CN112398637A - Equality test method based on certificate-free bookmark password - Google Patents
Equality test method based on certificate-free bookmark password Download PDFInfo
- Publication number
- CN112398637A CN112398637A CN202010652234.XA CN202010652234A CN112398637A CN 112398637 A CN112398637 A CN 112398637A CN 202010652234 A CN202010652234 A CN 202010652234A CN 112398637 A CN112398637 A CN 112398637A
- Authority
- CN
- China
- Prior art keywords
- algorithm
- user
- key
- signcryption
- public
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
Abstract
The invention discloses an equality testing method based on certificate-free signcryption, and mainly relates to the fields of cryptography and information security. The invention firstly adopts a signcryption mechanism to ensure the confidentiality, the integrity and the authentification of information in the transmission process, so that the data circulating in the system is accurate and effective; secondly, the introduction of the certificateless password system avoids the problems of certificate management and key escrow in the original public key infrastructure and identity-based password environment, so that the data processing is more efficient; finally, the technology is combined with equation testing, so that the cloud server can search or match ciphertexts from the same or different public key encryptions.
Description
Technical Field
The invention relates to the field of cryptography and information security direction, and constructs an equality test method based on certificate-free signcryption, which can simultaneously ensure the confidentiality and the unforgeability of data.
Background
With the continuous advance of the information society and the increasing speed of data, the cloud server is gradually concerned as a platform for storing and processing data. However, in the process of uploading data, a third party can easily steal or tamper data information, so that the cloud server finally acquires wrong data, data redundancy is caused, and the availability of the data is reduced.
In order to ensure the safe transmission of effective data, the data is generally selected to be uploaded to a cloud server after being encrypted. However, the encryption mechanism mainly ensures confidentiality of data but cannot ensure authentification of data, and thus, signcryption is widely introduced as a reasonable mechanism for ensuring both confidentiality and authentification.
After the signed data is uploaded, the user cannot directly search the required plaintext data. Conventional searchable encryption techniques may utilize a cloud server to search for ciphertext. However, this technique only supports searching for ciphertext under the same public key encryption. The introduction of the equation test concept reasonably solves the limitation of the searchable encryption technology, so that the ciphertext encrypted under the same or different public key encryption can be searched simultaneously.
The existing public key infrastructure-based equality test signcryption method and identity-based equality test signcryption method have the problems of certificate management and key escrow respectively, and the certificateless signcryption-based equality test method can make up for the two cryptosystems.
Disclosure of Invention
The method involved in the invention comprises the following steps: an equality test method based on a certificate-free bookmark password. The method adopts signcryption operation, and aims to simultaneously ensure confidentiality, integrity and unforgeability of data.
The mechanism involved in the present invention is: a certificate-less cryptographic mechanism. The certificate management and key escrow problems in the public key infrastructure and identity based cryptosystems are thus also avoided.
The technology related by the invention is as follows: and (5) testing an equation. If there are two data receivers t and r, they first generate the corresponding trapdoor through an algorithm, and when receiving the signcryption from other users, they transmit the trapdoor and the signcryption to the cloud server. Finally, the cloud server executes equation test operation on different ciphertexts from the two users to judge whether the plaintexts corresponding to the ciphertexts are the same.
