CN112636902A - 基于离散对数的加密邮件过滤方法 - Google Patents

基于离散对数的加密邮件过滤方法 Download PDF

Info

Publication number
CN112636902A
CN112636902A CN202011577414.2A CN202011577414A CN112636902A CN 112636902 A CN112636902 A CN 112636902A CN 202011577414 A CN202011577414 A CN 202011577414A CN 112636902 A CN112636902 A CN 112636902A
Authority
CN
China
Prior art keywords
mail
keyword
filtering
receiver
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011577414.2A
Other languages
English (en)
Other versions
CN112636902B (zh
Inventor
胡麦芳
张珂杰
詹士潇
谢杨洁
汪小益
黄方蕾
吴琛
蔡亮
邱炜伟
李伟
张帅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Qulian Technology Co Ltd
Original Assignee
Hangzhou Qulian Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Qulian Technology Co Ltd filed Critical Hangzhou Qulian Technology Co Ltd
Priority to CN202011577414.2A priority Critical patent/CN112636902B/zh
Publication of CN112636902A publication Critical patent/CN112636902A/zh
Application granted granted Critical
Publication of CN112636902B publication Critical patent/CN112636902B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/33Querying
    • G06F16/335Filtering based on additional data, e.g. user or group profiles
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/107Computer-aided management of electronic mailing [e-mailing]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Human Resources & Organizations (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Databases & Information Systems (AREA)
  • Computational Linguistics (AREA)
  • Computing Systems (AREA)
  • Power Engineering (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

本发明公开了一种基于离散对数的加密邮件过滤方法。本发明存在三种类型参与者,包括邮件发送者、邮件过滤者和邮件接收者。邮件发送者将加密的邮件发送给邮件接收者。每封邮件都附有加密的关键字,邮件过滤者会根据这些关键字对邮件进行过滤。本发明中的邮件过滤者无法发起对关键字的暴力破解攻击且本发明无需双线性配对操作。

Description

基于离散对数的加密邮件过滤方法
技术领域
本发明属于信息安全技术领域,涉及一种基于离散对数的加密邮件过滤方法。
背景技术
虽然邮件和关键字都是以密文的形式存在,但是邮件过滤者可以使用暴力破解的方法对关键字进行猜测,从而导致部分邮件信息的泄露。
或者需要高耗时的运算操作,如双线性配对。
发明内容
本发明针对现有技术的不足,提供了一种基于离散对数的加密邮件过滤方法。
本发明的技术方案为:
基于离散对数的加密邮件过滤方法包括以下步骤:
步骤1、系统参数生成
所述的系统参数包括:一个阶为大素数q的有限循环群
Figure BDA0002864352040000011
中的一个生成元g,一个哈希函数H:{0,1}*→{0,1}160
步骤2、邮件接收者从
Figure BDA0002864352040000012
中随机选取一个随机数x,作为邮件过滤私钥,并计算
Figure BDA0002864352040000013
其中
Figure BDA0002864352040000014
是1到(q-1)范围内的整数。
邮件接收者公开其邮件过滤公钥y,保留自己的邮件过滤私钥x;
步骤3、邮件发送者从
Figure BDA0002864352040000015
中随机选取一个随机数v,作为关键字加密私钥,并计算
Figure BDA0002864352040000016
其中
Figure BDA0002864352040000017
是1到(q-1)范围内的整数。
邮件发送者公开其关键字加密公钥u,保留自己的关键字加密私钥v;
步骤4、当邮件发送者要发送加密邮件给邮件接收者时,邮件发送者进行如下操作:
假设被发送的加密邮件所对应的关键字是w,则将关键字w加密成w′=H(w,yv);
之后,邮件发送者将邮件的密文、关键字密文w′和关键字加密公钥u发送给邮件过滤者;
步骤5、邮件接收者根据要过滤的关键字w和邮件发送者的关键字加密公钥u,计算生成对应的过滤关键字t=H(w,ux),并将过滤关键字t和邮件接收者的关键字加密公钥u′发送给邮件过滤者。
步骤6当邮件过滤者收到邮件发送者发送过来的邮件密文、关键字密文w′和关键字加密公钥u时,邮件过滤者利用从邮件接收者发送过来的过滤关键字t和关键字加密公钥u′进行过滤操作。邮件过滤者检查w′=t和u=u′是否都成立。如果成立,则进行相应的过滤操作;否则不进行过滤操作。
本发明的有益效果:
1、邮件过滤者无法发起对关键字的暴力破解攻击。
2、无需双线性配对操作。
附图说明
图1为本发明方法流程图。
具体实施方式
在本发明中存在三种类型参与者,包括邮件发送者、邮件过滤者和邮件接收者。邮件发送者将加密的邮件发送给邮件接收者。每封邮件都附有加密的关键字,邮件过滤者会根据这些关键字对邮件进行过滤。另外在本发明描述中,省略了对邮件本身的加解密部分,因为这部分可以简单地使用一般的混合加密或公钥加密算法完成,在此仅描述关键字加密和过滤部分
以下结合附图1详细说明本发明的具体步骤:
步骤1、系统参数生成(该步骤可以由权威机构来执行)。系统参数包括:一个阶为大素数q的有限循环群
Figure BDA0002864352040000021
中的一个生成元g,一个哈希函数H:{0,1}*→{0,1}160。系统中所有的人都知晓这些系统参数。
步骤2、邮件接收者从
Figure BDA0002864352040000022
中随机选取1个随机数x,并计算
Figure BDA0002864352040000023
邮件接收者公开其邮件过滤公钥y,但保留自己的邮件过滤私钥x。
步骤3、邮件发送者从
Figure BDA0002864352040000024
中随机选取1个随机数v,并计算
Figure BDA0002864352040000031
邮件发送者公开其关键字加密公钥u,但保留自己的关键字加密私钥v。
步骤4、当邮件发送者要发送加密邮件给邮件接收者时,邮件发送者进行如下操作(假设被发送的加密邮件所对应的关键字是w):将关键字w加密成w′=H(w,yv)。之后,邮件发送者将邮件的密文、关键字密文w′和其关键字加密公钥u发送给邮件过滤者。
步骤5、邮件接收者根据要过滤的关键字w和邮件发送者的关键字加密公钥u,计算生成对应的过滤关键字t=H(w,ux),并将过滤关键字t和邮件接收者的关键字加密公钥u′发送给邮件过滤者。
步骤6当邮件过滤者收到邮件发送者发送过来的邮件密文、关键字密文w′和其关键字加密公钥u时,邮件过滤者利用从邮件接收者接收过来的过滤关键字t和关键字加密公钥u′进行过滤操作。邮件过滤者检查w′=t和u=u′是否都成立。如果成立,则进行相应的过滤操作;否则不进行过滤操作。

Claims (1)

1.基于离散对数的加密邮件过滤方法,其特征在于,该方法包括以下步骤:
步骤1、系统参数生成
所述的系统参数包括:一个阶为大素数q的有限循环群
Figure FDA0002864352030000011
Figure FDA0002864352030000012
中的一个生成元g,一个哈希函数H:{0,1}*→{0,1}160
步骤2、邮件接收者从
Figure FDA0002864352030000013
中随机选取一个随机数x,作为邮件过滤私钥,并计算
Figure FDA0002864352030000014
其中
Figure FDA0002864352030000015
是1到(q-1)范围内的整数;
邮件接收者公开其邮件过滤公钥y,保留自己的邮件过滤私钥x;
步骤3、邮件发送者从
Figure FDA0002864352030000016
中随机选取一个随机数v,作为关键字加密私钥,并计算
Figure FDA0002864352030000017
其中
Figure FDA0002864352030000018
是1到(q-1)范围内的整数;
邮件发送者公开其关键字加密公钥u,保留自己的关键字加密私钥v;
步骤4、当邮件发送者要发送加密邮件给邮件接收者时,邮件发送者进行如下操作:
假设被发送的加密邮件所对应的关键字是w,则将关键字w加密成w′=H(w,yv);
之后,邮件发送者将邮件的密文、关键字密文w′和关键字加密公钥u发送给邮件过滤者;
步骤5、邮件接收者根据要过滤的关键字w和邮件发送者的关键字加密公钥u,计算生成对应的过滤关键字t=H(w,ux),并将过滤关键字t和邮件接收者的关键字加密公钥u′发送给邮件过滤者;
步骤6当邮件过滤者收到邮件发送者发送过来的邮件密文、关键字密文w′和关键字加密公钥u时,邮件过滤者利用从邮件接收者发送过来的过滤关键字t和关键字加密公钥u′进行过滤操作;邮件过滤者检查w′=t和u=u′是否都成立;如果成立,则进行相应的过滤操作;否则不进行过滤操作。
CN202011577414.2A 2020-12-28 2020-12-28 基于离散对数的加密邮件过滤方法 Active CN112636902B (zh)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011577414.2A CN112636902B (zh) 2020-12-28 2020-12-28 基于离散对数的加密邮件过滤方法

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011577414.2A CN112636902B (zh) 2020-12-28 2020-12-28 基于离散对数的加密邮件过滤方法

Publications (2)

Publication Number Publication Date
CN112636902A true CN112636902A (zh) 2021-04-09
CN112636902B CN112636902B (zh) 2023-05-09

Family

ID=75326007

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011577414.2A Active CN112636902B (zh) 2020-12-28 2020-12-28 基于离散对数的加密邮件过滤方法

Country Status (1)

Country Link
CN (1) CN112636902B (zh)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050021984A1 (en) * 2001-11-30 2005-01-27 Thumbaccess Biometrics Corporation Pty Ltd. Encryption system
CN104580205A (zh) * 2015-01-05 2015-04-29 南京邮电大学 一种云计算中基于cp-abe的固定密文长度代理重加密系统和方法
CN104852801A (zh) * 2015-02-13 2015-08-19 陕西师范大学 一种可搜索的公钥加密方法
CN104993931A (zh) * 2015-06-05 2015-10-21 东南大学 一种云存储中多用户的加密搜索方法
CN105187303A (zh) * 2015-10-27 2015-12-23 湖北工业大学 一种抗逆向工程的电子邮件安全转发系统及方法
CN107181596A (zh) * 2017-06-05 2017-09-19 福建师范大学 一种基于双线性对的可搜索加密方法
CN112000985A (zh) * 2020-08-25 2020-11-27 福建师范大学 具有指定条件关键字搜索功能的代理重加密方法和系统

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050021984A1 (en) * 2001-11-30 2005-01-27 Thumbaccess Biometrics Corporation Pty Ltd. Encryption system
CN104580205A (zh) * 2015-01-05 2015-04-29 南京邮电大学 一种云计算中基于cp-abe的固定密文长度代理重加密系统和方法
CN104852801A (zh) * 2015-02-13 2015-08-19 陕西师范大学 一种可搜索的公钥加密方法
CN104993931A (zh) * 2015-06-05 2015-10-21 东南大学 一种云存储中多用户的加密搜索方法
CN105187303A (zh) * 2015-10-27 2015-12-23 湖北工业大学 一种抗逆向工程的电子邮件安全转发系统及方法
CN107181596A (zh) * 2017-06-05 2017-09-19 福建师范大学 一种基于双线性对的可搜索加密方法
CN112000985A (zh) * 2020-08-25 2020-11-27 福建师范大学 具有指定条件关键字搜索功能的代理重加密方法和系统

Also Published As

Publication number Publication date
CN112636902B (zh) 2023-05-09

Similar Documents

Publication Publication Date Title
EP1495573B1 (en) Hierarchical identity-based encryption and signature schemes
CN110113155B (zh) 一种高效无证书公钥加密方法
CN103647642B (zh) 一种基于证书代理重加密方法及系统
US7533270B2 (en) Signature schemes using bilinear mappings
CN113162773B (zh) 一种可证安全的异构盲签密方法
CN100452695C (zh) 椭圆曲线加密解密方法和装置
CN112350820B (zh) 多接收者签密方法、发送端、接收端、系统及存储介质
KR100396740B1 (ko) 계산적 디피-헬만 가정에 기반하는 안전성 증명 가능한공개키 암호화 방법
CN112636902B (zh) 基于离散对数的加密邮件过滤方法
CN102195782A (zh) 身份与口令相融合的邮件系统双向身份认证方法
CN112737924B (zh) 基于配对的加密邮件过滤方法
CN107682158A (zh) 一种可托管的认证加密方法
CN112560069B (zh) 短过滤关键字的加密邮件过滤方法
KR20040009766A (ko) 암호 시스템에서 송수신 장치 및 방법
CN112702352B (zh) 基于rsa的加密邮件过滤方法
CN112511310B (zh) 一种加密身份盲签名的混淆方法
Wong et al. E–mail protocols with perfect forward secrecy
Al-Ghushami et al. Email security: Concept, formulation, and applications
CN115549896B (zh) 基于格密码的高效异构签密方法
CN114024683B (zh) 一种从clc环境到pki环境的在线离线签密方法
Zhang et al. Cryptanalysis of strong designated verifier signature scheme with non-delegatability and non-transferability
Liu et al. Methods to forge elgamal signatures and determine secret key
Fionov et al. Eliminating Broadband Covert Channels in DSA-Like Signatures
Schemes A Closer Look at Anonymous Proxy
Zhang et al. On the security of a conditional proxy re-encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant