CN111786786A - Agent re-encryption method and system supporting equation judgment in cloud computing environment - Google Patents

Abstract

The invention discloses a proxy re-encryption method and a proxy re-encryption system supporting equation judgment in a cloud computing environment.A first user terminal encrypts a plurality of plaintext data to be shared through a public key of the first user terminal to generate a plurality of first ciphertexts; the second user terminal encrypts the interested plaintext data through the public key of the second user terminal to generate a second ciphertext; the first user terminal generates a first trap door corresponding to a ciphertext based on a certain first ciphertext generated by the first user terminal and a public key of the second user terminal; the second user terminal generates a second trapdoor corresponding to the ciphertext based on a second ciphertext generated by the second user terminal and the public key of the first user terminal; and the server performs ciphertext equality matching test with each first ciphertext and the corresponding first trapdoor based on the second ciphertext and the second trapdoor respectively, when a target first ciphertext matched with the second ciphertext is found, the first user end executes the proxy re-encryption method, and the second user end decrypts the re-encrypted ciphertext by using a private key of the second user end to obtain a plaintext shared by the first user end. The invention reduces the communication and calculation overhead of data sharing.

Description

Agent re-encryption method and system supporting equation judgment in cloud computing environment

Technical Field

The invention relates to the technical field of information security, in particular to a proxy re-encryption method and a proxy re-encryption system supporting equation judgment in a cloud computing environment.

Background

Cloud computing is a novel computing model based on a resource virtualization technology, and has been widely concerned by the academic and industrial fields due to the characteristics of on-demand service, resource pooling, elastic service, ubiquitous access, chargeable service and the like. Data sharing based on cloud computing is one of cloud computing key applications, users using different computers and different software in different places can read data of other people and perform various operations, operations and analyses, more people can fully use data resources, and repeated labor such as data collection and collection is avoided. In recent 10 years, cloud computing in China is proposed from concepts to ground application and then to ecological construction, the development route is gradually stable, the effect is more and more remarkable, and the cloud computing industry becomes one of the fastest global markets.

With the deep application of cloud computing, potential safety hazards always exist in the aspect of visitors in the application of a digital technology. For example, how to guarantee the security and privacy of data outsourced to the cloud server, how to realize the credibility of the cloud server feedback service, and the like. Based on security and privacy considerations, one simple approach is to store outsourced data in the cloud service in ciphertext form, but encryption makes data sharing very difficult. In order to balance the contradiction between data privacy protection and usability, the proxy re-encryption technology can convert the ciphertext corresponding to the public key of the encryptor into the ciphertext corresponding to the public key of the decryptor under the condition of not revealing the secret key of the encryptor, and ciphertext data sharing is realized.

Although the proxy re-encryption solves the data sharing problem, data users cannot perform data search and equality judgment like plaintext data, and the data users must download all ciphertexts and decrypt the ciphertexts to obtain required information, so that unnecessary communication overhead is increased to a certain extent.

The above is only for the purpose of assisting understanding of the technical aspects of the present invention, and does not represent an admission that the above is prior art.

Disclosure of Invention

In order to improve the data sharing efficiency and reduce the communication overhead, the ciphertext data should support the equality test to judge whether the plaintexts corresponding to the two ciphertexts are the same, but the prior art does not have a similar scheme to solve the problems existing in the prior art.

The invention mainly aims to provide a proxy re-encryption method and a proxy re-encryption system supporting equation judgment in a cloud computing environment, and aims to solve the technical problem of how to effectively reduce communication overhead on the basis that a proxy re-encryption technology in the cloud computing environment supports ciphertext data sharing and ensures data safety.

The invention provides an agent re-encryption method supporting equation judgment in a cloud computing environment, wherein the cloud computing environment comprises a certificate authority, a cloud server and a plurality of user sides; the certificate authority is used for publishing protocol security parameters to each user side; the user side is divided into two roles: the system comprises a first user terminal and a second user terminal, wherein the first user terminal shares plaintext data, and the second user terminal receives the shared plaintext data; the method comprises the following steps:

step S10, each user terminal generates a key pair based on the protocol security parameters published by the certificate authority, the key pair comprises a public key and a private key, the private key is stored, and the public key is registered to the certificate authority; the key pair of the first user end comprises a first public key and a first private key, and the key pair of the second user end comprises a second public key and a second private key;

step S20, the first user terminal encrypts a plurality of plaintext data to be shared through the first public key according to a preset encryption mode to obtain a plurality of first ciphertexts, and the first ciphertexts are respectively sent and stored to the cloud server; the plaintext data to be shared represents plaintext data authorized by the first user terminal to the second user terminal;

the second user terminal encrypts the interest plaintext data through the second public key according to a preset encryption mode to obtain a second ciphertext, wherein the interest plaintext data is shared data expected to be obtained by the second user terminal, and the second ciphertext is sent to and stored in the cloud server;

step S51, the second user terminal acquires a second target random number set when the second ciphertext is encrypted from the second ciphertext according to the preset decryption mode by using the second private key; the second user terminal generates a second trap door corresponding to the second ciphertext based on the second target random number set, the second private key and a first public key provided by the first user terminal, and sends the second trap door to the cloud server for equality test of the ciphertext;

step S52, the first user terminal respectively obtains a first target random number set when the first ciphertext is encrypted from each first ciphertext according to the preset decryption mode by using the first private key; the first user terminal generates first trapdoors corresponding to the first ciphertexts based on the first target random number set, the first private key and a second public key provided by the second user terminal, and respectively sends the first trapdoors corresponding to the first ciphertexts to the cloud server;

step S60, the cloud server respectively performs ciphertext equality matching test with each first ciphertext and the corresponding first trapdoor based on the second ciphertext and the corresponding second trapdoor;

if the equality matching test result indicates that a target first trapdoor equal to the second trapdoor exists in each first trapdoor, it is determined that a second ciphertext corresponding to the second trapdoor corresponds to the same plaintext as the first ciphertext, the first ciphertext corresponding to the first trapdoor equal to the second trapdoor is taken as a target first ciphertext, and the following re-encryption steps S31-S43 are performed:

step S31, the first user terminal obtains a corresponding target first ciphertext from the cloud server;

step S32, the first user terminal obtains a first target random number when the target shared plaintext data corresponding to the target first ciphertext is encrypted according to a preset decryption mode based on the first private key;

step S33, the first user terminal generates a re-encryption key corresponding to the target first ciphertext according to the first public key, the second public key and the first target random number;

step S41, the first user terminal transmits the re-encryption key to the cloud server;

step S42, the cloud server converts the target first ciphertext into a re-encrypted ciphertext of the second user side through the re-encrypted key, wherein the re-encrypted ciphertext is associated with the second public key; and sending the re-encrypted ciphertext to the second user end;

and step S43, the second user terminal decrypts the re-encrypted ciphertext through the second private key to obtain the target shared plaintext data of the first user terminal.

Preferably, before the step S1, the method further includes:

the certificate authority generates three cyclic groups G with the same prime order p₁,G₂,G_tAnd there is a bilinear map e, satisfying G₁×G₂→G_tSelecting P₁,P₂As a circulating group G₁,G₂A generator of (2);

the certificate authority selects two secure hash functions h₀(·)，H₁(·)，H₂(·)；

The certificate authority publishes relevant parameters {, p, G₁,G₂,G_t,e,h₀(·)，H₁(·)，H₂(.) }, wherein the protocol security parameters entered manually at the end of the trusted authority are represented.

Preferably, the step S10 specifically includes:

each user side is based onGenerating a key pair by using protocol security parameters published by the certificate authority, wherein the key pair comprises a public key and a private key, storing the private key, and registering the public key to the certificate authority; wherein, each user terminal U_iIs generated by the following steps:

user side U_iIn a limited domain

In which an element is randomly selected

As the private key sk_i；

The user side U_iComputing public keys

Wherein the public key pk_iThe first part of the public key of

The second part of the public key is

The user side U_iWill public key pk_iRegistering to the certificate authority and publishing the public key pk_iSaid user side U_iThe first private key sk is combined_iAnd safely saved to the local.

Accordingly, i represents a variable;

by U_iRepresents said first client, sk_iRepresents the first private key, pk_iRepresenting a first public key, said first public key pk_iThe first part of the public key of

The second part of the public key is

By U_jRepresents the second user terminal, sk_jRepresenting the second private key, pk_jRepresenting a second public key, said second public key pk_jThe first part of the public key of

The second part of the public key is

Preferably, the preset encryption mode is characterized in the step S20 by the following steps:

the first user terminal U_iIn the limited domain

In the random selection of three elements r₁,r₂,

The first user terminal U_iCalculating plaintext data m to be shared_iFirst part C of the ciphertext_i1＝r₁r₂P₂And ciphertext second part C_i2＝r₁r₂h₀(m_i)P₁+r₃P₁；

The first user terminal U_iCalculating the plaintext data m to be shared_iThird part of the ciphertext

The first user terminal U_iCalculating intermediate variables

Based on said intermediate variables

Calculating plaintext data m to be shared_iFourth part of the ciphertext

Wherein

The first user terminal U_iBased on the plaintext data m to be shared_iFirst part C of the ciphertext_i1Ciphertext second part C_i2Ciphertext third part C_i3And a ciphertext fourth section

Creating the plaintext data m to be shared_iFirst ciphertext of the original ciphertext data

And uploading the first ciphertext to a cloud server.

Preferably, the step S31 specifically includes:

the first user terminal U_iObtaining a target first ciphertext from a cloud server

And acquiring the second user end U_jSecond public key of

Wherein the content of the first and second substances,

representing the second user terminal U_jThe first part of the second public key of (a),

representing the second user terminal U_jA second portion of the second public key of (a);

correspondingly, the step S32 specifically includes:

the first user terminal U_iAccording toPresetting a decryption mode based on the first private key sk_iFirst ciphertext from the target

To obtain the plaintext data m to be shared_iFirst target random number r when encrypted₂Wherein the first target random number

Correspondingly, the step S33 specifically includes:

the first user terminal U_iAccording to the first part of the first public key

A first part of the second public key

And the first target random number r₂Generating a re-encryption key

Preferably, the step S41 specifically includes:

the first user terminal U_iEncrypting the re-encryption key rk_ijTransmitting to the cloud server;

correspondingly, the step S42 specifically includes:

the cloud server according to the target first ciphertext

And said re-encryption key rk_ijCalculating the second user terminal U_jSecond public key pk_jCorresponding re-encrypted ciphertext

Wherein C is_j1＝C_i1，C_j2＝C_i2，

Preferably, the step S51 specifically includes:

the second user terminal U_jObtaining the second ciphertext from the cloud server

The second user terminal U_jUsing the second private key sk_jAcquiring a second target random number set r 'when the second ciphertext is encrypted from the second ciphertext according to the preset decryption mode'₁、r′₂、r′₃；

The second user terminal U_jCalculating the second trapdoor

The second user terminal U_jThe second trap door T_j→iSending the data to the cloud server;

correspondingly, the step S52 specifically includes:

the first user terminal U_iObtaining respective first ciphertexts from the cloud server

The first user terminal U_iProcessing each of the first ciphertexts

Then, the first private key sk is utilized_iRecovering a first destination used in encryption from the first ciphertextSet of random numbers r₁,r₂,r₃；

The first user terminal U_iCalculating the first trapdoor

The first user terminal U_iEach first trap door T_i→jAnd sending the data to the cloud server.

Preferably, the step S60 of performing, by the cloud server, ciphertext equality matching test with each of the first ciphertexts and the first trapdoors corresponding thereto based on the second ciphertexts and the second trapdoors corresponding thereto includes:

the cloud server calculates a first user terminal U_iIntermediate variables of

The cloud server calculates a second user terminal U_jIntermediate variables of

The cloud server determines e (IC)_j,C_i1) And e (IC)_i,C_j1) Whether the first ciphertext is equal to the second ciphertext is judged, if so, the plaintext m corresponding to the first ciphertext is judged_iPlaintext m 'corresponding to the second ciphertext'_iThe same; otherwise, judging the plaintext m corresponding to the first ciphertext_iPlaintext m 'corresponding to the second ciphertext'_iDifferent.

In addition, in order to achieve the above object, the present invention further provides an agent re-encryption system supporting equation determination in a cloud computing environment, where the system includes a certificate authority, a cloud server, and multiple clients; the certificate authority is used for publishing protocol security parameters to each user side; the user side comprises a first user side and a second user side;

each user side is used for generating a key pair based on protocol security parameters published by the certificate authority, wherein the key pair comprises a public key and a private key, storing the private key and registering the public key to the certificate authority; the key pair of the first user end comprises a first public key and a first private key, and the key pair of the second user end comprises a second public key and a second private key;

the first user side is used for encrypting a plurality of plaintext data to be shared through the first public key according to a preset encryption mode to obtain a plurality of first ciphertexts, and respectively sending and storing each first ciphertext to the cloud server; the plaintext data to be shared represents plaintext data authorized by the first user terminal to the second user terminal;

the second user side is used for encrypting the interest plaintext data through the second public key according to a preset encryption mode to obtain a second ciphertext, wherein the interest plaintext data is shared data expected to be obtained by the second user side, and the second ciphertext is sent and stored to the cloud server;

the second user end is further configured to obtain a second target random number set when the second ciphertext is encrypted from the second ciphertext according to the preset decryption manner by using the second private key; the second user terminal generates a second trap door corresponding to the second ciphertext based on the second target random number set, the second private key and a first public key provided by the first user terminal, and sends the second trap door to the cloud server for equality test of the ciphertext;

the first user is further configured to obtain, by the end, a first target random number set when the first ciphertext is encrypted from each of the first ciphertexts respectively according to the preset decryption manner by using the first private key; the first user terminal generates first trapdoors corresponding to the first ciphertexts based on the first target random number set, the first private key and a second public key provided by the second user terminal, and respectively sends the first trapdoors corresponding to the first ciphertexts to the cloud server;

the cloud server is further configured to perform ciphertext equality matching test with each first ciphertext and the corresponding first trapdoor based on the second ciphertext and the corresponding second trapdoor; if the equality matching test result indicates that a target first trapdoor equal to the second trapdoor exists in each first trapdoor, judging that a second ciphertext corresponding to the second trapdoor and the first ciphertext correspond to the same plaintext, and taking the first ciphertext corresponding to the first trapdoor equal to the second trapdoor as a target first ciphertext;

the first user side is used for acquiring a corresponding target first ciphertext from the cloud server; acquiring a first target random number when target shared plaintext data corresponding to the target first ciphertext is encrypted based on the first private key according to a preset decryption mode; the first user terminal generates a re-encryption key corresponding to the target first ciphertext according to the first public key, the second public key and the first target random number; the first user terminal transmits the re-encryption key to the cloud server;

the cloud server is used for converting the target first ciphertext into a re-encrypted ciphertext of the second user side through the re-encrypted key, wherein the re-encrypted ciphertext is associated with the second public key; and sending the re-encrypted ciphertext to the second user end;

and the second user side is used for decrypting the re-encrypted ciphertext through the second private key to obtain target shared plaintext data of the first user side.

The invention has the beneficial effects that: the invention discloses a proxy re-encryption method and a proxy re-encryption system supporting equation judgment in a cloud computing environment.A first user terminal encrypts a plurality of plaintext data to be shared through a public key of the first user terminal to generate a plurality of first ciphertexts; the second user terminal encrypts the interested plaintext data through the public key of the second user terminal to generate a second ciphertext; the first user terminal generates a first trap door corresponding to a ciphertext based on a certain first ciphertext generated by the first user terminal and a public key of the second user terminal; the second user terminal generates a second trapdoor corresponding to the ciphertext based on a second ciphertext generated by the second user terminal and the public key of the first user terminal; the cloud server performs ciphertext equality matching test on the second ciphertext and the corresponding second trapdoor thereof respectively with each first ciphertext and the corresponding first trapdoor thereof, and when a target first ciphertext matched with the second ciphertext is found, the target first ciphertext of the first user end is equal to the second ciphertext of the second user end, and interest plaintext data of the second user end is corresponding to certain plaintext data to be shared (called target shared plaintext) of the first user end; the first user terminal generates a proxy re-encryption key by using parameters such as public parameters, a first user terminal private key and a second user public key and uploads the proxy re-encryption key to the cloud server, the cloud server converts a target first ciphertext into a re-encryption ciphertext by using the proxy re-encryption key and sends the re-encryption ciphertext to the second user terminal, and the second user terminal decrypts the re-encryption ciphertext by using the private key of the second user terminal to obtain a plaintext shared by the first user terminal (namely, a target shared plaintext). The invention effectively reduces the communication overhead on the basis of supporting the ciphertext data sharing.

Compared with the prior art, the proxy re-encryption scheme can convert the ciphertext generated by encrypting the public key of the encryptor into the ciphertext corresponding to the public key of the decryptor without revealing a decryption key, but does not support ciphertext equality test. In the process of re-encryption, only hash operation and exclusive or operation are applied, so that the method has high efficiency and practicability, and the calculation overhead of the whole system is reduced.

Drawings

Fig. 1 is a schematic flowchart of a proxy re-encryption method supporting equation determination in a cloud computing environment according to the present invention;

FIG. 2 is a schematic diagram illustrating the correlation between algorithms in the proxy re-encryption method supporting equation determination in the cloud computing environment according to the present invention;

fig. 3 is a schematic diagram of a ciphertext equation decision process in the proxy re-encryption method supporting equation decision in the cloud computing environment of the present invention.

The objects, features and advantages of the present invention will be further explained with reference to the accompanying drawings.

Detailed Description

It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

The symbols of the embodiments of the present invention are described as follows:

p: p is a prime number.

: the protocol security parameter represents the overall security intensity of the protocol;

mod p: modulo p arithmetic. For example, 19mod7 ═ 5.

A finite field consisting of the integers 1,2, …, p-1.

G₁,G₂,G_t: three cyclic groups having the same prime order p are shown, respectively.

P₁,P₂: respectively represent a cyclic group G₁,G₂The generator of (1).

e: represents bilinear mapping, satisfies G₁×G₂→G_tWill be input into a group G₁Middle element and group G₂Mapping of Medium element to group G_tAnd (5) medium element.

h₀(. o): the input is a bit string {0,1} of any length^*Output is

A cryptographic hash function of the element(s).

H₁(. o): input as an arbitrary group G₁Middle element, output length of 3 bit string {0,1}^*A cryptographic hash function of the element(s).

H₂(. o): inputting two groups G₁Middle element, a group G₂Middle element, output is

A cryptographic hash function of the element(s).

U_i: indicating a user marked i

(pk_i,sk_i): representing a user U_iPublic and private key pair, pk_iRepresenting a user U_iPublic key, sk_iRepresenting a user U_iA private key.

Representing a user U_iTwo parts of the public key are used,

representing the public key pk_iThe first part of (a) is,

representing the public key pk_iThe second part of (1).

m_i: representing a plaintext message to be encrypted.

Public key pk for representation_iEncryption plaintext m_iThe obtained ciphertext comprises four parts: c_i1Representing ciphertext

First part of (1), C_i2Representing ciphertext

Second part of (2), C_i3Representing ciphertext

In the third part of (a) to (b),

representing ciphertext

The fourth section. The fourth part of the ciphertext comprises two parts:

r₁,r₂,r₃: which represents a cipher text used in encryption.

rk_ij: representing a re-encryption key which can be used to encrypt the user U_iPublic key pk_iEncrypted ciphertext

Converted into user U_jPublic key pk_jEncrypted ciphertext

T_i→j: representing a user U_iAuthorization to user U_jTrapdoors tested for equality.

IC_i: representing a user U_iPublic key pk_iThe encrypted ciphertext is an intermediate ciphertext in performing an equality determination process.

L |: representing a join operation, in which two elements of the same type can be joined together

Representing a string xor operation.

It can be understood that the proxy re-encryption is a special encryption algorithm, which allows a ciphertext encrypted by an encryptor public key to be converted into a ciphertext encrypted by a decryptor public key without revealing an encryptor key, so that data sharing is effectively realized while data privacy is ensured, and the proxy re-encryption is particularly suitable for cloud computing scenes such as cloud storage, cloud sharing and the like. Scientific researchers have proposed a plurality of different schemes and different characteristic proxy re-encryption algorithms, but have not provided proxy re-encryption supporting ciphertext equality judgment. In order to improve the sharing efficiency, accurately position data required by a user and reduce the communication overhead between a cloud server and the user, the invention provides an agent re-encryption method supporting equation judgment in a cloud computing environment, and the method has the characteristics of high efficiency, simplicity in implementation and the like.

Referring to fig. 1, fig. 1 is a schematic flowchart illustrating an embodiment of a proxy re-encryption method supporting equation determination in a cloud computing environment according to the present invention;

the technical conception of the scheme of the invention is as follows: the invention discloses a proxy re-encryption method and a proxy re-encryption system supporting equation judgment in a cloud computing environment.A first user terminal encrypts a plurality of plaintext data to be shared through a public key of the first user terminal to generate a plurality of first ciphertexts; the second user terminal encrypts the interested plaintext data through the public key of the second user terminal to generate a second ciphertext; the first user terminal generates a first trap door corresponding to a ciphertext based on a certain first ciphertext generated by the first user terminal and a public key of the second user terminal; the second user terminal generates a second trapdoor corresponding to the ciphertext based on a second ciphertext generated by the second user terminal and the public key of the first user terminal; the cloud server performs ciphertext equality matching test on the second ciphertext and the corresponding second trapdoor thereof respectively with each first ciphertext and the corresponding first trapdoor thereof, and when a target first ciphertext matched with the second ciphertext is found, the target first ciphertext of the first user end is equal to the second ciphertext of the second user end, and interest plaintext data of the second user end is corresponding to certain plaintext data to be shared (called target shared plaintext) of the first user end; the first user terminal generates a proxy re-encryption key by using parameters such as public parameters, a first user terminal private key and a second user public key and uploads the proxy re-encryption key to the cloud server, the cloud server converts a target first ciphertext into a re-encryption ciphertext by using the proxy re-encryption key and sends the re-encryption ciphertext to the second user terminal, and the second user terminal decrypts the re-encryption ciphertext by using the private key of the second user terminal to obtain a plaintext shared by the first user terminal (namely, a target shared plaintext).

The invention reduces the communication and calculation cost of data sharing on the basis of supporting the ciphertext equality test. Compared with the prior art, the proxy re-encryption scheme can convert the ciphertext generated by encrypting the public key of the encryptor into the ciphertext corresponding to the public key of the decryptor without revealing a decryption key, but does not support ciphertext equality test. In the process of re-encryption, only hash operation and exclusive or operation are applied, so that the method has high efficiency and practicability, and the calculation overhead of the whole system is reduced.

Referring to fig. 2, the core of the proxy re-encryption method supporting equation determination in the cloud computing environment of the present invention includes nine algorithms: a key generation algorithm, an encryption algorithm, a self-decryption algorithm, a re-encryption key generation algorithm, a re-encryption algorithm, a re-decryption algorithm, an authorization algorithm and a test algorithm;

FIG. 2 illustrates:

and initializing the system, and generating the required public parameters of the system by using an initialization algorithm.

And generating a public and private key pair by the user, and generating the public and private key pair by utilizing a key generation algorithm according to the public parameters.

And generating ciphertext data by the user through an encryption algorithm according to the public and private key pair and the plaintext data.

And storing the ciphertext data in the cloud.

And the user decrypts the ciphertext data corresponding to the own public key, and obtains the plaintext data by using a self-decryption data algorithm according to the data and the public and private key pair obtained at the cloud.

The user shares data to generate a re-encryption key, and according to the public and private key pair and the ciphertext data, the user generates the re-encryption key corresponding to the ciphertext data, and the key can be used for converting a ciphertext under one public key into a ciphertext under another public key.

The cloud computing environment comprises a certificate authority, a cloud server and a plurality of user sides; the certificate authority is used for publishing protocol security parameters to each user side; in this embodiment, for convenience of differentiation, the user terminal is divided into a first user terminal (sending terminal) and a second user terminal (receiving terminal), where the first user terminal shares plaintext data, and the second user terminal receives the shared plaintext data.

In a specific implementation, an initialization process is first required:

initialization

It should be noted that, in the initialization step, a trusted Authority is used as an execution subject to perform initialization processing, where the trusted Authority may be an Authority that is guaranteed to be trusted by the government and the like, and a Certificate Authority (CA Authority) is included under the trusted Authority;

preferably, the initialization step of this embodiment is completed by a certificate authority, and specifically includes the following sub-steps:

generating three cyclic groups G having the same prime order p₁,G₂,G_tAnd there is a bilinear map e, satisfying G₁×G₂→G_tSelecting P₁,P₂As a circulating group G₁,G₂A generator of (2);

selecting two secure hash functions h₀(·)，H₁(·)，H₂(·)；

Publishing relevant parameters {, p, G₁,G₂,G_t,e,h₀(·)，H₁(·)，H₂(-) wherein, a protocol security parameter is represented for human input at the end of the trusted authority;

further, the proxy re-encryption method supporting equation judgment in the cloud computing environment comprises the following steps:

step S10, each user terminal generates a key pair based on the protocol security parameters published by the certificate authority, the key pair comprises a public key and a private key, the private key is stored, and the certificate authority is registered; the key pair of the first user end comprises a first public key and a first private key, and the key pair of the second user end comprises a second public key and a second private key;

in a specific implementation of this step, a system user executes a key generation algorithm; (the general term of the user side in the system user cloud computing environment, which refers to each user side in the cloud computing environment, can be the first user side or the second user side): the first user end refers to a transmitting end, and the second user end refers to a receiving end;

1. key generation algorithm

It can be understood that a system user needs to generate a public and private key pair of the user according to the published relevant parameters, and register the public key to a CA certificate authority to ensure that other users can correctly obtain the public key, so that the first user end U can use the first user end U to obtain the public key pair_iFor example, the specific steps are as follows:

1.1 in the Limited Domain

In which an element is randomly selected

As the first private key sk_i；

1.2, calculating the first public key

Wherein a first part of the first public key is

The second part of the public key is

1.3, the first user terminal U_iThe first public key pk_iRegistering to the certificate authority and publishing the first public key pk_iThe first user terminal U_iThe first private key sk is combined_iAnd safely saved to the local.

It can be understood that, in the present embodiment, the first user terminal U_iThe key pair generated according to the key generation algorithm is: first public key

And a first private key sk_i；

Accordingly, the above-mentioned key pair generation manner in this embodiment is also applicable to the second user endThe second user terminal is U_jSaid second user terminal U_jThe key pair generated according to the key generation algorithm is: second public key

And a second private key sk_j；

Step S20, the first user terminal encrypts a plurality of plaintext data to be shared through the first public key according to a preset encryption mode to obtain a plurality of first ciphertexts, and the first ciphertexts are respectively sent and stored to the cloud server; the plaintext data to be shared represents plaintext data authorized by the first user terminal to the second user terminal;

the second user terminal encrypts interest plaintext data through the second public key according to a preset encryption mode to obtain a second ciphertext, wherein the interest plaintext data refers to shared data expected to be obtained by the second user terminal, and the second ciphertext is sent to and stored in the cloud server;

it should be noted that, in the specific implementation of the preset encryption mode, the following 2-1 encryption algorithm is executed by a system user;

2-1. encryption algorithm

It can be understood that the first user terminal provides a plurality of plaintext data to be shared to the server; the system user uses the public key to encrypt the plaintext data to be shared, and uses the first user end U_iEncrypting a plaintext data m to be shared_iFor example, the specific steps are as follows:

2.1 first user terminal U_iIn a limited domain

In the random selection of three elements r₁,r₂,

2.2, calculating plaintext data m to be shared_iFirst part C of_i1＝r₁r₂P₂And ciphertext second part C_i2＝r₁r₂h₀(m_i)P₁+r₃P₁；

2.3, calculating to-be-shared plaintext data m_iThird part of (2)

2.4 calculating intermediate variables

Further calculate the plaintext data m to be shared_iFourth part of

Wherein

2.5, the first ciphertext

And uploading to a cloud server for storage.

It should be noted that the above ciphertext generating method (i.e., the preset encryption method) is also applicable to the second user side.

2-2. self-decryption algorithm

Accordingly, the user side can decrypt the ciphertext data encrypted by using the own public key by using the own private key to obtain the corresponding plaintext data.

The user decrypts the ciphertext data encrypted by using the own public key by using the own private key so as to obtain corresponding plaintext data. By the first user terminal U_iDecrypting original ciphertext data and decrypting first ciphertext

For example, the specific steps are as follows:

2.1, user U_iObtaining ciphertext from a cloud server

2.2 Using the private Key sk_iRecovery of random numbers used in encryption

According to the encryption algorithm step 2.4, if the user U knows_iWhen the correct private key is input, r can be correctly recovered₂.

2.3, by calculation

Recovering a plaintext message m_iFrom the encryption algorithm step 2.3, it can be seen that if user U is present_iIn step (1), r is correctly calculated₂The plaintext message can be recovered correctly.

2.4, calculating and judging r₁r₂P₂And C_i1Whether they are equal or not, calculating and judging r₁r₂h₀(m_i)P₁+r₃P₁And C_i2And if so, indicating that the plaintext is correctly decrypted, otherwise, indicating that the decryption is wrong.

It should be noted that the above self-decryption method is also applicable to the second client.

3. Re-encryption key generation algorithm

It can be understood that a legal user wants to authorize the ciphertext generated by his public key to another legal user, and needs to generate a re-encryption key for the ciphertext to be authorized, so that the first user U can use the re-encryption key to encrypt the ciphertext to be authorized_iAuthorizing target first ciphertext data

For the second user end U_jGenerating a re-encryption key, which comprises the following specific steps:

step S31, the first user end obtains a corresponding target first ciphertext from the cloud server and obtains a second public key of the second user end;

specifically, the first user terminal U_iObtaining a first ciphertext from a cloud server

And acquiring the second user end U_jSecond public key of

Representing the second user terminal U_jThe first part of the second public key of (a),

representing the second user terminal U_jA second portion of the second public key of (a);

step S32, the first user terminal obtains a first target random number when the plaintext data to be shared is encrypted from the target first ciphertext according to a preset decryption mode based on the first private key;

it should be noted that the preset decryption manner is a step in the 2-2 self-decryption algorithm;

specifically, the first user terminal U_iUsing the first private key sk_iRecovering the first target random number used in the encryption

According to the encryption algorithm step 2.2, if the user U knows_iWhen the correct private key is input, r can be correctly recovered₂；

Step S33, the first user terminal generates a re-encryption key according to the first public key, the second public key and the first target random number;

specifically, the first user terminal U_iAccording to the first part of the first public key

A first part of the second public key

And the first target random number r₂Generating a re-encryption key

4. Re-encryption algorithm

Understandably, the cloud server converts the ciphertext of one user into the ciphertext of another user by using the re-encryption key, and the first user end U_iAuthorizing the first ciphertext

For the second user end U_jFor example, the specific steps are as follows:

step S41, the first user terminal transmits the re-encryption key to the cloud server;

specifically, the first user terminal U_iTransmitting a re-encryption key generated according to a re-encryption key generation algorithm

For the cloud server, the specific steps refer to a re-encryption key generation algorithm;

step S42, the cloud server converts the target first ciphertext into a re-encrypted ciphertext of the second user end through the re-encrypted key, the re-encrypted ciphertext is associated with the second public key, and the re-encrypted ciphertext is sent to the second user end;

specifically, the cloud server according to the target first ciphertext

And said re-encryption key rk_ijCalculating the second user terminal U_jSecond public key pk_jCorresponding re-encrypted ciphertext

Wherein C is_j1＝C_i1，C_j2＝C_i2，

4-2, re-decryption algorithm

And step S43, the second user terminal decrypts the re-encrypted ciphertext through the second private key to obtain the target shared plaintext data of the first user terminal.

It can be understood that after obtaining the re-encrypted ciphertext corresponding to the public key, the user can decrypt the re-encrypted ciphertext by using the private key of the user to obtain the second user end U_jDecrypting a first user side U_iAuthorizing the first ciphertext

And the resulting re-encrypted ciphertext

For example, the specific steps are as follows:

4.1 second user end U_jCalculating intermediate variables

And verify

Whether or not equal to

If equal, the algorithm continues to be executed, otherwise exit.

4.2 second user end U_jCalculating intermediate variables

4.3 second user end U_jBy calculating:

recovery message m_i. According to the ciphertext generation process in the re-encryption algorithm, if the user obtains the correct re-encrypted ciphertext and uses the correct key, the re-encrypted ciphertext can be correctly decrypted to obtain the message.

5. Authorization algorithm

Understandably, a legitimate user generates a trapdoor for a ciphertext encrypted by using a public key of the legitimate user to perform an equality test with a ciphertext generated by a public key of another legitimate user;

step S51, the second user terminal acquires a second target random number set when the second ciphertext is encrypted from the second ciphertext according to the preset decryption mode by using the second private key; the second user terminal generates a second trap door corresponding to the second ciphertext based on the second target random number set, the second private key and a first public key provided by the first user terminal, and sends the second trap door to the cloud server for equality test of the ciphertext;

it should be noted that the preset decryption manner is a step in the 4-2 re-decryption algorithm;

specifically, the second user terminal U_jAs a ciphertext

Generating and first user terminal U_iThe specific steps of the second trapdoor for carrying out equation test on the ciphertext are as follows:

the second user terminal U_jObtaining the re-encrypted ciphertext from the cloud server obtaining the second ciphertext from the cloud server

The second user terminal U_jUsing said second private key sk_jAcquiring a second target random number set r 'when the second ciphertext is encrypted from the second ciphertext according to the preset decryption mode'₁、r′₂、r′₃；

The second user terminal U_jCalculating the second trapdoor

Wherein

Is the first user terminal U_iA first portion of the first public key of (a);

the second user terminal U_jThe second trap door T_j→iAnd sending the data to the cloud server for equality test.

Step S52, the first user end acquires a first target random number set when the first ciphertext is encrypted from each first ciphertext by using the first private key according to the preset decryption mode; the first user terminal generates first trapdoors corresponding to the first ciphertexts based on the first target random number set, the first private key and a second public key provided by the second user terminal, and respectively sends the first trapdoors corresponding to the first ciphertexts to the cloud server;

specifically, the first user terminal U_iAs a ciphertext

Generating and second user terminal U_jThe specific steps of the first trapdoor for carrying out equation test on the ciphertext are as follows:

first user terminal U_iObtaining a first ciphertext from the cloud server

First user terminal U_iUsing the first private key sk_iRecovering a first target set of random numbers r used in encryption from the first ciphertext₁,r₂,r₃；

First user terminal U_iCalculating the first trapdoor

Wherein

Is the second user terminal U_jA first part of a public key;

first user terminal U_iThe first trap door T_i→jAnd sending the data to the cloud server for equality test.

6. Authorization algorithm

Step S60, the cloud server performs ciphertext equality matching test on the second ciphertext and the corresponding second trapdoor respectively and each first ciphertext and the corresponding first trapdoor, and if the equality matching test result indicates that a target first trapdoor equal to the second trapdoor exists in each first trapdoor, the cloud server judges that the second ciphertext corresponding to the second trapdoor and the first ciphertext correspond to the same plaintext; and the first ciphertext corresponding to the first trapdoor equal to the second trapdoor is taken as the target first ciphertext, and the re-encryption steps S31-S43 are executed.

It can be understood that, after the cloud server obtains the two ciphertexts and the two corresponding trapdoors thereof, the cloud server can perform the cipher text equality test to the first user side U_iFirst ciphertext of

And a first trapdoor T_i→jSecond user end U_jThe second sentence of (1)

And a second trapdoor T_j→iFor example, the method comprises the following steps:

6.1, the cloud server calculates a first user end U_iIntermediate variables of

6.2, the cloud server calculates a second user end U_jIntermediate variables of

6.3, the cloud Server determines e (IC)_j,C_i1) And e (IC)_i,C_j1) Whether the first ciphertext is equal to the second ciphertext is judged, if so, the plaintext m corresponding to the first ciphertext is judged_iPlaintext m 'corresponding to the second ciphertext'_iThe same;

otherwise, judging the plaintext m corresponding to the first ciphertext_iPlaintext m 'corresponding to the second ciphertext'_iDifferent.

Compared with the prior art, the embodiment of the invention has the following advantages and beneficial effects:

firstly, in the proxy re-encryption scheme in the prior art, although a ciphertext generated by encrypting a public key of an encryptor can be converted into a ciphertext corresponding to a public key of a decryptor under the condition of not revealing a decryption key, the ciphertext equality test is not supported, the embodiment of the invention designs a proxy re-encryption method supporting equation judgment in a cloud computing environment, namely, a first user side encrypts a plurality of plaintext data to be shared through the public key of the first user side to generate a plurality of first ciphertexts; the second user terminal encrypts the interested plaintext data through the public key of the second user terminal to generate a second ciphertext; the first user terminal generates a first trap door corresponding to the ciphertext based on a first ciphertext to be tested and a public key of the second user terminal; the second user terminal generates a second trapdoor corresponding to the ciphertext based on a second ciphertext generated by the second user terminal and the public key of the first user terminal; the cloud server is respectively and equivalently matched with each first trapdoor and the corresponding first ciphertext thereof based on the second trapdoor and the corresponding second ciphertext thereof, when a target first ciphertext matched with the second ciphertext is found, the first user end generates an agent re-encryption key by using parameters such as public parameters, a first user end private key and a second user public key and transmits the agent re-encryption key to the cloud server, the cloud server converts the target first ciphertext into a re-encryption ciphertext by using the agent re-encryption key and transmits the re-encryption ciphertext to the second user end, and the second user end decrypts the re-encryption ciphertext by using the agent re-encryption key to obtain a plaintext shared by the first user end. The invention reduces the communication and calculation cost of data sharing on the basis of supporting the ciphertext equality test.

In the embodiment, the cipher text can be subjected to equation judgment without decryption, so that the required plaintext data can be accurately positioned without revealing data privacy, and the communication overhead between the cloud server and the user is reduced.

Secondly, in the process of re-encryption, only hash operation and exclusive or operation are applied, so that the method has high efficiency and practicability, and the calculation overhead of the whole system is reduced.

In addition, in order to achieve the purpose of the invention, the invention also provides an embodiment of an agent re-encryption system supporting equation judgment in a cloud computing environment, wherein the system comprises a certificate authority, a cloud server and a plurality of user sides; the certificate authority is used for publishing protocol security parameters to each user side; the user side comprises a first user side and a second user side;

each user side is used for generating a key pair based on protocol security parameters published by the certificate authority, wherein the key pair comprises a public key and a private key, storing the private key and registering the public key to the certificate authority; the key pair of the first user end comprises a first public key and a first private key, and the key pair of the second user end comprises a second public key and a second private key;

the first user side is used for encrypting a plurality of plaintext data to be shared through the first public key according to a preset encryption mode to obtain a plurality of first ciphertexts, and respectively sending and storing each first ciphertext to the cloud server; the plaintext data to be shared represents plaintext data authorized by the first user terminal to the second user terminal;

the second user side is used for encrypting the interest plaintext data through the second public key according to a preset encryption mode to obtain a second ciphertext, wherein the interest plaintext data is shared data expected to be obtained by the second user side, and the second ciphertext is sent and stored to the cloud server;

the second user end is further configured to obtain a second target random number set when the second ciphertext is encrypted from the second ciphertext according to the preset decryption manner by using the second private key; the second user terminal generates a second trap door corresponding to the second ciphertext based on the second target random number set, the second private key and a first public key provided by the first user terminal, and sends the second trap door to the cloud server for equality test of the ciphertext;

the first user is further configured to obtain, by the end, a first target random number set when the first ciphertext is encrypted from each of the first ciphertexts respectively according to the preset decryption manner by using the first private key; the first user terminal generates first trapdoors corresponding to the first ciphertexts based on the first target random number set, the first private key and a second public key provided by the second user terminal, and respectively sends the first trapdoors corresponding to the first ciphertexts to the cloud server;

the cloud server is further configured to perform ciphertext equality matching test with each first ciphertext and the corresponding first trapdoor based on the second ciphertext and the corresponding second trapdoor; if the equality matching test result indicates that a target first trapdoor equal to the second trapdoor exists in each first trapdoor, judging that a second ciphertext corresponding to the second trapdoor and the first ciphertext correspond to the same plaintext, and taking the first ciphertext corresponding to the first trapdoor equal to the second trapdoor as a target first ciphertext;

further, the first user side is further configured to obtain a corresponding target first ciphertext from the cloud server; acquiring a first target random number when target shared plaintext data corresponding to the target first ciphertext is encrypted based on the first private key according to a preset decryption mode; the first user terminal generates a re-encryption key corresponding to the target first ciphertext according to the first public key, the second public key and the first target random number; the first user terminal transmits the re-encryption key to the cloud server;

the cloud server is further configured to convert the target first ciphertext into a re-encrypted ciphertext of the second user side through the re-encrypted key, where the re-encrypted ciphertext is associated with the second public key; and sending the re-encrypted ciphertext to the second user end;

the second user end is further configured to decrypt the re-encrypted ciphertext through the second private key to obtain target shared plaintext data of the first user end.

Referring to fig. 3:

first user U_iAnd a second user U_jThe cloud server is expected to judge whether the two ciphertexts correspond to the same plaintext under the condition that the plaintext is not leaked;

user U_iAnd user U_jRespectively acquiring ciphertext data, and growing corresponding trapdoors by using an authorization algorithm according to the public and private key pair and the ciphertext data; .

After the cloud server receives the two trapdoors respectively, whether the plaintexts corresponding to the two ciphertexts are equal or not is judged by using a test algorithm according to the trapdoors and the ciphertext data.

The specific implementation of the proxy re-encryption system supporting equation determination in the cloud computing environment of this embodiment is the same as the above-mentioned embodiment of the proxy re-encryption method supporting equation determination in the cloud computing environment, and details are not repeated here.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.

The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.

The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. An agent re-encryption method supporting equation judgment in a cloud computing environment is characterized in that the cloud computing environment comprises a certificate authority, a cloud server and a plurality of user sides; the certificate authority is used for publishing protocol security parameters to each user side; the user side is divided into two roles: the system comprises a first user terminal and a second user terminal, wherein the first user terminal shares plaintext data, and the second user terminal receives the shared plaintext data; the method comprises the following steps:

step S10, each user terminal generates a key pair based on the protocol security parameters published by the certificate authority, the key pair comprises a public key and a private key, the private key is stored, and the public key is registered to the certificate authority; the key pair of the first user end comprises a first public key and a first private key, and the key pair of the second user end comprises a second public key and a second private key;

step S20, the first user terminal encrypts a plurality of plaintext data to be shared through the first public key according to a preset encryption mode to obtain a plurality of first ciphertexts, and the first ciphertexts are respectively sent and stored to the cloud server; the plaintext data to be shared represents plaintext data authorized by the first user terminal to the second user terminal;

the second user terminal encrypts the interest plaintext data through the second public key according to a preset encryption mode to obtain a second ciphertext, wherein the interest plaintext data is shared data expected to be obtained by the second user terminal, and the second ciphertext is sent to and stored in the cloud server;

step S51, the second user terminal acquires a second target random number set when the second ciphertext is encrypted from the second ciphertext according to the preset decryption mode by using the second private key; the second user terminal generates a second trap door corresponding to the second ciphertext based on the second target random number set, the second private key and a first public key provided by the first user terminal, and sends the second trap door to the cloud server for equality test of the ciphertext;

step S52, the first user terminal respectively obtains a first target random number set when the first ciphertext is encrypted from each first ciphertext according to the preset decryption mode by using the first private key; the first user terminal generates first trapdoors corresponding to the first ciphertexts based on the first target random number set, the first private key and a second public key provided by the second user terminal, and respectively sends the first trapdoors corresponding to the first ciphertexts to the cloud server;

step S60, the cloud server respectively performs ciphertext equality matching test with each first ciphertext and the corresponding first trapdoor based on the second ciphertext and the corresponding second trapdoor;

if the equality matching test result indicates that a target first trapdoor equal to the second trapdoor exists in each first trapdoor, it is determined that a second ciphertext corresponding to the second trapdoor corresponds to the same plaintext as the first ciphertext, the first ciphertext corresponding to the first trapdoor equal to the second trapdoor is taken as a target first ciphertext, and the following re-encryption steps S31-S43 are performed:

step S31, the first user terminal obtains a corresponding target first ciphertext from the cloud server;

step S32, the first user terminal obtains a first target random number when the target shared plaintext data corresponding to the target first ciphertext is encrypted according to a preset decryption mode based on the first private key;

step S33, the first user terminal generates a re-encryption key corresponding to the target first ciphertext according to the first public key, the second public key and the first target random number;

step S41, the first user terminal transmits the re-encryption key to the cloud server;

step S42, the cloud server converts the target first ciphertext into a re-encrypted ciphertext of the second user side through the re-encrypted key, wherein the re-encrypted ciphertext is associated with the second public key; and sending the re-encrypted ciphertext to the second user end;

and step S43, the second user terminal decrypts the re-encrypted ciphertext through the second private key to obtain the target shared plaintext data of the first user terminal.

2. The method of claim 1, wherein prior to the step S1, the method further comprises:

the certificate authority generates three cyclic groups G with the same prime order p₁,G₂,G_tAnd there is a bilinear map e, satisfying G₁×G₂→G_tSelecting P₁,P₂As a circulating group G₁,G₂A generator of (2);

the certificate authority selects two secure hash functions h₀(·)，H₁(·)，H₂(·)；

The certificate authority publishes relevant parameters {, p, G₁,G₂,G_t,e,h₀(·)，H₁(·)，H₂(.) }, wherein the protocol security parameters entered manually at the end of the trusted authority are represented.

3. The method according to claim 2, wherein the step S10 specifically includes:

each user side generates a key pair based on protocol security parameters published by the certificate authority, the key pair comprises a public key and a private key, the private key is stored, and the public key is registered to the certificate authority; wherein, each user terminal U_iIs generated by the following steps:

user side U_iIn a limited domain

In which an element is randomly selected

As the private key sk_i；

The user side U_iComputing public keys

Wherein the public key pk_iThe first part of the public key of

The second part of the public key is

The user side U_iWill public key pk_iRegistering to the certificate authority and publishing the public key pk_iSaid user side U_iThe first private key sk is combined_iAnd safely saved to the local.

4. The method of claim 3, wherein i represents a variable;

by U_iRepresents said first client, sk_iRepresents the first private key, pk_iRepresenting a first public key, said first public key pk_iThe first part of the public key of

The second part of the public key is

By U_jRepresents the second user terminal, sk_jRepresenting the second private key, pk_jRepresenting a second public key, said second public key pk_jThe first part of the public key of

The second part of the public key is

5. The method according to claim 4, wherein the preset encryption scheme is characterized in the step S20 by the steps of:

the first user terminal U_iIn the limited domain

In the random selection of three elements

The first user terminal U_iCalculating plaintext data m to be shared_iFirst part C of the ciphertext_i1＝r₁r₂P₂And ciphertext second part C_i2＝r₁r₂h₀(m_i)P₁+r₃P₁；

The first user terminal U_iCalculating the plaintext data m to be shared_iThird part of the ciphertext

The first user terminal U_iCalculating intermediate variables

Based on said intermediate variables

Calculating plaintext data m to be shared_iFourth part of the ciphertext

Wherein

The first user terminal U_iBased on the plaintext data m to be shared_iFirst part C of the ciphertext_i1Ciphertext second part C_i2Ciphertext third part C_i3And a ciphertext fourth section

Creating the plaintext data m to be shared_iFirst ciphertext of the original ciphertext data

And uploading the first ciphertext to a cloud server.

6. The method according to claim 5, wherein the step S31 specifically includes:

the first user terminal U_iObtaining a target first ciphertext from a cloud server

And acquiring the second user end U_jSecond public key of

Wherein the content of the first and second substances,

representing the second user terminal U_jThe first part of the second public key of (a),

representing the second user terminal U_jA second portion of the second public key of (a);

correspondingly, the step S32 specifically includes:

the first user terminal U_iBased on the first private key sk according to a preset decryption mode_iFirst ciphertext from the target

To obtain the plaintext data m to be shared_iFirst target random number r when encrypted₂Wherein the first target random number

Correspondingly, the step S33 specifically includes:

the first user terminal U_iAccording to the first part of the first public key

A first part of the second public key

And the first target random number r₂Generating a re-encryption key

7. The method according to claim 6, wherein the step S41 specifically includes:

the first user terminal U_iEncrypting the re-encryption key rk_ijTransmitting to the cloud server;

correspondingly, the step S42 specifically includes:

the cloud server according to the target first ciphertext

And said re-encryption key rk_ijCalculating the second user terminal U_jSecond public key pk_jCorresponding re-encrypted ciphertext

Wherein C is_j1＝C_i1，C_j2＝C_i2，

8. The method according to claim 5, wherein the step S51 specifically comprises the second user terminal U_jObtaining the second ciphertext from the cloud server

The second user terminal U_jUsing the second private key sk_jAcquiring a second target random number set r when the second ciphertext is encrypted from the second ciphertext according to the preset decryption mode₁ ^′、r₂ ^′、r₃ ^′；

The second user terminal U_jCalculating the second trapdoor

The second user terminal U_jThe second trap door T_j→iSending the data to the cloud server;

correspondingly, the step S52 specifically includes:

the first user terminal U_iObtaining respective first ciphertexts from the cloud server

The first user terminal U_iProcessing each of the first ciphertexts

Then, the first private key sk is utilized_iRecovering a first target set of random numbers r used in encryption from the first ciphertext₁,r₂,r₃；

The first user terminal U_iCalculating the first trapdoor

The first user terminal U_iEach first trap door T_i→jAnd sending the data to the cloud server.

9. The method of claim 8, wherein the step S60 of performing, by the cloud server, ciphertext equality matching test with each of the first ciphertext and the first trapdoor corresponding thereto based on the second ciphertext and the second trapdoor corresponding thereto, specifically comprises:

the cloud server calculates a first user terminal U_iIntermediate variables of

The cloud server calculates a second user terminal U_jIntermediate variables of

The cloud server determines e (IC)_j,C_i1) And e (IC)_i,C_j1) Whether the first ciphertext is equal to the second ciphertext is judged, if so, the plaintext m corresponding to the first ciphertext is judged_iPlaintext m 'corresponding to the second ciphertext'_iThe same; otherwise, judging the plaintext m corresponding to the first ciphertext_iPlaintext m 'corresponding to the second ciphertext'_iDifferent.

10. An agent re-encryption system supporting equation judgment in a cloud computing environment is characterized by comprising a certificate authority, a cloud server and a plurality of user sides; the certificate authority is used for publishing protocol security parameters to each user side; the user side comprises a first user side and a second user side;

each user side is used for generating a key pair based on protocol security parameters published by the certificate authority, wherein the key pair comprises a public key and a private key, storing the private key and registering the public key to the certificate authority; the key pair of the first user end comprises a first public key and a first private key, and the key pair of the second user end comprises a second public key and a second private key;

the first user side is used for encrypting a plurality of plaintext data to be shared through the first public key according to a preset encryption mode to obtain a plurality of first ciphertexts, and respectively sending and storing each first ciphertext to the cloud server; the plaintext data to be shared represents plaintext data authorized by the first user terminal to the second user terminal;

the second user side is used for encrypting the interest plaintext data through the second public key according to a preset encryption mode to obtain a second ciphertext, wherein the interest plaintext data is shared data expected to be obtained by the second user side, and the second ciphertext is sent and stored to the cloud server;

the second user end is further configured to obtain a second target random number set when the second ciphertext is encrypted from the second ciphertext according to the preset decryption manner by using the second private key; the second user terminal generates a second trap door corresponding to the second ciphertext based on the second target random number set, the second private key and a first public key provided by the first user terminal, and sends the second trap door to the cloud server for equality test of the ciphertext;

the first user is further configured to obtain, by the end, a first target random number set when the first ciphertext is encrypted from each of the first ciphertexts respectively according to the preset decryption manner by using the first private key; the first user terminal generates first trapdoors corresponding to the first ciphertexts based on the first target random number set, the first private key and a second public key provided by the second user terminal, and respectively sends the first trapdoors corresponding to the first ciphertexts to the cloud server;

the cloud server is further configured to perform ciphertext equality matching test with each first ciphertext and the corresponding first trapdoor based on the second ciphertext and the corresponding second trapdoor; if the equality matching test result indicates that a target first trapdoor equal to the second trapdoor exists in each first trapdoor, judging that a second ciphertext corresponding to the second trapdoor and the first ciphertext correspond to the same plaintext, and taking the first ciphertext corresponding to the first trapdoor equal to the second trapdoor as a target first ciphertext;

the first user side is used for acquiring a corresponding target first ciphertext from the cloud server; acquiring a first target random number when target shared plaintext data corresponding to the target first ciphertext is encrypted based on the first private key according to a preset decryption mode; the first user terminal generates a re-encryption key corresponding to the target first ciphertext according to the first public key, the second public key and the first target random number; the first user terminal transmits the re-encryption key to the cloud server;

the cloud server is used for converting the target first ciphertext into a re-encrypted ciphertext of the second user side through the re-encrypted key, wherein the re-encrypted ciphertext is associated with the second public key; and sending the re-encrypted ciphertext to the second user end;

and the second user side is used for decrypting the re-encrypted ciphertext through the second private key to obtain target shared plaintext data of the first user side.

Images