CN116599757B - Decentralizing forward security identity base encryption method and system - Google Patents

Decentralizing forward security identity base encryption method and system Download PDF

Info

Publication number
CN116599757B
CN116599757B CN202310712527.6A CN202310712527A CN116599757B CN 116599757 B CN116599757 B CN 116599757B CN 202310712527 A CN202310712527 A CN 202310712527A CN 116599757 B CN116599757 B CN 116599757B
Authority
CN
China
Prior art keywords
key
data
public
ciphertext
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310712527.6A
Other languages
Chinese (zh)
Other versions
CN116599757A (en
Inventor
邓桦
尹辉
张炜
朱小玉
李方敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Changsha University
Original Assignee
Changsha University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Changsha University filed Critical Changsha University
Priority to CN202310712527.6A priority Critical patent/CN116599757B/en
Publication of CN116599757A publication Critical patent/CN116599757A/en
Application granted granted Critical
Publication of CN116599757B publication Critical patent/CN116599757B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a decentralised forward security identity base encryption method and system, and belongs to the technical field of cryptography in network space security. The system comprises: the system comprises a system public parameter generating module, a public and private key pair generating module, an encrypting module, a key extracting module, a private key updating module and a decrypting module. The beneficial effects of the application are as follows: the user can update the key with fine granularity, the access authority to the important data is specifically revoked, and the important data decryption caused by key leakage is effectively prevented. Meanwhile, the user can generate the private key by himself without depending on any external mechanism; in addition, the forward security identity-based encryption method provided by the application does not use a random predictor, so that the method is more suitable for application in the real world.

Description

Decentralizing forward security identity base encryption method and system
Technical Field
The application belongs to the technical field of cryptography in network space security, and particularly relates to a decentralised forward security identity-based encryption method and system.
Background
Cloud computing is an emerging technology that can provide convenient computing resource services to users. With cloud computing, users do not have to store large amounts of data locally, but only have to delegate data to cloud computing service providers for storage and management. However, as data departs from the physical control of users, cloud computing data security and privacy issues become more serious. At present, the common practice for protecting the security of cloud data is cryptography encryption, and a data owner encrypts the data before uploading the data to a cloud server, so that the data can only be accessed by a designated authorized user. In order to achieve that data is only accessed by a specified user, the data owner may use the public key of the specified user when encrypting, such that the data can only be decrypted by the private key to which the public key corresponds.
Public key encryption systems, which are now more commonly used, are based on Public Key Infrastructure (PKI). In a PKI system, there is a public key certificate authority responsible for generating public and private keys for all users and providing authentication services for each public key certificate. When the data owner is encrypting, the data owner needs to interact with a public key certificate authority to obtain the public key certificate of the target receiver, and then the public key is used for encrypting the data. With the increasing number of cloud computing users, the burden of key generation and management of public key certificate authorities is greater and greater, and the requirements of cloud computing services cannot be met better. To address this problem, identity Based Encryption (IBE) has been proposed. In IBE systems, the data owner does not need to communicate with a public key certificate authority to obtain the target recipient public key when encrypting, but directly encrypts the data using the target recipient's identification string (e.g., email address, phone number, etc.), thereby avoiding public key management problems in PKI systems.
In identity-based encryption, the target recipient decrypts the ciphertext using a private key corresponding to its own identity, thereby accessing the data. The private key here determines the effectiveness of the data encryption measures, and if the private key is compromised, a hacker or network attacker who obtains the private key will easily obtain the data. In order to prevent the key leakage, forward secure encryption has been proposed. In short, forward security encryption requires that the user update his private key periodically, and after the private key is updated, the ciphertext uploaded prior to the update cannot be accessed. In this way, even if the user is currently compromised, a hacker or network attacker who obtains the key cannot access the previous data, which is forward security.
The key update of the existing forward secure encryption scheme is rough, namely after the key is updated, the access rights to all data uploaded before the update can be lost, and the sharing of the data is not facilitated. In the field of identity-based encryption, however, there is little research effort on key updates, but either it is centralized, i.e. a trusted central authority is required to generate private keys for all users, or the security relies on a random predictor, i.e. there is a function mapping the user identity to a completely random integer, whereas there is no such completely random function in the real world.
Therefore, the application provides a decentralised forward security identity-based encryption method and system for solving the problems.
Disclosure of Invention
The embodiment of the application aims to provide a decentralised forward security identity-based encryption method and system, which enable a user to update a key with fine granularity, specifically cancel access rights to important data, and effectively prevent important data decryption caused by key leakage; meanwhile, the user can generate the private key by himself without depending on any external mechanism; in addition, the forward security identity-based encryption method provided by the application does not use a random predictor, so that the method is more suitable for application in the real world, and at least one technical problem related in the background technology can be solved.
In order to solve the technical problems, the application is realized as follows:
the embodiment of the application provides a decentralizing forward security identity base encryption method, which comprises the following steps:
step S1: initializing a system, and running an initialization algorithm by a user or a cloud service provider to generate system public parameters;
step S2: any user can join the system and generate own public-private key pair based on system public parameters, wherein the public key is released to the Internet, and the private key is kept by the user;
step S3: before uploading data, the data owner encrypts the data based on the identification character string ID and the tag set to form a ciphertext, and then uploads the ciphertext to the cloud server;
step S4: the data owner can extract the key aiming at any identification character string, and the data user obtaining the key can only access the data encrypted by the identification character string ID;
step S5, the data owner can update the private key at any time, and when updating is performed, the data owner can assign the label of the sensitive data;
step S6: after downloading the ciphertext from the cloud server, the data user decrypts the ciphertext by using the key distributed by the data owner, and if the identification character string ID in the ciphertext is consistent with the key ID and any one of the labels used in the process of updating the key is not in the label set of the ciphertext, the decryption is successful.
Optionally, in step S1, the running an initialization algorithm includes:
inputting a security parameter lambda and the maximum number n of tags associated with the ciphertext;
selecting groups G and G with two orders of large prime number p T G and G T There is a bilinear map e between: g is G.fwdarw.G T Then selecting any group of elements g, g 2 ∈Gu 0 ,u 1 ,...,u l ∈G,h 0 ,h 1 ,...,h n E G, wherein l represents the maximum length of the identification character string expressed in binary, the public parameter of the algorithm output system is PP= (G, G) T ,e,p,g,g 2 ,u 0 ,u 1 ...,u l ,h 0 h 1 ...,h n )。
Optionally, in step S2, generating an own public-private key pair based on the system public parameter includes:
generating a public-private key pair input system public parameter PP by using a public-private key generation algorithm based on the system public parameter;
the user selects the random element α and calculates the public key pk=g 1 =g α
Selecting random numbers r, z 0 ∈Z p And (3) calculating:
SK 0,2 =g r ,/>
output public key pk=g 1 Private key Sk= (SK) 0,1 ,SK 0,2 ,SK 0,3 )。
Optionally, in step S3, the forming a ciphertext based on the identification string ID and the tag set encryption data includes:
encrypting data based on the identification character string ID and the tag set by using an encryption algorithm to form a ciphertext, wherein the method comprises the following steps:
input system public parameter PP, user public key PK, plaintext M and tag set T= { T 1 ,...,t n -identifying a string ID;
set V is a position set with all bits being l after ID is expressed as binary;
the encryption algorithm firstly calculates a unitary polynomial f (x) =pi 1.ltoreq.i.ltoreq.n (x-t) i ) Obtaining polynomial coefficient a 0 ,a 1 ,...,a n Then, a random element s E Z is selected p And (3) calculating:
C 0 =Me(g 1 ,g 2 ) s ,C 1 =g s C 2 =(u 0 Π i∈V u i ) s
output ciphertext ct= (C 0 ,C 1 ,C 2 ,C 3 )。
Optionally, in step S4, the data owner may extract a key for any identification string, including:
the data owner may use a key extraction algorithm to extract keys for any identification string, including:
input system public parameter PP, private key SK and identification string ID E {0,1} *
Let set V be the set of positions where all bits are l after representing the identification string ID as binary, then the key extraction algorithm selects the random number k εz p And calculating:
SK 0,4 =g k
outputting private key SK associated with identification string ID ID =(SK 0,1 ,SK 0,2 ,SK 0,3 ,SK 0,4 )。
Optionally, in step S5, the data owner may update its private key at any time, including:
the data owner can update own private key at any time by using a key updating algorithm, which comprises the following steps:
inputting a system public parameter PP, a private key SK and a label z;
the key updating algorithm selects the random elements lambda, r', t epsilon Z p And calculating:
SK’ 0,2 =SK 0,2 g r′
SK z,2 =g t ,/>
output SK z =(SK′ 0,1 ,SK′ 0,2 ,SK′ 0,3 ,(SK 0,4 ),SK z,1 ,SK z,2 ,SK z,3 )。
Optionally, in step S6, decryption is performed using a key assigned by the data owner, including:
the decryption algorithm using the key assigned by the data owner includes:
input system public parameter PP, ciphertext CT and decryption key
Calculating polynomial by decryption algorithm to obtain coefficient a 0 ,a 1 ,...,a n Then calculateAnd +.>Wherein z is i Representing key->A label used at the i-th update;
the decryption algorithm then calculates:
output plaintext m=c 0 /(E 1 /E 2 )。
The embodiment of the application also provides a decentralizing forward security identity-based encryption system for executing the method, which comprises the following steps:
the system public parameter generation module is used for initializing the system, and a user or a cloud service provider runs an initialization algorithm to generate system public parameters;
the public and private key pair production module is used for any user to join the system and generate own public and private key pair based on the system public parameters, wherein the public key is released to the Internet, and the private key is kept by the user;
the encryption module is used for encrypting data based on the identification character string ID and the tag set before the data is uploaded by the data owner to form a ciphertext, and then uploading the ciphertext to the cloud server;
the key extraction module is used for extracting a key for any identification character string by a data owner, and only the data encrypted by the identification character string ID can be accessed by a data user for obtaining the key;
the private key updating module is used for updating the private key of the data owner at any time, and the data owner can designate the label of the sensitive data when updating;
and the decryption module is used for decrypting by using the key distributed by the data owner after the data user downloads the ciphertext from the cloud server, and if the identification character string ID in the ciphertext is consistent with the key ID and any one of the labels used during the key updating is not in the label set of the ciphertext, the decryption is successful.
The beneficial effects of this application are as follows: the user can update the key with fine granularity, the access authority to the important data is specifically revoked, and the important data decryption caused by key leakage is effectively prevented. Meanwhile, the user can generate the private key by himself without depending on any external mechanism; in addition, the forward security identity-based encryption method provided by the application does not use a random predictor, so that the method is more suitable for application in the real world.
Drawings
FIG. 1 is a schematic flow diagram of a decentralised forward secure identity-based encryption method provided by embodiments of the present application;
FIG. 2 is a system framework diagram of a decentralised forward secure identity-based encryption system provided by an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
The terms first, second and the like in the description and in the claims, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged, as appropriate, such that embodiments of the present application may be implemented in sequences other than those illustrated or described herein, and that the objects identified by "first," "second," etc. are generally of a type and not limited to the number of objects, e.g., the first object may be one or more. Furthermore, in the description and claims, "and/or" means at least one of the connected objects, and the character "/", generally means that the associated object is an "or" relationship.
The following describes the decentralised forward security identity-based encryption method provided in the embodiments of the present application in detail through specific embodiments and application scenarios thereof with reference to the accompanying drawings.
Referring to fig. 1, an embodiment of the present application provides a method for decentralizing forward security identity-based encryption, including:
step S1: initializing a system, and running an initialization algorithm by a user or a cloud service provider to generate system public parameters;
step S2: any user can join the system and generate own public-private key pair based on system public parameters, wherein the public key is released to the Internet, and the private key is kept by the user;
step S3: before uploading data, the data owner encrypts the data based on the identification character string ID and the tag set to form a ciphertext, and then uploads the ciphertext to the cloud server;
step S4: the data owner can extract the key aiming at any identification character string, and the data user obtaining the key can only access the data encrypted by the identification character string ID;
step S5, the data owner can update the private key at any time, and when updating is performed, the data owner can assign the label of the sensitive data;
step S6: after downloading the ciphertext from the cloud server, the data user decrypts the ciphertext by using the key distributed by the data owner, and if the identification character string ID in the ciphertext is consistent with the key ID and any one of the labels used in the process of updating the key is not in the label set of the ciphertext, the decryption is successful.
In step S1, the running initialization algorithm includes:
inputting a security parameter lambda and the maximum number n of tags associated with the ciphertext;
selecting groups G and G with two orders of large prime number p T G and G T There is a bilinear map e between: g is G.fwdarw.G T Then selecting any group of elements g, g 2 ∈G,u 0 ,u 1 ...,u l ∈G,h 0 ,h 1 ,...,h n E G, wherein l represents the maximum length of the identification character string expressed in binary, the public parameter of the algorithm output system is PP= (G, G) T ,e,p,g,g 2 ,u 0 ,u1,…,u l ,h 0 ,h 1 ,...,h n )。
In step S2, generating an own public-private key pair based on the system public parameter, including:
generating a public-private key pair input system public parameter PP by using a public-private key generation algorithm based on the system public parameter;
the user selects the random element α and calculates the public key pk=g 1 =g α
Selecting random numbers r, z 0 ∈Z p And (3) calculating:
SK 0,2 =g r ,/>
output public key pk=g 1 Private key Sk= (SK) 0,1 ,SK 0,2 ,SK 0,3 )。
It should be noted that, in the public-private key generation algorithm, the only parameter required is the system public parameter PP. This means that any user can generate his own public-private key pair without having to require a central authority to generate keys for the user.
In step S3, a ciphertext is formed based on the identification string ID and the tag set encryption data, including:
encrypting data based on the identification character string ID and the tag set by using an encryption algorithm to form a ciphertext, wherein the method comprises the following steps:
input system public parameter PP, user public key PK, plaintext M and tag set T= { T 1 ,...,t n -identifying a string ID;
set V is a position set with all bits being l after ID is expressed as binary;
the encryption algorithm first calculates a unitary polynomial f (x) =pi 1≤i≤n (x-t i ) Obtaining polynomial coefficient a 0 ,a 1 ,...,a n Then, a random element s E Z is selected p And (3) calculating:
C 0 =Me(g 1 ,g 2 ) s ,C 1 =g s
output ciphertext ct= (C 0 ,C 1 ,C 2 ,C 3 )。
In step S4, the data owner may extract a key for any identification string, including:
the data owner may use a key extraction algorithm to extract keys for any identification string, including:
input system public parameter PP, private key SK and identification string ID E {0,1} *
Let set V be the position set where all bits are l after the identification string ID is represented as binary, then the key extraction algorithm selects the random number k ε Z p And calculating:
SK 0,4 =g k
outputting private key SK associated with identification string ID ID =(SK 0,1 ,SK 0,2 ,SK 0,3 ,SK 0,4 )。
It should be noted that in the above key extraction algorithm, it is not necessary to assume that a random function exists to map the ID to Z p An integer of [ ]Also, there is no need to assume the existence of such a random function in the encryption algorithm, and thus the algorithm does not need to use a random predictor to ensure security.
In step S5, the data owner may update its private key at any time, including:
the data owner can update own private key at any time by using a key updating algorithm, which comprises the following steps:
inputting a system public parameter PP, a private key SK and a label z;
the key updating algorithm selects the random elements lambda, r', t epsilon Z p And calculating:
SK’ 0,2 =SK 0,2 g r′
SK z,2 =g t />
output SK z =(SK′ 0,1 ,SK′ 0,2 ,SK′ 0,3 ,(SK 0,4 ),SK z,1 ,SK z,2 ,SK z,3 )。
In step S6, decryption is performed using the key assigned by the data owner, including:
using the key assigned by the data owner and decrypting with a decryption algorithm, comprising:
input system public parameter PP, ciphertext CT and decryption key
Calculating polynomial by decryption algorithm to obtain coefficient a 0 ,a 1 ,...,a n Then calculateAnd +.>Wherein z is i Representing key->A label used at the i-th update;
the decryption algorithm then calculates:
output plaintext m=c0/(E1/E2)
Referring to fig. 2, the embodiment of the application further provides a decentralizing forward security identity-based encryption system for executing the method, which includes a system public parameter generating module 1, a public-private key pair generating module 2, an encrypting module 3, a key extracting module 4, a private key updating module 5 and a decrypting module 6.
The system public parameter generating module 1 is used for initializing a system, and a user or a cloud service provider runs an initializing algorithm to generate system public parameters.
The public-private key pair production module 2 is used for any user to join the system and generate own public-private key pair based on system public parameters, wherein the public key is released to the Internet, and the private key is kept by the user.
The encryption module 3 is configured to encrypt data based on the identification string ID and the tag set to form a ciphertext before uploading the data by the data owner, and then upload the ciphertext to the cloud server.
The key extraction module 4 is configured to enable a data owner to extract a key for any identification string, and enable a data user who obtains the key to access only data encrypted by the identification string ID.
The private key updating module 5 is used for updating the private key of the data owner at any time, and the data owner can specify the label of the sensitive data when updating.
The decryption module 6 is configured to decrypt the ciphertext by using a key assigned by the data owner after the data user downloads the ciphertext from the cloud server, and if the identification string ID in the ciphertext is consistent with the key ID, and any one of the labels used during the updating of the key is not in the label set of the ciphertext, the decryption is successful.
The beneficial effects of this application are as follows: the user can update the key with fine granularity, the access authority to the important data is specifically revoked, and the important data decryption caused by key leakage is effectively prevented. Meanwhile, the user can generate the private key by himself without depending on any external mechanism; in addition, the forward security identity-based encryption method provided by the application does not use a random predictor, so that the method is more suitable for application in the real world.
The embodiments of the present application have been described above with reference to the accompanying drawings, but the present application is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many forms may be made by those of ordinary skill in the art without departing from the spirit of the present application and the scope of the claims, which are also within the protection of the present application.

Claims (4)

1. A method for decentralizing forward secure identity-based encryption, comprising:
step S1: system initialization, a user or a cloud service provider running an initialization algorithm to generate system public parameters, the running the initialization algorithm comprising:
inputting a security parameter lambda and the maximum number n of tags associated with the ciphertext;
selecting groups G and G with two orders of large prime number p T G and G T There is a bilinear map e between: g is G.fwdarw.G T Then selecting any group of elements g, g 2 ∈G,u 0 ,u 1 ,...,u l ∈G,h 0 ,h 1 ,...,h n E G, wherein l represents the maximum length of the identification character string expressed in binary, the public parameter of the algorithm output system is PP= (G, G) T ,e,p,g,g 2 ,u 0 ,u 1 ,...,u l ,h 0 ,h 1 ,...h n );
Step S2: any user can join the system and generate own public-private key pair based on system public parameters, wherein the public key is released to the Internet, the private key is kept by the user, and the public-private key pair is generated based on the system public parameters, and the method comprises the following steps:
generating a public-private key pair by using a public-private key generation algorithm based on the system public parameters;
inputting a system disclosure parameter PP;
the user selects the random element α and calculates the public key pk=g 1 =g α
Selecting random numbers r, z 0 ∈Z p And (3) calculating:
SK 0,2 =g r ,/>
output public key pk=g 1 Private key Sk= (SK) 0,1 ,SK 0,2 ,SK 0,3 );
Step S3: before uploading data, the data owner encrypts the data based on the identification character string ID and the tag set to form a ciphertext, and then uploads the ciphertext to the cloud server;
step S4: a data owner can extract a key for an arbitrary identification string, the data user who obtains the key can only access data encrypted by the identification string ID, the data owner can extract the key for the arbitrary identification string, comprising:
the data owner may use a key extraction algorithm to extract keys for any identification string, including:
input system public parameter PP, private key SK and identification string ID E {0,1} *
Let set V be the position set where all bits are l after the identification string ID is represented as binary, then the key extraction algorithm selects the random number k ε Z p And calculating:
SK 0,4 =g k
outputting private key SK associated with identification string ID ID =(SK 0,1 ,SK 0,2 ,SK 0,3 ,SK 0,4 );
Step S5: the data owner can update the private key of the data owner at any time, and when updating, the data owner can assign the label of the sensitive data, and the data owner can update the private key of the data owner at any time, comprising:
the data owner can update own private key at any time by using a key updating algorithm, which comprises the following steps:
inputting a system public parameter PP, a private key SK and a label z;
the key updating algorithm selects the random elements lambda, r', t epsilon Z p And calculating:
SK’ 0,2 =SK 0,2 g r′
SK z,2 =g t ,/>
output SK z =(SK′ 0,1 ,SK′ 0,2 ,SK′ 0,3 ,(SK 0,4 ),SK z,1 ,SK z,2 ,SK z,3 );
Step S6: after downloading the ciphertext from the cloud server, the data user decrypts the ciphertext by using the key distributed by the data owner, and if the identification character string ID in the ciphertext is consistent with the key ID and any one of the labels used in the process of updating the key is not in the label set of the ciphertext, the decryption is successful.
2. The method according to claim 1, wherein in step S3, forming ciphertext based on the identification string ID and tag set encryption data, comprises:
encrypting data based on the identification character string ID and the tag set by using an encryption algorithm to form a ciphertext, wherein the method comprises the following steps:
input system public parameter PP, user public key PK, plaintext M and tag set T= { T 1 ,...,t n -identifying a string ID;
set V is a position set with all bits being l after ID is expressed as binary;
the encryption algorithm first calculates a unitary polynomial f (x) =pi 1≤i≤n (x-t i ) Obtaining polynomial coefficient a 0 ,a 1 ,...,a n Then, a random element s E Z is selected p And (3) calculating:
C 0 =Me(g 1 ,g 2 ) s ,C 1 =g s ,C 2 =(u 0 Π i∈V u i ) s
output ciphertext ct= (C 0 ,C 1 ,C 2 ,C 3 )。
3. The method according to claim 2, characterized in that in step S6, decryption is performed using the key assigned by the data owner, comprising:
using the key assigned by the data owner and decrypting with a decryption algorithm, comprising:
input system public parameter PP, ciphertext CT and decryption key
Calculating polynomial by decryption algorithm to obtain coefficient a 0 ,a 1 ,...,a n Then calculateAndWherein z is i Representing key->A label used at the i-th update;
the decryption algorithm then calculates:
output plaintext m=c 0 /(E 1 /E 2 )。
4. A decentralised forward secure identity-based encryption system for performing the method of any one of claims 1 to 3, the system comprising:
the system public parameter generation module is used for initializing the system, and a user or a cloud service provider runs an initialization algorithm to generate system public parameters;
the public and private key pair production module is used for any user to join the system and generate own public and private key pair based on the system public parameters, wherein the public key is released to the Internet, and the private key is kept by the user;
the encryption module is used for encrypting data based on the identification character string ID and the tag set before the data is uploaded by the data owner to form a ciphertext, and then uploading the ciphertext to the cloud server;
the key extraction module is used for extracting a key for any identification character string by a data owner, and only the data encrypted by the identification character string ID can be accessed by a data user for obtaining the key;
the private key updating module is used for updating the private key of the data owner at any time, and the data owner can designate the label of the sensitive data when updating;
and the decryption module is used for decrypting by using the key distributed by the data owner after the data user downloads the ciphertext from the cloud server, and if the identification character string ID in the ciphertext is consistent with the key ID and any one of the labels used during the key updating is not in the label set of the ciphertext, the decryption is successful.
CN202310712527.6A 2023-06-16 2023-06-16 Decentralizing forward security identity base encryption method and system Active CN116599757B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310712527.6A CN116599757B (en) 2023-06-16 2023-06-16 Decentralizing forward security identity base encryption method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310712527.6A CN116599757B (en) 2023-06-16 2023-06-16 Decentralizing forward security identity base encryption method and system

Publications (2)

Publication Number Publication Date
CN116599757A CN116599757A (en) 2023-08-15
CN116599757B true CN116599757B (en) 2024-01-26

Family

ID=87590069

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310712527.6A Active CN116599757B (en) 2023-06-16 2023-06-16 Decentralizing forward security identity base encryption method and system

Country Status (1)

Country Link
CN (1) CN116599757B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104796260A (en) * 2015-04-03 2015-07-22 北京航空航天大学 Short ciphertext identity-based encryption method satisfying forward security
CN112307490A (en) * 2020-07-08 2021-02-02 电子科技大学 Cloud data secure storage method based on certificateless accurate forward secure encryption
CN114095161A (en) * 2021-11-12 2022-02-25 电子科技大学 Identity base pierceable encryption method supporting equality test
CN114095171A (en) * 2021-11-12 2022-02-25 电子科技大学 Identity-based wearable proxy re-encryption method
CN116073997A (en) * 2023-02-13 2023-05-05 北京航空航天大学杭州创新研究院 Customizable data access control method, system and computer readable storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104796260A (en) * 2015-04-03 2015-07-22 北京航空航天大学 Short ciphertext identity-based encryption method satisfying forward security
CN112307490A (en) * 2020-07-08 2021-02-02 电子科技大学 Cloud data secure storage method based on certificateless accurate forward secure encryption
CN114095161A (en) * 2021-11-12 2022-02-25 电子科技大学 Identity base pierceable encryption method supporting equality test
CN114095171A (en) * 2021-11-12 2022-02-25 电子科技大学 Identity-based wearable proxy re-encryption method
CN116073997A (en) * 2023-02-13 2023-05-05 北京航空航天大学杭州创新研究院 Customizable data access control method, system and computer readable storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Identity-Based Encryption Transformation for Flexible Sharing of Encrypted Data in Public Cloud;Hua Deng等;IEEE;全文 *

Also Published As

Publication number Publication date
CN116599757A (en) 2023-08-15

Similar Documents

Publication Publication Date Title
US11552792B2 (en) Systems and methods for generating signatures
CN108600217B (en) Cloud-based data authorization certainty updating method based on proxy re-encryption
CN109495274B (en) Decentralized intelligent lock electronic key distribution method and system
US20220158832A1 (en) Systems and Methods for Deployment, Management and Use of Dynamic Cipher Key Systems
CN111191288A (en) Block chain data access authority control method based on proxy re-encryption
CN106487506B (en) Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption
US10313119B2 (en) Data management device, system, re-encryption device, data sharing device, and storage medium
CN114039790B (en) Fine-grained cloud storage security access control method based on blockchain
Chen et al. Efficient decentralized attribute-based access control for cloud storage with user revocation
CN114065265A (en) Fine-grained cloud storage access control method, system and equipment based on block chain technology
CN104901942A (en) Distributed access control method for attribute-based encryption
CN113992330B (en) Agent re-encryption-based blockchain data controlled sharing method and system
CN112187798B (en) Bidirectional access control method and system applied to cloud-side data sharing
CN105933345B (en) It is a kind of that outsourcing attribute base encryption method can verify that based on linear privacy sharing
CN110719295B (en) Identity-based food data security-oriented proxy re-encryption method and device
CN108632385B (en) Time sequence-based cloud storage privacy protection method for multi-branch tree data index structure
CN113411323B (en) Medical record data access control system and method based on attribute encryption
CN105721146B (en) A kind of big data sharing method towards cloud storage based on SMC
CN104796260B (en) A kind of short ciphertext identity base encryption method for meeting forward secrecy
Sammy et al. An Efficient Blockchain Based Data Access with Modified Hierarchical Attribute Access Structure with CP‐ABE Using ECC Scheme for Patient Health Record
CN108763944B (en) Multi-center large-attribute domain attribute-based encryption method capable of being safely revoked in fog computing
CN116346459A (en) Security-channel-free key strategy attribute base encryption method and device
CN116599757B (en) Decentralizing forward security identity base encryption method and system
CN106790185B (en) CP-ABE-based method and device for safely accessing authority dynamic update centralized information
Jahan et al. Method for providing secure and private fine-grained access to outsourced data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant