CN108989049A - A kind of the proxy re-encryption system and encryption method of no Bilinear Pairing - Google Patents
A kind of the proxy re-encryption system and encryption method of no Bilinear Pairing Download PDFInfo
- Publication number
- CN108989049A CN108989049A CN201810878086.6A CN201810878086A CN108989049A CN 108989049 A CN108989049 A CN 108989049A CN 201810878086 A CN201810878086 A CN 201810878086A CN 108989049 A CN108989049 A CN 108989049A
- Authority
- CN
- China
- Prior art keywords
- proxy
- module
- private key
- encryption
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of proxy re-encryption systems of no Bilinear Pairing, comprising: system parameter setting module, key production module, encrypting module, proxy re-encrypted private key generation module, proxy re-encryption module and deciphering module.The present invention is applied in proxy re-encryption method by using no bilinearity matching method, the data for allowing cloud storage platform to encrypt the data forwarding that data owner encrypts at data sharer under the authorization of data owner, the ciphertext that data sharer downloads re-encryption directly from cloud storage in this way can decrypt data, this process saves a large amount of resource, and cloud storage platform is unable to get any information of data.
Description
Technical field
The present invention relates to field of cloud computer technology, more particularly to a kind of proxy re-encryption of no Bilinear Pairing
System and encryption method.
Background technique
In recent years, application and the intensification of all things on earth interconnection process with the development of cloud computing technology, the data in cloud storage
Safety has received widespread attention.In order to which the encryption data in cloud storage is shared to other users, traditional way is data
The owner downloaded from cloud storage encryption data then re-encrypted issue sharer, this process can consume a large amount of network and
Computing resource.
In order to improve computational efficiency, proxy re-encryption arithmetic analysis encryption data can be taken, still, existing agency's weight
Encryption method generallys use Bilinear Pairing method, and significant drawback is computationally intensive, and enciphering rate is slow, greatly reduces meter
Efficiency is calculated, the demand of current big data era can not be adapted to, practicability is had a greatly reduced quality.
Therefore, how to provide that a kind of computational efficiency is high at the same the not ductility that guarantees ciphertext without Bilinear Pairing
The problem of proxy re-encryption system and method is those skilled in the art's urgent need to resolve.
Summary of the invention
In view of this, the present invention provides a kind of proxy re-encryption system of no Bilinear Pairing and encryption methods, by nothing
The proxy re-encryption scheme of Bilinear Pairing is combined with no certificate signature scheme, solves agency's weight based on Bilinear Pairing
The inefficiency problem of encryption substantially increases computational efficiency, and guarantee ciphertext while guaranteeing chosen ciphertext attacks safety
Not ductility.
To achieve the goals above, the present invention adopts the following technical scheme:
A kind of proxy re-encryption system of no Bilinear Pairing, comprising: system parameter setting module, key production module,
Encrypting module, proxy re-encrypted private key generation module, proxy re-encryption module and deciphering module;Wherein,
The system parameter setting module sends out system master key for generating system master key and system public parameter
It send to the encrypting module, system public parameter is sent to the key production module, the encrypting module, agency weight
Encryption key generation module, the proxy re-encryption module and the deciphering module;
The key production module is used to generate the public key, private key and identity information of each user, and by the public key of user
It is sent to the encrypting module and the proxy re-encrypted private key generation module, the private key of user is sent to the agency and is added again
Close key production module and the deciphering module;
The encrypting module is used to generate the original cipher text for the clear-text message to be sent, and original cipher text is sent to the generation
Manage re-encryption module and the deciphering module;
The proxy re-encrypted private key generation module sends out proxy re-encrypted private key according to generation proxy re-encrypted private key
It send to the proxy re-encryption module;
The system public parameter and key that the proxy re-encryption module is sent according to system parameter setting module generate mould
Generation of the subscriber identity information that block is sent to the encrypting module original cipher text sent and the transmission of proxy re-encrypted private key generation module
It manages re-encrypted private key and carries out signature authentication, proxy re-encrypted ciphertext is sent to the deciphering module after authenticating successfully;
The deciphering module restores phase for judging that the ciphertext received is original cipher text or proxy re-encrypted ciphertext
The cleartext information answered.