Detailed Description
The specific construction consists of 8 algorithms, and the operation steps are as follows:
1) an initialization algorithm: taking a safety parameter k as input, KGC will selectTwo groups G with prime number q and generating element P1,G2And then selecting e: g1×G1→G2As bilinear mapping, H is selected simultaneously1:{0,1}*→G1,H2:G2×G1→{0,1}*,H3:H4:{0,1}*→G1H5:As five hash functions. Randomly selecting system master keyThen calculate P1=s1P,P2=s2P, finally outputting system public parameters: par { q, e, P, G ═ G1,G2,P1,P2,H1,H2,H3,H4,H5};
2) Generating a partial key algorithm: to be provided with<par,IDu,s1,s2>As input, KGC calculates FID=H1(ID),Su,1=s1FID,Su,2=s2FIDThen set part of the private key of the user as Su=(Su,1,Su,2);
4) and (3) generating a key algorithm: to be provided with<par,IDu,Su,xu>As input, set the private key of user u to SKu=(Su,xu) The public key of the user is PKu=xuP;
5) Generating a trapdoor algorithm: to be provided with<IDu,SKu>As an input, user u will output TDu=Su,2As a trapdoor;
6) and (3) signcryption algorithm: to be provided with<par,IDA,IDB,SKA,PKB,m>As input, where m e 0, 1 denotes the message passed, SKAPrivate key, PK, representing ABPublic key representing B, sender A randomly selectsCalculating C1=u1P,C2=u2P,FA=H1(IDA),FB=H1(IDB),And D ═ u (u)1+u2)·PKB(ii) a ComputingC4=H3(Q2||FB)·(u2·H4(m)), and then H is calculated as H ═ H5(C1,C2,C3,C4,PKB,D),C5=(h·xA+u1+u2)·FA+h·(SA,1+SA,2) And finally outputting signed cipher text C ═ C (C)1,C2,C3,C4,C5);
7) The algorithm of de-signcryption: to be provided with<par,IDA,IDB,SKB,PKA,C>As input, SKBPrivate key, PK, representing BAPublic key representing a, receiver B calculates D ═ xB·(C1+C2),FA=H1(IDA),FB=H1(IDB) Then H is calculated5(C1,C2,C3,C4,PKBD); if e (C)5,P)=e(h·(PKA+P1+P2)+C1+C2,FA) If yes, continuing to execute the following algorithm; calculating Q'1=e(C1,SB,1),Q′2=e(C2,SB,2) CalculatingFinal verification formulaIf yes, outputting a plaintext m;
8) and (3) testing an algorithm: if C is set separatelyt=(Ct,1,Ct,2,Ct,3,Ct,4,Ct,5) And Cr=(Cr,1,Cr,2,Cr,3,Cr,4,Cr,5) Representing two receiving users Et,ErThe signcryption of (1) to<βar,IDt,IDr,Ct,Cr,TDt,TDr>As input, the test algorithm then calculates Qt,2=e(Ct,2,TDt),Qr,2=e(Cr,2,TDr),Ft=H1(IDt),Fr=H1(IDr) (ii) a Then calculateFinal verification equation e (Φ)t,Cr,2)=e(Φr,Ct,2) If the answer is not true, returning to 0; otherwise, 1 is returned.
Claims (3)
1. An equality test method based on a certificate-free bookmark password is characterized in that:
1) the transmission of data employs signcryption techniques such that signing and encryption occur within the same logical step. Therefore, the signature can ensure the confidentiality and the unforgeability of the data and can greatly save the time consumption of firstly encrypting and then signing or firstly signing and then encrypting in the inherent method;
2) the method is based on a certificateless cryptosystem, simultaneously avoids the problems of certificate management and key escrow existing in the traditional public key infrastructure and identity-based cryptosystem, and further improves the efficiency of the algorithm;
3) the introduction of the equality test technology solves the limitation of the traditional search mode, so that the ciphertexts can be obtained by encrypting the same or different public keys, and the cloud server executes the equality test on the two ciphertexts to judge whether the corresponding plaintexts are the same or not, therefore, the equality test has higher practicability.
2. The method for testing an equation based on certificate-free signcryption according to claim 1, wherein the specific algorithm of the method comprises the following steps:
1) an initialization algorithm: when receiving the security parameters, the key generation center KGC executes the operation and outputs the master key and the public parameters of the system;
2) generating a partial key algorithm: when receiving the user identity, the master key and the public parameters of the system, the KGC executes the operation, outputs a part of private keys of the user and transmits the private keys to the corresponding user;
3) secret value generating algorithm: when receiving the user identity, the user generates a secret value of the user;
4) and (3) generating a key algorithm: when receiving the user identity, the public parameters of the system and the private key of the user part, the user executes the operation and outputs the private key and the public key of the user;
5) generating a trapdoor algorithm: when receiving the user identity and the user private key, the user executes the operation and outputs the trapdoor of the user;
6) and (3) signcryption algorithm: when receiving the user identity, the public parameters of the system, the data, the private key of the sender and the public key of the receiver, the data sender executes the operation and outputs a signcryption ciphertext;
7) the algorithm of de-signcryption: when receiving the user identity, the public parameter of the system, the ciphertext, the public key of the sender and the private key of the receiver, the data receiver executes the operation and outputs plaintext data;
8) and (3) testing an algorithm: when receiving the common parameters of the system, the two signcryptions and the trapdoor, the cloud server performs this operation, outputting either a 1 or a 0.
3. The method for testing an equation based on certificate-free signcryption according to claims 1 and 2, wherein: the specific operation of the construction method is as follows:
1) an initialization algorithm: with a security parameter k ∈ Z*As input, KGC will select two groups G with prime order q generator elements P1,G2And then selecting e: g1×G1→G2As bilinear mapping, H is selected simultaneously1:{0,1}*→G1,H2:G2×G1→{0,1}*,H4:{0,1}*→G1,As five hash functions. Selecting a system master keyCalculating P1=s1P,P2=s2P, finally outputting system public parameters: par { q, e, P, G ═ G1,G2,P1,P2,H1,H2,H3,H4,H5};
2) Generating a partial key algorithm: to be provided with<par,IDu,s1,s2>As input, KGC calculates FID=H1(ID),Su,1=s1FID,Su,2=s2FIDThen set part of the private key of the user as Su=(Su,1,Su,2);
4) and (3) generating a key algorithm: to be provided with<par,IDu,Su,xu>As input, set the private key of user u to SKu=(Su,xu) The public key of the user is PKu=xuP;
5) Generating a trapdoor algorithm: to be provided with<IDu,SKu>As an input, user u will output TDu=Su,2As a trapdoor;
6) and (3) signcryption algorithm: to be provided with<par,IDA,IDB,SKA,PKB,m>As input, where m ∈ {0, 1}*Representing the message delivered, SKAPrivate key, PK, representing ABRepresenting the public key of B, sender a performs the following steps:
(4) Calculating H as H5(C1,C2,C3,C4,PKB,D);
(5) Calculating C5=(h·xA+u1+u2)·FA+h·(SA,1+SA,2);
(6) Outputting signed cipher text C ═ C1,C2,C3,C4,C5)。
7) The algorithm of de-signcryption: to be provided with<par,IDA,IDB,SKB,PKA,C>As input, SKBPrivate key, PK, representing BAThe public key representing a, receiver B performs the following steps:
(1) calculating D ═ xB·(C1+C2),FA=H1(IDA),FB=H1(IDB);
(2) Calculating H as H5(C1,C2,C3,C4,PKB,D);
(3) Authentication equation e (C)5,P)=e(h·(PKA+P1+P2)+C1+C2,FA) If yes, continuing the algorithm;
(4) calculating Q'1=e(C1,SB,1),Q′2=e(C2,SB,2);
8) and (3) testing an algorithm: set up Ct=(Ct,1,Ct,2,C4,3,Ct,4,Ct,5) And Cr=(Cr,1,Cr,2,Cr,3,Cr,4,Cr,5) Respectively representing two receiving users Et,ErThe signcryption of (1) to<par,IDt,IDr,Ct,Cr,TDt,TDr>AsInputting, the test algorithm comprises:
(1) calculating Qt,2=e(Ct,2,TDt),Qr,2=e(Cr,2,TDr);
(2) Calculating Ft=H1(IDt),Fr=H1(IDr);
(4) Judgment equation e (phi)t,Cr,2)=e(Φr,Ct,2) If the answer is not true, returning to 0; otherwise, 1 is returned.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010652234.XA CN112398637A (en) | 2020-07-08 | 2020-07-08 | Equality test method based on certificate-free bookmark password |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010652234.XA CN112398637A (en) | 2020-07-08 | 2020-07-08 | Equality test method based on certificate-free bookmark password |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112398637A true CN112398637A (en) | 2021-02-23 |
Family
ID=74602997
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010652234.XA Pending CN112398637A (en) | 2020-07-08 | 2020-07-08 | Equality test method based on certificate-free bookmark password |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112398637A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113992397A (en) * | 2021-10-26 | 2022-01-28 | 电子科技大学 | Efficient public key encryption method supporting differential equation test |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104270249A (en) * | 2014-09-23 | 2015-01-07 | 电子科技大学 | Signcryption method from certificateless environment to identity environment |
CN104301108A (en) * | 2014-09-23 | 2015-01-21 | 电子科技大学 | Signcryption method based from identity environment to certificateless environment |
CN104393996A (en) * | 2014-11-04 | 2015-03-04 | 马鞍山城智信息技术有限公司 | Certificateless-based signcryption method and certificateless-based signcryption system |
CN104767612A (en) * | 2015-05-05 | 2015-07-08 | 九江学院 | Signcryption method from certificateless environment to public key infrastructure environment |
CN105024994A (en) * | 2015-05-29 | 2015-11-04 | 西北工业大学 | Secure certificateless hybrid signcryption method without pairing |
CN109889332A (en) * | 2019-01-21 | 2019-06-14 | 电子科技大学 | Equation testing encryption method based on certificate |
-
2020
- 2020-07-08 CN CN202010652234.XA patent/CN112398637A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104270249A (en) * | 2014-09-23 | 2015-01-07 | 电子科技大学 | Signcryption method from certificateless environment to identity environment |
CN104301108A (en) * | 2014-09-23 | 2015-01-21 | 电子科技大学 | Signcryption method based from identity environment to certificateless environment |
CN104393996A (en) * | 2014-11-04 | 2015-03-04 | 马鞍山城智信息技术有限公司 | Certificateless-based signcryption method and certificateless-based signcryption system |
CN104767612A (en) * | 2015-05-05 | 2015-07-08 | 九江学院 | Signcryption method from certificateless environment to public key infrastructure environment |
CN105024994A (en) * | 2015-05-29 | 2015-11-04 | 西北工业大学 | Secure certificateless hybrid signcryption method without pairing |
CN109889332A (en) * | 2019-01-21 | 2019-06-14 | 电子科技大学 | Equation testing encryption method based on certificate |
Non-Patent Citations (2)
Title |
---|
YUJUE WANG: "Securing messaging services through efficient signcryption with designated equality test", 《INSTITUTIONAL KNOWLEDGE AT SINGAPORE MANAGEMENT UNIVERSITY》 * |
束红: "基于陷门哈希函数的无证书签密方案", 《淮南师范学院学报》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113992397A (en) * | 2021-10-26 | 2022-01-28 | 电子科技大学 | Efficient public key encryption method supporting differential equation test |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108173639B (en) | Two-party cooperative signature method based on SM9 signature algorithm | |
CN107707358B (en) | EC-KCDSA digital signature generation method and system | |
US7634085B1 (en) | Identity-based-encryption system with partial attribute matching | |
CN102811125B (en) | Certificateless multi-receiver signcryption method with multivariate-based cryptosystem | |
CN110120939B (en) | Encryption method and system capable of repudiation authentication based on heterogeneous system | |
CN104393996B (en) | A kind of label decryption method and system based on no certificate | |
CN104767612A (en) | Signcryption method from certificateless environment to public key infrastructure environment | |
CN107682145A (en) | It is true anonymous without the more message multi-receiver label decryption methods of certificate | |
CN104168114A (en) | Distributed type (k, n) threshold certificate-based encrypting method and system | |
CN109981265B (en) | Identity-based ciphertext equivalence determination method without using bilinear pairings | |
CN106936584B (en) | Method for constructing certificateless public key cryptosystem | |
CN106713349B (en) | Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text | |
CN113300856B (en) | Heterogeneous mixed signcryption method capable of proving safety | |
CN112260829B (en) | Multi-authorization-based CP-ABE method for supporting mobile equipment under hybrid cloud | |
CN104767611A (en) | Signcryption method from public key infrastructure environment to certificateless environment | |
CN104639322A (en) | Identity-based encryption method with certificates and attributes | |
CN114124371A (en) | Certificateless public key searchable encryption method meeting MTP (Multi-time programmable) security | |
CN111416710B (en) | Certificateless searchable encryption method and system applied to multiple receiving ends | |
Wei et al. | Remove key escrow from the BF and Gentry identity-based encryption with non-interactive key generation | |
Qin et al. | Simultaneous authentication and secrecy in identity-based data upload to cloud | |
Ren et al. | Provably secure aggregate signcryption scheme | |
CN111262709B (en) | Trapdoor hash function-based unlicensed bookmark encryption system and method | |
CN112398637A (en) | Equality test method based on certificate-free bookmark password | |
CN110830254A (en) | Signcryption method based on identity and attribute | |
CN111092720A (en) | Certificate-based encryption method capable of resisting leakage of master key and decryption key |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20210223 |
|
WD01 | Invention patent application deemed withdrawn after publication |