CN113794554A - Fine-grained authorization equivalence testing method based on certificateless encryption - Google Patents

Fine-grained authorization equivalence testing method based on certificateless encryption Download PDF

Info

Publication number
CN113794554A
CN113794554A CN202110872215.2A CN202110872215A CN113794554A CN 113794554 A CN113794554 A CN 113794554A CN 202110872215 A CN202110872215 A CN 202110872215A CN 113794554 A CN113794554 A CN 113794554A
Authority
CN
China
Prior art keywords
user
authorization
type
algorithm
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110872215.2A
Other languages
Chinese (zh)
Inventor
陈阳
杨贺昆
肖欢
高秀东
刘晓杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Aviation Vocational College Sichuan Space Advanced Technical School
Original Assignee
Sichuan Aviation Vocational College Sichuan Space Advanced Technical School
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Aviation Vocational College Sichuan Space Advanced Technical School filed Critical Sichuan Aviation Vocational College Sichuan Space Advanced Technical School
Priority to CN202110872215.2A priority Critical patent/CN113794554A/en
Publication of CN113794554A publication Critical patent/CN113794554A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/36Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols with means for detecting characters not meant for transmission

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a fine-grained authorization equivalence test method based on certificateless encryption, which relates to the technical field of the fine-grained authorization equivalence test of certificateless encryption and specifically comprises the following steps of: firstly, initializing system parameters by a key generation center, generating a partial private key according to a user ID, and then selecting a secret value by a user to combine with the partial private key to generate a private and public key pair of the user; then, the user can encrypt data by using the public key and upload the data to the cloud, and a data owner can download and decrypt a ciphertext; and finally, the user can generate different authorizations as required, and the cloud server can finish the equivalent test of the ciphertext under the condition of not decrypting the ciphertext with the authorizations of different users. The fine-grained authorization equivalence test method based on certificateless encryption supports four different types of authorization, so that the problem of test permission in the existing certificateless encryption equivalence test method and the problem of certificate management or key escrow in the existing certificateless encryption equivalence test method are solved.

Description

Fine-grained authorization equivalence testing method based on certificateless encryption
Technical Field
The invention relates to the technical field of fine-grained authorization equivalence testing without certificate encryption, in particular to a fine-grained authorization equivalence testing method based on certificate-free encryption.
Background
Fine-grained authorization, which is colloquially referred to as subdividing authorization in a business model, so as to obtain an authorization scheme applicable to more different scenes.
Symmetric searchable encryption and public key searchable encryption can only perform ciphertext search of a single key and cannot meet ciphertext search of encryption of different keys; the public key encryption equivalent test supporting authorization has the problem of large resource consumption caused by complex certificate management; the problem of key escrow exists in identity encryption-based authorized equivalence testing; the equivalent test scheme based on certificateless encryption does not consider the problem of test permission.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a fine-grained authorization equivalence testing method based on certificateless encryption, and solves the problems in the background art.
In order to achieve the purpose, the invention is realized by the following technical scheme: a fine-grained authorization equivalence testing method based on certificateless encryption comprises the following steps:
s1, initializing system parameters by the key generation center, generating partial private keys of the user according to the user ID and sending the private keys to the user;
s2, the user selects a secret value and generates a complete private key of the user by combining with a part of private keys, and then generates a public key of the user;
s3, the user encrypts data by using the corresponding public key and uploads the ciphertext to the cloud, and a data owner can download and decrypt the ciphertext;
s4, the user can use the private key of the user to generate different types of authorization trapdoors according to needs and send the authorization trapdoors to the cloud server for authorization;
s5, with the authorized trapdoors of different users, the cloud server can complete equivalence tests of different user ciphertexts through an algorithm under the condition of no decryption.
Optionally, in step S4, the four different authorization policy manners are Type-I authorization, Type-II authorization, Type-III authorization, and Type-IV authorization.
Optionally, the Type-I authorization is at a user level, and has a Type-I trapdoor, and the cloud server can perform equivalence tests on all ciphertexts of the user and all ciphertexts of any other user;
the Type-II authorization is at a ciphertext level and has a Type-II trapdoor, and the cloud server can perform equivalence test on a certain ciphertext of a user and a certain ciphertext of any other user;
the Type-III authorization is the ciphertext level of a specific user, the Type-III trapdoor is provided, and the cloud server can perform equivalence test on a certain ciphertext of the user and a specific ciphertext of the specific user;
the Type-IV authorization is of ciphertext user level, the Type-IV authorization is a combination of Type-I authorization and Type-II authorization, a Type-IV trap door is possessed, and the cloud server can perform equivalence testing on a certain ciphertext of a user and all ciphertexts of other arbitrary users.
Optionally, the fine-grained authorization equivalence test method based on certificateless encryption includes the following algorithm:
step one, initialization: the key generation center runs the algorithm, inputs a security parameter k, and outputs a system public parameter params and a system master key msk;
step two, extracting part of private keys: the algorithm is operated by the key generation center, public identity information ID e {0,1} and parameters params, msk of a user are input, and partial private key d of the user is outputID
Step three, setting a secret value: the user runs the algorithm, inputs the parameters params, ID, and outputs the secret value x of the userID
Step four, generating a private key: the algorithm is run by the user, inputting the parameters params,dID,xIDOutputting the complete private key SK of the userID
Step five, public key generation: the user runs the algorithm and inputs the parameters params, xIDOutputting the public key PK of the userID
Step six, encryption: the user runs the algorithm and inputs the information M, the parameters params, ID and the user's public key PKIDOutputting a ciphertext C;
step seven, decryption: the user runs the algorithm and inputs the ciphertext C, the parameter params, the ID and the private key SK of the userIDOutputting a plaintext M or a termination symbol T;
suppose there are two users UAAnd UBDefine UAPublic and private key Pair of (PK)A,SKA) The ciphertext is CA(ii) a Definition of UBPublic and private key Pair of (PK)B,SKB) The ciphertext is CB
Optionally, the algorithm of Type-I authorization includes the following steps:
Aut1: two users respectively run the algorithm and input a private key SKA(SKB) Type-I trap door T of output user1,A(T1,B);
Test1: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)1,A,T1,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
Optionally, the algorithm of Type-II authorization includes the following steps:
Aut2: two users respectively run the algorithm and input a private key SKA(SKB) And CA(CB) Type-II trapdoor T for outputting user2,A(T2,B);
Test2: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)2,A,T2,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
Optionally, the algorithm of Type-III authorization includes the following steps:
Aut3: two users respectively run the algorithm and input a private key SKA(SKB) And ciphertext CA,CBOutputting Type-III trapdoor T of user3,A(T3,B);
Test3: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)3,A,T3,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
Optionally, the Type-IV authorization algorithm includes the following steps:
Aut4,A:UArunning the algorithm, inputting its private key SKA,CAOutput UAType-IV trapdoor T4,A=T2,A
Aut4,B:UBRunning the algorithm, inputting its private key SKBOutput UBType-IV trapdoor T4,B=T1,B
Test4: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)4,A,T4,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
The invention provides a fine-grained authorization equivalence testing method based on certificateless encryption, which has the following beneficial effects:
1. in the fine-grained authorization equivalence test method based on certificateless encryption, a new equivalence test method based on certificateless encryption is designed and supports four different types of authorization, so that the problem of test permission in the existing certificateless encryption equivalence test method and the problem of certificate management or key escrow in the existing public key encryption equivalence test method are solved.
2. The fine-grained authorization equivalence test method based on certificateless encryption integrates the advantages of certificateless encryption and authorization control, and provides four different authorization modes to meet different scene requirements; it is possible to test whether two ciphertexts contain the same content without decryption.
Drawings
FIG. 1 is a schematic view of the flow structure of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution: a fine-grained authorization equivalence testing method based on certificateless encryption comprises the following steps:
s1, initializing system parameters by the key generation center, generating partial private keys of the user according to the user ID and sending the private keys to the user;
s2, the user selects a secret value and generates a complete private key of the user by combining with a part of private keys, and then generates a public key of the user;
s3, the user encrypts data by using the corresponding public key and uploads the ciphertext to the cloud, and a data owner can download and decrypt the ciphertext;
s4, the user can use the private key of the user to generate different types of authorization trapdoors according to needs and send the authorization trapdoors to the cloud server for authorization;
s5, with the authorized trapdoors of different users, the cloud server can complete equivalence tests of different user ciphertexts through an algorithm under the condition of no decryption.
In the present invention, in step S4, the four different authorization policy manners are Type-I authorization, Type-II authorization, Type-III authorization, and Type-IV authorization.
In the invention, the Type-I authorization is at the user level and has a Type-I trapdoor, and the cloud server can perform equivalence test on all ciphertexts of the user and all ciphertexts of any other user;
the Type-II authorization is at a ciphertext level and has a Type-II trapdoor, and the cloud server can perform equivalence test on a certain ciphertext of a user and a certain ciphertext of any other user;
the Type-III authorization is the ciphertext level of a specific user, the Type-III trapdoor is provided, and the cloud server can perform equivalence test on a certain ciphertext of the user and a specific ciphertext of the specific user;
the Type-IV authorization is of ciphertext user level, the Type-IV authorization is a combination of Type-I authorization and Type-II authorization, a Type-IV trap door is possessed, and the cloud server can perform equivalence testing on a certain ciphertext of a user and all ciphertexts of other arbitrary users.
In the invention, a fine-grained authorization equivalence test method based on certificateless encryption comprises the following algorithms:
step one, initialization: the key generation center runs the algorithm, inputs a security parameter k, and outputs a system public parameter params and a system master key msk;
step two, extracting part of private keys: the algorithm is operated by the key generation center, public identity information ID e {0,1} and parameters params, msk of a user are input, and partial private key d of the user is outputID
Step three, setting a secret value: the user runs the algorithm, inputs the parameters params, ID, and outputs the secret value x of the userID
Step four, generating a private key: the user runs the algorithm and inputs the parameters params, dID,xIDOutputting the complete private key SK of the userID
Step five, public key generation: the user runs the algorithm and inputs the parameters params, xIDOutputting the public key PK of the userID
Step six, encryption: the user runs the algorithm and inputs the information M, the parameters params, ID and the user's public key PKIDOutputting a ciphertext C;
step seven, decryption: the user runs the algorithm and inputs the ciphertext C, the parameter params, the ID and the private key SK of the userIDOutputting a plaintext M or a termination symbol T;
suppose there are two users UAAnd UBDefine UAPublic and private key Pair of (PK)A,SKA) The ciphertext is CA(ii) a Definition of UBPublic and private key Pair of (PK)B,SKB) The ciphertext is CB
In the invention, the Type-I authorization algorithm comprises the following steps:
Aut1: two users respectively run the algorithm and input a private key SKA(SKB) Type-I trap door T of output user1,A(T1,B);
Test1: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)1,A,T1,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
In the invention, the Type-II authorization algorithm comprises the following steps:
Aut2: two users respectively run the algorithm and input a private key SKA(SKB) And CA(CB) Type-II trapdoor T for outputting user2,A(T2,B);
Test2: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)2,A,T2,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
In the invention, the algorithm of Type-III authorization comprises the following steps:
Aut3: two users respectively run the algorithm and input a private key SKA(SKB) And ciphertext CA,CBOutputting Type-III trapdoor T of user3,A(T3,B);
Test3: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)3,A,T3,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
In the invention, the algorithm of Type-IV authorization comprises the following steps:
Aut4,A:UArunning the algorithm, inputting its private key SKA,CAOutput UAType-IV trapdoor T4,A=T2,A
Aut4,B:UBRunning the algorithm, inputting its private key SKBOutput UBType-IV trapdoor T4,B=T1,B
Test4: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)4,A,T4,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
To sum up, the fine-grained authorization equivalence test method based on certificateless encryption specifically comprises the following steps:
initialization: inputting a security parameter k, the algorithm executes the following process:
generating bilinear pair parameters:
Figure BDA0003189557620000071
five collision-resistant hash functions were chosen: h1:{0,1}*→G1,H2:{0,1}*→G1,H3:GT→{0,1}2l,H4:GT×G1 3→{0,1}l+n
Figure BDA0003189557620000081
Wherein l and n are each an element G1And
Figure BDA0003189557620000082
length of (d);
random selection
Figure BDA0003189557620000083
As msk, and calculate
Figure BDA0003189557620000084
Outputting common system parameters
Figure BDA0003189557620000085
Extracting a part of private keys: inputting ID E {0,1}, and returning partial private key d of user by algorithmID=(d1,d2) Wherein
Figure BDA0003189557620000086
Setting a secret value: the algorithm returns the user's password value xID=x,
Figure BDA0003189557620000087
And (4) randomly selecting.
Private key generation: algorithm returns complete private key SK of userID=(SK1,SK2) Wherein
Figure BDA0003189557620000088
Figure BDA0003189557620000089
And (3) public key generation: algorithm returns user's public key PKID=(PK1,PK2) Wherein PK is1=g1 x,PK2=g2 x
Encryption: input information M and public key PKIDThe algorithm first calculates for each user
Figure BDA00031895576200000810
And
Figure BDA00031895576200000811
once. Then, randomly select
Figure BDA00031895576200000812
And calculates ciphertext C ═ C (C)1,C2,C3,C4) Wherein
Figure BDA00031895576200000813
Figure BDA00031895576200000814
Figure BDA00031895576200000815
Figure BDA00031895576200000816
And (3) decryption: inputting a private key SKIDAnd ciphertext C ═ C1,C2,C3,C4) The algorithm performs the following calculations:
Figure BDA0003189557620000091
if it is not
Figure BDA0003189557620000092
And
Figure BDA0003189557620000093
if all the plaintext M is established, outputting a plaintext M by the algorithm; otherwise, outputting ^ t.
By UAAnd UBRepresenting two users, respectively defining their ciphertexts as CA=(CA,1,CA,2,CA,3,CA,4) And CB=(CB,1,CB,2,CB,3,CB,4)。
The four different types of authorization work as follows:
the Type-I authorization specifically comprises the following steps:
Aut1: two users respectively run the algorithm to generate the Type-I trap door T of the two users1,A=SKA,1And T1,B=SKB,1
Test1: the algorithm performs the following calculations
Figure BDA0003189557620000094
Figure BDA0003189557620000095
And judge
Equation of
Figure BDA0003189557620000096
Is there any?
Because of the fact that
Figure BDA0003189557620000097
Figure BDA0003189557620000098
If equation (1) holds, MA=MBWhen the algorithm returns 1; otherwise 0 is returned.
The Type-II authorization specifically comprises the following steps:
Aut2: two users respectively run the algorithm to generate Type-II trapdoors of the two users
Figure BDA0003189557620000099
And
Figure BDA00031895576200000910
Test2: the algorithm performs the following calculations
Figure BDA0003189557620000101
Figure BDA0003189557620000102
And judges whether equation (1) is equal. If equal to each otherThen M isA=MBWhen the algorithm returns 1; otherwise 0 is returned.
The Type-III authorization specifically comprises the following steps:
Aut3: first, two users calculate separately
Figure BDA0003189557620000103
Figure BDA0003189557620000104
Then run this algorithm to generate their Type-III trapdoors
Figure BDA0003189557620000105
Figure BDA0003189557620000106
Test3: algorithm judgment equation
Figure BDA0003189557620000107
Is there any?
Because of the fact that
Figure BDA0003189557620000108
If equation (2) holds, MA=MB
At this point the algorithm returns to 1; otherwise 0 is returned.
The Type-IV authorization specifically comprises the following steps:
Aut4,A:UAgenerating Type-IV trapdoors
Figure BDA0003189557620000109
Aut4,B:UBGenerating Type-IV trapdoors T4,B=T1,B=SKB,1
Test4: algorithmic computation
Figure BDA00031895576200001010
Figure BDA0003189557620000111
And determines whether equation (1) holds. If the equation holds, MA=MBWhen the algorithm returns 1; otherwise 0 is returned.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.

Claims (8)

1. A fine-grained authorization equivalence testing method based on certificateless encryption comprises the following steps:
s1, initializing system parameters by the key generation center, generating partial private keys of the user according to the user ID and sending the private keys to the user;
s2, the user selects a secret value and generates a complete private key of the user by combining with a part of private keys, and then generates a public key of the user;
s3, the user encrypts data by using the corresponding public key and uploads the ciphertext to the cloud, and a data owner can download and decrypt the ciphertext;
s4, the user can use the private key of the user to generate different types of authorization trapdoors according to needs and send the authorization trapdoors to the cloud server for authorization;
s5, with the authorized trapdoors of different users, the cloud server can complete equivalence tests of different user ciphertexts through an algorithm under the condition of no decryption.
2. The fine-grained authorization equivalence testing method based on certificateless encryption according to claim 1, characterized in that: in step S4, the four different authorization policy manners are Type-I authorization, Type-II authorization, Type-III authorization, and Type-IV authorization.
3. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 2, characterized in that: the Type-I authorization is at the user level and has a Type-I trapdoor, and the cloud server can perform equivalence tests on all ciphertexts of the user and all ciphertexts of any other user;
the Type-II authorization is at a ciphertext level and has a Type-II trapdoor, and the cloud server can perform equivalence test on a certain ciphertext of a user and a certain ciphertext of any other user;
the Type-III authorization is the ciphertext level of a specific user, the Type-III trapdoor is provided, and the cloud server can perform equivalence test on a certain ciphertext of the user and a specific ciphertext of the specific user;
the Type-IV authorization is of ciphertext user level, the Type-IV authorization is a combination of Type-I authorization and Type-II authorization, a Type-IV trap door is possessed, and the cloud server can perform equivalence testing on a certain ciphertext of a user and all ciphertexts of other arbitrary users.
4. The certificateless encryption-based fine-grained authorized equivalent testing method according to any one of claims 1 to 3, wherein the certificateless encryption-based fine-grained authorized equivalent testing method comprises the following algorithm:
step one, initialization: the key generation center runs the algorithm, inputs a security parameter k, and outputs a system public parameter params and a system master key msk;
step two, extracting part of private keys: the algorithm is operated by the key generation center, public identity information ID e {0,1} and parameters params, msk of a user are input, and partial private key d of the user is outputID
Step three, setting a secret value: the user runs the algorithm and inputs the parameter params, ID, secret value x of the output userID
Step four, generating a private key: the user runs the algorithm and inputs the parameters params, dID,xIDOutputting the complete private key SK of the userID
Step five, public key generation: the user runs the algorithm and inputs the parameters params, xIDOutputting the public key PK of the userID
Step six, encryption: the user runs the algorithm and inputs the information M, the parameters params, ID and the user's public key PKIDOutputting a ciphertext C;
step seven, decryption: the user runs the algorithm and inputs the ciphertext C, the parameter params, the ID and the private key SK of the userIDOutputting a plaintext M or a termination symbol T;
suppose there are two users UAAnd UBDefine UAPublic and private key Pair of (PK)A,SKA) The ciphertext is CA(ii) a Definition of UBPublic and private key Pair of (PK)B,SKB) The ciphertext is CB
5. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 3, wherein the Type-I authorization algorithm comprises the following steps:
Aut1: two users respectively run the algorithm and input a private key SKA(SKB) Type-I trap door T of output user1,A(T1,B);
Test1: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)1,A,T1,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
6. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 3, wherein the method comprises the following steps: the Type-II authorization algorithm comprises the following steps:
Aut2: two users are respectivelyRunning the algorithm, inputting the private key SKA(SKB) And CA(CB) Type-II trapdoor T for outputting user2,A(T2,B);
Test2: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)2,A,T2,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
7. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 3, wherein the method comprises the following steps: the Type-III authorization algorithm comprises the following steps:
Aut3: two users respectively run the algorithm and input a private key SKA(SKB) And ciphertext CA,CBOutputting Type-III trapdoor T of user3,A(T3,B);
Test3: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)3,A,T3,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
8. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 3, wherein the Type-IV authorization algorithm comprises the following steps:
Aut4,A:UArunning the algorithm, inputting its private key SKA,CAOutput UAType-IV trapdoor T4,A=T2,A
Aut4,B:UBRunning the algorithm, inputting its private key SKBOutput UBType-IV trapdoor T4,B=T1,B
Test4: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)4,A,T4,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
CN202110872215.2A 2021-07-30 2021-07-30 Fine-grained authorization equivalence testing method based on certificateless encryption Pending CN113794554A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110872215.2A CN113794554A (en) 2021-07-30 2021-07-30 Fine-grained authorization equivalence testing method based on certificateless encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110872215.2A CN113794554A (en) 2021-07-30 2021-07-30 Fine-grained authorization equivalence testing method based on certificateless encryption

Publications (1)

Publication Number Publication Date
CN113794554A true CN113794554A (en) 2021-12-14

Family

ID=79181430

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110872215.2A Pending CN113794554A (en) 2021-07-30 2021-07-30 Fine-grained authorization equivalence testing method based on certificateless encryption

Country Status (1)

Country Link
CN (1) CN113794554A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115473715A (en) * 2022-09-05 2022-12-13 华南农业大学 Forward security ciphertext equivalence test public key encryption method, device, system and medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113067702A (en) * 2021-03-17 2021-07-02 西安电子科技大学 Identity-based encryption method supporting ciphertext equivalence test function

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113067702A (en) * 2021-03-17 2021-07-02 西安电子科技大学 Identity-based encryption method supporting ciphertext equivalence test function

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ABDELRHMAN HASSAN, ETC.: "An efficient certificateless public key encryption scheme with authorized equality test in healthcare environments", 《ELSEVIER》, vol. 109 *
HAIPENG QU, ETC.: "Certificateless public key encryption with equality test", 《ELSEVIER》, vol. 462, pages 76 - 92 *
RASHAD ELHABOB, ETC.: "An efficient certificateless public key cryptography with authorized equality test in IIoT", 《SPRINGER》, pages 1065 - 1083 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115473715A (en) * 2022-09-05 2022-12-13 华南农业大学 Forward security ciphertext equivalence test public key encryption method, device, system and medium
CN115473715B (en) * 2022-09-05 2024-05-10 华南农业大学 Forward secure ciphertext equivalent test public key encryption method, device, system and medium

Similar Documents

Publication Publication Date Title
CN111191288B (en) Block chain data access right control method based on proxy re-encryption
CN108292402B (en) Determination of a common secret and hierarchical deterministic keys for the secure exchange of information
CN108111301B (en) Method and system for realizing SSH protocol based on post-quantum key exchange
CN109246098B (en) Method for supporting comparison of synchronous ciphertext of backup server
CN106789044B (en) Searchable encryption method for cipher text data public key stored in cloud on grid under standard model
CN111130757A (en) Multi-cloud CP-ABE access control method based on block chain
He et al. A social-network-based cryptocurrency wallet-management scheme
EP1825632B1 (en) Secure interface for versatile key derivation function support
CN106161428B (en) A kind of ciphertext can comparison of equalization encryption attribute method
CN104486315A (en) Revocable key external package decryption method based on content attributes
CN110933033A (en) Cross-domain access control method for multiple Internet of things domains in smart city environment
CN109981265B (en) Identity-based ciphertext equivalence determination method without using bilinear pairings
CN110557367B (en) Secret key updating method and system for quantum computing secure communication resistance based on certificate cryptography
Mashhadi Computationally Secure Multiple Secret Sharing: Models, Schemes, and Formal Security Analysis.
CN106301776B (en) A kind of more authorization center outsourcing attribute base encryption methods and system of keyword search
CN106230840B (en) A kind of command identifying method of high security
CN113132104A (en) Active and safe ECDSA (electronic signature SA) digital signature two-party generation method
Soltani et al. Decentralized and privacy-preserving key management model
CN113098681B (en) Port order enhanced and updatable blinded key management method in cloud storage
CN113794554A (en) Fine-grained authorization equivalence testing method based on certificateless encryption
CN114095161A (en) Identity base pierceable encryption method supporting equality test
CN110266490B (en) Keyword ciphertext generation method and device of cloud storage data
CN110048852B (en) Quantum communication service station digital signcryption method and system based on asymmetric key pool
CN108632257B (en) Method and system for acquiring encrypted health record supporting hierarchical search
CN106612173A (en) Encryption scheme for trusted key in cloud storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20211214