CN104410496B - Multi-receiver key encapsulation method - Google Patents
Multi-receiver key encapsulation method Download PDFInfo
- Publication number
- CN104410496B CN104410496B CN201410670955.8A CN201410670955A CN104410496B CN 104410496 B CN104410496 B CN 104410496B CN 201410670955 A CN201410670955 A CN 201410670955A CN 104410496 B CN104410496 B CN 104410496B
- Authority
- CN
- China
- Prior art keywords
- key
- recipient
- receiver
- ciphertext
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of new and effective multi-receiver key encapsulation method, comprise the following steps:Step 1, the security parameter of multi-receiver key encapsulation input is set, Bilinear Groups are produced according to system initialization module, element is chosen from the Bilinear Groups, systematic parameter is generated;Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, public key is calculated according to the private key of selection;Step 3, according to the public key set of systematic parameter and a recipient, operation is encrypted to realize multi-receiver key encapsulation;Step 4, each recipient uses the private key of oneself, the ciphertext received is decrypted, so as to obtain the key being encapsulated in ciphertext.
Description
Technical field
The present invention relates to computer realm, more particularly to a kind of efficient multi-receiver key encapsulation method.
Background technology
Many recipient's key encapsulation algorithms (mKEM) are a kind of cryptographic primitives put forward first by Smart, and it allows
One key secret ground simultaneous transmission is given multiple recipients by sender.The key that mKEM is produced can be for simultaneously secret by message
Thickly it is transferred to multiple recipients.Therefore, there are very big actual demand, example in the related application of mKEM multi-user's confidential communication
Such as secret Online Video meeting and message broadcast application.In terms of security, weigh mKEM whether one of safety it is main
Index is that can the algorithm resist chosen ciphertext attacks.In cryptanalysis, chosen ciphertext attacks refer to a kind of attack pattern.
Attacker grasps the access rights to decrypting prophesy machine, can construct the plaintext corresponding to any ciphertext.Chosen ciphertext attacks can be with
It is divided into non-habitual chosen ciphertext attacks (CCA1) and adaptive chosen ciphertext attack (CCA2).Non-habitual chosen ciphertext attacks
Refer to that attacker can inquire decryption prophesy machine before target ciphertext is obtained, but cannot after obtaining.Adapt to Sexual behavior mode
Ciphertext only attack refers to that attacker can all inquire decryption prophesy machine before and after target ciphertext is obtained.Chosen ciphertext attacks will to attacker
Ask relatively strong, it requires that attacker is able to access that decryption prophesy machine, so as to obtain the decrypted result of the ciphertext of attacker oneself construction.
Master pattern (Standard Model):Master pattern closer to true agreement realization, and do not assume that it is preferable with
The presence of machine function or preferable encryption function, but use the Cryptographic Properties preferably impact resistant hash function of safety or
Pseudo-random permutation.
Random oracle model (Random Oracle Model, ROM):One cryptographic primitive is assumed to reason by the model
The random of wanting hooks function (random oracle), and all agreement participants can be accessed by inquiring about (Query), right
In the input of random length, the value for selecting a certainty length is chosen in domain output as the answer to inquiry.Agreement
Security Proof is completed under this preferable hypothesis.
The problem of existing
In document [1, Nigel P.Smart.Efficient key encapsulation to multiple
Parties.Security in Communication Networks, 4th International Conference, SCN
2004, Proceedings, volume 3352of LNCS, pages 208-219.Springer Berlin Heidelberg,
2004.] proposed in first based on indistinguishability (Indistinguishability, IND) and can be to CCA2 classes
Attack the mKEM security models (we referred to as it be Smart models) of Formal Modeling.Safety experiment in the model is considered
(if not accounting for the setting, we are referred to as Outsider external securities to a kind of situation of anti-inside (Insider) security
Property), its permission attacker selects from one group of given recipient in simple terms takes arbitrary a part of recipient to generate most
Whole challenge ciphertext.In order to simulate CCA2 attacks, Smart models allow one decryption prophesy machine of attacker's access, and (we use OD
Represent).The OD is for giving a ciphertext and corresponding recipient, if the ciphertext of (i) input and final challenge
(Challenge) ciphertext is different, and the key and challenge ciphertext of the encapsulation of (ii) ciphertext are different, then it returns corresponding
Decryption after key.But Smart models have a problem that it is that he weakens the CCA2 attacks in practical application, because
It is supplied to the OD of attacker to include the limitation of (ii) above description in its safety experiment.One is it is also proposed simultaneously is based on Elgmal
The mKEM algorithms (we referred to as it be Smart algorithms) of algorithm, the algorithm is proved in Smart models based on random oracle model
Under be safe.But the algorithm can not be proved under master pattern.Due to random oracle model need it is Utopian with
It is non-existent in real life that machine, which hooks function, therefore its security intensity also enjoys query, much in random oracle model
It is lower to prove the agreement of safety, it is proved to dangerous after instantiation.
Document [2, Manuel Barbosa and Pooya Farshim.Randomness reuse:Extensions
And improvements.Cryptography and Coding, 11th IMA International Conference,
Proceedings, volume 4887of LNCS, pages 257-276.Springer Berlin Heidelberg, 2007.
With 3, Harunaga Hiwatari, Keisuke Tanaka, Tomoyuki Asano, and Koichi
Sakumoto.Multi-recipient public-key encryption from simulators in security
Proofs.Information Security and Privacy, 14th Australasian Conference, ACISP
2009, Proceedings, volume 5594of LNCS, pages 293-308.Springer Berlin Heidelberg,
2009.] some the representational mKEM algorithms proposed in, are proved to be safe under master pattern.But these algorithms do not have
Have and be proved to be able to resistance CCA2 attacks, and do not account for the Insider IGPs in Smart models.
The content of the invention
It is contemplated that at least solving technical problem present in prior art, especially innovatively propose a kind of efficiently many
Recipient's key encapsulation method.
In order to realize the above-mentioned purpose of the present invention, the invention provides a kind of efficient multi-receiver key encapsulation method, its
It is critical that comprising the following steps:
Step 1, the security parameter of multi-receiver key encapsulation input is set, bilinearity is produced according to system initialization module
Group, chooses element from the Bilinear Groups, generates systematic parameter;
Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, according to choosing
The private key taken calculates public key;
Step 3, according to the public key set of systematic parameter and a recipient, operation is encrypted to realize that multi-receiver is close
Key is encapsulated;
Step 4, each recipient use the private key of oneself, the ciphertext received is decrypted, thus obtain be encapsulated in it is close
Key in text.
Described efficient multi-receiver key encapsulation method, it is preferred that the step 1 includes:
Generation systematic parameter the step of be:
Input security parameter 1μ, wherein, 1μμ continuous 1 is represented, the μ is positive integer;
Produce Bilinear Groups Q=(G, g, GT, p, e), wherein, p is a Big prime, (G, GT) for group using p as order, g is
Group G generation element, e is symmetrical bilinear operation e:G×G→GT;
Element (u is randomly selected from group G1,u2)∈RG,
The public key and private key of the Chameleon hash functions of an anti-collision are randomly generated to (pkCH,SkCH), return to system
Parameter of uniting pmssys:=(Q, pkCH,u1,u2, e (g, g)), wherein, the Chameleon hash functions of anti-collision are CH:pkCH×
{0,1}*×RCH→Zp, wherein pkCHFor the public key of CH functions, { 0,1 }*For arbitrary string, RCHFor the distribution of a random number
Space, and ZpFor the positive integer multiplicative group of mould p computings.
Described efficient multi-receiver key encapsulation method, it is preferred that the step 2 includes:
Input system parameter pmssys;
From positive integer multiplicative groupOne random private key of middle selection
Calculate public key pk:=gskmodp。
Described efficient multi-receiver key encapsulation method, it is preferred that the step 3 also includes:
Input system parameter pmssysWith the public key set { pk of a recipienti}1≤i≤j,
Step 3-1, chooses two random numbers respectivelyWith r ∈R RCH, the subscript R is uniformly random selection;
Step 3-2, calculating encryption key is k:=e (g, g)x;
Step 3-3, for i from 1 to j, 1≤i≤j is calculated
Step 3-4, calculates cryptographic Hash hX:=CH (X1||X2||...||Xj, r) and mark
Step 3-5, sets ciphertext C:=({ Xi}1≤i≤j)。
Described efficient multi-receiver key encapsulation method, it is preferred that the step 4 includes:
Given system parameter, ciphertext C:=({ Xi}1≤i≤j) and i-th of recipient private cipher key ski,
Step 4-1, calculates hX:=CH (X1||X2||...||Xj, r), ifThen terminate
Computing;
Step 4-2, calculates encryption key
In summary, by adopting the above-described technical solution, the beneficial effects of the invention are as follows:
Public-key cryptography of the present invention and private cipher key pair are most short, and AES efficiency highests, are come for user
Say, special group communication and the security exchanged are ensure that in special group environment, outside world is prevented and cracks this
The communication exchanges activity of special group.
The additional aspect and advantage of the present invention will be set forth in part in the description, and will partly become from the following description
Obtain substantially, or recognized by the practice of the present invention.
Brief description of the drawings
The above-mentioned and/or additional aspect and advantage of the present invention will become from description of the accompanying drawings below to embodiment is combined
Substantially and be readily appreciated that, wherein:
Fig. 1 is efficiently multi-receiver key encapsulation method flow diagram of the invention.
Embodiment
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end
Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached
The embodiment of figure description is exemplary, is only used for explaining the present invention, and is not considered as limiting the invention.
In the description of the invention, it is to be understood that term " longitudinal direction ", " transverse direction ", " on ", " under ", "front", "rear",
The orientation or position relationship of the instruction such as "left", "right", " vertical ", " level ", " top ", " bottom " " interior ", " outer " is based on accompanying drawing institutes
The orientation or position relationship shown, is for only for ease of the description present invention and simplifies description, rather than indicate or imply signified dress
Put or element there must be specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the limit of the present invention
System.
In the description of the invention, unless otherwise prescribed with limit, it is necessary to explanation, term " installation ", " connected ",
" connection " should be interpreted broadly, for example, it may be mechanically connect or electrical connection or the connection of two element internals, can
To be to be joined directly together, it can also be indirectly connected to by intermediary, for the ordinary skill in the art, can basis
Concrete condition understands the concrete meaning of above-mentioned term.
As shown in figure 1, the invention provides a kind of efficient multi-receiver key encapsulation method, it is it is critical that including such as
Lower step:
Step 1, the security parameter of multi-receiver key encapsulation input is set, bilinearity is produced according to system initialization module
Group, chooses element from the Bilinear Groups, generates systematic parameter;
Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, according to choosing
The private key taken calculates public key;
Step 3, according to the public key set of systematic parameter and a recipient, operation is encrypted to realize that multi-receiver is close
Key is encapsulated;
Step 4, each recipient use the private key of oneself, the ciphertext received is decrypted, thus obtain be encapsulated in it is close
Key in text.
First, symbol description.
We briefly introduce necessary basic conception first.We represent security parameter and 1 with positive integer μμTable
Show by μ continuous 1.We represent 1 to positive integer all between n with [n]={ 1 ..., n }.Assuming that S is a collection
Close, then we use formula a ∈RS represents one element a of selection random from set S.
The YZ algorithms of the present invention have used following cryptographic service module:(1) Bilinear Groups (G, g, GT, p, e) wherein p is one
Individual sufficiently large prime number, (G, GT) for group using p as order, g is group G generation element, and e is symmetrical bilinear operation e:G×G→
GT;(2) the Chameleon hash functions CH of anti-collision:pkCH×{0,1}*×RCH→Zp, wherein pkCHFor the public key of CH functions,
{0,1}*For arbitrary string, RCHFor the distribution space of a random number, and ZpFor the positive integer multiplicative group of mould p computings;(3)
Square Bilinear Decisional Diffie-Hellman (sqBDDH) difficult math question:Given element (g, gy,gxy,e
(g,g)γ)∈G3×GT, so it is extremely difficult to distinguish γ whether to be equal to x.
2nd, YZ arthmetic statements
Assuming that n is a positive integer variable, for representing that maximum recipient's quantity, and a positive integer variable j expire
Foot 1≤j≤n is used for storing the quantity of recipient in each cryptographic operation.The YZ algorithms that we design include 3 subalgorithms:
(mKEM.Setup, mKEM.Gen, mKEM.Enc, mKEM.Dec), wherein mKEM.Setup are used for generating systematic parameter,
MKEM.Gen is used for generating the private key and public key of each recipient, and mKEM.Enc is AES, and mKEM.Dec is decipherment algorithm.
The specific implementation procedure of each subalgorithm is defined as foloows:
1、mKEM.Setup(1μ):Input security parameter 1μ, the algorithm produces Bilinear Groups Q=(G, g, G firstT, p, e),
And element (u is randomly selected from group G1,u2)∈RG, then randomly generates public key and the private of Chameleon hash function
Key is to (pkCH,SkCH)).Wherein, wherein p is a sufficiently large prime number, (G, GT) for group using p as order, g is group G generation
Element, e is symmetrical bilinear operation e:G×G→GT;The algorithm finally returns to systematic parameter pmssys:=(Q, pkCH,u1,u2,e
(g,g))。
2、mKEM.Gen(pmssys):Input system parameter pmssys, the algorithm is first from positive integer multiplicative groupIt is middle to choose
One random private keyThen public key pk is calculated:=gskmodp。
3、mKEM.Enc(pmssys,{pki}1≤i≤j):Input system parameter pmssysWith the public key set of a recipient
{pki}1≤i≤j, the algorithm performs following steps:
(1) two random numbers are chosen respectivelyWith r ∈R RCH;
(2) it is k to calculate encryption key:=e (g, g)x;
(3) for i from 1 to j, 1≤i≤j is calculated
(4) cryptographic Hash h is calculatedX:=CH (X1||X2||...||Xj, r) and mark
(5) ciphertext C is set:=({ Xi}1≤i≤j)。
4、mKEM.Dec(pmssys,i,C,ski);Given system parameter, ciphertext C:=({ Xi}1≤i≤j), and i-th of reception
The private cipher key sk of personi, the algorithm performs following steps:
(1) h is calculatedX:=CH (X1||X2||...||Xj, r), ifThen terminate computing.
(2) encryption key is calculated
By algorithm above, a sender just can share a key k with most n recipients.The key can be used
To encrypt the data of related application, so as to reach the purpose of confidential transmissions information.Meanwhile, YZ algorithms have can be as a password
Primitive is learned to go to build other cryptographic algorithms, such as group key exchange agreement etc..In addition, the calculating of sqBDDH problems is complicated
Degree determines the security of YZ algorithms, that is to say, that YZ security can be difficult to sqBDDH mathematics in stipulations under master pattern
Topic.
(3) performance comparision
In table 1, summarize YZ algorithms and can be proved in the recent period under master pattern between the mKEM algorithms of security
Performance comparision.Ours is carried out more from the following aspect:(i) safety is it is assumed that (ii) public key and private key number, (iii) ciphertext are long
Degree -- group's element number, (iv) encryption performance-exponent arithmetic (E) and many base index computings (ME).Base index more than 1 is transported
Calculate (ME) and be about as much as 1.5 common exponent arithmetics (E).
Wherein HTAS2 refer to document [3, Harunaga Hiwatari, Keisuke Tanaka, Tomoyuki
Asano, and Koichi Sakumoto.Multi-recipient public-key encryption from
Simulators in security proofs.In Colin Boyd and Juan Manuel Gonz_alez Nieto,
Editors, Information Security and Privacy, 14th Australasian Conference, ACISP
2009, Brisbane, Australia, July 1-3,2009, Proceedings, volume 5594of LNCS, pages
293-308.Springer Berlin Heidelberg, 2009.] in second mKEM algorithm proposing.
It is not difficult to find out from table above, YZ algorithms of the invention are proved to be safest, and need minimum public affairs
Key and key, encryption performance are also best.
For the deficiency of Smart models and the mKEM algorithms being recently proposed, the new mKEM agreements of the present invention consider following set
Count target:
Security can be proved under master pattern,
The complete CCA2 attacks of used security model energy formal definitions (namely without in Smart models on
OD second limitation).
Improve the length of the efficiency of AES, reduction public key and private key.
3. the characteristics of new technology and advantage
MKEM algorithms (using YZ algorithmic notations below) proposed by the present invention, the algorithm is in public key and private key pair and ciphertext side
Face has greater compactness of structure.The YZ algorithms are very simple and effective.The public and private cipher key of each recipient by
One group element composition.In terms of ciphertext length, if n recipient (wherein n for any positive integer) more than 1, we
The ciphertext of algorithm is the positive integer for the bit length that the only n+1 Bilinear Groups elements with Prime Orders p are equal to p plus a length
Element.Meanwhile, AES need about n+2.5 exponent arithmetic, and decipherment algorithm needs about 3.5 exponent arithmetics and
3 bilinear map computings.YZ algorithms are compared with the mKEM algorithms under master pattern similar before, are very competitive
, public keys especially of the present invention and private cipher key pair are most short, and AES efficiency highests.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means to combine specific features, structure, material or the spy that the embodiment or example are described
Point is contained at least one embodiment of the present invention or example.In this manual, to the schematic representation of above-mentioned term not
Necessarily refer to identical embodiment or example.Moreover, specific features, structure, material or the feature of description can be any
One or more embodiments or example in combine in an appropriate manner.
Although an embodiment of the present invention has been shown and described, it will be understood by those skilled in the art that:Not
In the case of departing from the principle and objective of the present invention a variety of change, modification, replacement and modification can be carried out to these embodiments, this
The scope of invention is limited by claim and its equivalent.
Claims (5)
1. a kind of multi-receiver key encapsulation method, it is characterised in that comprise the following steps:
Step 1, the security parameter of multi-receiver key encapsulation input is set, Bilinear Groups are produced according to system initialization module,
Element is chosen from the Bilinear Groups, systematic parameter is generated;
Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, according to selection
Private key calculates public key;
Step 3, according to the public key set of systematic parameter and recipient, operation is encrypted to realize multi-receiver key encapsulation;
Step 4, each recipient uses the private key of oneself, and the ciphertext received is decrypted, is encapsulated in so as to obtain in ciphertext
Key.
2. multi-receiver key encapsulation method according to claim 1, it is characterised in that the step 1 includes:
Generation systematic parameter the step of be:
Input security parameter 1μ, wherein, 1μμ continuous 1 is represented, the μ is positive integer;
Produce Bilinear Groups Q=(G, g, GT, p, e), wherein, p is a Big prime, (G, GT) for group using p as order, g is group G
Generation element, e be symmetrical bilinear operation e:G×G→GT;
Element (u is randomly selected from group G1,u2)∈RG, the subscript R choose to be uniformly random;
The public key and private key of the Chameleon hash functions of an anti-collision are randomly generated to (pkCH,SkCH), return system parameter
pmssys:=(Q, pkCH,u1,u2, e (g, g)), wherein, the Chameleon hash functions of anti-collision are CH:pkCH×{0,1}*×
RCH→Zp, wherein pkCHFor the public key of CH functions, { 0,1 }*For arbitrary string, RCHFor the distribution space of a random number, and
ZpFor the positive integer multiplicative group of mould p computings.
3. multi-receiver key encapsulation method according to claim 2, it is characterised in that the step 2 includes:
Input system parameter pmssys;
From positive integer multiplicative groupOne random private key of middle selectionThe subscript R chooses to be uniformly random;
Calculate public key pk:=gskmod p。
4. multi-receiver key encapsulation method according to claim 3, it is characterised in that the step 3 also includes:
Input system parameter pmssysWith the public key set { pk of recipienti}1≤i≤j;
Step 3-1, chooses two random numbers respectivelyWith r ∈RRCH, the subscript R is uniformly random selection;
Step 3-2, calculating encryption key is k:=e (g, g)x;
Step 3-3, for i from 1 to j, 1≤i≤j is calculatedI, j >=1 positive integer;
Step 3-4, calculates cryptographic Hash hX:=CH (X1||X2||...||Xj, r) and mark
Step 3-5, sets ciphertext C:=({ Xi}1≤i≤j)。
5. multi-receiver key encapsulation method according to claim 4, it is characterised in that the step 4 includes:
Given system parameter, ciphertext C:=({ Xi}1≤i≤j) and i-th of recipient private cipher key ski,
Step 4-1, calculates hX:=CH (X1||X2||...||Xj, r), ifThen terminate computing;
Step 4-2, calculates encryption key
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410670955.8A CN104410496B (en) | 2014-11-20 | 2014-11-20 | Multi-receiver key encapsulation method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410670955.8A CN104410496B (en) | 2014-11-20 | 2014-11-20 | Multi-receiver key encapsulation method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104410496A CN104410496A (en) | 2015-03-11 |
CN104410496B true CN104410496B (en) | 2017-10-03 |
Family
ID=52648094
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410670955.8A Expired - Fee Related CN104410496B (en) | 2014-11-20 | 2014-11-20 | Multi-receiver key encapsulation method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104410496B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104754570B (en) * | 2015-04-13 | 2021-06-22 | 河南师范大学 | Key distribution and reconstruction method and device based on mobile internet |
CN105119878B (en) * | 2015-07-07 | 2018-07-31 | 环玺信息科技(上海)有限公司 | A kind of implementation method of wireless internet of things |
CN105119885B (en) * | 2015-07-10 | 2018-03-27 | 重庆理工大学 | Safe efficient single-wheel three parts cipher key exchange method under master pattern |
CN105471861B (en) * | 2015-11-19 | 2018-08-07 | 上海应用技术学院 | Message dynamic encapsulation method and dynamic tunnel construction method |
CN110430036B (en) * | 2019-07-05 | 2021-09-07 | 云南大学 | RGB (Red, Green and blue) color image encryption method based on inverse difference chaotic mapping |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101179374A (en) * | 2006-11-09 | 2008-05-14 | 日电(中国)有限公司 | Communication equipment, communications system and method therefor |
CN102710613A (en) * | 2012-05-14 | 2012-10-03 | 西安电子科技大学 | Signcryption method of biological features of a plurality of receivers |
CN102811125A (en) * | 2012-08-16 | 2012-12-05 | 西北工业大学 | Certificateless multi-receiver signcryption method with multivariate-based cryptosystem |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6012356A (en) * | 1998-11-05 | 2000-01-11 | Shimano Inc. | Bicycle pedal with gap adjustment mechanism |
EP2016701A4 (en) * | 2006-04-25 | 2012-04-25 | Stephen Laurence Boren | Dynamic distributed key system and method for identity management, authentication servers, data security and preventing man-in-the-middle attacks |
-
2014
- 2014-11-20 CN CN201410670955.8A patent/CN104410496B/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101179374A (en) * | 2006-11-09 | 2008-05-14 | 日电(中国)有限公司 | Communication equipment, communications system and method therefor |
CN102710613A (en) * | 2012-05-14 | 2012-10-03 | 西安电子科技大学 | Signcryption method of biological features of a plurality of receivers |
CN102811125A (en) * | 2012-08-16 | 2012-12-05 | 西北工业大学 | Certificateless multi-receiver signcryption method with multivariate-based cryptosystem |
Non-Patent Citations (2)
Title |
---|
一个高效的基于身份的签密方案;李发根;《计算机学报》;20060930;第1642-1647页 * |
无证书体制下的多接收者签密密钥封装机制;孙银霞;《电子与信息学报》;20100930;第2250-2252页 * |
Also Published As
Publication number | Publication date |
---|---|
CN104410496A (en) | 2015-03-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Huang et al. | Certificateless signature revisited | |
CN105024994B (en) | Without the safety to computing label decryption method is mixed without certificate | |
CN101243643B (en) | Establishment of a trusted relationship between unknown communication parties | |
CN1633774B (en) | Hierarchical identity-based encryption and signature schemes | |
CN104410496B (en) | Multi-receiver key encapsulation method | |
CN1633776A (en) | Signature schemes using bilinear mappings | |
CN110995412B (en) | Certificateless ring signcryption method based on multiplicative group | |
Barbosa et al. | Efficient identity-based key encapsulation to multiple parties | |
Abouelkheir et al. | Pairing free identity based aggregate signcryption scheme | |
Li et al. | Certificateless online/offline signcryption scheme | |
Boyd et al. | One-round key exchange in the standard model | |
Lu et al. | A provably secure certificate-based encryption scheme against malicious CA attacks in the standard model | |
Chen et al. | Certificateless signatures: structural extensions of security models and new provably secure schemes | |
CN104320249B (en) | A kind of elastoresistance leakage encryption method of identity-based | |
Lu et al. | Efficient Certificate-Based Encryption Scheme Secure Against Key Replacement Attacks in the Standard Model. | |
Suzuki et al. | Exposure-resilient one-round tripartite key exchange without random oracles | |
CN110890961B (en) | Novel safe and efficient multi-authorization attribute-based key negotiation protocol | |
CN105119885B (en) | Safe efficient single-wheel three parts cipher key exchange method under master pattern | |
CN107294972B (en) | Identity-based generalized multi-receiver anonymous signcryption method | |
Zheng et al. | Threshold attribute‐based signcryption and its application to authenticated key agreement | |
Yang et al. | Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles | |
Cheng et al. | Cryptanalysis and improvement of a certificateless encryption scheme in the standard model | |
CN109412815A (en) | A kind of method and system for realizing cross-domain secure communication | |
CN108768923A (en) | A kind of real-time encrypted method of chat of the Encryption Algorithm based on Quantum Reversible Logic circuit | |
CN104184581B (en) | A kind of public key encryption method in tape symbol quadratic residue monoid |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20171003 Termination date: 20191120 |
|
CF01 | Termination of patent right due to non-payment of annual fee |