CN110176995A - Afterwards without certificate label decryption method on the lattice of quantum safety - Google Patents
Afterwards without certificate label decryption method on the lattice of quantum safety Download PDFInfo
- Publication number
- CN110176995A CN110176995A CN201910519022.1A CN201910519022A CN110176995A CN 110176995 A CN110176995 A CN 110176995A CN 201910519022 A CN201910519022 A CN 201910519022A CN 110176995 A CN110176995 A CN 110176995A
- Authority
- CN
- China
- Prior art keywords
- user
- key
- label
- certificate
- lattice
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
Abstract
It is generated by system initialization, cipher key-extraction, key, user's label are close, verification step forms on the lattice of quantum safety without certificate label decryption method after a kind of.The present invention is used for reference without certificate label are close and lattice password thought, it has constructed on a kind of lattice of rear quantum safety without certificate label decryption method, the close efficiency of no certificate label is higher than first without the efficiency encrypted after certificate signature, and than based on increasing encryption function without certificate signature method on lattice, under assuming compared to finite field discrete logarithm and Elliptic Curve Discrete Logarithm without certificate label decryption method, can with resisting quantum computation attack and computational efficiency it is higher.The present invention overcomes certificate management problem and key escrow, has many advantages, such as that resistance quantum computation attack, operation efficiency are high, be applicable to the close field of electronics label.
Description
Technical field
The invention belongs to technical field of network information safety, and in particular to cryptography, lattice public-key cryptosystem or without card
Bookmark decryption method.
Background technique
Sign it is close can to encrypt much lower calculating and communication cost afterwards than first signing, in a logic step simultaneously it is complete
At encryption and signature operation.However, the close construction development as highly important cryptographic primitives on lattice of label is relatively slow.
1996, Ajtai had found between the worst case complexity and average case complexity of certain famous lattice problems
There are a kind of connections.Later Ajtai and Dwork proposes a kind of public-key cryptosystem based on case theory, is since then just public key
Cipher system opens a new field.GGH public-key cryptosystem, NTRU public-key cryptosystem, Regev public-key cryptosystem
It is proposed in succession Deng the public-key cryptosystem based on case theory.Due to they have resist quantum computation attack and also operation it is simple
Advantage becomes the hot spot of numerous scholar researchs and concern.2013, Yan et al. was proposed under master pattern based on the efficient of lattice
Stopover sites.2015, Yan et al. proposed a kind of stopover sites of identity-based on lattice.2016, Lu Xiuhua et al. was proposed
Lattice stopover sites without trapdoor.2018, G é rard and Merckx proposed the rear quantum stopover sites on lattice.With lattice
The continuous development of public-key cryptosystem, the close algorithm of various label based on lattice are also more and more.
In order to solve the certificate pipe being related in key escrow and conventional public-key cryptographic algorithm in identification cipher
Reason problem, in sub- secret meeting in 2003, AI-Riyami and Paterson propose to reduce raw to key without cryptographic certificate
At the trust at center, key generation centre generates the part private key of user, the complete private key of user by part private key and user from
The secret value that oneself randomly selects is constituted, and client public key is calculated by user oneself.Construct the cryptography scheme without certificate always
It is the interested research direction of password educational circles.It is suggested however, rear quantum safety at present without certificate label are close.
Summary of the invention
Technical problem to be solved by the present invention lies in the lattice for overcoming the deficiencies of the prior art and provide a kind of rear quantum safety
On without certificate label decryption method.
Technical solution used by above-mentioned technical problem is solved to be made of following step:
A, system initialization
(A1) trusted party chooses Prime Modulus q:
Q=poly (n)
Wherein n is security parameter, and poly (n) is the multinomial about n.
(A2) trusted party rounds up log q to obtain integer k, and round numbers N is the product of 2n and k.
