CN104038341A - Identity-based cross-system proxy re-encryption method - Google Patents
Identity-based cross-system proxy re-encryption method Download PDFInfo
- Publication number
- CN104038341A CN104038341A CN201410280293.3A CN201410280293A CN104038341A CN 104038341 A CN104038341 A CN 104038341A CN 201410280293 A CN201410280293 A CN 201410280293A CN 104038341 A CN104038341 A CN 104038341A
- Authority
- CN
- China
- Prior art keywords
- ibe
- encryption
- ibbe
- identity
- alpha
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides an identity-based cross-system proxy re-encryption method. The identity-based cross-system proxy re-encryption method comprises steps run by a PKG (Private Key Generator), namely 1, inputting a coefficient lambda and outputting system parameters, 2, running a random number generation algorithm, 3, calculating bilinear pairings, and carrying out exponentiation and multiplication, 4, selecting a collision-resistant hash function and outputting a public key, 5, running the collision-resistant hash function, and 6, performing addition, calculating a reciprocal and an exponent, and outputting a private key, steps run by an authorizing party, namely 7, running the collision-resistant hash function, 8, running the random number generation algorithm and carrying out multiplication and exponentiation operations, and outputting a ciphertext, 9, selecting a blinding factor k, 10, running the collision-resistant hash function, and 11, running the random number generation algorithm and carrying out multiplication and exponentiation operations, and outputting a conversion private key, a step run by a proxy party, namely 12, calculating bilinear pairings and carrying out division, and outputting a re-encryption ciphertext, and steps run by an authorized party, namely 13, running the collision-resistant hash function, 14, calculating bilinear pairings, and carrying out addition, continuous multiplication and division, and outputting k, and 15, calculating bilinear pairings and carrying out multiplication, and outputting a plaintext.
Description
(1) technical field:
The present invention relates to a kind of cross-system based on identity and act on behalf of re-encryption method, can realize agency's conversion of ciphertext under different encryption systems, belong to field of cryptography in information security.
(2) technical background:
Along with the raising of communications security, multiple cryptographic system is suggested in order to data are encrypted to transmission, has guaranteed the communication personal secrets between user, and the public key encryption system based on identity is exactly be widely used a kind of.Whether the key adopting according to communicating pair is identical, and the system of data encryption is divided into two kinds: single key encryption system and public key encryption system; Public key encryption is to encrypt relative a kind of encryption system with single key, and both all emphasize that cryptographic algorithm can disclose, and decruption key must hold in close confidence, once Key Exposure, the data of whole encryption are just dangerous.Both differences are, the encryption key that single key is encrypted is identical with decruption key, and the encryption key of public key encryption is different from decruption key.In public key encryption system, PKI is in order to encrypt the information that will encrypt (we are referred to as expressly here), and private key is used for the information (we are referred to as ciphertext) after encrypting to encrypt here.
Encryption method based on identity---Identity-Based Encryption (IBE) starts to be proposed by Shamir most, belongs to public key encryption system.Participant is generally Encrypt and Decrypt side and private key generating center.In IBE system, the identity ID of the side of deciphering is as the PKI of encrypting, and this identity ID can be ID card No., email address or the telephone number etc. of deciphering side.Encrypt root and according to PKI, plaintext is encrypted, private key generating center---Private Key Generator (PKG) is responsible for, according to the identity of user in system, user is provided to private key, only has the identity of deciphering side consistent with PKI, can decipher.The advantage of this encryption method is, has removed PKIX---Public Key Infrastructure (PKI) provides the link of certificate of certification to user, alleviated the expense of system, has more Practical significance.
On the cryptographic algorithm basis of this efficient quick of IBE, derived again many multi-functional encryption methods based on identity, wherein just comprised the broadcast encryption method based on identity---Identity-Based Broadcast Encryption (IBBE).IBBE encryption method is mainly used in solving encrypting user and many decrypted users is carried out the application demand of broadcast enciphering simultaneously, the set that the identity that the PKI that encrypting user is used when encrypting is all decrypted users forms, only the user in this identity set just can be successfully to decrypt ciphertext.For example; a kind of like this application scenarios of our references: the doctor in charge A of certain hospital wants, with the n position doctor of other various big hospitals, the medical record information of analyzing certain patient is discussed jointly; owing to considering the sensitiveness of patient information and for the consideration of protection patient privacy, doctor A encrypted medical record information before sending case history.If adopt IBE encryption method herein, first A need to encrypt medical record information respectively according to n doctor's identity, generates n part ciphertext; If adopt IBBE encryption method, the identity set that A only must form according to n doctor's identity is encrypted once medical record information, generates a ciphertext, and the doctor in identity set can be to decrypt ciphertext; The method has been saved time and the energy of encrypting user greatly, has reduced the expense of ciphertext storage, and method is more efficient.
In addition, we consider another kind of application scenarios: mailbox user Alice has an envelope privacy enhanced mail to want to share with another user Bob, but this mail is to using the identity of Alice as PKI, encrypts under IBE encryption system, Bob cannot not complete deciphering while not knowing the private key of Alice.And Alice does not want to reveal under the prerequisite of own private key, traditional way is: Alice is used the private key of oneself to be decrypted mail, and the identity that re-uses Bob is encrypted again to the plaintext after deciphering.Send ciphertext to Bob; Bob is used the private key of oneself to the decrypt ciphertext of receiving, thereby has completed sharing of Mail Contents.Above-mentioned undoubtedly way is numerous and diverse and consuming time, thereby derives a kind of being called: " acting on behalf of re-encryption "---the solution of Proxy re-encryption (PRE).The concept of acting on behalf of re-encryption is to be proposed in the European cryptography annual meeting of 1998 by Blaze, Bleumer and tri-scientists of Strauss the earliest, in PRE scheme, communication participant is respectively private key generating center---PKG, decrypt authorized side (Delegator), act on behalf of re-encryption side (Proxy) and authorized just (Delegatee).Under above-mentioned application scenarios, if adopt the re-encryption method of acting on behalf of, Alice only needs to calculate a generation transition key---Re-encryption Key (RK) according to the identity of own private key and Bob as Delegator, and ciphertext and transition key are sent to simultaneously and act on behalf of re-encryption side; Act on behalf of the ciphertext that the private key that uses transition key, the ciphertext re-encryption that under the prerequisite of not knowing clear content and Alice private key information completely, the private key that only has Alice can be deciphered to obtain Bob in re-encryption side can be deciphered.Like this, Bob only need download the ciphertext after re-encryption from acting on behalf of re-encryption side, uses oneself private key to complete the deciphering of ciphertext.Act on behalf of in the process of re-encryption method operation, saved Delegator and original ciphertext has first been deciphered to the step of encrypting again, saved the spending of user and system; In addition, act on behalf of re-encryption side and in re-encryption link, can not know any information about plaintext and private key for user, data all exist with ciphertext form in the process of whole extraneous storage, have ensured the data security under complicated distributed network environment.
According to the difference of acting on behalf of the encryption direction of re-encryption, act on behalf of re-encryption and can be divided into and unidirectional act on behalf of re-encryption and two-way act on behalf of re-encryption; Unidirectional act on behalf of re-encryption and can realize the ciphertext that the ciphertext of the public key encryption of Delegator is converted to the public key encryption of authorized square Delegatee, oppositely cannot; Two-way act on behalf of re-encryption and can realize reverse ciphertext conversion simultaneously.
Along with acting on behalf of the proposition of re-encryption method, increasing encryption method combines from the thought of acting on behalf of re-encryption the re-encryption scheme of acting on behalf of having formed under different encryption systems.Consider the existing re-encryption scheme of acting on behalf of at present, the encryption system before and after ciphertext conversion is all identical; That is to say, be still the ciphertext under IBE encryption system if use the ciphertext that IBE encryption system is encrypted through acting on behalf of re-encryption afterwards, and this has limited to user's the scope of application under some application scenarios.With the user profile under cloud environment, encrypt and be stored as example, such user is under the hypodynamic restriction of own stored energy, selection upload the data to cloud server, for the fail safe of protected data and the object of saving storage overhead, the user who holds distributed storage data is organized with IBE encryption system, and each data is held user and has been distributed unique public affairs, private key pair by PKG; In data, hold before user upload the data to cloud server, the PKI being first assigned to according to oneself is encrypted data, is resent to high in the clouds storage.Data after encryption only have this user oneself to decipher, and have avoided data to suffer the danger that malicious server is divulged a secret.
Yet, when data are held user and want to carry out data sharing with a plurality of users, if adopt the existing re-encryption method of acting on behalf of, there are 2 restrictions: first authorized user need to have legal identity equally among this IBE encryption system; Secondly authorized user need to send to agent according to each authorized user's identity T.G Grammar key.When authorized side is in situation about organizing with other encryption systems, existingly act on behalf of re-encryption and just cannot successfully carry out.Therefore, we invented that a kind of scope of application is wider, more comprehensive " acting on behalf of re-encryption across the encryption system " method of function---can easily realize and act on behalf of ciphertext conversion from IBE encryption system to IBBE encryption system.IBE encryption system and IBBE encryption system are independent of one another existence in the methods of the invention, have respectively the system parameters of oneself, and agent has served as bridge beam action in transfer process, and IBE system and IBBE interconnection are got up.By transition key, convert the ciphertext after public key encryption in IBE system in the IBBE system ciphertext after public key encryption, realized user's cross-system deciphering.
Because IBE encryption system is different with the PKI that IBBE encryption system not only used, and in IBE encryption system ciphertext according to an identity ciphering, IBBE is that the identity set forming according to a plurality of identity is encrypted, ciphertext version after both encryptions must have very large difference, how successfully realizing ciphertext conversion, is the problem that our invention mainly solves.Based on existing a kind of efficient succinct IBBE encipherment scheme, we have constructed a kind of brand-new IBE encryption system.First, we make authorized party origination message be used to the PKI of oneself, and the IBE encryption system of designing according to us is encrypted, and only has authorized party's oneself private key successfully to decipher.Subsequently, random number is selected by authorized party side, blinds the private key of oneself, and the identity set by this random number according to authorized user utilizes the system parameters in IBBE system to encrypt.Meet the user of identity in authorized user's set and can successfully decipher and obtain this random value, finally recover cleartext information.In addition, the present invention is the unidirectional re-encryption method of acting on behalf of, and authorized party and agent cannot conspire to reach the object of the authorized square ciphertext of deciphering, thereby has farthest protected licensee's data security.
(3) summary of the invention:
1, object: a kind of cross-system based on identity is acted on behalf of re-encryption method
The object of the invention is to propose a kind of cross-system based on identity and act on behalf of re-encryption method, it is that a kind of identity base under different encryption systems is acted on behalf of re-encryption method, the method combines existing identity base encryption technology and acts on behalf of the advantage of Re-encryption Technology, can easily realize from authorized party to authorized square ciphertext conversion, the malice of simultaneously protecting cleartext information can not acted on behalf of re-encryption side in whole re-encryption process is revealed; Simultaneously we have redesigned novel identity base according to existing identity base broadcast enciphering (IBBE) scheme and have encrypted (IBE) system, when having retained the characteristics such as existing IBBE encryption system deciphering speed is fast, ciphertext is short, make to the ciphertext of IBBE system, to be converted into possibility across IBE.
2, technical scheme:
The present invention includes five entities: 1) private key generating center (Private Key Generator, PKG): there is identifying user identity, calculate the mechanism of generation, dispatch user private key functionality; 2) decrypt authorized side (Delegator): have encryption, T.G Grammar cipher key function individual or social framework; 3) act on behalf of re-encryption side (Proxy): have according to individual or the social framework of re-encrypted private key Re-encryption Key (RK) conversion ciphertext; 4) the authorized side of deciphering (Delegatee): have decipher function individual or social framework; 5) file management side (File Manager): the social framework with storage data function.
First, we define user's identity---ID, and the identity of representative of consumer in system is expressed as a string character string arbitrarily.Secondly, we define user identity set---S in IBBE system, represent broadcast enciphering towards user identity set, the element in set is the identity of user in IBBE system.Owing to having used the mathematical knowledge of bilinear map and this two aspect of anti-collision hash function in the designed algorithm of the present invention.Special at this definition and characteristic to bilinear map and anti-collision hash function make explanations.
2.1 bilinearitys pair
We define a kind of Function Mapping e (. .), by group
in element map to group
in go, that is:
Bilinearity has satisfied characteristic:
1. bilinear characteristics: for
there is e (g
a, h
b)=e (g, h)
abset up;
2. non-degeneracy:
in group, at least there is an element g, make the e (g, g) after calculating be
certain generator of group;
3. computability: have effective algorithm, make all
can effectively calculate the value of e (u, v);
Wherein, Z
prepresent to gather 0,1,2 ..., p-1}.
2.2 anti-collision hash functions
The hash function using in the present invention possesses two fundamental characteristics: one-way and anti-collision; One-way refers to and can only derive output from the input of hash function, and can not calculate from the output of hash function input; Anti-collision refers to and can not find two different hash function inputs to make coming to the same thing after its Hash.Hash algorithm input in the present invention is user's identity ID, with arbitrary string form, represents; Be output as and be mapped to territory Z
pin element.
2.3 scheme contents
The present invention is that a kind of cross-system based on identity is acted on behalf of re-encryption method, the method by initialization module, data encryption module, private key generation module, transition key generation module, act on behalf of re-encryption module and deciphering module, totally 15 steps of six modules realize its function, the system architecture diagram of acting on behalf of re-encryption method that the present invention is designed as shown in Figure 1, existing in conjunction with Fig. 1, the function introduction of the method for the invention and each module is as follows.
A kind of cross-system based on identity of the present invention is acted on behalf of re-encryption method, and its practice is as follows:
Module one: initialization module
PKG gathers authorized user in system safety parameter lambda, IBBE system the number of users upper limit (m-1) that can comprise as inputting in this module, exports master key MSK
iBE, MSK
iBBE, and PKI PK
iBE, PK
iBBE.PKI can disclose, and master key must hold in close confidence by PKG, can not reveal.The realization of this functions of modules is specifically divided into following four steps:
Step 1:PKG is input system security parameter λ first, and then executing arithmetic g (1
λ), export two groups that exponent number is prime number p
with a bilinear map computing
Step 2:
Next PKG moves Generating Random Number, selects at random
certain generator g in group,
an element h in group, and
an element α in territory is as Stochastic;
A bilinearity of step 3:PKG operation, to computing, twice exponentiation computing and (m-1) inferior multiplying, obtains
an element e (g, h) in group, and
(m+1) individual element in group
Step 4: last, PKG selects a kind of anti-collision hash function H (), and this function meets all characteristics of anti-collision hash function, input can be character string arbitrarily, is output as and is mapped to territory
in a certain element.Above-mentioned four parameters that step obtains of process:
Can external disclosure as the PKI of IBBE encryption system; The PKI of IBE encryption system is different from above-mentioned PKI, for:
IBE is identical with the master key of IBBE encryption system, for:
MSK
IBE=MSK
IBBE=(g,α)
By PKG keeping;
Wherein, at " the algorithm g (1 described in step 1
λ) ", its operation method is as follows: private key generating center (PKG) input system security parameter λ, according to the size of λ, system is selected corresponding elliptic curve: Y
2=X
3+ aX+b (a and b are coefficients), then by the point on elliptic curve form two prime number p rank group
select a kind of Function Mapping e, by group
in element map to group
in go; Security parameter numerical value is larger, and the point on selected elliptic curve is also more, and group is also larger.
Wherein, at " Generating Random Number " described in step 2, its way is as follows: according to selected elliptic curve: Y in step 1
2=X
3+ aX+b, selects a value x of independent variable X at random
1, calculate the value y of corresponding dependent variable Y
1; If point (x
1, y
1) at us, want, in the group of mapping, successfully to have generated random element.If point (x
1, y
1) not in group, continue to select the value of X, until find the point appearing in group.In addition territory,
represent to gather 1,2 ..., p-1}, selects territory at random
the random number generation function of middle element can Using Call Library Function operation from Pairing-Based Cryptosystems function bag.The Generating Random Number of hereinafter mentioning moves all as stated above.
Wherein, in " operation bilinearity to computing " described in step 3, its way is as follows: independent variable be input as group
in element g, h, be output as group
in element: e (g, h).
Wherein, at " the anti-collision hash function H () " described in step 4, equally can Using Call Library Function operation from Pairing-Based Cryptosystems function bag.
Module two: private key generation module
This module is respectively the user assignment private key in IBE system and IBBE system by PKG, and module is inputted identity ID and the master key MSK of a certain user in system
iBEor MSK
iBBE, generate corresponding private key SK
iBEor SK
iBBE, and the private key of output is sent to each system user keeping.This functions of modules be embodied as following two steps:
Step 5:PKG moves anti-collision hash function H (), calculates
ID in formula
iBErepresent the identity of user in IBE encryption system, ID
iBBErepresent the identity of user in IBBE encryption system, all use a string string representation arbitrarily;
Step 6:PKG moves an add operation, once asks computing reciprocal and asks exponent arithmetic, according to formula below, calculates the private key for user in IBE encryption system:
And, user's private key in IBBE encryption system:
Module three: data encryption module
Authorized party in IBE encryption system (Delegator) in this module by PKI PK
iBEwith the identity ID of oneself
iBEand message M to be encrypted is as input, exports the ciphertext CT after encrypting
iBE, and encrypt data is uploaded to the outsourcing storage of file management side.The realization of this functions of modules divides following two steps:
Step 7: authorized party is that Delegator moves anti-collision hash function H (), calculates
Step 8: authorized party is Delegator operation Generating Random Number, selects at random territory
in an element s as index, according to formula below, move twice multiplication and three exponentiation computings, obtain:
C
0=M·e(g,h)
s,
Last ciphertext is output as: CT
iBE=(C
0, C
1), this ciphertext is the identity ID according to Delegator
iBEencrypt, therefore only have the private key SK of Delegator oneself
iBEcan decipher;
Module four: transition key generation module
The private key SK obtaining from PKG of the authorized party in IBE encryption system (Delegator) basis oneself in this module
iBE, authorized user's (Delegatee) identity S set and the PKI PK of IBBE encryption system in IBBE encryption system
iBBE, calculate T.G Grammar key---RK
iBE → IBBE, and the transition key of generation is sent to while acting on behalf of re-encryption side in order to re-encryption and used.The realization of this functions of modules is specifically divided into following three steps:
Step 9: authorized party is that first Delegator moves Generating Random Number, selects at random
certain element in group
as blinding factor;
Step 10: for each identity in authorized user (Delegatee) identity S set, Delegator moves n anti-collision hash function H (), obtains:
H(ID
1IBBE),H(ID
2IBBE)…H(ID
nIBBE)
The identity quantity in the set of n representative of consumer wherein;
Step 11: authorized party is Delegator operation Generating Random Number, selects at random territory
in an element v as index; Move according to the following formula multinomial time exponentiation computing and multiplying, obtain:
C
0′=k·e(g,h)
v,
We are expressed as the result obtaining:
R=(C
0',C
1')
Through final step multiplying SK
iBEk, authorizes and has conveniently generated transition key:
RK
IBE→IBBE=(SK
IBE·k,R)
Wherein, the use that authorized user's (Delegatee) identity S set is defaulted as in all set is known per family.
Module five: act on behalf of re-encryption module
Act on behalf of re-encryption side (Proxy) after obtaining the transition key of Delegator generation, from file management side, download the enciphered data CT that authorized party uploads
iBE, and according to transition key RK
iBE → IBBEciphertext CT with needs conversion
iBE, the ciphertext after calculating side must change, the function of this module is calculated and is realized by a following step:
Step 12:Proxy move according to the following formula bilinearity to a division arithmetic, obtain:
Through the ciphertext of acting on behalf of after re-encryption, be:
CT
IBE→IBBE=(D
0,C
1,R);
Module six: deciphering module
We suppose that the identity of a certain authorized side (Delegatee) in authorized user's identity S set is ID
iIBBE, the private key in corresponding IBBE encryption system is SK
iIBBE.Delegatee receives the private key that PKG generates and downloads acquisition re-encryption ciphertext CT from acting on behalf of re-encryption side (Proxy)
iBE → IBBEafterwards, according to the private key information SK of oneself
iBBEwith authorized user's identity S set, can decipher and obtain blinding factor k, through a step simple calculations, just can obtain clear-text message M, the function of this module realizes and is specifically divided into following 3 steps:
Step 13: authorized side be Delegatee first for each identity in authorized user's identity S set, operation once anti-collision hash function H () obtains:
H(ID
1IBBE),H(ID
2IBBE)…H(ID
nIBBE)
Identity quantity in n representative of consumer set in formula;
Step 14: authorized side be Delegatee move according to the following formula twice bilinearity to computing and multinomial sub-addition, connect multiplication and obtain:
Carry out again a division arithmetic and can obtain blinding factor k:
Step 15: last, authorized side be Delegatee according to the following formula through bilinearity to and multiplying, obtain last clear-text message M:
3, advantage and effect:
The invention provides a kind of cross-system based on identity and act on behalf of re-encryption method, can be used for authorized party's ciphertext conversion under different encryption systems from authorized side, its advantage and effect are:
1) the inventive method, first on existing identity base broadcast enciphering (IBBE) scheme basis, has been constructed a kind of identity base and has been encrypted (IBE) scheme, and this scheme has advantages of that key is little, ciphertext is short.
2) the inventive method has been introduced and has been acted on behalf of re-encryption side, convert the ciphertext of the public key encryption with authorized party to ciphertext with authorized square public key encryption, the ciphertext that the private key that makes re-encryption can only convert by the ciphertext that authorized party's private key is deciphered before authorized side to also can be deciphered, make sharing of enciphered message both save the step that loaded down with trivial details deciphering is encrypted again, ensured the fail safe of sharing information simultaneously.
3) the inventive method is from advantage and the innovative point of the re-encryption method of acting on behalf of maximum in the past: the method connects the user under different encryption systems by acting on behalf of the thought of re-encryption, realizes like a cork sharing of enciphered message; The existing re-encryption method of acting on behalf of is only applicable to authorized party and the authorized side situation under identical encryption system, and this has limited user's the scope of application greatly.The inventive method is encrypted and identity base broadcast encryption method in conjunction with the identity base extensively coming into operation now, makes the shared possibility that becomes of encrypt file of cross-system by agent's participation.
4) authorized party in the inventive method only needed according to the private key of oneself and the user identity S set under IBBE encryption system before proxy-encrypted, according to the public key information of IBBE system, got final product T.G Grammar key; First blind authorized party's oneself private key, then use IBBE system encryption to blinding information, thereby guaranteed to only have the user of identity in S can decrypt the information of blinding, recover final plaintext.
5) in the inventive method act on behalf of the ciphertext of re-encryption side under obtaining IBE system and transition key after ciphertext is carried out in the process of re-encryption, can not know relevant private key for user and any information expressly, the method particularly suitable is in acting on behalf of the incomplete believable applied environment in re-encryption side.
(4) accompanying drawing explanation:
Fig. 1 is the system architecture diagram of the method for the invention.
Fig. 2 is the FB(flow block) of the method for the invention.
(5) embodiment
The present invention is that a kind of cross-system based on identity is acted on behalf of re-encryption method, see shown in Fig. 1,2, the method by initialization module, private key generation module, data encryption module, transition key generation module, act on behalf of re-encryption module and these six modules of deciphering module realize.The whole system flow of acting on behalf of the operation of re-encryption method is shown in Fig. 2, in conjunction with FB(flow block), the specific implementation step of the method is described below:
Module one: initialization module
The realization of this functions of modules is specifically divided into four steps:
Step 1:PKG is input system security parameter λ first, executing arithmetic g (1
λ), export two groups that exponent number is prime number p
with a bilinear map computing
Step 2:
Next PKG moves Generating Random Number, selects at random
certain generator g in group,
an element h in group, and
an element α in territory is as Stochastic.
A bilinearity of step 3:PKG operation, to computing, twice exponentiation computing and (m-1) inferior multiplying, obtains
an element e (g, h) in group, and
(m+1) individual element in group
Step 4: last, PKG selects a kind of anti-collision hash function H (), and this function meets all characteristics of anti-collision hash function, and input can be the character string of random length, is output as and is mapped to territory
in a certain element.
Above-mentioned four parameters that step obtains of process:
Can external disclosure as the PKI of IBBE encryption system; The PKI of IBE encryption system is different from above-mentioned PKI, for:
IBE is identical with the master key of IBBE encryption system, for:
MSK
IBE=MSK
IBBE=(g,α)
By PKG keeping.
Wherein, at " the algorithm g (1 described in step 1
λ) ", its operation method is as follows: private key generating center (PKG) input system security parameter λ, according to the size of λ, system is selected corresponding elliptic curve: Y
2=X
3+ aX+b (a and b are coefficients), then by the point on elliptic curve form two prime number p rank group
select a kind of Function Mapping e, by group
in element map to group
in go; Security parameter numerical value is larger, and the point on selected elliptic curve is also more, and group is also larger.
Wherein, " Generating Random Number " described in step 2, its way is as follows: according to selected elliptic curve: Y in step 1
2=X
3+ aX+b, selects a value x of independent variable X at random
1, calculate the value y of corresponding dependent variable Y
1; If point (x
1, y
1) at us, want, in the group of mapping, successfully to have generated random element.If point (x
1, y
1) not in group, continue to select the value of X, until find the point appearing in group.In addition territory,
represent to gather 1,2 ..., p-1}, selects territory at random
the random number generation function of middle element can Using Call Library Function operation from Pairing-Based Cryptosystems function bag.The Generating Random Number of hereinafter mentioning moves all as stated above.
Wherein, " operation bilinearity to computing " described in step 3, its way is as follows: independent variable be input as group
in element g, h, be output as group
in element: e (g, h).
Wherein, the anti-collision hash function H () described in step 4 equally can Using Call Library Function operation from Pairing-Based Cryptosystems function bag.
Module two: private key generation module
This functions of modules be embodied as two steps:
Step 5:PKG moves anti-collision hash function H (), calculates:
ID in formula
iBErepresent the identity of user in IBE encryption system, ID
iBBErepresent the identity of user in IBBE encryption system, all use a string string representation arbitrarily.
Step 6:PKG moves an add operation, once asks computing reciprocal and asks exponent arithmetic, according to formula below, calculates the private key for user in IBE encryption system:
And, user's private key in IBBE encryption system:
Module three: data encryption module
The realization of this functions of modules divides three steps:
Step 7:Delegator moves anti-collision hash function H (), calculates
Step 8:Delegator moves Generating Random Number, selects at random territory
in an element s as index, according to formula below, move twice multiplication and three exponentiation computings, obtain:
Last ciphertext is output as: CT
iBE=(C
0, C
1), this ciphertext is the identity ID according to Delegator
iBEencrypt, therefore only have the private key SK of Delegator oneself
iBEcan decipher.
Module four: transition key generation module
The realization of this functions of modules is specifically divided into three steps:
First step 9:Delegator moves Generating Random Number, selects at random
certain element in group
as blinding factor.
Step 10: for each identity in authorized user (Delegatee) identity S set, Delegator moves n anti-collision hash function H (), obtains:
H(ID
1IBBE),H(ID
2IBBE)…H(ID
nIBBE)
The identity quantity in the set of n representative of consumer wherein.
Step 11:Delegator moves Generating Random Number, selects at random territory
in an element v as index; Move according to the following formula multinomial time exponentiation computing and multiplying, obtain:
C
0′=k·e(g,h)
v,
We are expressed as the result obtaining:
R=(C
0',C
1')
Through final step multiplying SK
iBEk, authorizes and has conveniently generated transition key:
RK
IBE→IBBE=(SK
IBE·k,R)
Wherein, the use that authorized user's (Delegatee) identity S set is defaulted as in all set is known per family.
Module five: act on behalf of re-encryption module
The function of this module is calculated and is realized by a step:
Step 12:Proxy move according to the following formula bilinearity to a division arithmetic, obtain:
Through the ciphertext of acting on behalf of after re-encryption, be:
CT
IBE→IBBE=(D
0,C
1,R)
Module six: deciphering module
The function of this module realizes and is specifically divided into 3 steps:
Step 13:Delegatee is first for each identity in authorized user's identity S set, and operation once anti-collision hash function H () obtains:
H(ID
1IBBE),H(ID
2IBBE)…H(ID
nIBBE)
Identity quantity in n representative of consumer set in formula.
Step 14:Delegatee moves according to the following formula twice bilinearity computing and multinomial sub-addition, company's multiplication is obtained:
Carry out again a division arithmetic and can obtain blinding factor k:
Step 15: last, Delegatee according to the following formula through bilinearity to and multiplying, obtain last clear-text message M:
Claims (5)
1. the cross-system based on identity is acted on behalf of a re-encryption method, it is characterized in that: its practice is as follows:
Module one: initialization module
Private key generating center is that PKG is that in IBBE system, authorized user gathers the number of users upper limit m-1 that can comprise as input using system safety parameter lambda, broadcast encryption method based on identity in this module, exports master key MSK
iBE, MSK
iBBE, and PKI PK
iBE, PK
iBBE; PKI can be open, and master key must hold in close confidence by PKG, can not reveal; The realization of this functions of modules is specifically divided into following four steps:
Step 1:PKG is input system security parameter λ first, and then executing arithmetic g (1
λ), export two groups that exponent number is prime number p
with a bilinear map computing
Step 2:
Next PKG moves Generating Random Number, selects at random
certain generator g in group,
an element h in group, and
an element α in territory is as Stochastic;
A bilinearity of step 3:PKG operation, to computing, twice exponentiation computing and (m-1) inferior multiplying, obtains
an element e (g, h) in group, and
(m+1) individual element in group
Step 4: last, PKG selects a kind of anti-collision hash function H (), and this function meets all characteristics of anti-collision hash function, is input as character string arbitrarily, is output as and is mapped to territory
in a certain element;
Above-mentioned four parameters that step obtains of process:
PKI energy external disclosure as IBBE encryption system; The PKI of IBE encryption system is different from above-mentioned PKI, for:
IBE is identical with the master key of IBBE encryption system, for:
MSK
IBE=MSK
IBBE=(g,α)
By PKG keeping;
Module two: private key generation module
This module is respectively the user assignment private key in IBE system and IBBE system by PKG, and module is inputted identity ID and the master key MSK of a certain user in system
iBEor MSK
iBBE, generate corresponding private key SK
iBEor SK
iBBE, and the private key of output is sent to each system user keeping; This functions of modules be embodied as following two steps:
Step 5:PKG moves anti-collision hash function H (), calculates
ID in formula
iBErepresent the identity of user in IBE encryption system, ID
iBBErepresent the identity of user in IBBE encryption system, all use a string string representation arbitrarily;
Step 6:PKG moves an add operation, once asks computing reciprocal and asks exponent arithmetic, according to formula below, calculates the private key for user in IBE encryption system:
And, user's private key in IBBE encryption system:
Module three: data encryption module
Authorized party Delegator in IBE encryption system in this module by PKI PK
iBEwith the identity ID of oneself
iBEand message M to be encrypted is as input, exports the ciphertext CT after encrypting
iBE, and encrypt data is uploaded to the outsourcing storage of file management side; The realization of this functions of modules divides following two steps:
Step 7: authorized party is that Delegator moves anti-collision hash function H (), calculates
Step 8: authorized party is Delegator operation Generating Random Number, selects at random territory
in an element s as index, according to formula below, move twice multiplication and three exponentiation computings, obtain:
C
0=M·e(g,h)
s,
Last ciphertext is output as: CT
iBE=(C
0, C
1), this ciphertext is the identity ID according to Delegator
iBEencrypting, is the private key SK of Delegator oneself therefore only have authorized party
iBEcan decipher;
Module four: transition key generation module
Authorized party in IBE encryption system is the private key SK obtaining from PKG of Delegator basis oneself in this module
iBE, authorized user is the identity S set of Delegatee and the PKI PK of IBBE encryption system in IBBE encryption system
iBBE, calculate T.G Grammar key---RK
iBE → IBBE, and the transition key of generation is sent to while acting on behalf of re-encryption side in order to re-encryption and used; The realization of this functions of modules is specifically divided into following three steps:
Step 9: authorized party is that first Delegator moves Generating Random Number, selects at random
certain element in group
as blinding factor;
Step 10: be each identity in Delegatee identity S set for authorized side, authorized party is Delegator operation n anti-collision hash function H (), obtains:
H(ID
1IBBE),H(ID
2IBBE)…H(ID
nIBBE)
The identity quantity in the set of n representative of consumer wherein;
Step 11: authorized party is Delegator operation Generating Random Number, selects at random territory
in an element v as index; Move according to the following formula multinomial time exponentiation computing and multiplying, obtain:
C
0′=k·e(g,h)
v,
We are expressed as the result obtaining:
R=(C
0',C
1')
Through final step multiplying SK
iBEk, authorized party is that Delegator has just generated transition key:
RK
IBE→IBBE=(SK
IBE·k,R)
Wherein, authorized side is that the use that the identity S set of Delegatee is defaulted as in all set is known per family;
Module five: act on behalf of re-encryption module
Act on behalf of re-encryption side and be Proxy after obtaining the transition key that Delegator generates, the enciphered data CT uploading from file management side download authorized party
iBE, and according to transition key RK
iBE → IBBEciphertext CT with needs conversion
iBE, the ciphertext after calculating side must change, the function of this module is calculated and is realized by a following step:
Step 12: act on behalf of re-encryption side and be Proxy move according to the following formula bilinearity to a division arithmetic, obtain:
Through the ciphertext of acting on behalf of after re-encryption, be:
CT
IBE→IBBE=(D
0,C
1,R);
Module six: deciphering module
We suppose that a certain authorized side is that the identity of Delegatee in all authorized sides' identity S set is ID
iIBBE, the private key in corresponding IBBE encryption system is SK
iIBBE; Authorized side is that Delegatee receives the private key that PKG generates and is that Proxy downloads acquisition re-encryption ciphertext CT from acting on behalf of re-encryption side
iBE → IBBEafterwards, according to the private key information SK of oneself
iBBEwith all authorized sides' identity S set, can decipher and obtain blinding factor k, through a step simple calculations, just can obtain clear-text message M, the function of this module realizes and is specifically divided into following 3 steps:
Step 13: authorized side be Delegatee first for each identity in authorized user's identity S set, operation once anti-collision hash function H () obtains:
H(ID
1IBBE),H(ID
2IBBE)…H(ID
nIBBE)
Identity quantity in n representative of consumer set in formula;
Step 14: authorized side be Delegatee move according to the following formula twice bilinearity to computing and multinomial sub-addition, connect multiplication and obtain:
Carry out again a division arithmetic and can obtain blinding factor k:
Step 15: last, authorized side be Delegatee according to the following formula through bilinearity to and multiplying, obtain last clear-text message M:
2. a kind of cross-system based on identity according to claim 1 is acted on behalf of re-encryption method, it is characterized in that: at " the algorithm g (1 described in step 1
λ) ", its operation method is as follows: private key generating center is PKG input system security parameter λ, and according to the size of λ, system is selected corresponding elliptic curve: Y
2=X
3+ aX+b, a and b are coefficients, then the point on elliptic curve, consist of the group on two prime number p rank
select a kind of Function Mapping e, by group
in element map to group
in go; Security parameter numerical value is larger, and the point on selected elliptic curve is also more, and group is also larger.
3. a kind of cross-system based on identity according to claim 1 is acted on behalf of re-encryption method, it is characterized in that: at " Generating Random Number " described in step 2, its way is as follows: according to selected elliptic curve: Y in step 1
2=X
3| aX|b, selects a value x of independent variable X at random
1, calculate the value y of corresponding dependent variable Y
1; If point (x
1, y
1) at us, want, in the group of mapping, successfully to have generated random element; If point (x
1, y
1) not in group, continue to select the value of X, until find the point appearing in group; In addition territory,
represent to gather 1,2 ..., p-1}, selects territory at random
the random number generation function of middle element can Using Call Library Function operation from Pairing-Based Cryptosystems function bag.
4. a kind of cross-system based on identity according to claim 1 is acted on behalf of re-encryption method, it is characterized in that: in " operation bilinearity to computing " described in step 3, its way is as follows: independent variable be input as group
in element g, h, be output as group
in element: e (g, h).
5. a kind of cross-system based on identity according to claim 1 is acted on behalf of re-encryption method, it is characterized in that: at " the anti-collision hash function H () " described in step 4, equally can Using Call Library Function operation from Pairing-Based Cryptosystems function bag.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410280293.3A CN104038341B (en) | 2014-06-20 | 2014-06-20 | A kind of cross-system of identity-based acts on behalf of re-encryption method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410280293.3A CN104038341B (en) | 2014-06-20 | 2014-06-20 | A kind of cross-system of identity-based acts on behalf of re-encryption method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104038341A true CN104038341A (en) | 2014-09-10 |
CN104038341B CN104038341B (en) | 2017-04-05 |
Family
ID=51468938
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410280293.3A Active CN104038341B (en) | 2014-06-20 | 2014-06-20 | A kind of cross-system of identity-based acts on behalf of re-encryption method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104038341B (en) |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104320393A (en) * | 2014-10-24 | 2015-01-28 | 西安电子科技大学 | Effective attribute base agent re-encryption method capable of controlling re-encryption |
CN104539610A (en) * | 2014-12-25 | 2015-04-22 | 华中科技大学 | Agent re-encryption method for improving outsourced encrypted data sharing function |
CN104811450A (en) * | 2015-04-22 | 2015-07-29 | 电子科技大学 | Data storage method based on identity in cloud computing and integrity verification method based on identity in cloud computing |
CN104836657A (en) * | 2015-05-27 | 2015-08-12 | 华中科技大学 | Identity anonymity-based broadcast encryption method having efficient decryption characteristic |
CN105743646A (en) * | 2016-02-03 | 2016-07-06 | 四川长虹电器股份有限公司 | Encryption method and system based on identity |
CN105763528A (en) * | 2015-10-13 | 2016-07-13 | 北方工业大学 | Multi-recipient anonymous encryption apparatus under hybrid mechanism |
WO2016112734A1 (en) * | 2015-01-12 | 2016-07-21 | 北京科技大学 | Group encryption and decryption method and system having selection and exclusion functions |
CN106100844A (en) * | 2016-05-24 | 2016-11-09 | 天津大学 | Optimization automatic Bilinear map encryption method and the device of method is blinded based on point |
CN106790259A (en) * | 2017-01-25 | 2017-05-31 | 国家电网公司 | A kind of asymmetric across cryptographic system re-encryption, decryption method and system |
CN107086912A (en) * | 2017-04-10 | 2017-08-22 | 国家电网公司 | Ciphertext conversion method, decryption method and system in a kind of heterogeneous storage system |
CN108063752A (en) * | 2017-11-02 | 2018-05-22 | 暨南大学 | A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology |
CN108701094A (en) * | 2016-02-10 | 2018-10-23 | 移动熨斗公司 | The safely storage and distribution sensitive data in application based on cloud |
CN109471610A (en) * | 2018-10-25 | 2019-03-15 | 杭州隐知科技有限公司 | A kind of random digit generation method, device and storage medium |
CN110505233A (en) * | 2019-08-29 | 2019-11-26 | 苏州同济区块链研究院有限公司 | A kind of method of anti-conspiracy/secret protection proxy re-encryption |
CN110719295A (en) * | 2019-10-21 | 2020-01-21 | 武汉大学 | Identity-based food data security-oriented proxy re-encryption method and device |
CN110858243A (en) * | 2018-08-24 | 2020-03-03 | 京东数字科技控股有限公司 | Page acquisition method and device for gateway |
CN111698083A (en) * | 2020-06-03 | 2020-09-22 | 湖南大学 | Attribute-based encryption method capable of outsourcing multiple authorization centers |
CN114531293A (en) * | 2022-02-25 | 2022-05-24 | 东南大学 | Cross-trust-domain identity-proxy-based re-encryption method |
CN117056983A (en) * | 2023-10-13 | 2023-11-14 | 中国移动紫金(江苏)创新研究院有限公司 | Multistage controllable data sharing authorization method, device and blockchain system |
CN118041694A (en) * | 2024-04-11 | 2024-05-14 | 恒生电子股份有限公司 | Encrypted data authorization method, storage medium, program product and related device |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101807991A (en) * | 2009-02-18 | 2010-08-18 | 上海交通大学 | Ciphertext policy attribute-based encryption system and method |
EP2372948A1 (en) * | 2010-03-19 | 2011-10-05 | Huawei Technologies Co., Ltd. | Method, device, and system for an identity-based forward-secure digital signature |
CN102624522A (en) * | 2012-03-30 | 2012-08-01 | 华中科技大学 | Key encryption method based on file attribution |
CN103647644A (en) * | 2013-12-26 | 2014-03-19 | 北京航空航天大学 | Attribute-based encryption method for achieving hierarchical certification authority |
-
2014
- 2014-06-20 CN CN201410280293.3A patent/CN104038341B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101807991A (en) * | 2009-02-18 | 2010-08-18 | 上海交通大学 | Ciphertext policy attribute-based encryption system and method |
EP2372948A1 (en) * | 2010-03-19 | 2011-10-05 | Huawei Technologies Co., Ltd. | Method, device, and system for an identity-based forward-secure digital signature |
CN102624522A (en) * | 2012-03-30 | 2012-08-01 | 华中科技大学 | Key encryption method based on file attribution |
CN103647644A (en) * | 2013-12-26 | 2014-03-19 | 北京航空航天大学 | Attribute-based encryption method for achieving hierarchical certification authority |
Non-Patent Citations (1)
Title |
---|
WEIRAN LIU, XIAO LIU, QIANHONG WU, BO QIN: ""Experimental performance comparisons between (H)IBE schemes over composite-order and prime-order bilinear groups"", 《PROCEEDINGS OF 2014 11TH INTERNATIONAL BHURBAN CONFERENCE ON APPLIED SCIENCES & TECHNOLOGY (IBCAST)》 * |
Cited By (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104320393A (en) * | 2014-10-24 | 2015-01-28 | 西安电子科技大学 | Effective attribute base agent re-encryption method capable of controlling re-encryption |
CN104320393B (en) * | 2014-10-24 | 2018-04-17 | 西安电子科技大学 | The controllable efficient attribute base proxy re-encryption method of re-encryption |
CN104539610A (en) * | 2014-12-25 | 2015-04-22 | 华中科技大学 | Agent re-encryption method for improving outsourced encrypted data sharing function |
CN104539610B (en) * | 2014-12-25 | 2017-10-27 | 华中科技大学 | A kind of proxy re-encryption method for improving outsourcing encryption data sharing functionality |
US10411885B2 (en) | 2015-01-12 | 2019-09-10 | University Of Science And Technology Beijing | Method and system for group-oriented encryption and decryption with selection and exclusion functions |
WO2016112734A1 (en) * | 2015-01-12 | 2016-07-21 | 北京科技大学 | Group encryption and decryption method and system having selection and exclusion functions |
CN104811450A (en) * | 2015-04-22 | 2015-07-29 | 电子科技大学 | Data storage method based on identity in cloud computing and integrity verification method based on identity in cloud computing |
CN104811450B (en) * | 2015-04-22 | 2017-10-17 | 电子科技大学 | The date storage method and integrity verification method of a kind of identity-based in cloud computing |
CN104836657B (en) * | 2015-05-27 | 2018-01-26 | 华中科技大学 | A kind of identity-based anonymity broadcast encryption method with efficient decryption features |
CN104836657A (en) * | 2015-05-27 | 2015-08-12 | 华中科技大学 | Identity anonymity-based broadcast encryption method having efficient decryption characteristic |
CN105763528A (en) * | 2015-10-13 | 2016-07-13 | 北方工业大学 | Multi-recipient anonymous encryption apparatus under hybrid mechanism |
CN105763528B (en) * | 2015-10-13 | 2018-11-13 | 北方工业大学 | The encryption device of diversity person's anonymity under a kind of mixed mechanism |
CN105743646B (en) * | 2016-02-03 | 2019-05-10 | 四川长虹电器股份有限公司 | A kind of Identity based encryption method and system |
CN105743646A (en) * | 2016-02-03 | 2016-07-06 | 四川长虹电器股份有限公司 | Encryption method and system based on identity |
CN108701094A (en) * | 2016-02-10 | 2018-10-23 | 移动熨斗公司 | The safely storage and distribution sensitive data in application based on cloud |
CN106100844B (en) * | 2016-05-24 | 2020-08-18 | 天津大学 | Optimized automatic bilinear pairing encryption method and device based on point blinding method |
CN106100844A (en) * | 2016-05-24 | 2016-11-09 | 天津大学 | Optimization automatic Bilinear map encryption method and the device of method is blinded based on point |
CN106790259A (en) * | 2017-01-25 | 2017-05-31 | 国家电网公司 | A kind of asymmetric across cryptographic system re-encryption, decryption method and system |
CN107086912B (en) * | 2017-04-10 | 2020-02-07 | 国家电网公司 | Ciphertext conversion method, decryption method and system in heterogeneous storage system |
CN107086912A (en) * | 2017-04-10 | 2017-08-22 | 国家电网公司 | Ciphertext conversion method, decryption method and system in a kind of heterogeneous storage system |
CN108063752A (en) * | 2017-11-02 | 2018-05-22 | 暨南大学 | A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology |
CN108063752B (en) * | 2017-11-02 | 2020-05-08 | 暨南大学 | Credible gene detection and data sharing method based on block chain and agent re-encryption |
CN110858243B (en) * | 2018-08-24 | 2024-04-12 | 京东科技控股股份有限公司 | Page acquisition method and device for gateway |
CN110858243A (en) * | 2018-08-24 | 2020-03-03 | 京东数字科技控股有限公司 | Page acquisition method and device for gateway |
CN109471610A (en) * | 2018-10-25 | 2019-03-15 | 杭州隐知科技有限公司 | A kind of random digit generation method, device and storage medium |
CN110505233A (en) * | 2019-08-29 | 2019-11-26 | 苏州同济区块链研究院有限公司 | A kind of method of anti-conspiracy/secret protection proxy re-encryption |
CN110719295A (en) * | 2019-10-21 | 2020-01-21 | 武汉大学 | Identity-based food data security-oriented proxy re-encryption method and device |
CN111698083A (en) * | 2020-06-03 | 2020-09-22 | 湖南大学 | Attribute-based encryption method capable of outsourcing multiple authorization centers |
CN114531293A (en) * | 2022-02-25 | 2022-05-24 | 东南大学 | Cross-trust-domain identity-proxy-based re-encryption method |
CN114531293B (en) * | 2022-02-25 | 2024-05-24 | 东南大学 | Cross-trust-domain based identity agent re-encryption method |
CN117056983A (en) * | 2023-10-13 | 2023-11-14 | 中国移动紫金(江苏)创新研究院有限公司 | Multistage controllable data sharing authorization method, device and blockchain system |
CN117056983B (en) * | 2023-10-13 | 2024-01-02 | 中国移动紫金(江苏)创新研究院有限公司 | Multistage controllable data sharing authorization method, device and blockchain system |
CN118041694A (en) * | 2024-04-11 | 2024-05-14 | 恒生电子股份有限公司 | Encrypted data authorization method, storage medium, program product and related device |
Also Published As
Publication number | Publication date |
---|---|
CN104038341B (en) | 2017-04-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104038341B (en) | A kind of cross-system of identity-based acts on behalf of re-encryption method | |
CN109246096B (en) | Multifunctional fine-grained access control method suitable for cloud storage | |
CN103647642B (en) | A kind of based on certification agency re-encryption method and system | |
CN103259643B (en) | A kind of full homomorphic cryptography method of matrix | |
CN103731261B (en) | Secret key distribution method under encrypted repeating data deleted scene | |
CN102811125B (en) | Certificateless multi-receiver signcryption method with multivariate-based cryptosystem | |
CN104158880B (en) | User-end cloud data sharing solution | |
CN1859090B (en) | Encipher method and system based identity | |
CN102523093B (en) | Encapsulation method and encapsulation system for certificate-based key with label | |
CN109831430A (en) | Safely controllable efficient data sharing method and system under a kind of cloud computing environment | |
CN104320393B (en) | The controllable efficient attribute base proxy re-encryption method of re-encryption | |
CN103986574A (en) | Hierarchical identity-based broadcast encryption method | |
CN104135473B (en) | A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy | |
CN107172043B (en) | A kind of smart power grid user sale of electricity method based on homomorphic cryptography | |
CN107086912B (en) | Ciphertext conversion method, decryption method and system in heterogeneous storage system | |
CN103746811A (en) | Anonymous signcryption method from identity public key system to certificate public key system | |
CN113141247B (en) | Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium | |
CN106790259A (en) | A kind of asymmetric across cryptographic system re-encryption, decryption method and system | |
CN106713349A (en) | Inter-group proxy re-encryption method capable of resisting selected ciphertext attack | |
CN103269272B (en) | A kind of key encapsulation method based on short-lived certificates | |
CN114095171A (en) | Identity-based wearable proxy re-encryption method | |
CN104144057B (en) | A kind of CP ABE methods for generating secure decryption key | |
CN103746810A (en) | Anonymous sign-cryption method from certificate public key system to identity public key system | |
Shah et al. | Efficient Cryptography for data security | |
Kaur et al. | Comparative Study Of Different Cryptoghraphic Algorithms. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |