CN111556079A - Controllable anonymous communication method based on identity encryption - Google Patents

Controllable anonymous communication method based on identity encryption Download PDF

Info

Publication number
CN111556079A
CN111556079A CN202010418650.3A CN202010418650A CN111556079A CN 111556079 A CN111556079 A CN 111556079A CN 202010418650 A CN202010418650 A CN 202010418650A CN 111556079 A CN111556079 A CN 111556079A
Authority
CN
China
Prior art keywords
identity
ciphertext
user
message
receiver
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010418650.3A
Other languages
Chinese (zh)
Other versions
CN111556079B (en
Inventor
李凤银
刘中兴
王伊蕾
李涛
王�华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Liang'an Technology Co.,Ltd.
Original Assignee
Qufu Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qufu Normal University filed Critical Qufu Normal University
Priority to CN202010418650.3A priority Critical patent/CN111556079B/en
Publication of CN111556079A publication Critical patent/CN111556079A/en
Application granted granted Critical
Publication of CN111556079B publication Critical patent/CN111556079B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The invention relates to the field of privacy protection, in particular to a controllable anonymous communication method based on identity encryption. Data leakage and other security events are more frequent in the background of the big data era, data privacy becomes more and more important, and anonymous communication is more and more concerned by people as one of important means for privacy protection. Aiming at the problems of low message forwarding efficiency, high communication delay, anonymity abuse and the like commonly existing in the current anonymous communication system, the invention provides a controllable anonymous communication model based on identity encryption by means of increasing preprocessing operation, modifying a ciphertext structure, increasing anonymity controllability and the like. Firstly, a Setup preprocessing stage is added before an anonymous communication stage, the distribution work of the identity is put into the Setup preprocessing stage for preprocessing, and a user can perform mutual authentication between every two in advance in the Setup stage; secondly, the invention designs a new ciphertext structure, and the integrity of the ciphertext message is ensured by adding the plaintext and the message verification code of the identity identifier in the ciphertext. Finally, the identity signature is added in the ciphertext structure, so that the anonymity of the user can be selectively cancelled according to the requirement of the user.

Description

Controllable anonymous communication method based on identity encryption
Technical Field
The invention belongs to the field of privacy protection, and relates to technologies such as identity-based encryption and bilinear mapping, which protect identity privacy and data confidentiality of two communication parties in an anonymous communication mode.
Background
In the PKI-based public key cryptosystem, the identity of the user and the public key are bound by a certificate issued by a trusted certificate authority, which also results in an inevitable significant overhead in the management of the certificate. As an alternative to PKI-based public key cryptosystems, identity-based public key cryptosystems (IBE) were proposed by Shamir in 1984. In the system, the public key of the user can be easily derived from some information which can uniquely identify the user identity, such as the identity of the user or an email address, and the like, so that the problems of storage and management overhead of the certificate are successfully solved.
Anonymous communication technology originally originated from the MIX-net mechanism proposed by chaum in 1981, which implements anonymous communication by obfuscating messages through single or multiple MIX nodes. Two types of anonymous communication protocols appear later, namely a TOR network based on an onion routing algorithm and a DC-net mechanism realized based on a cryptologist problem, and then anonymous communication is rapidly developed in the aspects of neural networks, cloud computing, internet of things and the like, so that the two types of anonymous communication protocols become indispensable important technologies in the field of information security.
However, the existing anonymous communication methods are based on PKI or uncontrollable anonymous communication methods, and the existing anonymous communication methods have the defects of inherent overhead and security brought by PKI in the anonymous communication systems, and the uncontrollable property of anonymity cannot meet the requirement of expansibility in the actual environment.
Disclosure of Invention
The invention provides a controllable anonymous communication method based on identity encryption, aiming at overcoming the inherent overhead and security defects brought by PKI in the anonymous communication system and the uncontrollable problem of anonymity.
The technical method adopted by the invention is as follows: a preprocessing Setup stage is added before the anonymous communication stage, so that some necessary operations are preprocessed, and the encryption and decryption efficiency of the anonymous communication stage is improved; secondly, the invention ensures the integrity of the ciphertext message by designing a new ciphertext structure and adding a message verification code of a plaintext and an identity mark in the ciphertext. Finally, the invention realizes the controllability of the anonymity of the user by adding the selectable identity signature in the ciphertext structure.
A controllable anonymous communication method based on identity encryption comprises two stages of preprocessing and anonymous communication, and the specific process is as follows:
(1) a pretreatment stage:
the first step is as follows: initializing Setup
The method comprises the following steps of obtaining required system parameters by adopting an anonymous identity encryption scheme based on bilinear mapping:
Figure DEST_PATH_IMAGE001
(ii) a Then randomly select
Figure 671978DEST_PATH_IMAGE002
As a master key, and calculates
Figure DEST_PATH_IMAGE003
Figure 589119DEST_PATH_IMAGE004
By
Figure DEST_PATH_IMAGE005
The method is selected out at random from the group,
Figure 585500DEST_PATH_IMAGE006
as the remaining two common parameters;
the second step is that: key generation
Random selection of key generation center KGC
Figure DEST_PATH_IMAGE007
Then, according to the ID of the user, the private key of the user is calculated
Figure 980709DEST_PATH_IMAGE008
The private key is transmitted back to the user, and the ID of the user exists as a public key;
the third step: identity generation and distribution
Each user in the anonymous group
Figure DEST_PATH_IMAGE009
For the rest N-1 users
Figure 263923DEST_PATH_IMAGE010
Each generating a larger random number
Figure DEST_PATH_IMAGE011
As identification, simultaneous users
Figure 86386DEST_PATH_IMAGE012
Randomly generating parameters for encryption
Figure DEST_PATH_IMAGE013
Then respectively using the public keys of the corresponding N-1 users
Figure 822260DEST_PATH_IMAGE014
Encrypting the ID and sending the ID of the sender
Figure DEST_PATH_IMAGE015
Obtaining the ciphertext as the first parameter of the ciphertext
Figure 21161DEST_PATH_IMAGE016
(ii) a Then the sender
Figure DEST_PATH_IMAGE017
Cipher text obtained by encryption
Figure 690039DEST_PATH_IMAGE016
Uploading to a bulletin board;
the fourth step: downloading of identity tags
After the upload phaseEach user in the anonymous group must download all the ciphertext information in the bulletin board and then according to the private key of the user
Figure 683403DEST_PATH_IMAGE018
Attempting to decrypt all the ciphertexts; if it is to use its own public key
Figure 906574DEST_PATH_IMAGE014
The encrypted ciphertext can be decrypted to obtain the identity mark sent to the user
Figure DEST_PATH_IMAGE019
(ii) a At this time, the receiver re-identifies the first parameter contained in the ciphertext data packet
Figure 643586DEST_PATH_IMAGE020
The identity and the identification of the corresponding sender can be known
Figure DEST_PATH_IMAGE021
Note: each user is required to upload at least once in the transmission stage of the identity and download all ciphertext information;
(2) and an anonymous communication stage:
the fifth step: message encryption and upload
Sender
Figure 150660DEST_PATH_IMAGE022
Encrypt the plaintext message m and send the corresponding receiver
Figure DEST_PATH_IMAGE023
Identification of
Figure 580504DEST_PATH_IMAGE024
Putting the ciphertext at the first parameter position as a prefix, and putting the combined key Hash value of the plaintext and the identity identifier at the second parameter position as a message verification code; if the sender
Figure 822129DEST_PATH_IMAGE017
It is desirable to cancel the anonymity of this communication,
Figure 97253DEST_PATH_IMAGE012
the signature of the own identity ID can be added in the communication
Figure DEST_PATH_IMAGE025
In the uploading stage of each time period, each user uploads the ciphertext at least once;
and a sixth step: message screening and downloading
In the downloading stage of each time period, the receiver screens the ciphertext information according to the prefix of the ciphertext information, namely the identity, and selects the ciphertext sent to the receiver for downloading; at this stage, each user is required to download at least once, and if the receiver finds that the identifier of the receiver does not belong to the receiver after searching all the ciphertext information, the first ciphertext in the bulletin board is downloaded;
the seventh step: decryption and identification of messages
The receiver decrypts all the downloaded ciphertext information by using the private key of the receiver. If the readable plaintext can be obtained, the message is sent to the user and is normally received; if the readable plaintext can not be obtained, the message is not sent to the message, and discarding processing is carried out. Then, the receiver can carry out combined hash on the plaintext and the identity mark obtained by decryption, and whether the obtained hash value is consistent with the second parameter in the ciphertext is determined; if the two are consistent, the plaintext is proved to be correct; otherwise, the obtained plaintext information is wrong or the identity is replaced by an attacker, and the plaintext information is discarded;
eighth step: revocation of anonymity
If the sender wants to disclose own identity, the sent ciphertext contains the signature information thereof, all users can know the sender identity id in the ciphertext in the communication stage, and can use the signature public key pk of the sender to sign
Figure 209565DEST_PATH_IMAGE026
The message is verified to have its anonymity revoked.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a time schedule diagram of an anonymous communication model;
FIG. 2 is a diagram of an initialization process for an anonymous communication model;
FIG. 3 is a communication process diagram of an anonymous communication model;
fig. 4 is a graph comparing the communication efficiency of the anonymous communication model.
Detailed Description
A controllable anonymous communication method based on identity encryption comprises two stages of preprocessing and anonymous communication, and the specific process is as follows:
(1) a pretreatment stage:
the first step is as follows: initializing Setup
The method comprises the following steps of obtaining required system parameters by adopting an anonymous identity encryption scheme based on bilinear mapping:
Figure 544732DEST_PATH_IMAGE001
(ii) a Wherein
Figure DEST_PATH_IMAGE027
And
Figure 476916DEST_PATH_IMAGE028
is that
Figure DEST_PATH_IMAGE029
The multiplication loop group of the order is,
Figure 555730DEST_PATH_IMAGE030
a bi-linear mapping relationship is represented,
Figure DEST_PATH_IMAGE031
for multiplication loop groups
Figure 53708DEST_PATH_IMAGE005
A generator of (2); then randomly select
Figure 559775DEST_PATH_IMAGE032
As a master key, order
Figure 510414DEST_PATH_IMAGE003
Figure 392919DEST_PATH_IMAGE004
By
Figure 745403DEST_PATH_IMAGE005
Is randomly selected.
Figure 687951DEST_PATH_IMAGE006
As the remaining two common parameters.
The second step is that: key generation
Random selection of key generation center KGC
Figure 345460DEST_PATH_IMAGE007
Then according to the identity of the user
Figure 766077DEST_PATH_IMAGE033
Figure DEST_PATH_IMAGE034
) Calculating the private key of the user
Figure 238646DEST_PATH_IMAGE035
And passes the private key back to the user, and the user' s
Figure 820938DEST_PATH_IMAGE033
It exists as a public key.
The third step: identity generation and distribution
Each user in the anonymous group
Figure 746168DEST_PATH_IMAGE009
For the rest N-1 users
Figure 970476DEST_PATH_IMAGE036
Each generating a larger random number
Figure 31973DEST_PATH_IMAGE037
As identification, simultaneous users
Figure 316324DEST_PATH_IMAGE012
Randomly generating parameters for encryption
Figure DEST_PATH_IMAGE038
Then respectively using the public keys of the corresponding N-1 users
Figure 197692DEST_PATH_IMAGE014
Identification of corresponding user
Figure 225691DEST_PATH_IMAGE021
Encrypting and identifying the sender
Figure 407274DEST_PATH_IMAGE015
As a first parameter of the ciphertext, the format of the ciphertext is obtained as:
Figure 65788DEST_PATH_IMAGE039
therein using
Figure 965611DEST_PATH_IMAGE040
In order to prevent the enemy from stealing the ciphertext
Figure 531722DEST_PATH_IMAGE016
First parameter of
Figure 833390DEST_PATH_IMAGE041
To the sender
Figure DEST_PATH_IMAGE042
Performing identity impersonation; then the sender
Figure 912073DEST_PATH_IMAGE017
Cipher text obtained by encryption
Figure 299192DEST_PATH_IMAGE016
Uploading to a bulletin board;
the fourth step: downloading of identity tags
After the upload phase, each user in the anonymous group must download all the ciphertext information in the bulletin board. Then according to its private key
Figure 668994DEST_PATH_IMAGE043
Attempt to decrypt all the ciphertext:
Figure 559589DEST_PATH_IMAGE044
if it is to use its own public key
Figure 356644DEST_PATH_IMAGE014
The encrypted ciphertext can be decrypted to obtain the data sent to the user
Figure 434321DEST_PATH_IMAGE045
Then by calculating
Figure 607814DEST_PATH_IMAGE046
The identity mark can be obtained
Figure 618495DEST_PATH_IMAGE019
. At this time, the receiver re-identifies the first parameter contained in the ciphertext data packet
Figure 586451DEST_PATH_IMAGE020
The identity and the identification of the corresponding sender can be known
Figure 682583DEST_PATH_IMAGE021
Note: each user is required to upload at least once in the transmission stage of the identity and download all ciphertext information;
(2) and an anonymous communication stage:
the fifth step: message encryption and upload
Sender
Figure DEST_PATH_IMAGE047
Will correspond to the receiver
Figure 863029DEST_PATH_IMAGE048
Identification of
Figure 197058DEST_PATH_IMAGE021
Putting the first parameter position of the cipher text as a prefix, and putting the plaintext m and the identity mark at the position of the second parameter
Figure 335915DEST_PATH_IMAGE021
Combined key hash value of
Figure 919344DEST_PATH_IMAGE049
As a message authentication code, in which the public key of the recipient
Figure 169059DEST_PATH_IMAGE050
As keys to key hash functions, i.e.
Figure 154333DEST_PATH_IMAGE051
If the sender
Figure 680736DEST_PATH_IMAGE012
It is desirable to cancel the anonymity of this communication,
Figure 751460DEST_PATH_IMAGE042
the signature of the own identity ID can be added in the communication
Figure 804867DEST_PATH_IMAGE052
. Ciphertext to be transmitted by a sender
Figure 644647DEST_PATH_IMAGE053
The ciphertext format that can be added to the ciphertext data structure to be transmitted to obtain the additional signature is:
Figure 100002_DEST_PATH_IMAGE054
in the uploading stage of each time period, each user uploads the ciphertext at least once;
and a sixth step: message screening and downloading
In the downloading stage of each time period, the receiver identifies according to the prefix of the ciphertext information
Figure 594148DEST_PATH_IMAGE024
And screening the ciphertext information, and selecting the ciphertext sent to the user for downloading. At this stage, each user is required to download at least once, and if the receiver finds that the identifier of the receiver does not belong to the receiver after searching all the ciphertext information, the first ciphertext in the bulletin board is downloaded;
the seventh step: decryption and identification of messages
The receiver uses its own private key
Figure 886589DEST_PATH_IMAGE055
The ciphertext information downloaded in the third step is decrypted to obtain a plaintext message m, namely
Figure 743687DEST_PATH_IMAGE056
. At the same time, the receiver can decrypt the obtained plaintext
Figure 437973DEST_PATH_IMAGE057
And a first parameter, i.e. identity
Figure 558376DEST_PATH_IMAGE058
Performing combined hash to see whether the obtained hash value is equal to the second parameter in the ciphertext
Figure 603692DEST_PATH_IMAGE049
And (5) the consistency is achieved. If the two are consistent, the plaintext is proved to be correct; otherwise, the obtained plaintext information is wrong or the identity is replaced by an attacker, and the plaintext information is discarded;
eighth step: revocation of anonymity
If the sender wants to disclose the identity of the sender, the sent ciphertext contains the signature information of the sender; then, in the communication phase all users can know the sender identity id in the ciphertext and can sign the signature using the sender's public signature key pk
Figure 998902DEST_PATH_IMAGE026
The message is verified to have its anonymity revoked.
Validation of the invention
To demonstrate the effectiveness of the invention, we investigated the communication efficiency of different anonymous communication models, increasing the number of messages from 1 to 1000 over the entire communication period. As shown in fig. 4, the communication time of the present invention does not increase with the increase of the number of messages, and therefore, the communication efficiency is significantly improved compared to the previous model.

Claims (3)

1. An anonymous communication method based on identity encryption is characterized in that:
(1) a single message storage and forwarding structure is adopted, so that the communication cost is reduced;
(2) adding a pretreatment stage to carry out pretreatment on necessary operations;
(3) the receiver is allowed to screen the message before downloading, the communication of the system is reduced, and the efficiency is improved;
(4) the controllability of the anonymity of the communication model is increased.
2. The method of controllable anonymous communication based on identity encryption of claim 1, comprising the following five probabilistic polynomial time algorithms:
(1) initializing a system: inputting security parameters, and generating a system master key and system parameters by the algorithm;
(2) and (3) generating a user key: inputting system parameters, and generating a private key for a user by a secret key generation center according to a user Identity (ID);
(3) and (3) transferring the identity: inputting system parameters and a public key of a user, and realizing the safe transmission of identity identification between the users through encryption and decryption operations;
(4) and (3) encryption algorithm: inputting system parameters, a message to be encrypted and a public key of a receiver, and carrying out encryption operation on the message by the algorithm;
(5) signature algorithm: inputting system parameters, a message to be signed and a private key of a user, and generating a signature for the user by the algorithm;
(6) and (3) signature verification: inputting system parameters, a user signature, a signed original message and a public key of the user, and verifying the user signature by the algorithm;
(7) and (3) decryption algorithm: and inputting system parameters, the received ciphertext and a private key of the user, and decrypting the ciphertext received by the user by the algorithm.
3. The controllable anonymous communication method based on identity encryption as claimed in claim 2, comprising two stages of preprocessing and anonymous communication, and the specific implementation steps are as follows:
(1) a pretreatment stage:
the first step is as follows: initializing Setup
The method comprises the following steps of obtaining required system parameters by adopting an anonymous identity encryption scheme based on bilinear mapping:
Figure DEST_PATH_IMAGE002
(ii) a Then randomly select
Figure DEST_PATH_IMAGE004
As a master key, and calculates
Figure DEST_PATH_IMAGE006
Figure DEST_PATH_IMAGE008
By
Figure DEST_PATH_IMAGE010
The method is selected out at random from the group,
Figure DEST_PATH_IMAGE012
as the remaining two common parameters;
the second step is that: key generation
Random selection of key generation center KGC
Figure DEST_PATH_IMAGE014
Then, according to the ID of the user, the private key of the user is calculated
Figure DEST_PATH_IMAGE016
The private key is transmitted back to the user, and the ID of the user exists as a public key;
the third step: identity generation and distribution
Each user in the anonymous group
Figure DEST_PATH_IMAGE018
For the rest N-1 users
Figure DEST_PATH_IMAGE020
Each generating a larger random number
Figure DEST_PATH_IMAGE022
As identification, simultaneous users
Figure DEST_PATH_IMAGE024
Randomly generating parameters for encryption
Figure DEST_PATH_IMAGE026
Then respectively using the public keys of the corresponding N-1 users
Figure DEST_PATH_IMAGE028
Encrypting the ID and sending itIdentity of sender
Figure DEST_PATH_IMAGE030
Obtaining the ciphertext as the first parameter of the ciphertext
Figure DEST_PATH_IMAGE032
(ii) a Then the sender
Figure DEST_PATH_IMAGE024A
Cipher text obtained by encryption
Figure DEST_PATH_IMAGE032A
Uploading to a bulletin board;
the fourth step: downloading of identity tags
After the upload phase, each user in the anonymous group must download all the ciphertext information in the bulletin board, and then according to their own private key
Figure DEST_PATH_IMAGE036
Attempting to decrypt all the ciphertexts; if it is to use its own public key
Figure DEST_PATH_IMAGE028A
The encrypted ciphertext can be decrypted to obtain the identity mark sent to the user
Figure DEST_PATH_IMAGE039
(ii) a At this time, the receiver re-identifies the first parameter contained in the ciphertext data packet
Figure DEST_PATH_IMAGE041
The identity and the identification of the corresponding sender can be known
Figure DEST_PATH_IMAGE039A
Note: each user is required to upload at least once in the transmission stage of the identity and download all ciphertext information;
(2) and an anonymous communication stage:
the fifth step: message encryption and upload
Sender
Figure DEST_PATH_IMAGE024AA
Encrypt the plaintext message m and send the corresponding receiver
Figure DEST_PATH_IMAGE045
Identification of
Figure DEST_PATH_IMAGE039AA
Putting the ciphertext at the first parameter position as a prefix, and putting the combined key Hash value of the plaintext and the identity identifier at the second parameter position as a message verification code; if the sender
Figure DEST_PATH_IMAGE024AAA
It is desirable to cancel the anonymity of this communication,
Figure DEST_PATH_IMAGE024AAAA
the signature of the own identity ID can be added in the communication
Figure DEST_PATH_IMAGE050
In the uploading stage of each time period, each user uploads the ciphertext at least once;
and a sixth step: message screening and downloading
In the downloading stage of each time period, the receiver screens the ciphertext information according to the prefix of the ciphertext information, namely the identity, and selects the ciphertext sent to the receiver for downloading; at this stage, each user is required to download at least once, and if the receiver finds that the identifier of the receiver does not belong to the receiver after searching all the ciphertext information, the first ciphertext in the bulletin board is downloaded;
the seventh step: decryption and identification of messages
The receiver decrypts all the downloaded ciphertext information by using the private key of the receiver; if the readable plaintext can be obtained, the message is sent to the user and is normally received; if the readable plaintext can not be obtained, the message is not sent to the message, and discarding treatment is carried out; then, the receiver can carry out combined hash on the plaintext and the identity mark obtained by decryption, and whether the obtained hash value is consistent with the second parameter in the ciphertext is determined; if the two are consistent, the plaintext is proved to be correct; otherwise, the obtained plaintext information is wrong or the identity is replaced by an attacker, and the plaintext information is discarded;
eighth step: revocation of anonymity
If the sender wants to disclose own identity, the sent ciphertext contains the signature information thereof, all users can know the sender identity id in the ciphertext in the communication stage, and can use the signature public key pk of the sender to sign
Figure DEST_PATH_IMAGE052
The anonymity of the message is cancelled by verification;
note: the correctness of the scheme proves that:
the recipient's private key is:
Figure DEST_PATH_IMAGE054
(ii) a The public key is:
Figure DEST_PATH_IMAGE056
(ii) a Random number is randomly selected by sender
Figure DEST_PATH_IMAGE058
And using the public key of the receiver
Figure DEST_PATH_IMAGE056A
Encrypting the message m, wherein the encryption process comprises the following steps:
Figure DEST_PATH_IMAGE061
after adding the identity and the message verification code, the obtained ciphertext is as follows:
Figure DEST_PATH_IMAGE063
the receiver utilizes its private key
Figure DEST_PATH_IMAGE054A
And decrypting the ciphertext, wherein the decryption process comprises the following steps:
Figure DEST_PATH_IMAGE066
CN202010418650.3A 2020-05-18 2020-05-18 Controllable anonymous communication method based on identity encryption Active CN111556079B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010418650.3A CN111556079B (en) 2020-05-18 2020-05-18 Controllable anonymous communication method based on identity encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010418650.3A CN111556079B (en) 2020-05-18 2020-05-18 Controllable anonymous communication method based on identity encryption

Publications (2)

Publication Number Publication Date
CN111556079A true CN111556079A (en) 2020-08-18
CN111556079B CN111556079B (en) 2022-03-22

Family

ID=72004865

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010418650.3A Active CN111556079B (en) 2020-05-18 2020-05-18 Controllable anonymous communication method based on identity encryption

Country Status (1)

Country Link
CN (1) CN111556079B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101068245A (en) * 2007-03-30 2007-11-07 腾讯科技(深圳)有限公司 Shared file issuing and downloading method and file sharing control system
CN103746811A (en) * 2013-12-27 2014-04-23 西安邮电大学 Anonymous signcryption method from identity public key system to certificate public key system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101068245A (en) * 2007-03-30 2007-11-07 腾讯科技(深圳)有限公司 Shared file issuing and downloading method and file sharing control system
CN103746811A (en) * 2013-12-27 2014-04-23 西安邮电大学 Anonymous signcryption method from identity public key system to certificate public key system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ZHANG XINFANG XUQIULIANG: "Anonymous Identity-based Encryption", 《中国通信学会第五届学术年会论文集》 *

Also Published As

Publication number Publication date
CN111556079B (en) 2022-03-22

Similar Documents

Publication Publication Date Title
US8700894B2 (en) Method and system for securing routing information of a communication using identity-based encryption scheme
Barth et al. Privacy in encrypted content distribution using private broadcast encryption
EP0755598B1 (en) Computer network cryptographic key distribution system
US7657037B2 (en) Apparatus and method for identity-based encryption within a conventional public-key infrastructure
US5796833A (en) Public key sterilization
CN111342976B (en) Verifiable ideal on-grid threshold proxy re-encryption method and system
CN108833373B (en) Instant messaging and anonymous access method for relation privacy protection social network
Adida et al. Lightweight Encryption for Email.
CN106713349B (en) Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text
CN104796260B (en) A kind of short ciphertext identity base encryption method for meeting forward secrecy
WO2019180457A1 (en) Decentralised communication system and method
CN111586064A (en) Anonymous identity-based broadcast encryption method and system
Sumathi et al. A secure data transfer mechanism using single-handed re-encryption technique
Baee et al. The Security of “2FLIP” Authentication Scheme for VANETs: Attacks and Rectifications
Balakrishnan et al. Practical Implementation of a Secure Email System Using Certificateless Cryptography and Domain Name System.
CN111556079B (en) Controllable anonymous communication method based on identity encryption
JP4146252B2 (en) Anonymous communication method capable of identifying unauthorized persons, user device used in the method, and relay server device
CN109412815B (en) Method and system for realizing cross-domain secure communication
Prabhu et al. Security in computer networks and distributed systems
CN114070549A (en) Key generation method, device, equipment and storage medium
JP2010113181A (en) Key management method, key generation method, encryption processing method, decryption processing method, access control method, communication network system
Yap et al. On the security of a lightweight authentication and encryption scheme for mobile ad hoc network
Boyd Enforcing traceability in software
Dugardin et al. A New Fair Identity Based Encryption Scheme
CN111447064B (en) Password reverse firewall method suitable for certificateless encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20221118

Address after: 311100 1005-21, Floor 10, Building H, Haichuang Park, CEC Haikang Group Co., Ltd., No. 198, Aicheng Street, Wuchang Street, Yuhang District, Hangzhou City, Zhejiang Province

Patentee after: Hangzhou Liang'an Technology Co.,Ltd.

Address before: 273165 Jingxuan West Road, Qufu City, Jining, Shandong Province, No. 57

Patentee before: QUFU NORMAL University