跳到主要內容

臺灣博碩士論文加值系統

(100.26.196.222) 您好!臺灣時間:2024/03/01 00:17
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:曾一凡
研究生(外文):Yi-Fan Tseng
論文名稱:具完整CCA安全性且植基於身分認證之匿名多重接收者加密機制
論文名稱(外文):Anonymous Multi-Receiver Identity-Based Encryption with Complete CCA Security
指導教授:范俊逸范俊逸引用關係
指導教授(外文):Chun-I Fan
學位類別:碩士
校院名稱:國立中山大學
系所名稱:資訊工程學系研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2014
畢業學年度:102
語文別:英文
論文頁數:70
中文關鍵詞:多重接收者加密匿名性植基於身分之加密機制雙線性配對
外文關鍵詞:Multi-Receiver EncryptionAnonymityIdentity-Based EncryptionBilinear Pairing
相關次數:
  • 被引用被引用:0
  • 點閱點閱:514
  • 評分評分:
  • 下載下載:21
  • 收藏至我的研究室書目清單書目收藏:0
在一個多重接收者的加密機制當中,發送方可以任意的選擇一個接收者的名單,並發送訊息給這些接收者,也只有這些被選中且有受到認證的接收者才能解開密文來獲取正確的訊息,而整個傳輸的協定必須同時具有安全性與效率,無論接收者數量多寡,發送方都只需要產生一份密文。這項技術在許多的方面都有其應用價值,例如付費頻道、視訊會議、遠距教學等等。在2010年,范等人提出了具匿名性多重接收者加密的概念:在某些情形下,接收者可能不願意自己的身分被他人發覺,例如:在一個付費頻道的系統中,若有些顧客訂閱了較敏感的節目,或是這些顧客們的身分本身便較為敏感(政治人物、演藝人員等),那麼他們便不會希望身分被透漏。近年來,有許多相關的研究結果被發表出來。然而,我們發現到在這些已發表的研究當中,並沒有同時兼具機密性及匿名性的CCA安全性。
有鑑於此,我們提出了第一個具完整CCA安全性且植基於身分之匿名多重接收者加密機制。我們所提出的加密機制可以抵抗內部攻擊,而且接收者在解密時只需執行一個雙線性配對運算。另外,我們也以正規的安全模型,證明該機制之安全性以及接收者之匿名性。
In a multi-receiver encryption system, a sender chooses a set of authorized receivers and sends them a massage securely and efficiently as the message is well encrypted and only one ciphertext corresponding to the message is generated no matter how many receivers the sender has chosen. It can be applied to video conferencing systems, pay-per-view channels, distance education, and so forth. Due to privacy consideration, an authorized receiver may not expect that his identity is revealed. In 2010, anonymous multi-receiver identity-based (ID-based) encryption was first discussed, and furthermore, many works on the topic have been presented so far. Unfortunately, we find that all of those schemes are not CCA-secure in either confidentiality or anonymity. In this manuscript, we propose the first anonymous multi-receiver ID-based encryption scheme with CCA security in both confidentiality and anonymity. It also is the first CCA-secure scheme against insider attacks, and moreover, only one pairing computation is required in decryption.
論文審定書i
Acknowledgments iv
摘要v
Abstract vi
List of Figures x
List of Tables xi
Chapter 1 Introduction 1
1.1 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Chapter 2 Preliminaries 3
2.1 Bilinear Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.2 Anonymous Multi-Receiver Identity-Based Encryption . . . . . . . . . . . . . . 3
2.3 One-Way Anonymous Key Agreement . . . . . . . . . . . . . . . . . . . . . . . 4
2.4 Complexity Assumption and Hard Problems . . . . . . . . . . . . . . . . . . . . 5
Chapter 3 Related Works 8
3.1 Fan et al.’s scheme [13] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1.1 Review of Fan et al.’s Scheme . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1.2 Cryptanalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.2 Chien’s scheme [10] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.2.1 Review of Chien’s Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.3 Wang et al.’s scheme [30] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.3.1 Review of Wang et al.’s Scheme . . . . . . . . . . . . . . . . . . . . . . 13
3.3.2 Cryptanalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.4 Tseng et al.’s scheme[28, 27] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.4.1 Review of Tseng et al.’s scheme . . . . . . . . . . . . . . . . . . . . . . 15
3.4.2 Cryptanalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.5 Chen et al.’s scheme [8] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.5.1 Review of Chen et al’s scheme 1 . . . . . . . . . . . . . . . . . . . . . . 17
3.5.2 Review of Chen et al’s scheme 2 . . . . . . . . . . . . . . . . . . . . . . 18
3.6 Muthulakshmi et al.’s Scheme[21] . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3.6.1 Review of Muthulakshmi et al.’s Scheme . . . . . . . . . . . . . . . . . 19
3.7 Zhang et al.’s scheme [33] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.7.1 Review of Zhang et al.’s scheme . . . . . . . . . . . . . . . . . . . . . . 21
3.8 Hur et al.’s scheme [15] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
3.8.1 Review of Hur et al.’s scheme . . . . . . . . . . . . . . . . . . . . . . . . 23
3.9 Zhang et al.’s scheme [36] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3.9.1 Review of Zhang et al.’s scheme 1 . . . . . . . . . . . . . . . . . . . . . 24
3.9.2 Cryptanalysis of Zhang et al.’s scheme 1 . . . . . . . . . . . . . . . . . 25
3.9.3 Review of Zhang et al.’s scheme 2 . . . . . . . . . . . . . . . . . . . . . 26
3.10 Pang et al.’s scheme [24] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.10.1 Review of Pang et al.’s scheme . . . . . . . . . . . . . . . . . . . . . . . 27
3.11 Zhang et al.’s scheme [32] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.11.1 Review of Zhang et al.’s scheme . . . . . . . . . . . . . . . . . . . . . . 29
3.11.2 Cryptanalysis of Zhang et al.’s scheme . . . . . . . . . . . . . . . . . . . 30
3.12 Ren et al.’s scheme [25] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
3.12.1 Review of Ren et al’s scheme . . . . . . . . . . . . . . . . . . . . . . . . 30
Chapter 4 The Proposed Scheme 32
Chapter 5 Security Proof 36
5.1 Security Notions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
5.2 Security Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
5.3 Security Proofs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Chapter 6 Comparison 49
Chapter 7 Conclusion 53
Bibliography 54
[1] J. Baek, R. Safavi-Naini, andW. Susilo. Efficient multi-receiver identity-based encryption
and its application to broadcast encryption. In Proceedingws of the 8th International
Conference on Theory and Practice in Public Key Cryptography, pages 380–397, 2005.
[2] M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing
efficient protocols. In Proceedings of the 1st ACM Conference on Compute and Communications
Security, pages 62–73, 1993.
[3] D. Boneh and X. Boyen. Efficient selective-ID secure identity based encryption without
random oracles. In Advances in Cryptology-EUROCRYPT 2004, volume 3027 of LNCS,
pages 223–238, 2004.
[4] D. Boneh and M. Franklin. Identity-based encryption from the Weil pairing. In Proceedgins
of Advances in Cryptology CRYPTO 2001, pages 213–229, 2001.
[5] Dan Boneh, Xavier Boyen, and Eu-Jin Goh. Hierarchical identity based encryption with
constant size ciphertext. In EUROCRYPT, pages 440–456, 2005.
[6] R. Canetti, S. Halevi, and J. Katz. A forward-secure public-key encryption scheme. In
Advances in Cryptology-EUROCRYPT 2003, volume 2656 of LNCS, 2003.
[7] R. Canetti, S. Halevi, and J. Katz. Chosen-ciphertext security from identity-based encryption.
In Advances in Cryptology-EUROCRYPT 2004, volume 3027 of LNCS, pages
207–222, 2004.
[8] Z. Chen, S. Li, C. Wang, and Y. Shen. Two constructions of multireceiver encryption
supporting constant keys, short ciphertexts, and identity privacy. International Journal of
Network Security, 14:270–279, 2012.
[9] Z. Chen, S. Li, C. Wang, and M. Zhang. Comments on FHH anonymous multireceiver
encryption. International Journal of Network Security, 16:285–288, 2014.
[10] H. Y. Chien. Improved anonymous multi-receiver identity-based encryption. The Computer
Journal, 55:439–446, 2012.
[11] H. Cui, Y. Mu, and F. Guo. Server-aided identity-based anonymous broadcast encryption.
International Journal of Security and Networks, 8:29–39, 2013.
[12] X. Du, Y. Wang, Ge J, and Y. Wang. An ID-based broadcast encryption scheme for key
distribution. IEEE Transactions on Broadcasting, 51:264–266, 2005.
[13] C. I. Fan, L. Y. Huang, and P. H. Ho. Anonymous multireciever identity-based encryption.
IEEE Transactions on Computers, 59:1239–1249, 2010.
[14] L. Harn, C. C. Chang, and H. L. Wu. An anonymous multi-receiver encryption based on
RSA. International Journal of Network Security, 15:307–312, 2013.
[15] J. Hur, C. Park, and S. O. Hwang. Privacy-preserving identity-based broadcast encryption.
Information Fusion, 13:296–303, 2012.
[16] A. Kate, G. Zaverucha, and I. Goldberg. Pairing-based onion routing. In In 7th privacy
Enhancing Technologies Symposium (PET), pages 95–112, 2007.
[17] Neal Koblitz, Alfred Menezes, and Scott Vanstone. The state of elliptic curve cryptography.
Designs, Codes and Cryptography, 19:173–193, 2000.
[18] H. Li and L. Pang. Cryptanalysis of Wang et al’s improved anonymous multi-receiver
identity-based encryption scheme. IET Information Security, 8:8–11, 2013.
[19] B. Libert, K. G. Paterson, and E. A. Quaglia. Anonymous broadcast encryption: Adaptive
security and efficient constructions in the standard model. In Proceedings of the 15th
International Conference on Practice and Theory in Public Key Cryptography, pages 206
– 224, 2012.
[20] Alfred J. Menezes, Scott A. Vanstone, and Paul C. Van Oorschot. Handbook of Applied
Cryptography. CRC Press, Inc. Boca Raton, 2001.
[21] A. Muthulakshmi, R. Anitha, S. Rohini, and K. Princy. Identity based privacy preserving
dynamic broadcast encryption for multi-privileged group. In Recent Trends in Computer
Networks and Distributed Systems Security, volume 335, pages 272–282, 2012.
[22] T. Okamoto and D. Pointcheval. Proceedings of the gap-problems: a new class of problems
for the security of cryptograpic schemes. In PKC 2001, volume 1992 of LNCS,
pages 104–118, 1992.
[23] T. Okamoto and D. Pointcheval. REACT: rapid enhenced-security asymmetric cryptosystem
transform. In Topics in Cryptology CT-RSA 2001, pages 159–175, 2001.
[24] L. Pang, L. Guo, Q. Pei, J. Gui, and Y. Wang. A new ID-based multi-recipient public-key
encryption scheme. Chinese Journal of Electronics, 22:89–92, 2013.
[25] Y. Ren, Z. Niu, and X. Zhang. Fully anonymous identity-based broadcast encryption
without random oracles. Interantional Journal of Network Security, 16:256–264, 2014.
[26] Michael Scott. Implementing cryptographic pairings. In Proceedings of the Pairing-Based
Cryptography, pages 177–196, 2007.
[27] Y. M. Tseng, Y. H. Huang, and H. J. Chang. CCA-secure anonymous multi-receiver IDbased
encryption. In 26th International Conference on Advanced Information Networking
and Applications Workshops, pages 177–182, 2012.
[28] Y. M. Tseng, Y. H. Huang, and H. J. Chang. Privacy-preserving multireceiver ID-based
encryption with provable security. International Journal of Communication Systems,
2012.
[29] H. Wang. Insecurity of ’Improved anonymous multi-receiver identity-based encryption’.
The Computer Journal, 2013.
[30] H. Wang, Y. Zhang, H. Xiong, and B. Qing. Crytanalysis and improvements of an anonymous
multi-receiver identity-based encryption scheme. IET Information Security, 6:20–
27, 2012.
[31] L. Wang and C.-K. Wu. Efficient identity-based multicast scheme from bilinear pairing.
IEE Proceeding-Communications, 152:877–882, 2005.
[32] J. Zhang and J. Mao. An improved anonymous multi-receiver identity-based encryption
scheme. International Journal of Communication Systems.
[33] J. Zhang and Y. Xu. Comment on anonymous multi-receiver identity-based encryption
scheme. In 4th International Conference on Intelligent Networking and Collaborative
Systems, pages 473–476, 2012.
[34] J. Zhang, Y. Xu, and J. Zou. Comment on Wang et al.’s anonymous multi–receiver
ID–based encryption scheme and its improved schemes. International Journal of Intelligent
Information and Database Systems, 7:400–413, 2013.
[35] Leyou Zhang, Qing Wu, and Yi Mu. Anonymous identity-based broadcast encryption
with adaptive security. Cyberspace Safety and Security, Lecture Notes in Computer Science
Volume 8300:258 – 271, 2013.
[36] M. Zhang and T. Takagi. Efficient constructions of anonymous multireceiver encryption
protocol and their deployment in group e-mail systems with privacy preservation. IEEE
Systems Journal, 7:410–419, 2013.
[37] Yanchao Zhang, Wei Liu, Wenjing Lou, and Yuguang Fang. Securing mobile ad hoc
networks with certificateless public keys. IEEE Transactions on Dependable and Secure
Computing, 3:386 – 399, 2006.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top