CN112398637A - Equality test method based on certificate-free bookmark password - Google Patents

Equality test method based on certificate-free bookmark password Download PDF

Info

Publication number
CN112398637A
CN112398637A CN202010652234.XA CN202010652234A CN112398637A CN 112398637 A CN112398637 A CN 112398637A CN 202010652234 A CN202010652234 A CN 202010652234A CN 112398637 A CN112398637 A CN 112398637A
Authority
CN
China
Prior art keywords
algorithm
user
key
signcryption
public
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010652234.XA
Other languages
Chinese (zh)
Inventor
侯英哲
杨名昊
熊虎
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN202010652234.XA priority Critical patent/CN112398637A/en
Publication of CN112398637A publication Critical patent/CN112398637A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing

Abstract

The invention discloses an equality testing method based on certificate-free signcryption, and mainly relates to the fields of cryptography and information security. The invention firstly adopts a signcryption mechanism to ensure the confidentiality, the integrity and the authentification of information in the transmission process, so that the data circulating in the system is accurate and effective; secondly, the introduction of the certificateless password system avoids the problems of certificate management and key escrow in the original public key infrastructure and identity-based password environment, so that the data processing is more efficient; finally, the technology is combined with equation testing, so that the cloud server can search or match ciphertexts from the same or different public key encryptions.

Description

Equality test method based on certificate-free bookmark password
Technical Field
The invention relates to the field of cryptography and information security direction, and constructs an equality test method based on certificate-free signcryption, which can simultaneously ensure the confidentiality and the unforgeability of data.
Background
With the continuous advance of the information society and the increasing speed of data, the cloud server is gradually concerned as a platform for storing and processing data. However, in the process of uploading data, a third party can easily steal or tamper data information, so that the cloud server finally acquires wrong data, data redundancy is caused, and the availability of the data is reduced.
In order to ensure the safe transmission of effective data, the data is generally selected to be uploaded to a cloud server after being encrypted. However, the encryption mechanism mainly ensures confidentiality of data but cannot ensure authentification of data, and thus, signcryption is widely introduced as a reasonable mechanism for ensuring both confidentiality and authentification.
After the signed data is uploaded, the user cannot directly search the required plaintext data. Conventional searchable encryption techniques may utilize a cloud server to search for ciphertext. However, this technique only supports searching for ciphertext under the same public key encryption. The introduction of the equation test concept reasonably solves the limitation of the searchable encryption technology, so that the ciphertext encrypted under the same or different public key encryption can be searched simultaneously.
The existing public key infrastructure-based equality test signcryption method and identity-based equality test signcryption method have the problems of certificate management and key escrow respectively, and the certificateless signcryption-based equality test method can make up for the two cryptosystems.
Disclosure of Invention
The method involved in the invention comprises the following steps: an equality test method based on a certificate-free bookmark password. The method adopts signcryption operation, and aims to simultaneously ensure confidentiality, integrity and unforgeability of data.
The mechanism involved in the present invention is: a certificate-less cryptographic mechanism. The certificate management and key escrow problems in the public key infrastructure and identity based cryptosystems are thus also avoided.
The technology related by the invention is as follows: and (5) testing an equation. If there are two data receivers t and r, they first generate the corresponding trapdoor through an algorithm, and when receiving the signcryption from other users, they transmit the trapdoor and the signcryption to the cloud server. Finally, the cloud server executes equation test operation on different ciphertexts from the two users to judge whether the plaintexts corresponding to the ciphertexts are the same.
Detailed Description
The specific construction consists of 8 algorithms, and the operation steps are as follows:
1) an initialization algorithm: taking a safety parameter k as input, KGC will selectTwo groups G with prime number q and generating element P1,G2And then selecting e: g1×G1→G2As bilinear mapping, H is selected simultaneously1:{0,1}*→G1,H2:G2×G1→{0,1}*,H3
Figure BDA0002575393890000021
H4:{0,1}*→G1H5
Figure BDA0002575393890000022
As five hash functions. Randomly selecting system master key
Figure BDA0002575393890000023
Then calculate P1=s1P,P2=s2P, finally outputting system public parameters: par { q, e, P, G ═ G1,G2,P1,P2,H1,H2,H3,H4,H5};
2) Generating a partial key algorithm: to be provided with<par,IDu,s1,s2>As input, KGC calculates FID=H1(ID),Su,1=s1FID,Su,2=s2FIDThen set part of the private key of the user as Su=(Su,1Su,2);
3) Secret value generating algorithm: by IDuAs input, user u randomly selects
Figure BDA0002575393890000024
As a secret value;
4) and (3) generating a key algorithm: to be provided with<par,IDu,Su,xu>As input, set the private key of user u to SKu=(Su,xu) The public key of the user is PKu=xuP;
5) Generating a trapdoor algorithm: to be provided with<IDu,SKu>As an input, user u will output TDu=Su,2As a trapdoor;
6) and (3) signcryption algorithm: to be provided with<par,IDA,IDB,SKA,PKB,m>As input, where m e 0, 1 denotes the message passed, SKAPrivate key, PK, representing ABPublic key representing B, sender A randomly selects
Figure BDA0002575393890000031
Calculating C1=u1P,C2=u2P,FA=H1(IDA),FB=H1(IDB),
Figure BDA0002575393890000032
And D ═ u (u)1+u2)·PKB(ii) a Computing
Figure BDA0002575393890000033
C4=H3(Q2||FB)·(u2·H4(m)), and then H is calculated as H ═ H5(C1,C2,C3,C4,PKB,D),C5=(h·xA+u1+u2)·FA+h·(SA,1+SA,2) And finally outputting signed cipher text C ═ C (C)1,C2,C3,C4,C5);
7) The algorithm of de-signcryption: to be provided with<par,IDA,IDB,SKB,PKA,C>As input, SKBPrivate key, PK, representing BAPublic key representing a, receiver B calculates D ═ xB·(C1+C2),FA=H1(IDA),FB=H1(IDB) Then H is calculated5(C1,C2,C3,C4,PKBD); if e (C)5,P)=e(h·(PKA+P1+P2)+C1+C2,FA) If yes, continuing to execute the following algorithm; calculating Q'1=e(C1,SB,1),Q′2=e(C2,SB,2) Calculating
Figure BDA0002575393890000034
Final verification formula
Figure BDA0002575393890000035
If yes, outputting a plaintext m;
8) and (3) testing an algorithm: if C is set separatelyt=(Ct,1,Ct,2,Ct,3,Ct,4,Ct,5) And Cr=(Cr,1,Cr,2,Cr,3,Cr,4,Cr,5) Representing two receiving users Et,ErThe signcryption of (1) to<βar,IDt,IDr,Ct,Cr,TDt,TDr>As input, the test algorithm then calculates Qt,2=e(Ct,2,TDt),Qr,2=e(Cr,2,TDr),Ft=H1(IDt),Fr=H1(IDr) (ii) a Then calculate
Figure BDA0002575393890000036
Final verification equation e (Φ)t,Cr,2)=e(Φr,Ct,2) If the answer is not true, returning to 0; otherwise, 1 is returned.

Claims (3)

1. An equality test method based on a certificate-free bookmark password is characterized in that:
1) the transmission of data employs signcryption techniques such that signing and encryption occur within the same logical step. Therefore, the signature can ensure the confidentiality and the unforgeability of the data and can greatly save the time consumption of firstly encrypting and then signing or firstly signing and then encrypting in the inherent method;
2) the method is based on a certificateless cryptosystem, simultaneously avoids the problems of certificate management and key escrow existing in the traditional public key infrastructure and identity-based cryptosystem, and further improves the efficiency of the algorithm;
3) the introduction of the equality test technology solves the limitation of the traditional search mode, so that the ciphertexts can be obtained by encrypting the same or different public keys, and the cloud server executes the equality test on the two ciphertexts to judge whether the corresponding plaintexts are the same or not, therefore, the equality test has higher practicability.
2. The method for testing an equation based on certificate-free signcryption according to claim 1, wherein the specific algorithm of the method comprises the following steps:
1) an initialization algorithm: when receiving the security parameters, the key generation center KGC executes the operation and outputs the master key and the public parameters of the system;
2) generating a partial key algorithm: when receiving the user identity, the master key and the public parameters of the system, the KGC executes the operation, outputs a part of private keys of the user and transmits the private keys to the corresponding user;
3) secret value generating algorithm: when receiving the user identity, the user generates a secret value of the user;
4) and (3) generating a key algorithm: when receiving the user identity, the public parameters of the system and the private key of the user part, the user executes the operation and outputs the private key and the public key of the user;
5) generating a trapdoor algorithm: when receiving the user identity and the user private key, the user executes the operation and outputs the trapdoor of the user;
6) and (3) signcryption algorithm: when receiving the user identity, the public parameters of the system, the data, the private key of the sender and the public key of the receiver, the data sender executes the operation and outputs a signcryption ciphertext;
7) the algorithm of de-signcryption: when receiving the user identity, the public parameter of the system, the ciphertext, the public key of the sender and the private key of the receiver, the data receiver executes the operation and outputs plaintext data;
8) and (3) testing an algorithm: when receiving the common parameters of the system, the two signcryptions and the trapdoor, the cloud server performs this operation, outputting either a 1 or a 0.
3. The method for testing an equation based on certificate-free signcryption according to claims 1 and 2, wherein: the specific operation of the construction method is as follows:
1) an initialization algorithm: with a security parameter k ∈ Z*As input, KGC will select two groups G with prime order q generator elements P1,G2And then selecting e: g1×G1→G2As bilinear mapping, H is selected simultaneously1:{0,1}*→G1,H2:G2×G1→{0,1}*,
Figure FDA0002575393880000021
H4:{0,1}*→G1
Figure FDA0002575393880000022
As five hash functions. Selecting a system master key
Figure FDA0002575393880000023
Calculating P1=s1P,P2=s2P, finally outputting system public parameters: par { q, e, P, G ═ G1,G2,P1,P2,H1,H2,H3,H4,H5};
2) Generating a partial key algorithm: to be provided with<par,IDu,s1,s2>As input, KGC calculates FID=H1(ID),Su,1=s1FID,Su,2=s2FIDThen set part of the private key of the user as Su=(Su,1,Su,2);
3) Secret value generating algorithm: by IDuAs input, user u randomly selects
Figure FDA0002575393880000024
As a secret value;
4) and (3) generating a key algorithm: to be provided with<par,IDu,Su,xu>As input, set the private key of user u to SKu=(Su,xu) The public key of the user is PKu=xuP;
5) Generating a trapdoor algorithm: to be provided with<IDu,SKu>As an input, user u will output TDu=Su,2As a trapdoor;
6) and (3) signcryption algorithm: to be provided with<par,IDA,IDB,SKA,PKB,m>As input, where m ∈ {0, 1}*Representing the message delivered, SKAPrivate key, PK, representing ABRepresenting the public key of B, sender a performs the following steps:
(1) random selection
Figure FDA0002575393880000031
Calculating C1=u1P,C2=u2P,FA=H1(IDA),FB=H1(IDB);
(2) Computing
Figure FDA0002575393880000032
D=(u1+u2)·PKB
(3) Computing
Figure FDA0002575393880000033
C4=H3(Q2||FB)·(u2·H4(m));
(4) Calculating H as H5(C1,C2,C3,C4,PKB,D);
(5) Calculating C5=(h·xA+u1+u2)·FA+h·(SA,1+SA,2);
(6) Outputting signed cipher text C ═ C1,C2,C3,C4,C5)。
7) The algorithm of de-signcryption: to be provided with<par,IDA,IDB,SKB,PKA,C>As input, SKBPrivate key, PK, representing BAThe public key representing a, receiver B performs the following steps:
(1) calculating D ═ xB·(C1+C2),FA=H1(IDA),FB=H1(IDB);
(2) Calculating H as H5(C1,C2,C3,C4,PKB,D);
(3) Authentication equation e (C)5,P)=e(h·(PKA+P1+P2)+C1+C2,FA) If yes, continuing the algorithm;
(4) calculating Q'1=e(C1,SB,1),Q′2=e(C2,SB,2);
(5) Computing
Figure FDA0002575393880000034
(6) Verification type
Figure FDA0002575393880000035
If yes, outputting a plaintext m;
8) and (3) testing an algorithm: set up Ct=(Ct,1,Ct,2,C4,3,Ct,4,Ct,5) And Cr=(Cr,1,Cr,2,Cr,3,Cr,4,Cr,5) Respectively representing two receiving users Et,ErThe signcryption of (1) to<par,IDt,IDr,Ct,Cr,TDt,TDr>AsInputting, the test algorithm comprises:
(1) calculating Qt,2=e(Ct,2,TDt),Qr,2=e(Cr,2,TDr);
(2) Calculating Ft=H1(IDt),Fr=H1(IDr);
(3) Computing
Figure FDA0002575393880000041
(4) Judgment equation e (phi)t,Cr,2)=e(Φr,Ct,2) If the answer is not true, returning to 0; otherwise, 1 is returned.
CN202010652234.XA 2020-07-08 2020-07-08 Equality test method based on certificate-free bookmark password Pending CN112398637A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010652234.XA CN112398637A (en) 2020-07-08 2020-07-08 Equality test method based on certificate-free bookmark password

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010652234.XA CN112398637A (en) 2020-07-08 2020-07-08 Equality test method based on certificate-free bookmark password

Publications (1)

Publication Number Publication Date
CN112398637A true CN112398637A (en) 2021-02-23

Family

ID=74602997

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010652234.XA Pending CN112398637A (en) 2020-07-08 2020-07-08 Equality test method based on certificate-free bookmark password

Country Status (1)

Country Link
CN (1) CN112398637A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113992397A (en) * 2021-10-26 2022-01-28 电子科技大学 Efficient public key encryption method supporting differential equation test

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104270249A (en) * 2014-09-23 2015-01-07 电子科技大学 Signcryption method from certificateless environment to identity environment
CN104301108A (en) * 2014-09-23 2015-01-21 电子科技大学 Signcryption method based from identity environment to certificateless environment
CN104393996A (en) * 2014-11-04 2015-03-04 马鞍山城智信息技术有限公司 Certificateless-based signcryption method and certificateless-based signcryption system
CN104767612A (en) * 2015-05-05 2015-07-08 九江学院 Signcryption method from certificateless environment to public key infrastructure environment
CN105024994A (en) * 2015-05-29 2015-11-04 西北工业大学 Secure certificateless hybrid signcryption method without pairing
CN109889332A (en) * 2019-01-21 2019-06-14 电子科技大学 Equation testing encryption method based on certificate

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104270249A (en) * 2014-09-23 2015-01-07 电子科技大学 Signcryption method from certificateless environment to identity environment
CN104301108A (en) * 2014-09-23 2015-01-21 电子科技大学 Signcryption method based from identity environment to certificateless environment
CN104393996A (en) * 2014-11-04 2015-03-04 马鞍山城智信息技术有限公司 Certificateless-based signcryption method and certificateless-based signcryption system
CN104767612A (en) * 2015-05-05 2015-07-08 九江学院 Signcryption method from certificateless environment to public key infrastructure environment
CN105024994A (en) * 2015-05-29 2015-11-04 西北工业大学 Secure certificateless hybrid signcryption method without pairing
CN109889332A (en) * 2019-01-21 2019-06-14 电子科技大学 Equation testing encryption method based on certificate

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
YUJUE WANG: "Securing messaging services through efficient signcryption with designated equality test", 《INSTITUTIONAL KNOWLEDGE AT SINGAPORE MANAGEMENT UNIVERSITY》 *
束红: "基于陷门哈希函数的无证书签密方案", 《淮南师范学院学报》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113992397A (en) * 2021-10-26 2022-01-28 电子科技大学 Efficient public key encryption method supporting differential equation test

Similar Documents

Publication Publication Date Title
CN108173639B (en) Two-party cooperative signature method based on SM9 signature algorithm
CN107707358B (en) EC-KCDSA digital signature generation method and system
US7634085B1 (en) Identity-based-encryption system with partial attribute matching
CN102811125B (en) Certificateless multi-receiver signcryption method with multivariate-based cryptosystem
CN110120939B (en) Encryption method and system capable of repudiation authentication based on heterogeneous system
CN104393996B (en) A kind of label decryption method and system based on no certificate
CN104767612A (en) Signcryption method from certificateless environment to public key infrastructure environment
CN107682145A (en) It is true anonymous without the more message multi-receiver label decryption methods of certificate
CN104168114A (en) Distributed type (k, n) threshold certificate-based encrypting method and system
CN109981265B (en) Identity-based ciphertext equivalence determination method without using bilinear pairings
CN106936584B (en) Method for constructing certificateless public key cryptosystem
CN106713349B (en) Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text
CN113300856B (en) Heterogeneous mixed signcryption method capable of proving safety
CN112260829B (en) Multi-authorization-based CP-ABE method for supporting mobile equipment under hybrid cloud
CN104767611A (en) Signcryption method from public key infrastructure environment to certificateless environment
CN104639322A (en) Identity-based encryption method with certificates and attributes
CN114124371A (en) Certificateless public key searchable encryption method meeting MTP (Multi-time programmable) security
CN111416710B (en) Certificateless searchable encryption method and system applied to multiple receiving ends
Wei et al. Remove key escrow from the BF and Gentry identity-based encryption with non-interactive key generation
Qin et al. Simultaneous authentication and secrecy in identity-based data upload to cloud
Ren et al. Provably secure aggregate signcryption scheme
CN111262709B (en) Trapdoor hash function-based unlicensed bookmark encryption system and method
CN112398637A (en) Equality test method based on certificate-free bookmark password
CN110830254A (en) Signcryption method based on identity and attribute
CN111092720A (en) Certificate-based encryption method capable of resisting leakage of master key and decryption key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20210223

WD01 Invention patent application deemed withdrawn after publication