###
Journal of Software:2013.24(2):266-278

标准模型下可证明安全的入侵容忍公钥加密方案
于佳,程相国,李发根,潘振宽,孔凡玉,郝蓉
(青岛大学 信息工程学院,山东 青岛 266071;信息安全国家重点实验室(中国科学院 信息工程研究所),北京 100093;电子科技大学 计算机科学与工程学院,四川 成都 610054;Faculty of Mathematics, Kyushu University, Fukuoka 819-0395, Japan;山东大学 网络信息安全研究所,山东 济南 250100;密码技术与信息安全教育部重点实验室(山东大学),山东 济南 250100)
Provably Secure Intrusion-Resilient Public-Key Encryption Scheme in the Standard Model
YU Jia,CHENG Xiang-Guo,LI Fa-Gen,PAN Zhen-Kuan,KONG Fan-Yu,HAO Rong
(College of Information Engineering, Qingdao University, Qingdao 266071, China;State Key Laboratory of Information Security (Institute of Information Engineering, The Chinese Academy of Sciences), Beijing 100093, China;School of Computer Science and Engineering, University of Electronic Science and Technology, Chengdu 610054, China;Faculty of Mathematics, Kyushu University, Fukuoka 819-0395, Japan;Institute of Network Security, Shandong University, Ji'nan 250100, China;Key Laboratory of Cryptographic Technology and Information Security (Shandong University), Ministry of Education, Ji'nan 250100, China)
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 2456   Download 2970
Received:March 25, 2012    Revised:September 13, 2012
> 中文摘要: 在传统的公钥加密方案中,一旦解密密钥泄漏,系统的安全性将完全丧失.特别是随着越来越多的加密系统被应用到移动的、安全性低的设备中,密钥泄漏显得难以避免.入侵容忍公钥加密的提出就是为了减小密钥泄漏对加密系统的危害,具有比前向安全加密、密钥隔离加密更强的安全性.在这种体制下,整个生命周期被分割成离散的时间阶段,公钥固定不变,密钥信息分享在解密者和基地中,前者独立完成解密操作,而后者则在每个时间周期中提供一个更新信息来帮助演化解密密钥.此外,每个时间段内有多次密钥刷新的操作,可以刷新解密者的密钥和基密钥.当解密者和基地被入侵时,只要不是同时被入侵,安全性就可以得到保证.即使入侵者同时入侵解密者和基地,也不会影响以前时间段密文的安全性.提出了一个入侵容忍公钥加密方案,所有费用参数关于总共时间段数的复杂性均不超过对数的平方.证明了该方案是标准模型下安全的.这是一个不需要随机预言的可证明安全的入侵容忍公钥加密方案.
Abstract:In traditional public-key encryption schemes, security guarantees will be fully lost once decryption secret keys are exposed. With the ever-increase in encryption systems used in mobile and low secuirity devices, key exposure seems unavoidable. An intrusionresilient public-key encryption is proposed to mitigate the damage for the encryption systems brought by key exposure, which provides more security than the forward-secure encryption and key-insulated encryption. In its primitive, the whole lifetime is divided into discrete periods where the public key is fixed. Secret keys are shared in a decrypter and a base. The former performs the decrypting operations on his own while the latter provides an updated message to help evolve secret keys in each period. Furthermore, multiple operations of refresh secret keys are performed to refresh decrypter and base secrets periodically. The security can be preserved when both the user and base are compromised, as long as they are not compromised simultaneously. In addition, the simultaneous compromise doesn't affect the security of the ciphertext generated in previous periods. This paper proposes an intrusion-resilient public-key encryption scheme. All the parameters in this scheme have at most a log-squared complexity in terms of the total number of time periods. The proposed scheme is proven to be secure in the standard model and is a provably secure intrusion-resilient public-key encryption scheme without random oracles.
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金(61272425,60703089,61073176,61202475);山东省自然科学基金(ZR2010FQ019,ZR2009GQ008,ZR2010FQ015);青岛市科技计划(12-1-4-2-(16)-jch);华为科技基金;信息安全国家重点实验室开放课题 国家自然科学基金(61272425,60703089,61073176,61202475);山东省自然科学基金(ZR2010FQ019,ZR2009GQ008,ZR2010FQ015);青岛市科技计划(12-1-4-2-(16)-jch);华为科技基金;信息安全国家重点实验室开放课题
Foundation items:
Reference text:

于佳,程相国,李发根,潘振宽,孔凡玉,郝蓉.标准模型下可证明安全的入侵容忍公钥加密方案.软件学报,2013,24(2):266-278

YU Jia,CHENG Xiang-Guo,LI Fa-Gen,PAN Zhen-Kuan,KONG Fan-Yu,HAO Rong.Provably Secure Intrusion-Resilient Public-Key Encryption Scheme in the Standard Model.Journal of Software,2013,24(2):266-278