CN104410496B  Multireceiver key encapsulation method  Google Patents
Multireceiver key encapsulation method Download PDFInfo
 Publication number
 CN104410496B CN104410496B CN201410670955.8A CN201410670955A CN104410496B CN 104410496 B CN104410496 B CN 104410496B CN 201410670955 A CN201410670955 A CN 201410670955A CN 104410496 B CN104410496 B CN 104410496B
 Authority
 CN
 China
 Prior art keywords
 key
 recipient
 receiver
 ciphertext
 parameter
 Prior art date
 Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
 Expired  Fee Related
Links
Abstract
The invention discloses a kind of new and effective multireceiver key encapsulation method, comprise the following steps：Step 1, the security parameter of multireceiver key encapsulation input is set, Bilinear Groups are produced according to system initialization module, element is chosen from the Bilinear Groups, systematic parameter is generated；Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, public key is calculated according to the private key of selection；Step 3, according to the public key set of systematic parameter and a recipient, operation is encrypted to realize multireceiver key encapsulation；Step 4, each recipient uses the private key of oneself, the ciphertext received is decrypted, so as to obtain the key being encapsulated in ciphertext.
Description
Technical field
The present invention relates to computer realm, more particularly to a kind of efficient multireceiver key encapsulation method.
Background technology
Many recipient's key encapsulation algorithms (mKEM) are a kind of cryptographic primitives put forward first by Smart, and it allows
One key secret ground simultaneous transmission is given multiple recipients by sender.The key that mKEM is produced can be for simultaneously secret by message
Thickly it is transferred to multiple recipients.Therefore, there are very big actual demand, example in the related application of mKEM multiuser's confidential communication
Such as secret Online Video meeting and message broadcast application.In terms of security, weigh mKEM whether one of safety it is main
Index is that can the algorithm resist chosen ciphertext attacks.In cryptanalysis, chosen ciphertext attacks refer to a kind of attack pattern.
Attacker grasps the access rights to decrypting prophesy machine, can construct the plaintext corresponding to any ciphertext.Chosen ciphertext attacks can be with
It is divided into nonhabitual chosen ciphertext attacks (CCA1) and adaptive chosen ciphertext attack (CCA2).Nonhabitual chosen ciphertext attacks
Refer to that attacker can inquire decryption prophesy machine before target ciphertext is obtained, but cannot after obtaining.Adapt to Sexual behavior mode
Ciphertext only attack refers to that attacker can all inquire decryption prophesy machine before and after target ciphertext is obtained.Chosen ciphertext attacks will to attacker
Ask relatively strong, it requires that attacker is able to access that decryption prophesy machine, so as to obtain the decrypted result of the ciphertext of attacker oneself construction.
Master pattern (Standard Model)：Master pattern closer to true agreement realization, and do not assume that it is preferable with
The presence of machine function or preferable encryption function, but use the Cryptographic Properties preferably impact resistant hash function of safety or
Pseudorandom permutation.
Random oracle model (Random Oracle Model, ROM)：One cryptographic primitive is assumed to reason by the model
The random of wanting hooks function (random oracle), and all agreement participants can be accessed by inquiring about (Query), right
In the input of random length, the value for selecting a certainty length is chosen in domain output as the answer to inquiry.Agreement
Security Proof is completed under this preferable hypothesis.
The problem of existing
In document [1, Nigel P.Smart.Efficient key encapsulation to multiple
Parties.Security in Communication Networks, 4th International Conference, SCN
2004, Proceedings, volume 3352of LNCS, pages 208219.Springer Berlin Heidelberg,
2004.] proposed in first based on indistinguishability (Indistinguishability, IND) and can be to CCA2 classes
Attack the mKEM security models (we referred to as it be Smart models) of Formal Modeling.Safety experiment in the model is considered
(if not accounting for the setting, we are referred to as Outsider external securities to a kind of situation of antiinside (Insider) security
Property), its permission attacker selects from one group of given recipient in simple terms takes arbitrary a part of recipient to generate most
Whole challenge ciphertext.In order to simulate CCA2 attacks, Smart models allow one decryption prophesy machine of attacker's access, and (we use OD
Represent).The OD is for giving a ciphertext and corresponding recipient, if the ciphertext of (i) input and final challenge
(Challenge) ciphertext is different, and the key and challenge ciphertext of the encapsulation of (ii) ciphertext are different, then it returns corresponding
Decryption after key.But Smart models have a problem that it is that he weakens the CCA2 attacks in practical application, because
It is supplied to the OD of attacker to include the limitation of (ii) above description in its safety experiment.One is it is also proposed simultaneously is based on Elgmal
The mKEM algorithms (we referred to as it be Smart algorithms) of algorithm, the algorithm is proved in Smart models based on random oracle model
Under be safe.But the algorithm can not be proved under master pattern.Due to random oracle model need it is Utopian with
It is nonexistent in real life that machine, which hooks function, therefore its security intensity also enjoys query, much in random oracle model
It is lower to prove the agreement of safety, it is proved to dangerous after instantiation.
Document [2, Manuel Barbosa and Pooya Farshim.Randomness reuse:Extensions
And improvements.Cryptography and Coding, 11th IMA International Conference,
Proceedings, volume 4887of LNCS, pages 257276.Springer Berlin Heidelberg, 2007.
With 3, Harunaga Hiwatari, Keisuke Tanaka, Tomoyuki Asano, and Koichi
Sakumoto.Multirecipient publickey encryption from simulators in security
Proofs.Information Security and Privacy, 14th Australasian Conference, ACISP
2009, Proceedings, volume 5594of LNCS, pages 293308.Springer Berlin Heidelberg,
2009.] some the representational mKEM algorithms proposed in, are proved to be safe under master pattern.But these algorithms do not have
Have and be proved to be able to resistance CCA2 attacks, and do not account for the Insider IGPs in Smart models.
The content of the invention
It is contemplated that at least solving technical problem present in prior art, especially innovatively propose a kind of efficiently many
Recipient's key encapsulation method.
In order to realize the abovementioned purpose of the present invention, the invention provides a kind of efficient multireceiver key encapsulation method, its
It is critical that comprising the following steps：
Step 1, the security parameter of multireceiver key encapsulation input is set, bilinearity is produced according to system initialization module
Group, chooses element from the Bilinear Groups, generates systematic parameter；
Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, according to choosing
The private key taken calculates public key；
Step 3, according to the public key set of systematic parameter and a recipient, operation is encrypted to realize that multireceiver is close
Key is encapsulated；
Step 4, each recipient use the private key of oneself, the ciphertext received is decrypted, thus obtain be encapsulated in it is close
Key in text.
Described efficient multireceiver key encapsulation method, it is preferred that the step 1 includes：
Generation systematic parameter the step of be：
Input security parameter 1^{μ}, wherein, 1^{μ}μ continuous 1 is represented, the μ is positive integer；
Produce Bilinear Groups Q=(G, g, G_{T}, p, e), wherein, p is a Big prime, (G, G_{T}) for group using p as order, g is
Group G generation element, e is symmetrical bilinear operation e:G×G→G_{T}；
Element (u is randomly selected from group G_{1},u_{2})∈_{R}G,
The public key and private key of the Chameleon hash functions of an anticollision are randomly generated to (pk_{CH},Sk_{CH}), return to system
Parameter of uniting pms_{sys}:=(Q, pk_{CH},u_{1},u_{2}, e (g, g)), wherein, the Chameleon hash functions of anticollision are CH:pk_{CH}×
{0,1}^{*}×R_{CH}→Z_{p}, wherein pk_{CH}For the public key of CH functions, { 0,1 }^{*}For arbitrary string, R_{CH}For the distribution of a random number
Space, and Z_{p}For the positive integer multiplicative group of mould p computings.
Described efficient multireceiver key encapsulation method, it is preferred that the step 2 includes：
Input system parameter pms_{sys}；
From positive integer multiplicative groupOne random private key of middle selection
Calculate public key pk:=g^{sk}modp。
Described efficient multireceiver key encapsulation method, it is preferred that the step 3 also includes：
Input system parameter pms_{sys}With the public key set { pk of a recipient_{i}}_{1≤i≤j},
Step 31, chooses two random numbers respectivelyWith r ∈_{R} R_{CH}, the subscript R is uniformly random selection；
Step 32, calculating encryption key is k:=e (g, g)^{x}；
Step 33, for i from 1 to j, 1≤i≤j is calculated
Step 34, calculates cryptographic Hash h_{X}:=CH (X_{1}X_{2}...X_{j}, r) and mark
Step 35, sets ciphertext C:=({ X_{i}}_{1≤i≤j})。
Described efficient multireceiver key encapsulation method, it is preferred that the step 4 includes：
Given system parameter, ciphertext C:=({ X_{i}}_{1≤i≤j}) and ith of recipient private cipher key sk_{i},
Step 41, calculates h_{X}:=CH (X_{1}X_{2}...X_{j}, r), ifThen terminate
Computing；
Step 42, calculates encryption key
In summary, by adopting the abovedescribed technical solution, the beneficial effects of the invention are as follows：
Publickey cryptography of the present invention and private cipher key pair are most short, and AES efficiency highests, are come for user
Say, special group communication and the security exchanged are ensure that in special group environment, outside world is prevented and cracks this
The communication exchanges activity of special group.
The additional aspect and advantage of the present invention will be set forth in part in the description, and will partly become from the following description
Obtain substantially, or recognized by the practice of the present invention.
Brief description of the drawings
The abovementioned and/or additional aspect and advantage of the present invention will become from description of the accompanying drawings below to embodiment is combined
Substantially and be readily appreciated that, wherein：
Fig. 1 is efficiently multireceiver key encapsulation method flow diagram of the invention.
Embodiment
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end
Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached
The embodiment of figure description is exemplary, is only used for explaining the present invention, and is not considered as limiting the invention.
In the description of the invention, it is to be understood that term " longitudinal direction ", " transverse direction ", " on ", " under ", "front", "rear",
The orientation or position relationship of the instruction such as "left", "right", " vertical ", " level ", " top ", " bottom " " interior ", " outer " is based on accompanying drawing institutes
The orientation or position relationship shown, is for only for ease of the description present invention and simplifies description, rather than indicate or imply signified dress
Put or element there must be specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the limit of the present invention
System.
In the description of the invention, unless otherwise prescribed with limit, it is necessary to explanation, term " installation ", " connected ",
" connection " should be interpreted broadly, for example, it may be mechanically connect or electrical connection or the connection of two element internals, can
To be to be joined directly together, it can also be indirectly connected to by intermediary, for the ordinary skill in the art, can basis
Concrete condition understands the concrete meaning of abovementioned term.
As shown in figure 1, the invention provides a kind of efficient multireceiver key encapsulation method, it is it is critical that including such as
Lower step：
Step 1, the security parameter of multireceiver key encapsulation input is set, bilinearity is produced according to system initialization module
Group, chooses element from the Bilinear Groups, generates systematic parameter；
Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, according to choosing
The private key taken calculates public key；
Step 3, according to the public key set of systematic parameter and a recipient, operation is encrypted to realize that multireceiver is close
Key is encapsulated；
Step 4, each recipient use the private key of oneself, the ciphertext received is decrypted, thus obtain be encapsulated in it is close
Key in text.
First, symbol description.
We briefly introduce necessary basic conception first.We represent security parameter and 1 with positive integer μ^{μ}Table
Show by μ continuous 1.We represent 1 to positive integer all between n with [n]={ 1 ..., n }.Assuming that S is a collection
Close, then we use formula a ∈_{R}S represents one element a of selection random from set S.
The YZ algorithms of the present invention have used following cryptographic service module：(1) Bilinear Groups (G, g, G_{T}, p, e) wherein p is one
Individual sufficiently large prime number, (G, G_{T}) for group using p as order, g is group G generation element, and e is symmetrical bilinear operation e:G×G→
G_{T}；(2) the Chameleon hash functions CH of anticollision:pk_{CH}×{0,1}^{*}×R_{CH}→Z_{p}, wherein pk_{CH}For the public key of CH functions,
{0,1}^{*}For arbitrary string, R_{CH}For the distribution space of a random number, and Z_{p}For the positive integer multiplicative group of mould p computings；(3)
Square Bilinear Decisional DiffieHellman (sqBDDH) difficult math question：Given element (g, g^{y},g^{xy},e
(g,g)^{γ})∈G^{3}×G_{T}, so it is extremely difficult to distinguish γ whether to be equal to x.
2nd, YZ arthmetic statements
Assuming that n is a positive integer variable, for representing that maximum recipient's quantity, and a positive integer variable j expire
Foot 1≤j≤n is used for storing the quantity of recipient in each cryptographic operation.The YZ algorithms that we design include 3 subalgorithms:
(mKEM.Setup, mKEM.Gen, mKEM.Enc, mKEM.Dec), wherein mKEM.Setup are used for generating systematic parameter,
MKEM.Gen is used for generating the private key and public key of each recipient, and mKEM.Enc is AES, and mKEM.Dec is decipherment algorithm.
The specific implementation procedure of each subalgorithm is defined as foloows：
1、mKEM.Setup(1^{μ})：Input security parameter 1^{μ}, the algorithm produces Bilinear Groups Q=(G, g, G first_{T}, p, e),
And element (u is randomly selected from group G_{1},u_{2})∈_{R}G, then randomly generates public key and the private of Chameleon hash function
Key is to (pk_{CH},Sk_{CH})).Wherein, wherein p is a sufficiently large prime number, (G, G_{T}) for group using p as order, g is group G generation
Element, e is symmetrical bilinear operation e:G×G→G_{T}；The algorithm finally returns to systematic parameter pms_{sys}:=(Q, pk_{CH},u_{1},u_{2},e
(g,g))。
2、mKEM.Gen(pms_{sys})：Input system parameter pms_{sys}, the algorithm is first from positive integer multiplicative groupIt is middle to choose
One random private keyThen public key pk is calculated:=g^{sk}modp。
3、mKEM.Enc(pms_{sys},{pk_{i}}_{1≤i≤j})：Input system parameter pms_{sys}With the public key set of a recipient
{pk_{i}}_{1≤i≤j}, the algorithm performs following steps：
(1) two random numbers are chosen respectivelyWith r ∈_{R} R_{CH}；
(2) it is k to calculate encryption key:=e (g, g)^{x}；
(3) for i from 1 to j, 1≤i≤j is calculated
(4) cryptographic Hash h is calculated_{X}:=CH (X_{1}X_{2}...X_{j}, r) and mark
(5) ciphertext C is set:=({ X_{i}}_{1≤i≤j})。
4、mKEM.Dec(pms_{sys},i,C,sk_{i})；Given system parameter, ciphertext C:=({ X_{i}}_{1≤i≤j}), and ith of reception
The private cipher key sk of person_{i}, the algorithm performs following steps：
(1) h is calculated_{X}:=CH (X_{1}X_{2}...X_{j}, r), ifThen terminate computing.
(2) encryption key is calculated
By algorithm above, a sender just can share a key k with most n recipients.The key can be used
To encrypt the data of related application, so as to reach the purpose of confidential transmissions information.Meanwhile, YZ algorithms have can be as a password
Primitive is learned to go to build other cryptographic algorithms, such as group key exchange agreement etc..In addition, the calculating of sqBDDH problems is complicated
Degree determines the security of YZ algorithms, that is to say, that YZ security can be difficult to sqBDDH mathematics in stipulations under master pattern
Topic.
(3) performance comparision
In table 1, summarize YZ algorithms and can be proved in the recent period under master pattern between the mKEM algorithms of security
Performance comparision.Ours is carried out more from the following aspect：(i) safety is it is assumed that (ii) public key and private key number, (iii) ciphertext are long
Degree  group's element number, (iv) encryption performanceexponent arithmetic (E) and many base index computings (ME).Base index more than 1 is transported
Calculate (ME) and be about as much as 1.5 common exponent arithmetics (E).
Wherein HTAS2 refer to document [3, Harunaga Hiwatari, Keisuke Tanaka, Tomoyuki
Asano, and Koichi Sakumoto.Multirecipient publickey encryption from
Simulators in security proofs.In Colin Boyd and Juan Manuel Gonz_alez Nieto,
Editors, Information Security and Privacy, 14th Australasian Conference, ACISP
2009, Brisbane, Australia, July 13,2009, Proceedings, volume 5594of LNCS, pages
293308.Springer Berlin Heidelberg, 2009.] in second mKEM algorithm proposing.
It is not difficult to find out from table above, YZ algorithms of the invention are proved to be safest, and need minimum public affairs
Key and key, encryption performance are also best.
For the deficiency of Smart models and the mKEM algorithms being recently proposed, the new mKEM agreements of the present invention consider following set
Count target：
Security can be proved under master pattern,
The complete CCA2 attacks of used security model energy formal definitions (namely without in Smart models on
OD second limitation).
Improve the length of the efficiency of AES, reduction public key and private key.
3. the characteristics of new technology and advantage
MKEM algorithms (using YZ algorithmic notations below) proposed by the present invention, the algorithm is in public key and private key pair and ciphertext side
Face has greater compactness of structure.The YZ algorithms are very simple and effective.The public and private cipher key of each recipient by
One group element composition.In terms of ciphertext length, if n recipient (wherein n for any positive integer) more than 1, we
The ciphertext of algorithm is the positive integer for the bit length that the only n+1 Bilinear Groups elements with Prime Orders p are equal to p plus a length
Element.Meanwhile, AES need about n+2.5 exponent arithmetic, and decipherment algorithm needs about 3.5 exponent arithmetics and
3 bilinear map computings.YZ algorithms are compared with the mKEM algorithms under master pattern similar before, are very competitive
, public keys especially of the present invention and private cipher key pair are most short, and AES efficiency highests.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means to combine specific features, structure, material or the spy that the embodiment or example are described
Point is contained at least one embodiment of the present invention or example.In this manual, to the schematic representation of abovementioned term not
Necessarily refer to identical embodiment or example.Moreover, specific features, structure, material or the feature of description can be any
One or more embodiments or example in combine in an appropriate manner.
Although an embodiment of the present invention has been shown and described, it will be understood by those skilled in the art that：Not
In the case of departing from the principle and objective of the present invention a variety of change, modification, replacement and modification can be carried out to these embodiments, this
The scope of invention is limited by claim and its equivalent.
Claims (5)
1. a kind of multireceiver key encapsulation method, it is characterised in that comprise the following steps：
Step 1, the security parameter of multireceiver key encapsulation input is set, Bilinear Groups are produced according to system initialization module,
Element is chosen from the Bilinear Groups, systematic parameter is generated；
Step 2, according to the systematic parameter of generation, the private key of each recipient is chosen from positive integer multiplicative group, according to selection
Private key calculates public key；
Step 3, according to the public key set of systematic parameter and recipient, operation is encrypted to realize multireceiver key encapsulation；
Step 4, each recipient uses the private key of oneself, and the ciphertext received is decrypted, is encapsulated in so as to obtain in ciphertext
Key.
2. multireceiver key encapsulation method according to claim 1, it is characterised in that the step 1 includes：
Generation systematic parameter the step of be：
Input security parameter 1^{μ}, wherein, 1^{μ}μ continuous 1 is represented, the μ is positive integer；
Produce Bilinear Groups Q=(G, g, G_{T}, p, e), wherein, p is a Big prime, (G, G_{T}) for group using p as order, g is group G
Generation element, e be symmetrical bilinear operation e:G×G→G_{T}；
Element (u is randomly selected from group G_{1},u_{2})∈_{R}G, the subscript R choose to be uniformly random；
The public key and private key of the Chameleon hash functions of an anticollision are randomly generated to (pk_{CH},Sk_{CH}), return system parameter
pms_{sys}:=(Q, pk_{CH},u_{1},u_{2}, e (g, g)), wherein, the Chameleon hash functions of anticollision are CH:pk_{CH}×{0,1}^{*}×
R_{CH}→Z_{p}, wherein pk_{CH}For the public key of CH functions, { 0,1 }^{*}For arbitrary string, R_{CH}For the distribution space of a random number, and
Z_{p}For the positive integer multiplicative group of mould p computings.
3. multireceiver key encapsulation method according to claim 2, it is characterised in that the step 2 includes：
Input system parameter pms_{sys}；
From positive integer multiplicative groupOne random private key of middle selectionThe subscript R chooses to be uniformly random；
Calculate public key pk:=g^{sk}mod p。
4. multireceiver key encapsulation method according to claim 3, it is characterised in that the step 3 also includes：
Input system parameter pms_{sys}With the public key set { pk of recipient_{i}}_{1≤i≤j}；
Step 31, chooses two random numbers respectivelyWith r ∈_{R}R_{CH}, the subscript R is uniformly random selection；
Step 32, calculating encryption key is k:=e (g, g)^{x}；
Step 33, for i from 1 to j, 1≤i≤j is calculatedI, j >=1 positive integer；
Step 34, calculates cryptographic Hash h_{X}:=CH (X_{1}X_{2}...X_{j}, r) and mark
Step 35, sets ciphertext C:=({ X_{i}}_{1≤i≤j})。
5. multireceiver key encapsulation method according to claim 4, it is characterised in that the step 4 includes：
Given system parameter, ciphertext C:=({ X_{i}}_{1≤i≤j}) and ith of recipient private cipher key sk_{i},
Step 41, calculates h_{X}:=CH (X_{1}X_{2}...X_{j}, r), ifThen terminate computing；
Step 42, calculates encryption key
Priority Applications (1)
Application Number  Priority Date  Filing Date  Title 

CN201410670955.8A CN104410496B (en)  20141120  20141120  Multireceiver key encapsulation method 
Applications Claiming Priority (1)
Application Number  Priority Date  Filing Date  Title 

CN201410670955.8A CN104410496B (en)  20141120  20141120  Multireceiver key encapsulation method 
Publications (2)
Publication Number  Publication Date 

CN104410496A CN104410496A (en)  20150311 
CN104410496B true CN104410496B (en)  20171003 
Family
ID=52648094
Family Applications (1)
Application Number  Title  Priority Date  Filing Date 

CN201410670955.8A Expired  Fee Related CN104410496B (en)  20141120  20141120  Multireceiver key encapsulation method 
Country Status (1)
Country  Link 

CN (1)  CN104410496B (en) 
Families Citing this family (5)
Publication number  Priority date  Publication date  Assignee  Title 

CN104754570B (en) *  20150413  20210622  河南师范大学  Key distribution and reconstruction method and device based on mobile internet 
CN105119878B (en) *  20150707  20180731  环玺信息科技（上海）有限公司  A kind of implementation method of wireless internet of things 
CN105119885B (en) *  20150710  20180327  重庆理工大学  Safe efficient singlewheel three parts cipher key exchange method under master pattern 
CN105471861B (en) *  20151119  20180807  上海应用技术学院  Message dynamic encapsulation method and dynamic tunnel construction method 
CN110430036B (en) *  20190705  20210907  云南大学  RGB (Red, Green and blue) color image encryption method based on inverse difference chaotic mapping 
Citations (3)
Publication number  Priority date  Publication date  Assignee  Title 

CN101179374A (en) *  20061109  20080514  日电（中国）有限公司  Communication equipment, communications system and method therefor 
CN102710613A (en) *  20120514  20121003  西安电子科技大学  Signcryption method of biological features of a plurality of receivers 
CN102811125A (en) *  20120816  20121205  西北工业大学  Certificateless multireceiver signcryption method with multivariatebased cryptosystem 
Family Cites Families (2)
Publication number  Priority date  Publication date  Assignee  Title 

US6012356A (en) *  19981105  20000111  Shimano Inc.  Bicycle pedal with gap adjustment mechanism 
CN101479984B (en) *  20060425  20110608  斯蒂芬·L.·博伦  Dynamic distributed key system and method for identity management, authentication servers, data security and preventing maninthemiddle attacks 

2014
 20141120 CN CN201410670955.8A patent/CN104410496B/en not_active Expired  Fee Related
Patent Citations (3)
Publication number  Priority date  Publication date  Assignee  Title 

CN101179374A (en) *  20061109  20080514  日电（中国）有限公司  Communication equipment, communications system and method therefor 
CN102710613A (en) *  20120514  20121003  西安电子科技大学  Signcryption method of biological features of a plurality of receivers 
CN102811125A (en) *  20120816  20121205  西北工业大学  Certificateless multireceiver signcryption method with multivariatebased cryptosystem 
NonPatent Citations (2)
Title 

一个高效的基于身份的签密方案;李发根;《计算机学报》;20060930;第16421647页 * 
无证书体制下的多接收者签密密钥封装机制;孙银霞;《电子与信息学报》;20100930;第22502252页 * 
Also Published As
Publication number  Publication date 

CN104410496A (en)  20150311 
Similar Documents
Publication  Publication Date  Title 

Huang et al.  Certificateless signature revisited  
CN105024994B (en)  Without the safety to computing label decryption method is mixed without certificate  
CN101243643B (en)  Establishment of a trusted relationship between unknown communication parties  
CN1633774B (en)  Hierarchical identitybased encryption and signature schemes  
CN104410496B (en)  Multireceiver key encapsulation method  
CN1633776A (en)  Signature schemes using bilinear mappings  
Farash et al.  A Pairingfree IDbased Key Agreement Protocol with Different PKGs.  
CN102594570A (en)  Key threshold algorithm based on level identity encryption  
CN110995412B (en)  Certificateless ring signcryption method based on multiplicative group  
Barbosa et al.  Efficient identitybased key encapsulation to multiple parties  
Boyd et al.  Oneround key exchange in the standard model  
Lu et al.  A provably secure certificatebased encryption scheme against malicious CA attacks in the standard model  
Chen et al.  Certificateless signatures: structural extensions of security models and new provably secure schemes  
CN104320249B (en)  A kind of elastoresistance leakage encryption method of identitybased  
Suzuki et al.  Exposureresilient oneround tripartite key exchange without random oracles  
CN105119885B (en)  Safe efficient singlewheel three parts cipher key exchange method under master pattern  
CN110890961A (en)  Novel safe and efficient multiauthorization attributebased key negotiation protocol  
Yang et al.  Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles  
CN108768923A (en)  A kind of realtime encrypted method of chat of the Encryption Algorithm based on Quantum Reversible Logic circuit  
Liu et al.  Strong identitybased proxy signature schemes, revisited  
CN104184581B (en)  A kind of public key encryption method in tape symbol quadratic residue monoid  
Cheng et al.  Cryptanalysis and improvement of a certificateless encryption scheme in the standard model  
CN110224827B (en)  Encrypted edge Internet of things gateway  
CN107294972B (en)  Identitybased generalized multireceiver anonymous signcryption method  
Li et al.  Secure obfuscation of a twostep oblivious signature 
Legal Events
Date  Code  Title  Description 

C06  Publication  
PB01  Publication  
C10  Entry into substantive examination  
SE01  Entry into force of request for substantive examination  
GR01  Patent grant  
GR01  Patent grant  
CF01  Termination of patent right due to nonpayment of annual fee 
Granted publication date: 20171003 Termination date: 20191120 

CF01  Termination of patent right due to nonpayment of annual fee 