(A3) trusted party defines the error rate α ∈ (0,1) of tape error study, chooses the deviation s of Gaussian Profile1:
(A4) trusted party defines hash function H1With hash function H2:
(A5) key generation centre trapdoor generating algorithm Gentrap (1n,1N, q) and obtain matrix R and the n row of nk row nk column
The matrix A of N column:
WhereinG is the matrix of n row nk column.
(A6) trusted party defines the parameter of discrete Gaussian ProfileWherein Integer l >=5nlog q, λ are the positive integer randomly selected in integer field Z.
(A7) trusted party determines the parameter s of preimage sampling algorithm2:
Wherein S1(R) singular value of representing matrix R.
(A8) trusted party discloses system parameter params:
Params={ A, R, H1,H2,s1,s2,χB}
Wherein χBFor error distribution and discrete Gaussian Profile DZ,qαIdentical, B is error distribution parameter.
B, cipher key-extraction
(B1) key generation centre KGC determines randomization identity u:
U=H1(ID)
Wherein { 0,1 } ID ∈*, for the identity of user.
(B2) key generation centre KGC uses preimage sampling algorithmPart private key d is obtained,
(B3) key generation centre KGC sends part private key d to user by safe lane, and user's checking meets Ad=
U and
C, key generates
(C1) identity is that the user of ID selects the secret value x of oneselfID, determine private key sk:
(C2) user determines part public key b
Wherein e1For be distributed selected from error M dimensional vector, be positive real number, B is n row M column matrix, BTFor the transposition square of matrix B
Battle array, M are equal with time complexity O (nlogq).
(C3) user setting public key pk
D, user's label are close
(D1) sender randomly selects vector y:
Wherein
(D2) sign h for user setting part
Wherein m is in plain text.
(D3) user is with probabilityOutput signature sigma ':
σ '=ε+h
Wherein ε is that part is signed, and obtains σ after σ ' coding.
(D4) user determines part ciphertext V1, part ciphertext V2And part ciphertext V:
V=m+ (b, r)+(w, H1(ID))+2e modq
Wherein, r is the sequence of M long, w and e2For n-dimensional vector, e is one-dimensional vector.
(D5) user exports label ciphertext c
C=(V | V1|V2)。
E, it verifies
(E1) recipient obtains ciphertext c, with the public private key pair (pk of recipient2,sk2) carry out solution label and close obtain plaintext m:
M=[V- (V1,x)-(V2,d)]qmod2
(E2) recipient is verified parameter h ' by (ID, ε, h, m)
WhenAnd when h '=h, signature is set up, otherwise invalid.
It is generated in C, the close step D of user's label in system initialization step A of the invention, cipher key extraction step B, key, this
The value of the security parameter n of invention is 128 or 256 or 512.
The present invention uses for reference under classical cryptosystem without certificate label are close and lattice cryptographic methods, constructed it is a kind of after quantum safety
Lattice on without certificate label decryption method, the close efficiency of no certificate label is higher than first without the efficiency encrypted after certificate signature, and ratio is based on
Encryption function is increased without certificate signature method on lattice, is assumed compared to finite field discrete logarithm and Elliptic Curve Discrete Logarithm
Under without certificate label decryption method, can with resisting quantum computation attack and computational efficiency it is higher.Present invention resistance quantum computation attack,
The advantages that operation efficiency is high is applicable to the close field of electronics label.
Detailed description of the invention
Fig. 1 is the flow chart of the embodiment of the present invention 1.
Specific embodiment
The present invention is described in more detail with reference to the accompanying drawings and examples, but the present invention is not limited to these Examples.
Embodiment 1
By taking security parameter n is 256 as an example, it is made of (such as without certificate label decryption method following step on the lattice of rear quantum safety
Shown in Fig. 1):
A, system initialization
(A1) trusted party chooses Prime Modulus q:
Q=poly (n)
Wherein n is security parameter, and n value is that 256, poly (n) is multinomial about n.
(A2) trusted party rounds up log q to obtain integer k, and round numbers N is the product of 512 with k.
(A3) trusted party defines the error rate α ∈ (0,1) of tape error study, chooses the deviation s of Gaussian Profile1:
N value is 256 in formula.
(A4) trusted party defines hash function H1With hash function H2:
N value is 256 in formula.
(A5) key generation centre trapdoor generating algorithm Gentrap (1n,1N, q) and obtain the matrix R of 256k row 256k column
The matrix A arranged with 256 row N:
WhereinG is the matrix of n row nk column, and n value is 256 in formula.
(A6) trusted party defines the parameter of discrete Gaussian ProfileWherein Integer l >=5nlog q, λ are the positive integer randomly selected in integer field Z, and n value is 256 in formula.
(A7) trusted party determines the parameter s of preimage sampling algorithm2:
Wherein S1(R) singular value of representing matrix R.
(A8) trusted party discloses system parameter params:
Params={ A, R, H1,H2,s1,s2,χB}
Wherein χBFor error distribution and discrete Gaussian Profile DZ,qαIdentical, B is error distribution parameter.
B, cipher key-extraction
(B1) key generation centre KGC determines randomization identity u:
U=H1(ID)
Wherein { 0,1 } ID ∈*, for the identity of user.
(B2) key generation centre KGC uses preimage sampling algorithmPart private key d is obtained,
(B3) key generation centre KGC sends part private key d to user by safe lane, and user's checking meets Ad=
U andN value is 256 in formula.
C, key generates
(C1) identity is that the user of ID selects the secret value x of oneselfID, determine private key sk:
N value is 256 in formula.
(C2) user determines part public key b
Wherein e1For be distributed selected from error M dimensional vector, be positive real number, B is n row M column matrix, BTFor the transposition square of matrix B
Battle array, M is equal with time complexity O (nlogq), and n value is 256.
(C3) user setting public key pk
N value is 256 in formula.
D, user's label are close
(D1) sender randomly selects vector y:
Wherein
(D2) sign h for user setting part
Wherein m is in plain text.
(D3) user is with probabilityOutput signature sigma ':
σ '=ε+h
Wherein ε is that part is signed, and obtains σ after σ ' coding.
(D4) user determines part ciphertext V1, part ciphertext V2And part ciphertext V:
V=m+ (b, r)+(w, H1(ID))+2e modq
Wherein, r is the sequence of M long, w and e2For n-dimensional vector, e is one-dimensional vector, and n value is 256.
(D5) user exports label ciphertext c
C=(V | V1|V2)
E, it verifies
(E1) recipient obtains ciphertext c, with the public private key pair (pk of recipient2,sk2) carry out solution label and close obtain plaintext m
M=[V- (V1,x)-(V2,d)]qmod2
(E2) recipient is verified parameter h ' by (ID, ε, h, m)
WhenAnd when h '=h, signature is set up, otherwise invalid.
It is close without certificate label on the lattice of quantum safety after the completion.
Improved part signature h is used since the present invention signs in User Part, determines part ciphertext V1, part ciphertext
V2And part ciphertext V method, so that being higher than first without the close efficiency of certificate label without the efficiency encrypted after certificate signature, and compare base
In increasing encryption function without certificate signature method on lattice, compared to finite field discrete logarithm and Elliptic Curve Discrete Logarithm vacation
Set without certificate label decryption method, can with resisting quantum computation attack and computational efficiency it is higher.The present invention, which has, resists quantum meter
The advantages that calculation is attacked, operation efficiency is high, is applicable to the close field of electronics label.
Embodiment 2
By taking security parameter n is 128 as an example, it is made of without certificate label decryption method following step on the lattice of rear quantum safety:
A, system initialization
(A1) trusted party chooses Prime Modulus q:
Q=poly (n)
Wherein n is security parameter, and n value is that 128, poly (n) is multinomial about n.
(A2) trusted party rounds up log q to obtain integer k, and round numbers N is the product of 256 with k.
(A3) trusted party defines the error rate α ∈ (0,1) of tape error study, chooses the deviation s of Gaussian Profile1:
N value is 128 in formula.
(A4) trusted party defines hash function H1With hash function H2:
N value is 128 in formula.
(A5) key generation centre trapdoor generating algorithm Gentrap (1n,1N, q) and obtain the matrix R of 128k row 128k column
The matrix A arranged with 128 row N:
WhereinG is the matrix of n row nk column, and n value is 128 in formula.
(A6) trusted party defines the parameter of discrete Gaussian ProfileWherein Integer l >=5nlog q, λ are the positive integer randomly selected in integer field Z, and n value is 128 in formula.
(A7) trusted party determines the parameter s of preimage sampling algorithm2:
Wherein S1(R) singular value of representing matrix R.
(A8) trusted party discloses system parameter params:
Params={ A, R, H1,H2,s1,s2,χB}
Wherein χBFor error distribution and discrete Gaussian Profile DZ,qαIdentical, B is error distribution parameter.
B, cipher key-extraction
(B1) key generation centre KGC determines randomization identity u:
U=H1(ID)
Wherein { 0,1 } ID ∈*, for the identity of user.
(B2) key generation centre KGC uses preimage sampling algorithmPart private key d is obtained,
(B3) key generation centre KGC sends part private key d to user by safe lane, and user's checking meets Ad=
U andN value is 128 in formula.
C, key generates
(C1) identity is that the user of ID selects the secret value x of oneselfID, determine private key sk:
N value is 128 in formula.
(C2) user determines part public key b:
Wherein e1For be distributed selected from error M dimensional vector, be positive real number, B is n row M column matrix, BTFor the transposition square of matrix B
Battle array, M is equal with time complexity O (nlogq), and n value is 128.
(C3) user setting public key pk
N value is 128 in formula.
D, user's label are close
(D1) sender randomly selects vector y:
Wherein
(D2) sign h for user setting part
Wherein m is in plain text.
(D3) user is with probabilityOutput signature sigma ':
σ '=ε+h
Wherein ε is that part is signed, and obtains σ after σ ' coding.
(D4) user determines part ciphertext V1, part ciphertext V2And part ciphertext V:
V=m+ (b, r)+(w, H1(ID))+2e modq
Wherein, r is the sequence of M long, w and e2For n-dimensional vector, e is one-dimensional vector, and n value is 128.
(D5) user exports label ciphertext c
C=(V | V1|V2)
E, it verifies
Verification step is same as Example 1.
It is close without certificate label on the lattice of quantum safety after the completion.
Embodiment 3
By taking security parameter n is 512 as an example, it is made of without certificate label decryption method following step on the lattice of rear quantum safety:
A, system initialization
(A1) trusted party chooses Prime Modulus q:
Q=poly (n)
Wherein n is security parameter, and n value is that 512, poly (n) is multinomial about n.
(A2) trusted party rounds up log q to obtain integer k, and round numbers N is the product of 1024 with k.
(A3) trusted party defines the error rate α ∈ (0,1) of tape error study, chooses the deviation s of Gaussian Profile1:
N value is 512 in formula.
(A4) trusted party defines hash function H1With hash function H2:
N value is 512 in formula.
(A5) key generation centre trapdoor generating algorithm Gentrap (1n,1N, q) and obtain the matrix R of 512k row 512k column
The matrix A arranged with 512 row N:
WhereinG is the matrix of n row nk column, and n value is 512 in formula.
(A6) trusted party defines the parameter of discrete Gaussian ProfileWherein Integer l >=5nlog q, λ are the positive integer randomly selected in integer field Z, and n value is 512 in formula.
(A7) trusted party determines the parameter s of preimage sampling algorithm2:
Wherein S1(R) singular value of representing matrix R.
(A8) trusted party discloses system parameter params:
Params={ A, R, H1,H2,s1,s2,χB}
Wherein χBFor error distribution and discrete Gaussian Profile DZ,qαIdentical, B is error distribution parameter.
B, cipher key-extraction
(B1) key generation centre KGC determines randomization identity u:
U=H1(ID)
Wherein { 0,1 } ID ∈*, for the identity of user.
(B2) key generation centre KGC uses preimage sampling algorithmPart private key d is obtained,
(B3) key generation centre KGC sends part private key d to user by safe lane, and user's checking meets Ad=
U andN value is 512 in formula.
C, key generates
(C1) identity is that the user of ID selects the secret value x of oneselfID, determine private key sk:
N value is 512 in formula.
(C2) user determines part public key b
Wherein e1For be distributed selected from error M dimensional vector, be positive real number, B is n row M column matrix, BTFor the transposition square of matrix B
Battle array, M is equal with time complexity O (nlogq), and n value is 512.
(C3) user setting public key pk
N value is 512 in formula.
D, user's label are close
(D1) sender randomly selects vector y:
Wherein
(D2) sign h for user setting part
Wherein m is in plain text.
(D3) user is with probabilityOutput signature sigma ':
σ '=ε+h
Wherein ε is that part is signed, and obtains σ after σ ' coding.
(D4) user determines part ciphertext V1, part ciphertext V2And part ciphertext V:
V=m+ (b, r)+(w, H1(ID))+2e modq
Wherein, r is the sequence of M long, w and e2For n-dimensional vector, e is one-dimensional vector, and n value is 512.
(D5) user exports label ciphertext c
C=(V | V1|V2)
E, it verifies
Verification step is same as Example 1.
It is close without certificate label on the lattice of quantum safety after the completion.
Claims (2)
1. without certificate label decryption method on the lattice of quantum safety after a kind of, it is characterised in that it is made of following step:
A, system initialization
(A1) trusted party chooses Prime Modulus q:
Q=poly (n)
Wherein n is security parameter, and poly (n) is the multinomial about n;
(A2) trusted party rounds up log q to obtain integer k, and round numbers N is the product of 2n and k;
(A3) trusted party defines the error rate α ∈ (0,1) of tape error study, chooses the deviation s of Gaussian Profile1:
(A4) trusted party defines hash function H1With hash function H2:
H1:
H2:
(A5) key generation centre trapdoor generating algorithm Gentrap (1n, 1N, q) and obtain the matrix R and n row N column of nk row nk column
Matrix A:
WhereinG is the matrix of n row nk column;
(A6) trusted party defines the parameter of discrete Gaussian ProfileWherein Integer l >=5nlog q, λ are the positive integer randomly selected in integer field Z;
(A7) trusted party determines the parameter s of preimage sampling algorithm2:
Wherein S1(R) singular value of representing matrix R;
(A8) trusted party discloses system parameter params:
Params={ A, R, H1, H2, s1, s2, χB}
Wherein χBFor error distribution and discrete Gaussian Profile DZ, q αIdentical, B is error distribution parameter;
B, cipher key-extraction
(B1) key generation centre KGC determines randomization identity u:
U=H1(ID)
Wherein { 0,1 } ID ∈*, for the identity of user;
(B2) key generation centre KGC uses preimage sampling algorithmPart private key d is obtained,
(B3) key generation centre KGC sends part private key d to user by safe lane, user's checking meet Ad=u and
C, key generates
(C1) identity is that the user of ID selects the secret value x of oneselfID, determine private key sk:
(C2) user determines part public key b
Wherein e1For be distributed selected from error M dimensional vector, be positive real number, B is n row M column matrix, BTFor the transposed matrix of matrix B, M
It is equal with time complexity O (nlogq);
(C3) user setting public key pk
D, user's label are close
(D1) sender randomly selects vector y:
Wherein
(D2) sign h for user setting part
Wherein m is in plain text;
(D3) user is with probabilityOutput signature sigma ':
σ '=ε+h
Wherein ε is that part is signed, and obtains σ after σ ' coding;
(D4) user determines part ciphertext V1, part ciphertext V2And part ciphertext V:
V=m+ (b, r)+(w, H1(ID))+2e modq
Wherein, r is the sequence of M long, w and e2For n-dimensional vector, e is one-dimensional vector;
(D5) user exports label ciphertext c
C=(V | V1|V2);
E, it verifies
(E1) recipient obtains ciphertext c, with the public private key pair (pk of recipient2, sk2) carry out solution label and close obtain plaintext m:
M=[V- (V1, x) and-(V2, d)]qmod2
(E2) recipient is verified parameter h ' by (ID, ε, h, m)
WhenAnd when h '=h, signature is set up, otherwise invalid.
2. without certificate label decryption method on the lattice of quantum safety after according to claim 1, it is characterised in that: initial in system
Change that step A, cipher key extraction step B, key generate C, user signs in close step D, the value of the security parameter n be 128 or
256 or 512.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910519022.1A CN110176995A (en) | 2019-06-17 | 2019-06-17 | Afterwards without certificate label decryption method on the lattice of quantum safety |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910519022.1A CN110176995A (en) | 2019-06-17 | 2019-06-17 | Afterwards without certificate label decryption method on the lattice of quantum safety |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110176995A true CN110176995A (en) | 2019-08-27 |
Family
ID=67698573
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910519022.1A Pending CN110176995A (en) | 2019-06-17 | 2019-06-17 | Afterwards without certificate label decryption method on the lattice of quantum safety |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110176995A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112118101A (en) * | 2020-09-23 | 2020-12-22 | 山东建筑大学 | Post-quantum secure dynamic data sharing method |
CN115549896A (en) * | 2022-05-19 | 2022-12-30 | 曲阜师范大学 | Efficient heterogeneous signcryption method based on lattice code |
CN117155710A (en) * | 2023-10-30 | 2023-12-01 | 江西财经大学 | Industrial Internet of things certificateless grid authentication key negotiation method and system |
CN115549896B (en) * | 2022-05-19 | 2024-05-17 | 曲阜师范大学 | Efficient heterogeneous signcryption method based on lattice password |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101754205A (en) * | 2009-12-25 | 2010-06-23 | 西安交通大学 | Parallelized multi-receiver signcryption method |
CN102970138A (en) * | 2011-08-29 | 2013-03-13 | 汤姆森特许公司 | Signcryption method and device and corresponding signcryption verification method and device |
CN105024994A (en) * | 2015-05-29 | 2015-11-04 | 西北工业大学 | Secure certificateless hybrid signcryption method without pairing |
US20160323100A1 (en) * | 2015-04-30 | 2016-11-03 | Hon Hai Precision Industry Co., Ltd. | Key generation device, terminal device, and data signature and encryption method |
US20170365193A1 (en) * | 2016-06-18 | 2017-12-21 | Lior Malka | Mutable secure communication |
CN109286485A (en) * | 2018-10-17 | 2019-01-29 | 西安邮电大学 | General Identity Proxy label decryption method that can be compound |
-
2019
- 2019-06-17 CN CN201910519022.1A patent/CN110176995A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101754205A (en) * | 2009-12-25 | 2010-06-23 | 西安交通大学 | Parallelized multi-receiver signcryption method |
CN102970138A (en) * | 2011-08-29 | 2013-03-13 | 汤姆森特许公司 | Signcryption method and device and corresponding signcryption verification method and device |
US20160323100A1 (en) * | 2015-04-30 | 2016-11-03 | Hon Hai Precision Industry Co., Ltd. | Key generation device, terminal device, and data signature and encryption method |
CN105024994A (en) * | 2015-05-29 | 2015-11-04 | 西北工业大学 | Secure certificateless hybrid signcryption method without pairing |
US20170365193A1 (en) * | 2016-06-18 | 2017-12-21 | Lior Malka | Mutable secure communication |
CN109286485A (en) * | 2018-10-17 | 2019-01-29 | 西安邮电大学 | General Identity Proxy label decryption method that can be compound |
Non-Patent Citations (5)
Title |
---|
HUIFANG YU ET AL.: "《Certificateless Signcryption Scheme From Lattice》", 《IEEE SYSTEMS JOURNAL ( EARLY ACCESS )》 * |
MIAOMIAO TIAN ET AL.: "《Certificateless and certificate-based signatures from lattices》", 《SECRITY AND COMMUNICATION NETWORKS》 * |
XIUHUA LU ET AL.: "《A lattice-based signcryption scheme without random oracles》", 《FRONTIERS OF COMPUTER SCIENCE》 * |
俞惠芳等: "《可证安全的无证书混合签密》", 《计算机学报》 * |
陈虎等: "《有效的格上无证书加密方案》", 《软件学报》 * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112118101A (en) * | 2020-09-23 | 2020-12-22 | 山东建筑大学 | Post-quantum secure dynamic data sharing method |
CN112118101B (en) * | 2020-09-23 | 2023-07-28 | 山东建筑大学 | Post quantum security dynamic data sharing method |
CN115549896A (en) * | 2022-05-19 | 2022-12-30 | 曲阜师范大学 | Efficient heterogeneous signcryption method based on lattice code |
CN115549896B (en) * | 2022-05-19 | 2024-05-17 | 曲阜师范大学 | Efficient heterogeneous signcryption method based on lattice password |
CN117155710A (en) * | 2023-10-30 | 2023-12-01 | 江西财经大学 | Industrial Internet of things certificateless grid authentication key negotiation method and system |
CN117155710B (en) * | 2023-10-30 | 2024-01-26 | 江西财经大学 | Industrial Internet of things certificateless grid authentication key negotiation method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113364576B (en) | Data encryption evidence storing and sharing method based on block chain | |
CN102811125B (en) | Certificateless multi-receiver signcryption method with multivariate-based cryptosystem | |
CN107911209B (en) | Method for establishing security public key password for resisting quantum computing attack | |
EP2375628A2 (en) | Signature schemes using bilinear mappings | |
WO2018201730A1 (en) | Lattice-based cloud storage data security audit method supporting uploading of data via proxy | |
CN110138543B (en) | Blind signcryption method under lattice public key cryptosystem | |
CN102263638A (en) | Authentication device, authentication method, program, and signature generation device | |
CN109981265B (en) | Identity-based ciphertext equivalence determination method without using bilinear pairings | |
CN108234129A (en) | A kind of two-way authentication cryptographic key negotiation method and system based on lattice password | |
CN112152813B (en) | Certificateless content extraction signcryption method supporting privacy protection | |
Zhu et al. | An identity‐based proxy signature on NTRU lattice | |
CN110190957B (en) | Certificateless multivariate broadcast multiple signature method | |
CN111030821B (en) | Encryption method of alliance chain based on bilinear mapping technology | |
CN110176995A (en) | Afterwards without certificate label decryption method on the lattice of quantum safety | |
CN113132104A (en) | Active and safe ECDSA (electronic signature SA) digital signature two-party generation method | |
CN110740034B (en) | Method and system for generating QKD network authentication key based on alliance chain | |
CN117216805A (en) | Data integrity audit method suitable for resisting Bayesian and hordeolum attacks in federal learning scene | |
CN110830254A (en) | Signcryption method based on identity and attribute | |
CN113938275A (en) | Quantum homomorphism signature method based on d-dimensional Bell state | |
CN114978515A (en) | Lightweight block chain encryption method based on hybrid encryption | |
CN114900283A (en) | Deep learning user gradient aggregation method based on multi-party security calculation | |
CN112398637A (en) | Equality test method based on certificate-free bookmark password | |
CN111756539B (en) | Identification encryption and decryption method capable of being repeated and random | |
Di et al. | An anti-quantum signature scheme over ideal lattice in Blockchain | |
CN111355590B (en) | Multivariable multiple signature method with strong designated verifier in certificateless environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190827 |
|
RJ01 | Rejection of invention patent application after publication |