摘要
分层标识加密能有效减轻标识密码体制中密钥生成中心生成用户私钥和分发私钥的工作量.SM9标识密码作为我国商用密码行业标准和国家标准,在金融、政务等方面起着重要的作用,但SM9标识加密算法不具备分层加密的功能,不适合大规模网络的应用场景,阻碍了SM9加密算法的部署.本文基于商用密码SM9标识加密算法提出一个高效的分层标识加密方案SM9-HIBE.相比SM9标识加密算法,方案的密文只增加一个群元素,解密开销只增加一个双线性对运算,与接收者标识的长度无关.方案的安全性基于判定性BDHI困难问题,在随机谕言模型中可证明方案满足静态选择明文攻击模型下的不可区分性.最后,对方案进行比较分析,结果表明SM9-HIBE在计算开销和通信代价方面与现有HIBE方案是可比的.
Hierarchical identity-based encryption can efficiently reduce the workload of private key generation and key distribution of the private key generator in the identity-based cryptography.SM9 is an identity-based cryptosystem and has become a Chinese cryptographic standard and national standard.It plays a significant role in many applications,such as finance and government affairs.However,SM9 encryption algorithm does not support hierarchical encryption,which is undesirable for the large network and becomes a bottleneck for its deployments.In this paper,we proposed an eficient hierarchical identity-based encryption scheme SM9-HIBE based on SM9.Compared to SM9 encryption algorithm,the ciphertext in SM9-HIBE only requires an additional group element and the decryption overhead increases one pairing operation only,which is independent of the length of receiver's identity.We prove that if the DBDHI assumption holds,our scheme is proved to be INDsCPA secure in the random oracle model.Finally,we theoretically analyze our scheme and make a comparison.The result shows that the SM9-HIBE is comparable to the existing HIBE schemes in terms of computational cost and communication overhead.
作者
赖建昌
黄欣沂
何德彪
郭福春
Jianchang LAI;Xinyi HUANG;Debiao HE;Fuchun GUO(School of Cyber Science and Engineering,Southeast University,Nanjing 211189,China;Fujian Provincial Key Lab of Network Security and Cryptology,College of Computer and Cyber Security,Fujian Normal University,Fuzhou 350117,China;Key Laboratory of Aerospace Information Security and Trusted Computing,Ministry of Education,School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China;School of Computing and Information Technology,University of Wollongong,Wollongong 2522,Australia)
出处
《中国科学:信息科学》
CSCD
北大核心
2023年第5期918-930,共13页
Scientia Sinica(Informationis)
基金
国家自然科学基金(批准号:62032005,61902191,U21A20466)
湖北省自然科学基金(批准号:2020CFA052)
湖北省重点研发计划(批准号:2020AEA013,2021BAA025)
武汉市科技计划(批准号:2020010601012187)资助项目。
关键词
分层加密
标识密码
SM9
密钥封装
选择明文安全
hierarchical encryption
identity-based cryptography
SM9
key encapsulation
chosen-plaintext attack(CPA)