The private key of key production module user generated includes the private key of consigner and the private key of receiving party, the body of user
Part information includes the identity information of consigner and the identity information of receiving party.
Invention additionally discloses a kind of proxy re-encryption methods of no Bilinear Pairing, comprising the following steps:
S1, setting system public parameter par and system master key mk;
S2, according to system public parameter par, generate the identity id of consigneri, receiving party identity idj, secret value xi, it is public
Key pki, consigner private key skiWith the private key sk of receiving partyj;
S3, according to system public parameter par, the identity id of consigneriWith public key pkiIt is encrypted and is signed, obtained original
Ciphertext ci;
S4, according to system public parameter par, the private key sk of consigneriWith the private key sk of receiving partyjGenerate proxy re-encryption
Code key rkij;
S5, according to system public parameter par, original cipher text ci, consigner identity idi, receiving party identity idjAnd generation
Manage re-encrypted private key rkij, signature authentication is carried out, generates proxy re-encrypted ciphertext c after authenticating successfullyj,
Ciphertext received by S6, judgement is original cipher text or proxy re-encrypted ciphertext, and decryption restoration is bright accordingly
Literary information m.
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S1 specifically includes the following steps:
S11, given security parameter k, choose the prime number q that a length is k bit, G is a q rank subgroup of Zq*, and g is G
Generation member;
S12, four hash function H1, H2, H3 and H4, H1:{ 0,1 are chosen } * → Zq*, H2:{ 0,1 }n0× { 0,1 }n1×
G → Zq*, H3:G → { 0,1 }n0+n1, H4:{ 0,1 } and * × G → Zq*;Wherein no, n1 are security parameters, and plaintext space is { 0,1
}n0;
S13, Random select system master key mk, and meet mk ∈ Zq*, calculate Z=mk*g, secrecy system master key mk;
S14, open system parameter par { q, G, g, z, H1, H2, H3, H4, n0, n1 }.
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S2 specifically includes the following steps:
S21, input system disclose parameter par, give the identity id of consigneri, consigner public key pkiAnd commission
The private key sk of sidei;
S22, x is randomly selectedi, make xi∈Zq*;
S23, the public key pk that consigner is seti=gxi, the private key sk of consigner is seti=xi。
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S3 specifically includes the following steps:
S31, input system disclose the identity id of parameter par, cleartext information m, consigneriWith the public key of consigner
pki;
S32, it randomly selectsCalculate t=H2 (m, r, pki), c1=pki t;
S33, calculating
Public private key pair (the spk that S34, selection need to signi, sski), randomly select ui∈ Zq* calculates Ui=g × ui, Di
=ui+mk×H4(idi, Ui), Xi=xi× g, spki=(Xi, Ui), sski=(xi, Di), c3=sski;
S35, operation signature algorithm, randomly select integer ei∈ Zq* calculates Ei=ei× g, fi=H1 (Ei||Xi||idi||
M), hi=e/ (xi+fi+Di), vi=xi/(xi+fi+Di), obtain signature Si=(fi, hi, vi);
S36, output original cipher text ci=(c1, c2, c3, Si)。
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S4 specifically includes the following steps:
S41, the private key sk for inputting consigneri=xiWith the private key sk of receiving partyj=xj;
S42, proxy re-encryption code key rk is generatedij=skj/ski=xj/ximod q。
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S5 specifically includes the following steps:
S51, input system disclose parameter par, original cipher text ci, consigner identity idi, the identity mark of receiving party
Know idjWith proxy re-encrypted private key rkij;
S52, signature verification calculate ai=H4 (idi,Ui), examine hi×(Ui+Xi+ai*Z+fi* g)=EiAnd vi×(Ui+Xi
+ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, carry out carry out next step if setting up;
S53, calculating
Public private key pair (the spk that S54, selection need to signj, sskj), randomly select uj∈ Zq* calculates Uj=g × uj, Dj
=uj+mk×H4(idj, Uj), Xj=xj× g, spkj=(Xj, Uj), sskj=(xj, Dj), c3'=sskj;
S55、c4=pki;
S56, operation signature algorithm, randomly select integer ej∈ Zq* calculates Ej=ej× g, fj=H1 (Ej||Xj||idj||
M), hj=e/ (xj+fj+Dj), vj=xj/(xj+fj+Dj), obtain signature Sj=(fj, hj, vj);
S57, output agent re-encryption ciphertext cj=(c1’,c2,c3’,c4,sj)。
Preferably, in a kind of above-mentioned proxy re-encryption method of no Bilinear Pairing, S6 specifically includes the following steps:
S61, judge that ciphertext form is original cipher text or re-encryption ciphertext;
If S62, ciphertext are original cipher text, signature verification is carried out, calculates ai=H4 (idi,Ui), examine hi×(Ui+Xi+
ai*Z+fi* g)=EiAnd vi×(Ui+Xi+ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, if setting up
Carry out next step;
S63, inspectionIt is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S64, calculatingExport clear-text message m;
The encrypted cipher text if S65, ciphertext are attached most importance to carries out signature verification, calculates aj=H4 (idj,Uj), examine hj×(Uj+Xj
+aj*Z+fj* g)=EjAnd vj×(Uj+Xj+aj*Z+fj* g)=XjWhether two formulas are true, and ⊥ is exported if invalid, if setting up
Carry out next step;
S66, c is examined1'=c4H2(m,r,c4)It is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S67, calculatingExport clear-text message m.
It can be seen via above technical scheme that compared with prior art, the invention has the following beneficial effects: the present invention to adopt
With the encryption method of no Bilinear Pairing and without certificate signature authentication mechanism, guaranteeing the same of chosen ciphertext attacks safety
When, computational efficiency is substantially increased, and protect the accuracy of information;Its function admirable, convenient for being applied in open network environment.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 attached drawing is the structural schematic diagram of the proxy re-encryption system of the invention without Bilinear Pairing.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
The embodiment of the invention discloses a kind of proxy re-encryption systems of no Bilinear Pairing, comprising: system parameter setting
Module 1, key production module 2, encrypting module 3, proxy re-encrypted private key generation module 4, proxy re-encryption module 5 and decryption mould
Block 6;Wherein,
System parameter setting module 1 sends system master key for generating system master key and system public parameter
To encrypting module 3, system public parameter is sent to 2 key production modules, 3 encrypting modules, 4 proxy re-encrypted private keys and generates mould
Block, 5 proxy re-encryption modules and 6 deciphering modules;
Key production module 2 is used to generate public key, private key and the identity information of consigner and public key, the private key of receiving party
And identity information, and the public key of the public key of consigner and receiving party is sent to encrypting module 3 and proxy re-encrypted private key generation
The private key of the private key of consigner and receiving party is sent to proxy re-encrypted private key generation module 4 and deciphering module 6 by module 4;
Encrypting module 3 is sent by system public parameter, the key production module 2 of the transmission of system parameter setting module 1
The public key and consigner of consigner and receiving party and the identity information of receiving party, to the clear-text message to be sent carry out encryption and
Signature generates the original cipher text for the clear-text message to be sent, and original cipher text is sent to proxy re-encryption module 5 and decryption mould
Block 6;
System public parameter and user of the proxy re-encrypted private key generation module 4 by the transmission of system parameter setting module 1
The private key for the consigner that key production module 2 is sent and the private key of receiving party generate proxy re-encrypted private key, and agency are added again
Key is sent to proxy re-encryption module 5;
System public parameter, key production module 2 of the proxy re-encryption module 5 by the transmission of system parameter setting module 1
Agency's weight that the original cipher text and proxy re-encrypted private key generation module 4 that identity information, the encrypting module 3 of transmission are sent are sent
Encryption key carries out signature authentication, proxy re-encrypted ciphertext is generated after authenticating successfully, and the ciphertext is sent to deciphering module 6;
Deciphering module 6 restores corresponding for judging that the ciphertext received is original cipher text or proxy re-encrypted ciphertext
Cleartext information;
If ciphertext is original cipher text, carried out according to the family private key of system public parameter, the identity information of consigner, consigner
Signature verification restores clear-text message after being proved to be successful;
If ciphertext is proxy re-encrypted ciphertext, pass through system public parameter, the identity of the private key of receiving party and receiving party
Information carries out signature verification, restores clear-text message after being proved to be successful.
The embodiment of the invention discloses a kind of proxy re-encryption methods of no Bilinear Pairing, comprising the following steps:
S1, setting system public parameter par and system master key mk;
S2, according to system public parameter par, generate the identity id of consigneri, receiving party identity idj, it is secret
Close value xi, public key pki, consigner private key skiWith the private key sk of receiving partyj;
S3, according to system public parameter par, the identity id of consigneriWith public key pkiIt is encrypted and is signed, obtained original
Ciphertext ci;
S4, according to system public parameter par, the private key sk of consigneriWith the private key sk of receiving partyjGenerate proxy re-encryption
Code key rkij;
S5, according to system public parameter par, original cipher text ci, consigner identity idi, receiving party identity idjAnd generation
Manage re-encrypted private key rkij, signature authentication is carried out, generates proxy re-encrypted ciphertext c after authenticating successfullyj,
Ciphertext received by S6, judgement is original cipher text or proxy re-encrypted ciphertext;
If ciphertext is original cipher text ci, according to system public parameter par, the identity id of consigneri, consigner private key ski
Signature verification is carried out, restores clear-text message m after being proved to be successful;
If ciphertext is proxy re-encrypted ciphertext cj, then pass through system public parameter par, the private key sk of receiving partyjAnd receiving party
Identity idjSignature verification is carried out, restores clear-text message m after being proved to be successful.
Wherein,
S1 specifically includes the following steps:
S11, given security parameter k, choose the prime number q that a length is k bit, G is a q rank subgroup of Zq*, and g is G
Generation member, Zq* is set of integers;
S12, four hash function H1, H2, H3 and H4, H1:{ 0,1 are chosen } * → Zq*, H2:{ 0,1 }n0× { 0,1 }n1×
G → Zq*, H3:G → { 0,1 }n0+n1, H4:{ 0,1 } and * × G → Zq*, wherein no, n1 is the parameter determined by security parameter k, bright
Literary space is { 0,1 }n0;
S13, Random select system master key mk, and meet mk ∈ Zq*, calculate Z=mk*g, secrecy system master key mk;
S14, open system parameter par { q, G, g, Z, H1, H2, H3, H4, n0, n1 }.
