (en) Attribute-based agent re-encryption method applicable to lattice-based ciphertext strategy shared by body test result cloud
KR101793528B1 (en) Certificateless public key encryption system and receiving terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant