CN104410496B - Multi-receiver key encapsulation method - Google Patents

Multi-receiver key encapsulation method Download PDF

Info

Publication number
CN104410496B
CN104410496B CN201410670955.8A CN201410670955A CN104410496B CN 104410496 B CN104410496 B CN 104410496B CN 201410670955 A CN201410670955 A CN 201410670955A CN 104410496 B CN104410496 B CN 104410496B
Authority
CN
China
Prior art keywords
key
recipient
receiver
ciphertext
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201410670955.8A
Other languages
Chinese (zh)
Other versions
CN104410496A (en
Inventor
杨铮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Technology
Original Assignee
Chongqing University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Technology filed Critical Chongqing University of Technology
Priority to CN201410670955.8A priority Critical patent/CN104410496B/en
Publication of CN104410496A publication Critical patent/CN104410496A/en
Application granted granted Critical
Publication of CN104410496B publication Critical patent/CN104410496B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of new and effective multi-receiver key encapsulation method, comprise the following steps:Step 1, the security parameter of multi-receiver key encapsulation input is set, Bilinear Groups are produced according to system initialization module, element is chosen from the Bilinear Groups, systematic parameter is generated;Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, public key is calculated according to the private key of selection;Step 3, according to the public key set of systematic parameter and a recipient, operation is encrypted to realize multi-receiver key encapsulation;Step 4, each recipient uses the private key of oneself, the ciphertext received is decrypted, so as to obtain the key being encapsulated in ciphertext.

Description

Multi-receiver key encapsulation method
Technical field
The present invention relates to computer realm, more particularly to a kind of efficient multi-receiver key encapsulation method.
Background technology
Many recipient's key encapsulation algorithms (mKEM) are a kind of cryptographic primitives put forward first by Smart, and it allows One key secret ground simultaneous transmission is given multiple recipients by sender.The key that mKEM is produced can be for simultaneously secret by message Thickly it is transferred to multiple recipients.Therefore, there are very big actual demand, example in the related application of mKEM multi-user's confidential communication Such as secret Online Video meeting and message broadcast application.In terms of security, weigh mKEM whether one of safety it is main Index is that can the algorithm resist chosen ciphertext attacks.In cryptanalysis, chosen ciphertext attacks refer to a kind of attack pattern. Attacker grasps the access rights to decrypting prophesy machine, can construct the plaintext corresponding to any ciphertext.Chosen ciphertext attacks can be with It is divided into non-habitual chosen ciphertext attacks (CCA1) and adaptive chosen ciphertext attack (CCA2).Non-habitual chosen ciphertext attacks Refer to that attacker can inquire decryption prophesy machine before target ciphertext is obtained, but cannot after obtaining.Adapt to Sexual behavior mode Ciphertext only attack refers to that attacker can all inquire decryption prophesy machine before and after target ciphertext is obtained.Chosen ciphertext attacks will to attacker Ask relatively strong, it requires that attacker is able to access that decryption prophesy machine, so as to obtain the decrypted result of the ciphertext of attacker oneself construction.
Master pattern (Standard Model):Master pattern closer to true agreement realization, and do not assume that it is preferable with The presence of machine function or preferable encryption function, but use the Cryptographic Properties preferably impact resistant hash function of safety or Pseudo-random permutation.
Random oracle model (Random Oracle Model, ROM):One cryptographic primitive is assumed to reason by the model The random of wanting hooks function (random oracle), and all agreement participants can be accessed by inquiring about (Query), right In the input of random length, the value for selecting a certainty length is chosen in domain output as the answer to inquiry.Agreement Security Proof is completed under this preferable hypothesis.
The problem of existing
In document [1, Nigel P.Smart.Efficient key encapsulation to multiple Parties.Security in Communication Networks, 4th International Conference, SCN 2004, Proceedings, volume 3352of LNCS, pages 208-219.Springer Berlin Heidelberg, 2004.] proposed in first based on indistinguishability (Indistinguishability, IND) and can be to CCA2 classes Attack the mKEM security models (we referred to as it be Smart models) of Formal Modeling.Safety experiment in the model is considered (if not accounting for the setting, we are referred to as Outsider external securities to a kind of situation of anti-inside (Insider) security Property), its permission attacker selects from one group of given recipient in simple terms takes arbitrary a part of recipient to generate most Whole challenge ciphertext.In order to simulate CCA2 attacks, Smart models allow one decryption prophesy machine of attacker's access, and (we use OD Represent).The OD is for giving a ciphertext and corresponding recipient, if the ciphertext of (i) input and final challenge (Challenge) ciphertext is different, and the key and challenge ciphertext of the encapsulation of (ii) ciphertext are different, then it returns corresponding Decryption after key.But Smart models have a problem that it is that he weakens the CCA2 attacks in practical application, because It is supplied to the OD of attacker to include the limitation of (ii) above description in its safety experiment.One is it is also proposed simultaneously is based on Elgmal The mKEM algorithms (we referred to as it be Smart algorithms) of algorithm, the algorithm is proved in Smart models based on random oracle model Under be safe.But the algorithm can not be proved under master pattern.Due to random oracle model need it is Utopian with It is non-existent in real life that machine, which hooks function, therefore its security intensity also enjoys query, much in random oracle model It is lower to prove the agreement of safety, it is proved to dangerous after instantiation.
Document [2, Manuel Barbosa and Pooya Farshim.Randomness reuse:Extensions And improvements.Cryptography and Coding, 11th IMA International Conference, Proceedings, volume 4887of LNCS, pages 257-276.Springer Berlin Heidelberg, 2007. With 3, Harunaga Hiwatari, Keisuke Tanaka, Tomoyuki Asano, and Koichi Sakumoto.Multi-recipient public-key encryption from simulators in security Proofs.Information Security and Privacy, 14th Australasian Conference, ACISP 2009, Proceedings, volume 5594of LNCS, pages 293-308.Springer Berlin Heidelberg, 2009.] some the representational mKEM algorithms proposed in, are proved to be safe under master pattern.But these algorithms do not have Have and be proved to be able to resistance CCA2 attacks, and do not account for the Insider IGPs in Smart models.
The content of the invention
It is contemplated that at least solving technical problem present in prior art, especially innovatively propose a kind of efficiently many Recipient's key encapsulation method.
In order to realize the above-mentioned purpose of the present invention, the invention provides a kind of efficient multi-receiver key encapsulation method, its It is critical that comprising the following steps:
Step 1, the security parameter of multi-receiver key encapsulation input is set, bilinearity is produced according to system initialization module Group, chooses element from the Bilinear Groups, generates systematic parameter;
Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, according to choosing The private key taken calculates public key;
Step 3, according to the public key set of systematic parameter and a recipient, operation is encrypted to realize that multi-receiver is close Key is encapsulated;
Step 4, each recipient use the private key of oneself, the ciphertext received is decrypted, thus obtain be encapsulated in it is close Key in text.
Described efficient multi-receiver key encapsulation method, it is preferred that the step 1 includes:
Generation systematic parameter the step of be:
Input security parameter 1μ, wherein, 1μμ continuous 1 is represented, the μ is positive integer;
Produce Bilinear Groups Q=(G, g, GT, p, e), wherein, p is a Big prime, (G, GT) for group using p as order, g is Group G generation element, e is symmetrical bilinear operation e:G×G→GT
Element (u is randomly selected from group G1,u2)∈RG,
The public key and private key of the Chameleon hash functions of an anti-collision are randomly generated to (pkCH,SkCH), return to system Parameter of uniting pmssys:=(Q, pkCH,u1,u2, e (g, g)), wherein, the Chameleon hash functions of anti-collision are CH:pkCH× {0,1}*×RCH→Zp, wherein pkCHFor the public key of CH functions, { 0,1 }*For arbitrary string, RCHFor the distribution of a random number Space, and ZpFor the positive integer multiplicative group of mould p computings.
Described efficient multi-receiver key encapsulation method, it is preferred that the step 2 includes:
Input system parameter pmssys
From positive integer multiplicative groupOne random private key of middle selection
Calculate public key pk:=gskmodp。
Described efficient multi-receiver key encapsulation method, it is preferred that the step 3 also includes:
Input system parameter pmssysWith the public key set { pk of a recipienti}1≤i≤j,
Step 3-1, chooses two random numbers respectivelyWith r ∈R RCH, the subscript R is uniformly random selection;
Step 3-2, calculating encryption key is k:=e (g, g)x
Step 3-3, for i from 1 to j, 1≤i≤j is calculated
Step 3-4, calculates cryptographic Hash hX:=CH (X1||X2||...||Xj, r) and mark
Step 3-5, sets ciphertext C:=({ Xi}1≤i≤j)。
Described efficient multi-receiver key encapsulation method, it is preferred that the step 4 includes:
Given system parameter, ciphertext C:=({ Xi}1≤i≤j) and i-th of recipient private cipher key ski,
Step 4-1, calculates hX:=CH (X1||X2||...||Xj, r), ifThen terminate Computing;
Step 4-2, calculates encryption key
In summary, by adopting the above-described technical solution, the beneficial effects of the invention are as follows:
Public-key cryptography of the present invention and private cipher key pair are most short, and AES efficiency highests, are come for user Say, special group communication and the security exchanged are ensure that in special group environment, outside world is prevented and cracks this The communication exchanges activity of special group.
The additional aspect and advantage of the present invention will be set forth in part in the description, and will partly become from the following description Obtain substantially, or recognized by the practice of the present invention.
Brief description of the drawings
The above-mentioned and/or additional aspect and advantage of the present invention will become from description of the accompanying drawings below to embodiment is combined Substantially and be readily appreciated that, wherein:
Fig. 1 is efficiently multi-receiver key encapsulation method flow diagram of the invention.
Embodiment
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached The embodiment of figure description is exemplary, is only used for explaining the present invention, and is not considered as limiting the invention.
In the description of the invention, it is to be understood that term " longitudinal direction ", " transverse direction ", " on ", " under ", "front", "rear", The orientation or position relationship of the instruction such as "left", "right", " vertical ", " level ", " top ", " bottom " " interior ", " outer " is based on accompanying drawing institutes The orientation or position relationship shown, is for only for ease of the description present invention and simplifies description, rather than indicate or imply signified dress Put or element there must be specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the limit of the present invention System.
In the description of the invention, unless otherwise prescribed with limit, it is necessary to explanation, term " installation ", " connected ", " connection " should be interpreted broadly, for example, it may be mechanically connect or electrical connection or the connection of two element internals, can To be to be joined directly together, it can also be indirectly connected to by intermediary, for the ordinary skill in the art, can basis Concrete condition understands the concrete meaning of above-mentioned term.
As shown in figure 1, the invention provides a kind of efficient multi-receiver key encapsulation method, it is it is critical that including such as Lower step:
Step 1, the security parameter of multi-receiver key encapsulation input is set, bilinearity is produced according to system initialization module Group, chooses element from the Bilinear Groups, generates systematic parameter;
Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, according to choosing The private key taken calculates public key;
Step 3, according to the public key set of systematic parameter and a recipient, operation is encrypted to realize that multi-receiver is close Key is encapsulated;
Step 4, each recipient use the private key of oneself, the ciphertext received is decrypted, thus obtain be encapsulated in it is close Key in text.
First, symbol description.
We briefly introduce necessary basic conception first.We represent security parameter and 1 with positive integer μμTable Show by μ continuous 1.We represent 1 to positive integer all between n with [n]={ 1 ..., n }.Assuming that S is a collection Close, then we use formula a ∈RS represents one element a of selection random from set S.
The YZ algorithms of the present invention have used following cryptographic service module:(1) Bilinear Groups (G, g, GT, p, e) wherein p is one Individual sufficiently large prime number, (G, GT) for group using p as order, g is group G generation element, and e is symmetrical bilinear operation e:G×G→ GT;(2) the Chameleon hash functions CH of anti-collision:pkCH×{0,1}*×RCH→Zp, wherein pkCHFor the public key of CH functions, {0,1}*For arbitrary string, RCHFor the distribution space of a random number, and ZpFor the positive integer multiplicative group of mould p computings;(3) Square Bilinear Decisional Diffie-Hellman (sqBDDH) difficult math question:Given element (g, gy,gxy,e (g,g)γ)∈G3×GT, so it is extremely difficult to distinguish γ whether to be equal to x.
2nd, YZ arthmetic statements
Assuming that n is a positive integer variable, for representing that maximum recipient's quantity, and a positive integer variable j expire Foot 1≤j≤n is used for storing the quantity of recipient in each cryptographic operation.The YZ algorithms that we design include 3 subalgorithms: (mKEM.Setup, mKEM.Gen, mKEM.Enc, mKEM.Dec), wherein mKEM.Setup are used for generating systematic parameter, MKEM.Gen is used for generating the private key and public key of each recipient, and mKEM.Enc is AES, and mKEM.Dec is decipherment algorithm. The specific implementation procedure of each subalgorithm is defined as foloows:
1、mKEM.Setup(1μ):Input security parameter 1μ, the algorithm produces Bilinear Groups Q=(G, g, G firstT, p, e), And element (u is randomly selected from group G1,u2)∈RG, then randomly generates public key and the private of Chameleon hash function Key is to (pkCH,SkCH)).Wherein, wherein p is a sufficiently large prime number, (G, GT) for group using p as order, g is group G generation Element, e is symmetrical bilinear operation e:G×G→GT;The algorithm finally returns to systematic parameter pmssys:=(Q, pkCH,u1,u2,e (g,g))。
2、mKEM.Gen(pmssys):Input system parameter pmssys, the algorithm is first from positive integer multiplicative groupIt is middle to choose One random private keyThen public key pk is calculated:=gskmodp。
3、mKEM.Enc(pmssys,{pki}1≤i≤j):Input system parameter pmssysWith the public key set of a recipient {pki}1≤i≤j, the algorithm performs following steps:
(1) two random numbers are chosen respectivelyWith r ∈R RCH
(2) it is k to calculate encryption key:=e (g, g)x
(3) for i from 1 to j, 1≤i≤j is calculated
(4) cryptographic Hash h is calculatedX:=CH (X1||X2||...||Xj, r) and mark
(5) ciphertext C is set:=({ Xi}1≤i≤j)。
4、mKEM.Dec(pmssys,i,C,ski);Given system parameter, ciphertext C:=({ Xi}1≤i≤j), and i-th of reception The private cipher key sk of personi, the algorithm performs following steps:
(1) h is calculatedX:=CH (X1||X2||...||Xj, r), ifThen terminate computing.
(2) encryption key is calculated
By algorithm above, a sender just can share a key k with most n recipients.The key can be used To encrypt the data of related application, so as to reach the purpose of confidential transmissions information.Meanwhile, YZ algorithms have can be as a password Primitive is learned to go to build other cryptographic algorithms, such as group key exchange agreement etc..In addition, the calculating of sqBDDH problems is complicated Degree determines the security of YZ algorithms, that is to say, that YZ security can be difficult to sqBDDH mathematics in stipulations under master pattern Topic.
(3) performance comparision
In table 1, summarize YZ algorithms and can be proved in the recent period under master pattern between the mKEM algorithms of security Performance comparision.Ours is carried out more from the following aspect:(i) safety is it is assumed that (ii) public key and private key number, (iii) ciphertext are long Degree -- group's element number, (iv) encryption performance-exponent arithmetic (E) and many base index computings (ME).Base index more than 1 is transported Calculate (ME) and be about as much as 1.5 common exponent arithmetics (E).
Wherein HTAS2 refer to document [3, Harunaga Hiwatari, Keisuke Tanaka, Tomoyuki Asano, and Koichi Sakumoto.Multi-recipient public-key encryption from Simulators in security proofs.In Colin Boyd and Juan Manuel Gonz_alez Nieto, Editors, Information Security and Privacy, 14th Australasian Conference, ACISP 2009, Brisbane, Australia, July 1-3,2009, Proceedings, volume 5594of LNCS, pages 293-308.Springer Berlin Heidelberg, 2009.] in second mKEM algorithm proposing.
It is not difficult to find out from table above, YZ algorithms of the invention are proved to be safest, and need minimum public affairs Key and key, encryption performance are also best.
For the deficiency of Smart models and the mKEM algorithms being recently proposed, the new mKEM agreements of the present invention consider following set Count target:
Security can be proved under master pattern,
The complete CCA2 attacks of used security model energy formal definitions (namely without in Smart models on OD second limitation).
Improve the length of the efficiency of AES, reduction public key and private key.
3. the characteristics of new technology and advantage
MKEM algorithms (using YZ algorithmic notations below) proposed by the present invention, the algorithm is in public key and private key pair and ciphertext side Face has greater compactness of structure.The YZ algorithms are very simple and effective.The public and private cipher key of each recipient by One group element composition.In terms of ciphertext length, if n recipient (wherein n for any positive integer) more than 1, we The ciphertext of algorithm is the positive integer for the bit length that the only n+1 Bilinear Groups elements with Prime Orders p are equal to p plus a length Element.Meanwhile, AES need about n+2.5 exponent arithmetic, and decipherment algorithm needs about 3.5 exponent arithmetics and 3 bilinear map computings.YZ algorithms are compared with the mKEM algorithms under master pattern similar before, are very competitive , public keys especially of the present invention and private cipher key pair are most short, and AES efficiency highests.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show The description of example " or " some examples " etc. means to combine specific features, structure, material or the spy that the embodiment or example are described Point is contained at least one embodiment of the present invention or example.In this manual, to the schematic representation of above-mentioned term not Necessarily refer to identical embodiment or example.Moreover, specific features, structure, material or the feature of description can be any One or more embodiments or example in combine in an appropriate manner.
Although an embodiment of the present invention has been shown and described, it will be understood by those skilled in the art that:Not In the case of departing from the principle and objective of the present invention a variety of change, modification, replacement and modification can be carried out to these embodiments, this The scope of invention is limited by claim and its equivalent.

Claims (5)

1. a kind of multi-receiver key encapsulation method, it is characterised in that comprise the following steps:
Step 1, the security parameter of multi-receiver key encapsulation input is set, Bilinear Groups are produced according to system initialization module, Element is chosen from the Bilinear Groups, systematic parameter is generated;
Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, according to selection Private key calculates public key;
Step 3, according to the public key set of systematic parameter and recipient, operation is encrypted to realize multi-receiver key encapsulation;
Step 4, each recipient uses the private key of oneself, and the ciphertext received is decrypted, is encapsulated in so as to obtain in ciphertext Key.
2. multi-receiver key encapsulation method according to claim 1, it is characterised in that the step 1 includes:
Generation systematic parameter the step of be:
Input security parameter 1μ, wherein, 1μμ continuous 1 is represented, the μ is positive integer;
Produce Bilinear Groups Q=(G, g, GT, p, e), wherein, p is a Big prime, (G, GT) for group using p as order, g is group G Generation element, e be symmetrical bilinear operation e:G×G→GT
Element (u is randomly selected from group G1,u2)∈RG, the subscript R choose to be uniformly random;
The public key and private key of the Chameleon hash functions of an anti-collision are randomly generated to (pkCH,SkCH), return system parameter pmssys:=(Q, pkCH,u1,u2, e (g, g)), wherein, the Chameleon hash functions of anti-collision are CH:pkCH×{0,1}*× RCH→Zp, wherein pkCHFor the public key of CH functions, { 0,1 }*For arbitrary string, RCHFor the distribution space of a random number, and ZpFor the positive integer multiplicative group of mould p computings.
3. multi-receiver key encapsulation method according to claim 2, it is characterised in that the step 2 includes:
Input system parameter pmssys
From positive integer multiplicative groupOne random private key of middle selectionThe subscript R chooses to be uniformly random;
Calculate public key pk:=gskmod p。
4. multi-receiver key encapsulation method according to claim 3, it is characterised in that the step 3 also includes:
Input system parameter pmssysWith the public key set { pk of recipienti}1≤i≤j
Step 3-1, chooses two random numbers respectivelyWith r ∈RRCH, the subscript R is uniformly random selection;
Step 3-2, calculating encryption key is k:=e (g, g)x
Step 3-3, for i from 1 to j, 1≤i≤j is calculatedI, j >=1 positive integer;
Step 3-4, calculates cryptographic Hash hX:=CH (X1||X2||...||Xj, r) and mark
Step 3-5, sets ciphertext C:=({ Xi}1≤i≤j)。
5. multi-receiver key encapsulation method according to claim 4, it is characterised in that the step 4 includes:
Given system parameter, ciphertext C:=({ Xi}1≤i≤j) and i-th of recipient private cipher key ski,
Step 4-1, calculates hX:=CH (X1||X2||...||Xj, r), ifThen terminate computing;
Step 4-2, calculates encryption key
CN201410670955.8A 2014-11-20 2014-11-20 Multi-receiver key encapsulation method Expired - Fee Related CN104410496B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410670955.8A CN104410496B (en) 2014-11-20 2014-11-20 Multi-receiver key encapsulation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410670955.8A CN104410496B (en) 2014-11-20 2014-11-20 Multi-receiver key encapsulation method

Publications (2)

Publication Number Publication Date
CN104410496A CN104410496A (en) 2015-03-11
CN104410496B true CN104410496B (en) 2017-10-03

Family

ID=52648094

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410670955.8A Expired - Fee Related CN104410496B (en) 2014-11-20 2014-11-20 Multi-receiver key encapsulation method

Country Status (1)

Country Link
CN (1) CN104410496B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104754570B (en) * 2015-04-13 2021-06-22 河南师范大学 Key distribution and reconstruction method and device based on mobile internet
CN105119878B (en) * 2015-07-07 2018-07-31 环玺信息科技(上海)有限公司 A kind of implementation method of wireless internet of things
CN105119885B (en) * 2015-07-10 2018-03-27 重庆理工大学 Safe efficient single-wheel three parts cipher key exchange method under master pattern
CN105471861B (en) * 2015-11-19 2018-08-07 上海应用技术学院 Message dynamic encapsulation method and dynamic tunnel construction method
CN110430036B (en) * 2019-07-05 2021-09-07 云南大学 RGB (Red, Green and blue) color image encryption method based on inverse difference chaotic mapping

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101179374A (en) * 2006-11-09 2008-05-14 日电(中国)有限公司 Communication equipment, communications system and method therefor
CN102710613A (en) * 2012-05-14 2012-10-03 西安电子科技大学 Signcryption method of biological features of a plurality of receivers
CN102811125A (en) * 2012-08-16 2012-12-05 西北工业大学 Certificateless multi-receiver signcryption method with multivariate-based cryptosystem

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6012356A (en) * 1998-11-05 2000-01-11 Shimano Inc. Bicycle pedal with gap adjustment mechanism
EP2016701A4 (en) * 2006-04-25 2012-04-25 Stephen Laurence Boren Dynamic distributed key system and method for identity management, authentication servers, data security and preventing man-in-the-middle attacks

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101179374A (en) * 2006-11-09 2008-05-14 日电(中国)有限公司 Communication equipment, communications system and method therefor
CN102710613A (en) * 2012-05-14 2012-10-03 西安电子科技大学 Signcryption method of biological features of a plurality of receivers
CN102811125A (en) * 2012-08-16 2012-12-05 西北工业大学 Certificateless multi-receiver signcryption method with multivariate-based cryptosystem

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
一个高效的基于身份的签密方案;李发根;《计算机学报》;20060930;第1642-1647页 *
无证书体制下的多接收者签密密钥封装机制;孙银霞;《电子与信息学报》;20100930;第2250-2252页 *

Also Published As

Publication number Publication date
CN104410496A (en) 2015-03-11

Similar Documents

Publication Publication Date Title
Huang et al. Certificateless signature revisited
CN105024994B (en) Without the safety to computing label decryption method is mixed without certificate
CN101243643B (en) Establishment of a trusted relationship between unknown communication parties
CN1633774B (en) Hierarchical identity-based encryption and signature schemes
CN104410496B (en) Multi-receiver key encapsulation method
CN1633776A (en) Signature schemes using bilinear mappings
CN110995412B (en) Certificateless ring signcryption method based on multiplicative group
Barbosa et al. Efficient identity-based key encapsulation to multiple parties
Abouelkheir et al. Pairing free identity based aggregate signcryption scheme
Li et al. Certificateless online/offline signcryption scheme
Boyd et al. One-round key exchange in the standard model
Lu et al. A provably secure certificate-based encryption scheme against malicious CA attacks in the standard model
Chen et al. Certificateless signatures: structural extensions of security models and new provably secure schemes
CN104320249B (en) A kind of elastoresistance leakage encryption method of identity-based
Lu et al. Efficient Certificate-Based Encryption Scheme Secure Against Key Replacement Attacks in the Standard Model.
Suzuki et al. Exposure-resilient one-round tripartite key exchange without random oracles
CN110890961B (en) Novel safe and efficient multi-authorization attribute-based key negotiation protocol
CN105119885B (en) Safe efficient single-wheel three parts cipher key exchange method under master pattern
CN107294972B (en) Identity-based generalized multi-receiver anonymous signcryption method
Zheng et al. Threshold attribute‐based signcryption and its application to authenticated key agreement
Yang et al. Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles
Cheng et al. Cryptanalysis and improvement of a certificateless encryption scheme in the standard model
CN109412815A (en) A kind of method and system for realizing cross-domain secure communication
CN108768923A (en) A kind of real-time encrypted method of chat of the Encryption Algorithm based on Quantum Reversible Logic circuit
CN104184581B (en) A kind of public key encryption method in tape symbol quadratic residue monoid

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20171003

Termination date: 20191120

CF01 Termination of patent right due to non-payment of annual fee