S2 specifically includes the following steps:
S21, input system disclose parameter par, give the identity id of consigneri, consigner public key pkiAnd commission
The private key sk of sidei;
S22, x is randomly selectedi, make xi∈Zq*;
S23, the public key pk that consigner is seti=gxi, the private key sk of consigner is seti=xi。
S3 specifically includes the following steps:
S31, input system disclose the identity id of parameter par, cleartext information m, consigneriWith the public key of consigner
pki;
S32, it randomly selectsCalculate t=H2 (m, r, pki),c1=pki t;
S33, calculating
Public private key pair (the spk that S34, selection need to signi, sski), randomly select ui∈ Zq* calculates Ui=g × ui, Di
=ui+mk×H4(idi, Ui), Xi=xi× g, spki=(Xi, Ui), sski=(xi, Di), c3=sski, sskiFor consigner's label
Name private key;
S35, operation signature algorithm, randomly select integer ei∈ Zq* calculates Ei=ei× g, fi=H1 (Ei||Xi||idi||
M), hi=e/ (xi+fi+Di), vi=xi/(xi+fi+Di), obtain signature Si=(fi, hi, vi);
S36, output original cipher text ci=(c1, c2, c3, Si)。
S4 specifically includes the following steps:
S41, the private key sk for inputting consigneri=xiWith the private key sk of receiving partyj=xj;
S42, proxy re-encryption code key rk is generatedij=skj/ski=xj/ximod q。
S5 specifically includes the following steps:
S51, input system disclose parameter par, original cipher text ci, consigner identity idi, the identity mark of receiving party
Know idjWith proxy re-encrypted private key rkij;
S52, signature verification calculate ai=H4 (idi,Ui), examine hi×(Ui+Xi+ai*Z+fi* g)=EiAnd vi×(Ui+Xi
+ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, carry out carry out next step if setting up;
S53, calculating
Public private key pair (the spk that S54, selection need to signj, sskj), randomly select uj∈ Zq* calculates Uj=g × uj, Dj
=uj+mk×H4(idj, Uj), Xj=xj× g, spkj=(Xj, Uj), sski=(xj, Dj), c3'=sskj, sskjFor receiving party's label
Name private key;
S55, c4=pki;
S56, operation signature algorithm, randomly select integer ej∈ Zq* calculates Ej=ej× g, fj=H1 (Ej||Xj||idj||
M), hj=e/ (xj+fj+Dj), vj=xj/(xj+fj+Dj), obtain signature Sj=(fj, hj, vj);
S57, output agent re-encryption ciphertext cj=(c1’,c2,c3’,c4,sj)。
S6 specifically includes the following steps:
S61, judge that ciphertext form is original cipher text or re-encryption ciphertext;
If S62, ciphertext are original cipher text, signature verification is carried out, calculates ai=H4 (idi,Ui), examine hi×(Ui+Xi+
ai*Z+fi* g)=EiAnd vi×(Ui+Xi+ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, if setting up
Carry out next step;
S63, inspectionIt is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S64, calculatingExport clear-text message m;
The encrypted cipher text if S65, ciphertext are attached most importance to carries out signature verification, calculates aj=H4 (idj,Uj), examine hj×(Uj+Xj
+aj*z+fj* g)=EjAnd vj×(Uj+Xj+aj*z+fj* g)=XjWhether two formulas are true, and ⊥ is exported if invalid, if setting up
Carry out next step;
S66, c1 '=c4 is examinedH2(m,r,c4)It is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S67, calculatingExport clear-text message m.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with other
The difference of embodiment, the same or similar parts in each embodiment may refer to each other.For device disclosed in embodiment
For, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is said referring to method part
It is bright.
The foregoing description of the disclosed embodiments enables those skilled in the art to implement or use the present invention.
Various modifications to these embodiments will be readily apparent to those skilled in the art, as defined herein
General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, of the invention
It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one
The widest scope of cause.
Claims (9)
1. a kind of proxy re-encryption system of no Bilinear Pairing characterized by comprising system parameter setting module, key
Generation module, encrypting module, proxy re-encrypted private key generation module, proxy re-encryption module and deciphering module;Wherein,
System master key is sent to by the system parameter setting module for generating system master key and system public parameter
System public parameter is sent to the key production module, the encrypting module, the proxy re-encryption by the encrypting module
Key production module, the proxy re-encryption module and the deciphering module;
The key production module is used to generate the public key, private key and identity information of each user, and by the public key of each user
It is sent to the encrypting module and the proxy re-encrypted private key generation module, the private key of each user is sent to the agency
Re-encrypted private key generation module and the deciphering module;
The encrypting module is used to generate the original cipher text for the clear-text message to be sent, and original cipher text is sent to the agency
Re-encryption module and the deciphering module;
Proxy re-encrypted private key is sent to by the proxy re-encrypted private key generation module for generating proxy re-encrypted private key
The proxy re-encryption module;
Proxy re-encrypted ciphertext is sent to the decryption for generating proxy re-encrypted ciphertext by the proxy re-encryption module
Module;
The deciphering module restores corresponding for judging that the ciphertext received is original cipher text or proxy re-encrypted ciphertext
Cleartext information.
2. a kind of proxy re-encryption system of no Bilinear Pairing according to claim 1, which is characterized in that key generates
The private key of module user generated includes the private key of consigner and the private key of receiving party, and the identity information of user includes consigner
Identity information and receiving party identity information.
3. a kind of proxy re-encryption method of no Bilinear Pairing, which comprises the following steps:
S1, setting system public parameter par and system master key mk;
S2, according to system public parameter par, generate the identity id of consigneri, receiving party identity idj, secret value xi, public key
pki, consigner private key skiWith the private key sk of receiving partyj;
S3, according to system public parameter par, the identity id of consigneriWith public key pkiIt is encrypted and is signed, obtain original cipher text
ci;
S4, according to system public parameter par, the private key sk of consigneriWith the private key sk of receiving partyjGenerate proxy re-encryption code key
rkij;
S5, according to system public parameter par, original cipher text ci, consigner identity idi, receiving party identity idjWith agency's weight
Encryption key rkij, signature authentication is carried out, generates proxy re-encrypted ciphertext c after authenticating successfullyj,
Ciphertext received by S6, judgement is original cipher text or proxy re-encrypted ciphertext, and decryption restoration is believed in plain text accordingly
Cease m.
4. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 3, which is characterized in that S1 is specifically wrapped
Include following steps:
S11, given security parameter k, choose the prime number q that a length is k bit, G is a q rank subgroup of Zq*, and g is the life of G
Cheng Yuan;
S12, four hash function H1, H2, H3 and H4, H1:{ 0,1 are chosen } * → Zq*, H2:{ 0,1 }n0× { 0,1 }n1×G→
Zq*, H3:G → { 0,1 }n0+n1, H4:{ 0,1 } and * × G → Zq*;Wherein no, n1 are the security parameters determined by security parameter k,
Plaintext space is { 0,1 }n0;
S13, Random select system master key mk, and meet mk ∈ Zq*, calculate Z=mk*g, secrecy system master key mk;
S14, open system parameter par { q, G, g, z, H1, H2, H3, H4, n0,n1}。
5. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 4, which is characterized in that S2 is specifically wrapped
Include following steps:
S21, input system disclose parameter par, give the identity id of consigneri, consigner public key pkiWith consigner's
Private key ski;
S22, x is randomly selectedi, make xi∈Zq*;
S23, the public key pk that consigner is seti=gxi, the private key sk of consigner is seti=xi。
6. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 5, which is characterized in that S3 is specifically wrapped
Include following steps:
S31, input system disclose the identity id of parameter par, cleartext information m, consigneriWith the public key pk of consigneri;
S32, it randomly selectsCalculate t=H2 (m, r, pki),c1=pki t;
S33, calculating
Public private key pair (the spk that S34, selection need to signi, sski), randomly select ui∈ Zq* calculates Ui=g × ui, Di=ui+
mk×H4(idi, Ui), Xi=xi× g, spki=(Xi, Ui), sski=(xi, Di), c3=sski;
S35, operation signature algorithm, randomly select integer ei∈ Zq* calculates Ei=ei× g, fi=H1 (Ei||Xi||idi| | m), hi
=e/ (xi+fi+Di), vi=xi/(xi+fi+Di), obtain signature Si=(fi, hi, vi);
S36, output original cipher text ci=(c1, c2, c3, Si)。
7. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 6, which is characterized in that S4 is specifically wrapped
Include following steps:
S41, the private key sk for inputting consigneri=xiWith the private key sk of receiving partyj=xj;
S42, proxy re-encryption code key rk is generatedij=skj/ski=xj/ximod q。
8. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 7, which is characterized in that S5 is specifically wrapped
Include following steps:
S51, input system disclose parameter par, original cipher text ci, consigner identity idi, the identity id of receiving partyj
With proxy re-encrypted private key rkij;
S52, signature verification calculate ai=H4 (idi,Ui), examine hi×(Ui+Xi+ai*Z+fi* g)=EiAnd vi×(Ui+Xi+ai*Z
+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, carry out carry out next step if setting up;
S53, calculating
Public private key pair (the spk that S54, selection need to signj, sskj), randomly select uj∈ Zq* calculates Uj=g × uj, Dj=uj+
mk×H4(idj, Uj), Xj=xj× g, spkj=(Xj, Uj), sskj=(xj, Dj), c3'=sskj;
S55、c4=pki;
S56, operation signature algorithm, randomly select integer ej∈ Zq* calculates Ej=ej× g, fj=H1 (Ej||Xj||idj| | m), hj
=e/ (xj+fj+Dj), vj=xj/(xj+fj+Dj), obtain signature Sj=(fj, hj, vj);
S57, output agent re-encryption ciphertext cj=(c1’,c2,c3’,c4,sj)。
9. a kind of proxy re-encryption method of no Bilinear Pairing according to claim 8, which is characterized in that S6 is specifically wrapped
Include following steps:
S61, judge that ciphertext form is original cipher text or re-encryption ciphertext;
If S62, ciphertext are original cipher text, signature verification is carried out, calculates ai=H4 (idi,Ui), examine hi×(Ui+Xi+ai*Z+
fi* g)=EiAnd vi×(Ui+Xi+ai*Z+fi* g)=XiWhether two formulas are true, and ⊥ is exported if invalid, carry out down if setting up
One step;
S63, inspectionIt is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S64, calculatingExport clear-text message m;
The encrypted cipher text if S65, ciphertext are attached most importance to carries out signature verification, calculates aj=H4 (idj,Uj), examine hj×(Uj+Xj+aj*Z
+fj* g)=EjAnd vj×(Uj+Xj+aj*Z+fj* g)=XjWhether two formulas are true, and ⊥ is exported if invalid, carry out if setting up
Next step;
S66, inspectionIt is whether true, ⊥ is exported if invalid, carries out next step if setting up;
S67, calculatingExport clear-text message m.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810878086.6A CN108989049B (en) | 2018-08-03 | 2018-08-03 | Agent re-encryption system and method without bilinear pairing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810878086.6A CN108989049B (en) | 2018-08-03 | 2018-08-03 | Agent re-encryption system and method without bilinear pairing |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108989049A true CN108989049A (en) | 2018-12-11 |
CN108989049B CN108989049B (en) | 2021-11-30 |
Family
ID=64554591
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810878086.6A Active CN108989049B (en) | 2018-08-03 | 2018-08-03 | Agent re-encryption system and method without bilinear pairing |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108989049B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109586903A (en) * | 2018-12-19 | 2019-04-05 | 南京航空航天大学 | A kind of restructural encryption method of the Agent advertisement of hazy condition |
CN110110554A (en) * | 2019-04-04 | 2019-08-09 | 安徽大学 | A kind of cloud storage data integrity detection method based on agency |
CN113268764A (en) * | 2021-02-24 | 2021-08-17 | 西安交通大学 | Personal credit data authorization method for mixed chain and threshold proxy re-encryption |
CN114338229A (en) * | 2022-01-27 | 2022-04-12 | 华东师范大学 | Lightweight dynamic broadcast agent re-encryption and cloud data sharing method |
CN114629901A (en) * | 2020-12-14 | 2022-06-14 | 北京金山云网络技术有限公司 | BaaS-based block chain data sharing method, device and equipment |
WO2022155811A1 (en) * | 2021-01-20 | 2022-07-28 | 深圳技术大学 | Multi-receiver proxy re-encryption method and system, and electronic apparatus and storage medium |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105025024A (en) * | 2015-07-22 | 2015-11-04 | 河海大学 | Certificateless condition based proxy re-encryption system and method |
-
2018
- 2018-08-03 CN CN201810878086.6A patent/CN108989049B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105025024A (en) * | 2015-07-22 | 2015-11-04 | 河海大学 | Certificateless condition based proxy re-encryption system and method |
Non-Patent Citations (1)
Title |
---|
黄萍 等: "无双线性对的基于身份代理重签名方案", 《无双线性对的基于身份代理重签名方案》 * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109586903A (en) * | 2018-12-19 | 2019-04-05 | 南京航空航天大学 | A kind of restructural encryption method of the Agent advertisement of hazy condition |
CN110110554A (en) * | 2019-04-04 | 2019-08-09 | 安徽大学 | A kind of cloud storage data integrity detection method based on agency |
CN110110554B (en) * | 2019-04-04 | 2023-03-21 | 安徽大学 | Agent-based cloud storage data integrity detection method |
CN114629901A (en) * | 2020-12-14 | 2022-06-14 | 北京金山云网络技术有限公司 | BaaS-based block chain data sharing method, device and equipment |
WO2022155811A1 (en) * | 2021-01-20 | 2022-07-28 | 深圳技术大学 | Multi-receiver proxy re-encryption method and system, and electronic apparatus and storage medium |
CN113268764A (en) * | 2021-02-24 | 2021-08-17 | 西安交通大学 | Personal credit data authorization method for mixed chain and threshold proxy re-encryption |
CN114338229A (en) * | 2022-01-27 | 2022-04-12 | 华东师范大学 | Lightweight dynamic broadcast agent re-encryption and cloud data sharing method |
CN114338229B (en) * | 2022-01-27 | 2022-10-04 | 华东师范大学 | Lightweight dynamic broadcast agent re-encryption and cloud data sharing method |
Also Published As
Publication number | Publication date |
---|---|
CN108989049B (en) | 2021-11-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108292402B (en) | Determination of a common secret and hierarchical deterministic keys for the secure exchange of information | |
CN105024994B (en) | Without the safety to computing label decryption method is mixed without certificate | |
CN108989049A (en) | A kind of the proxy re-encryption system and encryption method of no Bilinear Pairing | |
CN103647642B (en) | A kind of based on certification agency re-encryption method and system | |
US7634085B1 (en) | Identity-based-encryption system with partial attribute matching | |
CN110113155B (en) | High-efficiency certificateless public key encryption method | |
CN110958219B (en) | SM2 proxy re-encryption method and device for medical cloud shared data | |
CN101977112B (en) | Public key cipher encrypting and decrypting method based on neural network chaotic attractor | |
CN102523093B (en) | Encapsulation method and encapsulation system for certificate-based key with label | |
CN104320393B (en) | The controllable efficient attribute base proxy re-encryption method of re-encryption | |
CN105025024B (en) | One kind is based on no certificate conditions proxy re-encryption System and method for | |
CN101166088A (en) | Encryption and decryption method based on user identity identifier | |
CN105933345B (en) | It is a kind of that outsourcing attribute base encryption method can verify that based on linear privacy sharing | |
CN110719295B (en) | Identity-based food data security-oriented proxy re-encryption method and device | |
CN110830236A (en) | Identity-based encryption method based on global hash | |
CN104767611B (en) | It is a kind of from PKIX environment to the label decryption method without certificate environment | |
CN106713349B (en) | Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text | |
CN113297633B (en) | Quantum digital signature method | |
CN110851845A (en) | Light-weight single-user multi-data all-homomorphic data packaging method | |
CN110784314A (en) | Certificateless encrypted information processing method | |
CN110999202A (en) | Computer-implemented system and method for highly secure, high-speed encryption and transmission of data | |
CN116846556A (en) | SM 9-based data condition proxy re-encryption method, system and equipment | |
CN114095171A (en) | Identity-based wearable proxy re-encryption method | |
CN113343258B (en) | Attribute-based agent re-encryption method applicable to lattice-based ciphertext strategy shared by body test result cloud | |
KR101793528B1 (en) | Certificateless public key encryption system and receiving terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |