CN113794554A - Fine-grained authorization equivalence testing method based on certificateless encryption - Google Patents
Fine-grained authorization equivalence testing method based on certificateless encryption Download PDFInfo
- Publication number
- CN113794554A CN113794554A CN202110872215.2A CN202110872215A CN113794554A CN 113794554 A CN113794554 A CN 113794554A CN 202110872215 A CN202110872215 A CN 202110872215A CN 113794554 A CN113794554 A CN 113794554A
- Authority
- CN
- China
- Prior art keywords
- user
- authorization
- type
- algorithm
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 95
- 238000012360 testing method Methods 0.000 title claims abstract description 52
- 238000010998 test method Methods 0.000 claims abstract description 17
- 238000000034 method Methods 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/36—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols with means for detecting characters not meant for transmission
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a fine-grained authorization equivalence test method based on certificateless encryption, which relates to the technical field of the fine-grained authorization equivalence test of certificateless encryption and specifically comprises the following steps of: firstly, initializing system parameters by a key generation center, generating a partial private key according to a user ID, and then selecting a secret value by a user to combine with the partial private key to generate a private and public key pair of the user; then, the user can encrypt data by using the public key and upload the data to the cloud, and a data owner can download and decrypt a ciphertext; and finally, the user can generate different authorizations as required, and the cloud server can finish the equivalent test of the ciphertext under the condition of not decrypting the ciphertext with the authorizations of different users. The fine-grained authorization equivalence test method based on certificateless encryption supports four different types of authorization, so that the problem of test permission in the existing certificateless encryption equivalence test method and the problem of certificate management or key escrow in the existing certificateless encryption equivalence test method are solved.
Description
Technical Field
The invention relates to the technical field of fine-grained authorization equivalence testing without certificate encryption, in particular to a fine-grained authorization equivalence testing method based on certificate-free encryption.
Background
Fine-grained authorization, which is colloquially referred to as subdividing authorization in a business model, so as to obtain an authorization scheme applicable to more different scenes.
Symmetric searchable encryption and public key searchable encryption can only perform ciphertext search of a single key and cannot meet ciphertext search of encryption of different keys; the public key encryption equivalent test supporting authorization has the problem of large resource consumption caused by complex certificate management; the problem of key escrow exists in identity encryption-based authorized equivalence testing; the equivalent test scheme based on certificateless encryption does not consider the problem of test permission.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a fine-grained authorization equivalence testing method based on certificateless encryption, and solves the problems in the background art.
In order to achieve the purpose, the invention is realized by the following technical scheme: a fine-grained authorization equivalence testing method based on certificateless encryption comprises the following steps:
s1, initializing system parameters by the key generation center, generating partial private keys of the user according to the user ID and sending the private keys to the user;
s2, the user selects a secret value and generates a complete private key of the user by combining with a part of private keys, and then generates a public key of the user;
s3, the user encrypts data by using the corresponding public key and uploads the ciphertext to the cloud, and a data owner can download and decrypt the ciphertext;
s4, the user can use the private key of the user to generate different types of authorization trapdoors according to needs and send the authorization trapdoors to the cloud server for authorization;
s5, with the authorized trapdoors of different users, the cloud server can complete equivalence tests of different user ciphertexts through an algorithm under the condition of no decryption.
Optionally, in step S4, the four different authorization policy manners are Type-I authorization, Type-II authorization, Type-III authorization, and Type-IV authorization.
Optionally, the Type-I authorization is at a user level, and has a Type-I trapdoor, and the cloud server can perform equivalence tests on all ciphertexts of the user and all ciphertexts of any other user;
the Type-II authorization is at a ciphertext level and has a Type-II trapdoor, and the cloud server can perform equivalence test on a certain ciphertext of a user and a certain ciphertext of any other user;
the Type-III authorization is the ciphertext level of a specific user, the Type-III trapdoor is provided, and the cloud server can perform equivalence test on a certain ciphertext of the user and a specific ciphertext of the specific user;
the Type-IV authorization is of ciphertext user level, the Type-IV authorization is a combination of Type-I authorization and Type-II authorization, a Type-IV trap door is possessed, and the cloud server can perform equivalence testing on a certain ciphertext of a user and all ciphertexts of other arbitrary users.
Optionally, the fine-grained authorization equivalence test method based on certificateless encryption includes the following algorithm:
step one, initialization: the key generation center runs the algorithm, inputs a security parameter k, and outputs a system public parameter params and a system master key msk;
step two, extracting part of private keys: the algorithm is operated by the key generation center, public identity information ID e {0,1} and parameters params, msk of a user are input, and partial private key d of the user is outputID;
Step three, setting a secret value: the user runs the algorithm, inputs the parameters params, ID, and outputs the secret value x of the userID;
Step four, generating a private key: the algorithm is run by the user, inputting the parameters params,dID,xIDOutputting the complete private key SK of the userID;
Step five, public key generation: the user runs the algorithm and inputs the parameters params, xIDOutputting the public key PK of the userID;
Step six, encryption: the user runs the algorithm and inputs the information M, the parameters params, ID and the user's public key PKIDOutputting a ciphertext C;
step seven, decryption: the user runs the algorithm and inputs the ciphertext C, the parameter params, the ID and the private key SK of the userIDOutputting a plaintext M or a termination symbol T;
suppose there are two users UAAnd UBDefine UAPublic and private key Pair of (PK)A,SKA) The ciphertext is CA(ii) a Definition of UBPublic and private key Pair of (PK)B,SKB) The ciphertext is CB。
Optionally, the algorithm of Type-I authorization includes the following steps:
Aut1: two users respectively run the algorithm and input a private key SKA(SKB) Type-I trap door T of output user1,A(T1,B);
Test1: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)1,A,T1,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
Optionally, the algorithm of Type-II authorization includes the following steps:
Aut2: two users respectively run the algorithm and input a private key SKA(SKB) And CA(CB) Type-II trapdoor T for outputting user2,A(T2,B);
Test2: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)2,A,T2,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
Optionally, the algorithm of Type-III authorization includes the following steps:
Aut3: two users respectively run the algorithm and input a private key SKA(SKB) And ciphertext CA,CBOutputting Type-III trapdoor T of user3,A(T3,B);
Test3: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)3,A,T3,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
Optionally, the Type-IV authorization algorithm includes the following steps:
Aut4,A:UArunning the algorithm, inputting its private key SKA,CAOutput UAType-IV trapdoor T4,A=T2,A;
Aut4,B:UBRunning the algorithm, inputting its private key SKBOutput UBType-IV trapdoor T4,B=T1,B;
Test4: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)4,A,T4,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
The invention provides a fine-grained authorization equivalence testing method based on certificateless encryption, which has the following beneficial effects:
1. in the fine-grained authorization equivalence test method based on certificateless encryption, a new equivalence test method based on certificateless encryption is designed and supports four different types of authorization, so that the problem of test permission in the existing certificateless encryption equivalence test method and the problem of certificate management or key escrow in the existing public key encryption equivalence test method are solved.
2. The fine-grained authorization equivalence test method based on certificateless encryption integrates the advantages of certificateless encryption and authorization control, and provides four different authorization modes to meet different scene requirements; it is possible to test whether two ciphertexts contain the same content without decryption.
Drawings
FIG. 1 is a schematic view of the flow structure of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution: a fine-grained authorization equivalence testing method based on certificateless encryption comprises the following steps:
s1, initializing system parameters by the key generation center, generating partial private keys of the user according to the user ID and sending the private keys to the user;
s2, the user selects a secret value and generates a complete private key of the user by combining with a part of private keys, and then generates a public key of the user;
s3, the user encrypts data by using the corresponding public key and uploads the ciphertext to the cloud, and a data owner can download and decrypt the ciphertext;
s4, the user can use the private key of the user to generate different types of authorization trapdoors according to needs and send the authorization trapdoors to the cloud server for authorization;
s5, with the authorized trapdoors of different users, the cloud server can complete equivalence tests of different user ciphertexts through an algorithm under the condition of no decryption.
In the present invention, in step S4, the four different authorization policy manners are Type-I authorization, Type-II authorization, Type-III authorization, and Type-IV authorization.
In the invention, the Type-I authorization is at the user level and has a Type-I trapdoor, and the cloud server can perform equivalence test on all ciphertexts of the user and all ciphertexts of any other user;
the Type-II authorization is at a ciphertext level and has a Type-II trapdoor, and the cloud server can perform equivalence test on a certain ciphertext of a user and a certain ciphertext of any other user;
the Type-III authorization is the ciphertext level of a specific user, the Type-III trapdoor is provided, and the cloud server can perform equivalence test on a certain ciphertext of the user and a specific ciphertext of the specific user;
the Type-IV authorization is of ciphertext user level, the Type-IV authorization is a combination of Type-I authorization and Type-II authorization, a Type-IV trap door is possessed, and the cloud server can perform equivalence testing on a certain ciphertext of a user and all ciphertexts of other arbitrary users.
In the invention, a fine-grained authorization equivalence test method based on certificateless encryption comprises the following algorithms:
step one, initialization: the key generation center runs the algorithm, inputs a security parameter k, and outputs a system public parameter params and a system master key msk;
step two, extracting part of private keys: the algorithm is operated by the key generation center, public identity information ID e {0,1} and parameters params, msk of a user are input, and partial private key d of the user is outputID;
Step three, setting a secret value: the user runs the algorithm, inputs the parameters params, ID, and outputs the secret value x of the userID;
Step four, generating a private key: the user runs the algorithm and inputs the parameters params, dID,xIDOutputting the complete private key SK of the userID;
Step five, public key generation: the user runs the algorithm and inputs the parameters params, xIDOutputting the public key PK of the userID;
Step six, encryption: the user runs the algorithm and inputs the information M, the parameters params, ID and the user's public key PKIDOutputting a ciphertext C;
step seven, decryption: the user runs the algorithm and inputs the ciphertext C, the parameter params, the ID and the private key SK of the userIDOutputting a plaintext M or a termination symbol T;
suppose there are two users UAAnd UBDefine UAPublic and private key Pair of (PK)A,SKA) The ciphertext is CA(ii) a Definition of UBPublic and private key Pair of (PK)B,SKB) The ciphertext is CB。
In the invention, the Type-I authorization algorithm comprises the following steps:
Aut1: two users respectively run the algorithm and input a private key SKA(SKB) Type-I trap door T of output user1,A(T1,B);
Test1: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)1,A,T1,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
In the invention, the Type-II authorization algorithm comprises the following steps:
Aut2: two users respectively run the algorithm and input a private key SKA(SKB) And CA(CB) Type-II trapdoor T for outputting user2,A(T2,B);
Test2: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)2,A,T2,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
In the invention, the algorithm of Type-III authorization comprises the following steps:
Aut3: two users respectively run the algorithm and input a private key SKA(SKB) And ciphertext CA,CBOutputting Type-III trapdoor T of user3,A(T3,B);
Test3: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)3,A,T3,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
In the invention, the algorithm of Type-IV authorization comprises the following steps:
Aut4,A:UArunning the algorithm, inputting its private key SKA,CAOutput UAType-IV trapdoor T4,A=T2,A;
Aut4,B:UBRunning the algorithm, inputting its private key SKBOutput UBType-IV trapdoor T4,B=T1,B;
Test4: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)4,A,T4,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
To sum up, the fine-grained authorization equivalence test method based on certificateless encryption specifically comprises the following steps:
initialization: inputting a security parameter k, the algorithm executes the following process:
five collision-resistant hash functions were chosen: h1:{0,1}*→G1,H2:{0,1}*→G1,H3:GT→{0,1}2l,H4:GT×G1 3→{0,1}l+n,Wherein l and n are each an element G1Andlength of (d);
Extracting a part of private keys: inputting ID E {0,1}, and returning partial private key d of user by algorithmID=(d1,d2) Wherein
Setting a secret value: the algorithm returns the user's password value xID=x,And (4) randomly selecting.
And (3) public key generation: algorithm returns user's public key PKID=(PK1,PK2) Wherein PK is1=g1 x,PK2=g2 x。
Encryption: input information M and public key PKIDThe algorithm first calculates for each userAndonce. Then, randomly selectAnd calculates ciphertext C ═ C (C)1,C2,C3,C4) Wherein
And (3) decryption: inputting a private key SKIDAnd ciphertext C ═ C1,C2,C3,C4) The algorithm performs the following calculations:
if it is notAndif all the plaintext M is established, outputting a plaintext M by the algorithm; otherwise, outputting ^ t.
By UAAnd UBRepresenting two users, respectively defining their ciphertexts as CA=(CA,1,CA,2,CA,3,CA,4) And CB=(CB,1,CB,2,CB,3,CB,4)。
The four different types of authorization work as follows:
the Type-I authorization specifically comprises the following steps:
Aut1: two users respectively run the algorithm to generate the Type-I trap door T of the two users1,A=SKA,1And T1,B=SKB,1。
Test1: the algorithm performs the following calculations
The Type-II authorization specifically comprises the following steps:
Test2: the algorithm performs the following calculations
And judges whether equation (1) is equal. If equal to each otherThen M isA=MBWhen the algorithm returns 1; otherwise 0 is returned.
The Type-III authorization specifically comprises the following steps:
Aut3: first, two users calculate separately
Then run this algorithm to generate their Type-III trapdoors
Test3: algorithm judgment equation
At this point the algorithm returns to 1; otherwise 0 is returned.
The Type-IV authorization specifically comprises the following steps:
Aut4,B:UBGenerating Type-IV trapdoors T4,B=T1,B=SKB,1。
Test4: algorithmic computation
And determines whether equation (1) holds. If the equation holds, MA=MBWhen the algorithm returns 1; otherwise 0 is returned.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.
Claims (8)
1. A fine-grained authorization equivalence testing method based on certificateless encryption comprises the following steps:
s1, initializing system parameters by the key generation center, generating partial private keys of the user according to the user ID and sending the private keys to the user;
s2, the user selects a secret value and generates a complete private key of the user by combining with a part of private keys, and then generates a public key of the user;
s3, the user encrypts data by using the corresponding public key and uploads the ciphertext to the cloud, and a data owner can download and decrypt the ciphertext;
s4, the user can use the private key of the user to generate different types of authorization trapdoors according to needs and send the authorization trapdoors to the cloud server for authorization;
s5, with the authorized trapdoors of different users, the cloud server can complete equivalence tests of different user ciphertexts through an algorithm under the condition of no decryption.
2. The fine-grained authorization equivalence testing method based on certificateless encryption according to claim 1, characterized in that: in step S4, the four different authorization policy manners are Type-I authorization, Type-II authorization, Type-III authorization, and Type-IV authorization.
3. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 2, characterized in that: the Type-I authorization is at the user level and has a Type-I trapdoor, and the cloud server can perform equivalence tests on all ciphertexts of the user and all ciphertexts of any other user;
the Type-II authorization is at a ciphertext level and has a Type-II trapdoor, and the cloud server can perform equivalence test on a certain ciphertext of a user and a certain ciphertext of any other user;
the Type-III authorization is the ciphertext level of a specific user, the Type-III trapdoor is provided, and the cloud server can perform equivalence test on a certain ciphertext of the user and a specific ciphertext of the specific user;
the Type-IV authorization is of ciphertext user level, the Type-IV authorization is a combination of Type-I authorization and Type-II authorization, a Type-IV trap door is possessed, and the cloud server can perform equivalence testing on a certain ciphertext of a user and all ciphertexts of other arbitrary users.
4. The certificateless encryption-based fine-grained authorized equivalent testing method according to any one of claims 1 to 3, wherein the certificateless encryption-based fine-grained authorized equivalent testing method comprises the following algorithm:
step one, initialization: the key generation center runs the algorithm, inputs a security parameter k, and outputs a system public parameter params and a system master key msk;
step two, extracting part of private keys: the algorithm is operated by the key generation center, public identity information ID e {0,1} and parameters params, msk of a user are input, and partial private key d of the user is outputID;
Step three, setting a secret value: the user runs the algorithm and inputs the parameter params, ID, secret value x of the output userID;
Step four, generating a private key: the user runs the algorithm and inputs the parameters params, dID,xIDOutputting the complete private key SK of the userID;
Step five, public key generation: the user runs the algorithm and inputs the parameters params, xIDOutputting the public key PK of the userID;
Step six, encryption: the user runs the algorithm and inputs the information M, the parameters params, ID and the user's public key PKIDOutputting a ciphertext C;
step seven, decryption: the user runs the algorithm and inputs the ciphertext C, the parameter params, the ID and the private key SK of the userIDOutputting a plaintext M or a termination symbol T;
suppose there are two users UAAnd UBDefine UAPublic and private key Pair of (PK)A,SKA) The ciphertext is CA(ii) a Definition of UBPublic and private key Pair of (PK)B,SKB) The ciphertext is CB。
5. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 3, wherein the Type-I authorization algorithm comprises the following steps:
Aut1: two users respectively run the algorithm and input a private key SKA(SKB) Type-I trap door T of output user1,A(T1,B);
Test1: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)1,A,T1,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
6. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 3, wherein the method comprises the following steps: the Type-II authorization algorithm comprises the following steps:
Aut2: two users are respectivelyRunning the algorithm, inputting the private key SKA(SKB) And CA(CB) Type-II trapdoor T for outputting user2,A(T2,B);
Test2: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)2,A,T2,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
7. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 3, wherein the method comprises the following steps: the Type-III authorization algorithm comprises the following steps:
Aut3: two users respectively run the algorithm and input a private key SKA(SKB) And ciphertext CA,CBOutputting Type-III trapdoor T of user3,A(T3,B);
Test3: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)3,A,T3,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
8. The fine-grained authorization equivalence test method based on certificateless encryption according to claim 3, wherein the Type-IV authorization algorithm comprises the following steps:
Aut4,A:UArunning the algorithm, inputting its private key SKA,CAOutput UAType-IV trapdoor T4,A=T2,A;
Aut4,B:UBRunning the algorithm, inputting its private key SKBOutput UBType-IV trapdoor T4,B=T1,B;
Test4: the cloud server runs the algorithm and inputs the ciphertext (C)A,CB) And trapdoor (T)4,A,T4,B) And if the two ciphertexts contain the same content, outputting 1, otherwise outputting 0.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110872215.2A CN113794554A (en) | 2021-07-30 | 2021-07-30 | Fine-grained authorization equivalence testing method based on certificateless encryption |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110872215.2A CN113794554A (en) | 2021-07-30 | 2021-07-30 | Fine-grained authorization equivalence testing method based on certificateless encryption |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113794554A true CN113794554A (en) | 2021-12-14 |
Family
ID=79181430
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110872215.2A Pending CN113794554A (en) | 2021-07-30 | 2021-07-30 | Fine-grained authorization equivalence testing method based on certificateless encryption |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113794554A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115473715A (en) * | 2022-09-05 | 2022-12-13 | 华南农业大学 | Forward security ciphertext equivalence test public key encryption method, device, system and medium |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113067702A (en) * | 2021-03-17 | 2021-07-02 | 西安电子科技大学 | Identity-based encryption method supporting ciphertext equivalence test function |
-
2021
- 2021-07-30 CN CN202110872215.2A patent/CN113794554A/en active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113067702A (en) * | 2021-03-17 | 2021-07-02 | 西安电子科技大学 | Identity-based encryption method supporting ciphertext equivalence test function |
Non-Patent Citations (3)
Title |
---|
ABDELRHMAN HASSAN, ETC.: "An efficient certificateless public key encryption scheme with authorized equality test in healthcare environments", 《ELSEVIER》, vol. 109 * |
HAIPENG QU, ETC.: "Certificateless public key encryption with equality test", 《ELSEVIER》, vol. 462, pages 76 - 92 * |
RASHAD ELHABOB, ETC.: "An efficient certificateless public key cryptography with authorized equality test in IIoT", 《SPRINGER》, pages 1065 - 1083 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115473715A (en) * | 2022-09-05 | 2022-12-13 | 华南农业大学 | Forward security ciphertext equivalence test public key encryption method, device, system and medium |
CN115473715B (en) * | 2022-09-05 | 2024-05-10 | 华南农业大学 | Forward secure ciphertext equivalent test public key encryption method, device, system and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111191288B (en) | Block chain data access right control method based on proxy re-encryption | |
CN108292402B (en) | Determination of a common secret and hierarchical deterministic keys for the secure exchange of information | |
CN108111301B (en) | Method and system for realizing SSH protocol based on post-quantum key exchange | |
CN109246098B (en) | Method for supporting comparison of synchronous ciphertext of backup server | |
CN106789044B (en) | Searchable encryption method for cipher text data public key stored in cloud on grid under standard model | |
CN111130757A (en) | Multi-cloud CP-ABE access control method based on block chain | |
He et al. | A social-network-based cryptocurrency wallet-management scheme | |
EP1825632B1 (en) | Secure interface for versatile key derivation function support | |
CN106161428B (en) | A kind of ciphertext can comparison of equalization encryption attribute method | |
CN104486315A (en) | Revocable key external package decryption method based on content attributes | |
CN110933033A (en) | Cross-domain access control method for multiple Internet of things domains in smart city environment | |
CN109981265B (en) | Identity-based ciphertext equivalence determination method without using bilinear pairings | |
CN110557367B (en) | Secret key updating method and system for quantum computing secure communication resistance based on certificate cryptography | |
Mashhadi | Computationally Secure Multiple Secret Sharing: Models, Schemes, and Formal Security Analysis. | |
CN106301776B (en) | A kind of more authorization center outsourcing attribute base encryption methods and system of keyword search | |
CN106230840B (en) | A kind of command identifying method of high security | |
CN113132104A (en) | Active and safe ECDSA (electronic signature SA) digital signature two-party generation method | |
Soltani et al. | Decentralized and privacy-preserving key management model | |
CN113098681B (en) | Port order enhanced and updatable blinded key management method in cloud storage | |
CN113794554A (en) | Fine-grained authorization equivalence testing method based on certificateless encryption | |
CN114095161A (en) | Identity base pierceable encryption method supporting equality test | |
CN110266490B (en) | Keyword ciphertext generation method and device of cloud storage data | |
CN110048852B (en) | Quantum communication service station digital signcryption method and system based on asymmetric key pool | |
CN108632257B (en) | Method and system for acquiring encrypted health record supporting hierarchical search | |
CN106612173A (en) | Encryption scheme for trusted key in cloud storage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20211214 |