摘要
辅助输入模型是弹性泄露密码学中一个重要的泄露模型,它定义了一族不可逆的函数去模拟一类密钥泄露的情况.目前已有的抗辅助输入公钥加密方案(PKE)、身份基加密方案(IBE)都是选择明文攻击安全(CPA-secure)的,文中提出了一个抗辅助输入选择密文攻击安全(CCA-secure)的PKE方案.方案的构造使用了Qin等人在亚密2013提出的一次泄露过滤函数(one-time lossy filter),并利用Goldreich-Levin定理构造抗辅助输入的核心部分.方案的CCA安全证明利用了一次泄露过滤函数的泄露模式,在此模式下,由于仅泄露少量的私钥信息,因而攻击者对私钥依然存在很大的不确定性,其查询非法的密文会被挑战者以高概率拒绝.
The auxiliary input model is an important leakage model in leakage-resilient cryptography, which defines a class of computationally uninvertible function families F to simulate a large class of leakage. Recently, almost all PKE and IBE schemes with auxiliary input are proved CPA secure, such as Dodis et al. 's PKE scheme and Yuen et al. 's IBE scheme. We proposed a CCA secure PKE scheme in this paper, and our construction is based on the one-time lossy filter, which is proposed by Qin et al. in AsiaCrypt 2013. We use the modified Goldreich-Levin theorem to design the hard core, which is the same as other schemes with auxiliary input. One-time lossy filter has two mode: injective mode and leakage mode, and the CCA security proof is mainly relied on the leakage mode. The difference of these two modes is that the one-time lossy filter in injective mode is an injective function, and it discloses all bits of secret key, but it only leaks a little bits of secret key in the leakage mode. So, we use the injective mode for practical and the leakage mode for security proof. Thus, the attacker in security proof cannot determine the secret key by such a little leaked hits and the queried ciphertexts will be rejected with high probability.
出处
《计算机学报》
EI
CSCD
北大核心
2016年第3期562-570,共9页
Chinese Journal of Computers
基金
国家自然科学基金(61373006
61202353
61272422)
安徽大学信息保障技术协同创新中心2015年度开放课题资助~~
