CN116707798A - Ciphertext examination method, device and system based on equivalence test - Google Patents
Ciphertext examination method, device and system based on equivalence test Download PDFInfo
- Publication number
- CN116707798A CN116707798A CN202310845033.5A CN202310845033A CN116707798A CN 116707798 A CN116707798 A CN 116707798A CN 202310845033 A CN202310845033 A CN 202310845033A CN 116707798 A CN116707798 A CN 116707798A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- encrypted
- packet
- sender
- central server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 74
- 238000012360 testing method Methods 0.000 title claims abstract description 41
- 238000012795 verification Methods 0.000 claims description 14
- 238000007689 inspection Methods 0.000 claims description 12
- 230000005540 biological transmission Effects 0.000 claims description 11
- 230000007246 mechanism Effects 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 description 16
- 238000004891 communication Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 7
- 125000004122 cyclic group Chemical group 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 238000012550 audit Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000005242 forging Methods 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 229940060587 alpha e Drugs 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000013105 post hoc analysis Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000010998 test method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention provides a ciphertext examination method, device and system based on equivalence test. The method comprises the following steps: acquiring a first encrypted ciphertext packet C1=m formulated by a sender for plaintext information m thereof k h r2 Second encrypted ciphertext package c=m formulated by the acquisition authority for its violation information blacklist M k h r1 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the first encrypted ciphertext packet to obtain a first decrypted ciphertext (m k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the second encrypted ciphertext packet to obtain a second decrypted ciphertext (M k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the Judging the first decrypted ciphertext (m k ) q1 Whether or not it belongs to the second decrypted ciphertext (M k ) q1 And if so, intercepting the first encrypted ciphertext packet. The examination method provided by the invention not only improves the accuracy of ciphertext examination, but also improves the examinationEfficiency is improved.
Description
Technical Field
The invention relates to the technical field of End-to-End encrypted (E2 EE for short), in particular to a ciphertext examination method, device and system based on equivalence test.
Background
End-to-End communication encryption technology (End-to-End encryption) has become a trend, and instant messaging APP such as WhatsApp, telegram, etc. which are popular abroad have all adopted E2EE technology. The most basic E2EE model is shown in fig. 1, assuming Alice and Bob are in end-to-end communication through a third party platform (e.g., facebook, whatsApp), alice and Bob have previously established a shared key through key agreement. Alice sends a message "Hello" to Bob, the message is firstly encrypted on the client of Alice and then forwarded to Bob through the third-party platform, and after Bob receives the encrypted message, the message is decrypted through the client, and finally the message "Hello" is presented. From the E2EE model, the E2EE ensures confidentiality and integrity of the message, and only two parties with a secret key can decrypt the message, even a third party platform cannot know the specific content of the message.
Obviously, the correct use of the E2EE technology can better protect the privacy security and the data security of users. This is mainly because, prior to the E2EE technology, many manufacturers providing instant messaging services have introduced applications in which messages sent by users are transparent to the central server. This is in part contrary to the personal privacy security protection proposed in recent years. Therefore, the E2EE technology is used to encrypt the information sent by the user, so that the central server cannot know the specific content sent by the user. However, if the E2EE technology is adopted, it will cause a hindrance to the content audit. It is very challenging to check if the ciphertext contains offending information without decrypting the user ciphertext. So far, the content auditing technology under the E2EE environment adopted by manufacturers mainly comprises the following steps: user reporting, traceable technology, metadata analysis.
The user reporting function depends on the strength of groups on one hand, for example, in some social media applications (such as Xinlang microblogs), the user can report some messages violating community regulations, so that the content auditing participation of the user is improved; on the other hand, depending on the positive response or the right of the message receiver (e.g., weChat), in some instant messaging applications, the receiver initiates reporting of the message. After the platform receives the report, the message can be further processed. Thus, the user reporting is relatively dependent on the strength of the community, however, in the E2EE environment, only the sender and receiver can know the plaintext information, which results in the strength of the community being ineffective in the E2EE environment.
Tracking technology: the method is mainly used for meeting the tracing requirement of the illegal message, and a source sender of the message needs to be traced in order to hit a criminal or punish a user issuing illegal contents. However, in the E2EE environment the message may be sent anonymously, and it cannot be traced directly to the source sender. There are currently two alternatives: (A) Adding the encrypted identification information of the source sender in the metadata aspect of each message; (B) the vendor maintaining a database of message digests. Once the digest of the offending message is determined, the source sender of the message can be found through the message digest database. Therefore, the tracking technology can only be used as a post-hoc traceability, and cannot prevent the sending of illegal information. It can only be used as a post-hoc analysis means to pursue the responsibility of offending users. Therefore, the technology can only play a certain role in warning before the illegal information is sent, but cannot directly prevent illegal operation.
Metadata analysis: metadata analysis in the content auditing range generally refers to metadata analysis of a transmitted message, and mainly comprises analysis of related data such as message transmission time, transmission objects, transmitters, transmission frequency and the like, and artificial intelligent models such as machine learning and the like are combined in the analysis process. Metadata analysis is typically performed on the client of the user device, and typically occurs on the user device and does not store, use and send unencrypted messages during analysis, then personal privacy of the user is considered to be guaranteed. However, this technology based on analysis of the user client greatly consumes the computing resources of the client, and the content analyzed by the technology is also clear text before the user is not encrypted, so that the pseudo privacy protection technology is difficult to be applied in the actual living environment.
In summary, at present, in an E2EE communication environment, most of effective auditing performed on ciphertext sent by a user is probability analysis or post-hoc traceability, and effective auditing cannot be performed on ciphertext content.
Disclosure of Invention
The invention aims to solve the defects in the prior art and provides a ciphertext examination method, device and system based on equivalence test.
A ciphertext examination method based on equivalence test comprises the following steps:
acquiring a first encrypted ciphertext packet C1, c1=m formulated by a sender for plaintext information m thereof k h r2 Obtaining a second encrypted ciphertext package C, c=m formulated by the authority for its blacklist of violation information M k h r1 The method comprises the steps of carrying out a first treatment on the surface of the The violation information set m= { M1, M2, M3..the first place; wherein k is a public parameter set by an authority, and h is one parameter of a public key of a central server; r1 is a random number selected by an authority and is used for encrypting the blacklist M together with a public key parameter h of a central server; r2 is a random number selected by a sender and is used for encrypting the plaintext message m together with the public key parameter h of the central server;
decrypting the first encrypted ciphertext packet using the central server private key q1 to obtain a first decrypted ciphertext (m k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the second encrypted ciphertext packet using the central server private key q1 to obtain a second decrypted ciphertext (M k ) q1 ;
Judging the first decrypted ciphertext (m k ) q1 Whether or not it belongs to the second decrypted ciphertext (M k ) q1 If so, intercepting the first encrypted ciphertext packet; and if the first encrypted ciphertext packet does not belong to the encrypted ciphertext packet, transmitting the first encrypted ciphertext packet to a receiver.
Further, in the ciphertext inspection method based on the equivalence test, the formulating of the first encrypted ciphertext packet includes:
acquiring the public parameter k, and encrypting the plaintext information m according to the public parameter k to obtain a first ciphertext segment m k ;
Obtaining public keys PK, PK= (n, G, G1, e, G, h) of a central server;
selecting a random number r2, and aiming at the first ciphertext segment m according to the random number r2 and a parameter h k Encrypting to obtain the first encrypted ciphertext packet C1, c1=m k h r2 。
Further, in the ciphertext inspection method based on the equivalence test, the formulating of the second encrypted ciphertext packet includes:
the public parameter k is obtained, and the blacklist M of the violation information is encrypted according to the public parameter k to obtain a second ciphertext segment M k ;
Obtaining public keys PK, PK= (n, G, G1, e, G, h) of a central server; the method comprises the steps of carrying out a first treatment on the surface of the
Selecting a random number r1, and aiming at the second ciphertext segment M according to the random number r1 and a parameter h k Encrypting to obtain the second encrypted ciphertext packet C, wherein C=M k h r1 。
Further, in the ciphertext inspection method based on the equivalence test, the obtaining the public key PK of the central server includes:
acquiring security parameters tau, tau e Z + ;
Operating G (τ) according to said security parameter τ to obtain tuples (q 1, q2, G1, e);
outputting a public key pk= (n, G1, e, G, h), a private key sk=q1 of the central server according to the tuple (q 1, q2, G1, e); wherein n=q1×q2; a number g is randomly generated and is used for generating a plurality of data,h=u q2 。
further, in the ciphertext inspection method based on the equivalence test, the decrypting the first encrypted ciphertext packet to obtain a first decrypted ciphertext includes:
acquiring a private key SK of a central server, wherein SK=q1;
decrypting the first encrypted ciphertext package C1 according to the private key SK to obtain a first decrypted ciphertext C1 q1 :
C1 q1 =(m k h r2 ) q1 =(m k ) q1 。
Further, in the ciphertext inspection method based on the equivalence test, the decrypting the second encrypted ciphertext packet to obtain a second decrypted ciphertext includes:
acquiring a private key SK of a central server, wherein SK=q1;
for the second encrypted ciphertext package c=m according to the private key SK k h r1 Decrypting to obtain a second decrypted ciphertext C q1 :
C q1 =(M k h r1 ) q1 =(M k ) q1 ={(m1 k ) q1 ,(m2 k ) q1 ,(m3 k ) q1 ,......} 1 。
Further, in the ciphertext inspection method based on the equivalence test, the determining whether the first decrypted ciphertext belongs to the second decrypted ciphertext, if so, intercepting the first encrypted ciphertext packet includes:
if the plaintext information M belongs to the blacklist M of the offending information, there is (M k ) q1 ∈(M k ) q1 I.e. (m) k ) q1 And (M) k ) q1 If the values of the information are equal, m is the violation information, and the information is intercepted.
Ciphertext examination apparatus based on equivalence test, comprising:
an acquisition unit for acquiring plaintext information m formulated by the senderIs a first encrypted ciphertext packet C1, c1=m k h r2 Obtaining a second encrypted ciphertext package C, c=m formulated by the authority for its blacklist of violation information M k h r1 The method comprises the steps of carrying out a first treatment on the surface of the The violation information set m= { M1, M2, M3..the first place; wherein k is a public parameter set by an authority, and h is one parameter of a public key of a central server; r1 is a random number selected by an authority and is used for encrypting the blacklist M together with a public key parameter h of a central server; r2 is a random number selected by a sender and is used for encrypting the plaintext message m together with the public key parameter h of the central server;
a decryption unit that decrypts the first encrypted ciphertext packet using a center server private key q1 to obtain a first decrypted ciphertext (m k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the second encrypted ciphertext packet using the central server private key q1 to obtain a second decrypted ciphertext (M k ) q1 ;
A judging unit for judging whether the first decrypted ciphertext (m k ) q1 Whether or not it belongs to the second decrypted ciphertext (M k ) q1 If so, intercepting the first encrypted ciphertext packet; and if the first encrypted ciphertext packet does not belong to the encrypted ciphertext packet, transmitting the first encrypted ciphertext packet to a receiver.
A ciphertext transmission system based on equivalence testing, comprising:
the sender is used for encrypting plaintext information m according to public key PK= (n, G, G1, e, G and h) of the central server, public parameter k generated by the authority mechanism and public key PK=g2 of the receiver to obtain a sender ciphertext packet; the sender ciphertext packet comprises: the first encrypted ciphertext package C1, the second encrypted ciphertext package C2, the third encrypted ciphertext package C3, the fourth encrypted ciphertext package C4, and the fifth encrypted ciphertext package C5;
C1=m k h r2 ;
C2=g” r2’ ;r2’=H1(r2)
C3=g2 r2’ *r2
C4=H 2 (C1||C2||C3||m||r2)
C5=(s1,s2);s1=g” x modp,s2=(C4-α*s1)x -1 mod(p-1)
wherein r2 and x are random numbers selected by a sender, p is a system parameter output by the sender, alpha is an integer randomly selected by the sender, g 'is a system parameter output by a receiver, g2 is a public key of the receiver, and g2=g'; β ;
a central server for receiving the second encrypted ciphertext packet C of the authority, c=m k h r1 Receiving a sender ciphertext packet of the sender;
the method is also used for decrypting the first encrypted ciphertext package C1 in the sender ciphertext package to obtain a first decrypted ciphertext; decrypting the second encrypted ciphertext package C to obtain a second decrypted ciphertext;
the method is also used for judging whether the first decryption ciphertext belongs to the second decryption ciphertext, and if so, intercepting the sender ciphertext packet; if not, the sender ciphertext packet is sent to a receiver;
the receiver is used for carrying out signature verification on the fourth encrypted ciphertext package C4 and the fifth encrypted ciphertext package C5 according to the public key of the sender;
the method is further used for decrypting the third encrypted ciphertext package C3 by using a private key beta according to the second encrypted ciphertext package C2 after the signature verification is passed, so as to obtain a random number r2 of a receiver;
and is further configured to decrypt the first encrypted ciphertext packet C1 according to the public parameter k, the parameter h in the public key of the central server, and the random number r2, where there isAnd finally obtains the plaintext message m of the sender.
According to the ciphertext examination method based on the equivalence test, on one hand, a center server decrypts a first encrypted ciphertext packet of a sender by using a private key q1 of the center server to obtain a first decrypted ciphertext (m) k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the And decrypting the blacklist of offending information by using the private key q1 of the center server to obtain a second decrypted ciphertext (M k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the And by determining if the first decrypted ciphertext(m k ) q1 Is of the second decrypted ciphertext (M k ) q1 The method ensures that the central server can judge whether the ciphertext contains illegal information or not on the premise of not decrypting the ciphertext of the sender, achieves the aim of auditing the ciphertext message while protecting the communication privacy of the user, and prevents the propagation of the illegal message; on the other hand, on the premise that the message sent by the sender is in the form of ciphertext, the invention verifies the first decrypted ciphertext (m k ) q1 Is of the second decrypted ciphertext (M k ) q1 Can accurately and uniquely decrypt the transmitted decrypted ciphertext m k Checking is carried out, so that the loopholes that counterfeit ciphertext passes the checking are avoided, and the accuracy of ciphertext checking is improved; in still another aspect, the invention can effectively intercept the offending ciphertext before the receiving party receives the message, thereby improving the efficiency of ciphertext auditing. In addition, the method provided by the invention can also carry out batch verification on the passed ciphertext.
Drawings
FIG. 1 is a schematic diagram of an E2EE model in the prior art;
FIG. 2 is a block diagram of a ciphertext auditing system in the prior art;
FIG. 3 is a flowchart of a ciphertext examination method based on an equivalence test provided by the invention;
FIG. 4 is a block diagram of a ciphertext examination device based on an equivalence test provided by the invention;
fig. 5 is a flowchart of a ciphertext transmission method based on an equivalence test according to the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions in the present invention will be clearly and completely described below, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Fig. 2 is a block diagram of a ciphertext auditing system in the prior art, as shown in fig. 2, the auditing system includes:
a Central Server (CS), the main functions of which include:
1. generating a public and private key pair, disclosing the public key and reserving the private key;
2. matching the ciphertext package sent by the sender with a blacklist of the violation information deployed on the ciphertext package by the authority mechanism, and judging whether the ciphertext package contains the violation information.
Sender (Sender), the main functions include:
1. generating a public and private key pair, disclosing a public key on the system, and reserving a private key;
2. and encrypting the plaintext information to be transmitted according to a specified mode and then transmitting the encrypted plaintext information.
The Receiver (Receiver), its main functions include:
1. generating a public and private key pair, disclosing a public key on the system, and reserving a private key;
2. and obtaining the ciphertext packet forwarded from the central server, and obtaining plaintext information after local decryption.
An Authority (Authority), whose main functions include:
and counting and collecting the violation information, formulating a blacklist of the violation information of the ciphertext version, and disposing the blacklist of the violation information of the ciphertext on the central server as a basis for intercepting the violation information by the central server.
Wherein, rule (Rule): rules, i.e., blacklists of offending information, include, but are not limited to, viruses, trojans, or confidential information, as well as bad information, etc.
Fig. 3 is a flowchart of a ciphertext examination method based on an equivalence test, as shown in fig. 3, and the method includes the following steps:
step 101: acquiring a first encrypted ciphertext packet C1, c1=m formulated by a sender for plaintext information m thereof k h r2 Obtaining a second encrypted ciphertext package C, c=m formulated by the authority for its blacklist of violation information M k h r1 The method comprises the steps of carrying out a first treatment on the surface of the The violation information set m= { M1, M2, M3..the first place; wherein k is a public parameter set by an authority, and h is one parameter of a public key of a central server; r1 is a random number selected by an authority and is used for encrypting the blacklist M together with a public key parameter h of a central server; r2 is a random number selected by a sender and is used for encrypting the plaintext message m together with the public key parameter h of the central server;
step 102: decrypting according to the first encrypted ciphertext packet to obtain a first decrypted ciphertext (m k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the second encrypted ciphertext packet to obtain a second decrypted ciphertext (M k ) q1 ;
Step 103: judging the first decrypted ciphertext (m k ) q1 Whether or not it belongs to the second decrypted ciphertext (M k ) q1 If so, intercepting the first encrypted ciphertext packet; and if the first encrypted ciphertext packet does not belong to the encrypted ciphertext packet, transmitting the first encrypted ciphertext packet to a receiver.
Specifically, before obtaining the encrypted ciphertext packet, a key is first generated, then the ciphertext or the blacklist of illegal information is encrypted according to the key, and the key generation methods of the central server, the sender and the receiver are respectively described below.
The central server:
given security parameter τ e Z + G (τ) is run to obtain tuples (q 1, q2, G1, e). Let n=q1×q2. Two randomly generated numbers g are selected and used for generating a plurality of data,and set h=u q2 . H is a random generator of the q1 order subgroup of G. The public key is pk= (n, G1, e, G, h) and the private key is sk=q1. The central server discloses a public key pk= (n, G1, e, G, h) in the system for partial encryption of the transmitted messages by the sender and the authority, and the central server itself reserves a private key sk=q1 for partial decryption of the messages transmitted by the sender and the authority.
The sender:
the system parameter generation algorithm takes a safety parameter lambda 1 as an inputOne cyclic group pg= (G, p, G ') is selected, and the system parameter sp= (G, p, G') is output. With system parameter SP as input, randomly select alpha E Z p G1=g 'was calculated' α The public key pk=g1, private key sk=α of the sender is output. The sender public key PK is disclosed in the system, and the private key SK is reserved.
The receiving side:
the system parameter generation algorithm takes the safety parameter λ2 as an input, selects one cycle group pg= (G, p, G "), and outputs the system parameter sp= (G, p, G"). With SP as input, randomly select beta ε Z p Calculate g2=g' β Public key pk=g2, private key sk=β of the output receiver. The public key PK of the receiver is disclosed in the system, and the private key SK is reserved.
The encryption method of the authority and the sending sender is introduced as follows:
authority:
a set of violation information M, i.e. a blacklist m= { M1, M2, M3, the first and second parameters are chosen, the common parameter k and the random number r1, encrypting the violation information set M according to the public parameter k and the random number r1 to obtain a second encrypted ciphertext packet C, wherein C=M k h r1 Ciphertext package c=m k h r1 To the central server. Wherein the random number k is used for encrypting the blacklist M to obtain M k So that the central server cannot obtain the information of the blacklist M; random number r1 is used for M k Encryption is performed so that M can be partially decrypted only by the central server using its own private key k The common parameter k will be stored as a common parameter in the clients of the respective users so that the communication parties other than the central server are commonly aware.
The sender:
the sender encrypts m by using one parameter h, a public parameter k and a random number r2 in the public key of the central server to obtain a first encrypted ciphertext packet C1, c1=m k h r2 The method comprises the steps of carrying out a first treatment on the surface of the The sender encrypts the random number r2 by using the public key of the receiver to obtain a second encrypted ciphertext packet C2 and a third encrypted ciphertext packet C3, and the sender signs the message by using the private key of the sender to obtain a fourth encrypted ciphertext packet C4 and a fifth encrypted ciphertextThe sender combines the first encrypted ciphertext package C1, the second encrypted ciphertext package C2, the third encrypted ciphertext package C3, the fourth encrypted ciphertext package C4 and the fifth encrypted ciphertext package C5 into a sender ciphertext package and sends the sender ciphertext package to the central server.
The making of the first encrypted ciphertext packet C1 includes:
inputting a random number r2 and a public parameter k at a client, and encrypting the plaintext information m according to the random number r2 and the public parameter k to obtain a first encrypted ciphertext packet C1, wherein c1=m k h r2 . Wherein, the random number r2 is used for m k Encryption is performed so that m can be partially decrypted only by the central server using its own private key k M is plaintext information that the sender wants to transmit to the receiver.
C2=g” r2’ ,C3=g2 r2’ * r2, r2' =h1 (r 2), H1 is a public hash function, and the receiver can decrypt the random number r2 from C3 using its own private key β and C2;
C4=H 2 (c1|c2|c3|m|r2); c4 is a hash value obtained by connecting C1, C2, C3, m and r2 and carrying out hash operation on the hash values for subsequent message signature;
C5=(s1,s2);s1=g' x modp,s2=(C4-α*s1)x -1 mod (p-1), and subsequently in the decryption phase the receiver can verify if the message is from the sender using s1 and s 2; x is a random number selected by the sender for signing the ciphertext C4.
The center server decrypts how to implement the first encrypted ciphertext packet to obtain a first decrypted ciphertext (m k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the second encrypted ciphertext packet to obtain a second decrypted ciphertext (M k ) q1 The detailed process of (1) is introduced:
the central server decrypts the second encrypted ciphertext packet C from the authority using its own private key SK:
then there is C q1 =(M k h r1 ) q1 =(M k ) q1 ={(m1 k ) q1 ,(m2 k ) q1 ,(m3 k ) q1 ,......}Because h=u q2 H is a random generator of the q 1-order subgroup of G, and n=q1×q2, so there is h r1q1 =u q2r1q1 Wherein u is q1q1 =u n The unit element of group G is 1, so 1 r1 =1, i.e. h in the secret can be eliminated r1 Obtain a partially decrypted ciphertext (M k ) q1 。
The central server decrypts the first encrypted ciphertext packet C1 from the sender using its own private key SK:
then there is C1 q1 =(m k h r2 ) q1 =(m k ) q1 Because h=u q2 H is a random generator of the q 1-order subgroup of G, and n=q1×q2, so there is h r2q1 =u q2r2q1 Wherein u is q1q1 =u n The unit element of group G is 1, so 1 r2 =1, i.e. h in the secret can be eliminated r2 Obtain a partially decrypted ciphertext (m k ) q1 。
The following is how to implement the determination of the first decrypted ciphertext (m k ) q1 Whether or not it belongs to the second decrypted ciphertext (M k ) q1 If so, intercepting the first encrypted ciphertext packet; if not, introducing a scheme of transmitting the first encrypted ciphertext packet to a receiver:
the method comprises the following steps: c1 is ciphertext of a transmission plaintext m, and m is obtained by encrypting m by using k k The central server can be enabled to use m without decrypting m k And M is as follows k For comparison, if M is equal to M1 or M2 in M, M3 k =m1 k Or m2 k 、m3 k ... Encryption m using public key h and random number r2 of a central server k Obtaining m k h r2 So that only the central server can use its own private key from m k h r2 Decrypted out m k . The first decrypted ciphertext (m k ) q1 And a second decrypted ciphertext (M k ) By comparison, if m.epsilon.M, there is (M) k ) q1 ∈(M k ) q1 I.e. (m) k ) q1 And (M) k ) q1 Is equal to a certain value ofM is the violation information and the message is intercepted, otherwiseThe message is released.
The decryption process of the receiving side is described as follows:
the ciphertext packet passing the audit is sent to the client of the receiver, and after the receiver receives the ciphertext packet sent by the sender, the receiver firstly uses the public key g1=g 'of the sender' α Signature verification with C4, C5 in ciphertext package (g 1 s1 s1 s2 ≡g' C4 And mod p, if the verification is not passed, indicating that the message is incomplete, the communication is invalid, and performing next decryption.
The receiver uses its own private key SK to decrypt C3, with C3/C2 β R2 is given by =r2; then uses the public parameter k, the public key h of the central server and the r2 obtained by decryption to decrypt C1, and has the following steps ofAnd finally obtaining the plaintext message m sent by the sender, and completing communication.
The meaning of the characters involved in encryption, auditing and decryption of the scheme of the invention is explained in the following whole:
safety parameters τ, λ1, λ2: the security parameters are used in the key generation phase, and the entered security parameters determine the security and performance of the cryptographic system.
q1, q2: q1, q2 are large prime numbers, all used to generate part of the parameters of the public-private key pair of the central server, where q1 is reserved at the central server and is the private key of the central server (q 1 is the private key of the central server, q2 is the parameters used only to generate the public-private key).
G. G1, PG: three distinct cyclic groups.
e: the unit cells of the group (the unit cells of the cyclic group refer to elements in the cyclic group multiplied by any element to obtain a unit element, and for one cyclic group G, the unit element is e, so that for any a e G, a=e=a=a).
n: n is a parameter constituting a public key of the central server.
g. u: g. u is 2 generation elements selected randomly in the group G, and the two generation elements are used as parameters to generate a public and private key pair of the central server.
h: the random generator of the q1 order subgroup of G, h is part of the parameters of the central server public key.
System parameters SP: system parameters are a set of parameters required to define cryptographic algorithms and protocols that play an important role in the security, performance and functionality of the system.
Alpha, beta: the sender randomly selects an integer alpha, wherein alpha is a private key of the sender; the receiver randomly selects an integer beta, and beta is taken as a private key of the receiver.
g1, g2: wherein g1=g' α 、g2=g”g β G1 is a sender public key, and is used for verifying a message signature after a receiver receives the message; g2 is the public key of the receiver, which is used by the sender to encrypt the random number r2 (r 2 is used by the receiver to decrypt C1).
k: k is a public parameter set by the authority, and all users except the central server can obtain k. (the central server does not know k and all the remaining users know k).
r1, r2: r1 is a random number selected by an authority and is used for encrypting the blacklist M together with a public key h of a central server; r2 is a random number selected by the sender and is used together with the public key h of the central server to encrypt the plaintext information m.
M: m is a blacklist (i.e. a set of violation information M1, M2, M3.. mi..), the encrypted data are deployed on a central server after being encrypted by an authority. If a subset mi of M is the same as M in the ciphertext packet transmitted by the sender, the central server determines that M transmitted by the sender is an offending message.
m: is a clear text message that the sender wants to forward to the receiver through the central server.
x: the sender selects a random number, and the sender signs the message on C4 by using x and the private key alpha of the sender.
Sender ciphertext packet: c1, C2, C3, C4, C5.
C1: c1 is the ciphertext after the sender encrypts m. The sender transmits a message m by using C1; the central server partially decrypts C1 for detection of m-validity.
C2, C3: the sender transmits the encrypted random number r2 to the receiver using C2, C3.
And C4: c4 is a hash value obtained by performing hash operation after C1, C2, C3, m and r2 are cascaded.
C5: the sender signs C4 with its own private key to obtain C5. C5 is used by the receiver to verify whether the message is from the sender.
H1, H2: h1 and H2 are one-way hash functions, and a sender carries out hash operation on r2 by using H1 to obtain r2'; the sender hashes the results after cascade of C1, C2, C3, m and r2 by H2 to obtain C4.
r2': the sender encrypts r2 with r2' and the public key g2 of the receiver.
For ciphertext verification, the conventional ciphertext equivalent test technology can judge the validity of ciphertext content in a white list verification-based mode. Under the white list condition, when the ciphertext content of the user is consistent with the white list, the ciphertext message can pass the verification. In this case, the privacy of the user is in fact semi-public, since the ciphertext message, if it is able to pass, indicates that the ciphertext message content is the same as the content in the whitelist. Meanwhile, in general, the number of legal messages is far greater than the number of illegal messages, so that the content of the white list is quite huge, which not only increases the storage burden of the central server, but also prolongs the auditing time, and reduces the communication efficiency. According to the method provided by the invention, after the ciphertext is partially decrypted, the central server can carry out batch test on the ciphertext from the sender and the blacklist of the illegal information deployed by the authority, and judges whether to intercept the ciphertext message, so that the efficiency of ciphertext auditing is improved.
According to the ciphertext examination method based on the equivalence test, on one hand, a center server decrypts a first encrypted ciphertext packet of a sender by using a private key q1 of the center server to obtain a first decrypted ciphertext (m) k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the And decrypting the blacklist of offending information by using the private key q1 of the center server to obtain a second decrypted ciphertext (M k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the And by determining if the first decrypted ciphertext (m k ) q1 Is of the second decrypted ciphertext (M k ) q1 The method ensures that the central server can judge whether the ciphertext contains illegal information or not on the premise of not decrypting the ciphertext of the sender, achieves the aim of auditing the ciphertext message while protecting the communication privacy of the user, and prevents the propagation of the illegal message; on the other hand, on the premise that the message sent by the sender is in the form of ciphertext, the invention verifies the first decrypted ciphertext (m k ) q1 Is of the second decrypted ciphertext (M k ) q1 Can accurately and uniquely decrypt the transmitted decrypted ciphertext m k Checking is carried out, so that the loopholes that counterfeit ciphertext passes the checking are avoided, and the accuracy of ciphertext checking is improved; in still another aspect, the invention can effectively intercept the offending ciphertext before the receiving party receives the message, thereby improving the efficiency of ciphertext auditing. In addition, the method provided by the invention can also carry out batch verification on the passed ciphertext.
Fig. 4 is a structural block diagram of a ciphertext examination device based on an equivalence test, as shown in fig. 4, the device includes:
an acquisition unit 401 for acquiring a first encrypted ciphertext packet C1, c1=m formulated by the sender for its plaintext information m k h r2 Obtaining a second encrypted ciphertext package C, c=m formulated by the authority for its blacklist of violation information M k h r1 The method comprises the steps of carrying out a first treatment on the surface of the The violation information set m= { M1, M2, M3..the first place; wherein k is a public parameter set by an authority, and h is one parameter of a public key of a central server; r1 is a random number selected by an authority and is used for encrypting the blacklist M together with a public key parameter h of a central server; r2 is a random number selected by a sender and is used for encrypting the plaintext message m together with the public key parameter h of the central server;
decryption unit 402, using a central server private keyq1 decrypts the first encrypted ciphertext packet to obtain a first decrypted ciphertext (m k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the second encrypted ciphertext packet using the central server private key q1 to obtain a second decrypted ciphertext (M k ) q1 ;
A judging unit 403 for judging whether the first decrypted ciphertext (m k ) q1 Whether or not it belongs to the second decrypted ciphertext (M k ) q1 If so, intercepting the first encrypted ciphertext packet; and if the first encrypted ciphertext packet does not belong to the encrypted ciphertext packet, transmitting the first encrypted ciphertext packet to a receiver.
Fig. 5 is a flowchart of a ciphertext transmission method based on equivalence test, as shown in fig. 5, where the method includes:
step 501: the authority encrypts M by using a public key of the central server and a public parameter k to obtain a ciphertext packet C, and sends the ciphertext packet C to the central server;
step 502: after the center service receives C, the C is decrypted by using the private key of the center service to obtain M k ;
Step 503: the sender encrypts m by using a public key of a central server and a random number r2 to obtain C1, encrypts the random number r2 by using a public key of a receiver to obtain C2 and C3, signs a message by using a private key of the sender to obtain C4 and C5, and combines the C1, C2, C3, C4 and C5 into a ciphertext packet to be sent to the central server by the sender;
step 504: after receiving the ciphertext packet of the sender, the central server decrypts C1 in the ciphertext packet to obtain m k Will m k And M is as follows k Comparing and judging M k Whether or not to contain m k ;
Step 505: judging the first decrypted ciphertext (m k ) q1 Whether or not it belongs to the second decrypted ciphertext (M k ) q1 ;
Step 506: first decrypted ciphertext (m) k ) q1 Belonging to said second decrypted ciphertext (M k ) q1 Intercepting the first encrypted ciphertext packet;
step 507: forwarding the ciphertext packet of the sender to the receiver;
step 508: after receiving the ciphertext packet of the sender, the receiver first verifies the message signature by using the public key of the sender and C4 and C5 in the ciphertext packet, and judges whether the ciphertext packet is from the receiver. If the ciphertext packet comes from the sender, the receiver decrypts C3 by using the private key and C2 to obtain r2, and then decrypts C1 by using r2, the public parameter k and the public key h of the central server to obtain m.
The method provided by the invention also has the following advantages:
(1) Batch equivalence test: at present, most ciphertext equivalent test algorithms perform equivalent test on two ciphertexts under the condition of being agreed in advance, and cannot perform batch equivalent test on one ciphertext and any other ciphertext. According to the invention, the ciphertext message is audited by using the ciphertext equivalent test method, and on the premise of ensuring the privacy of a user, the central server can audit whether the ciphertext message contains illegal information in batches, judge whether the ciphertext message contains illegal information or not, and can directly carry out related processing on the ciphertext message through a judgment result.
(2) Consistency equivalence test: the consistency between the ciphertext of the test part and the ciphertext of the transmission information part is not considered in the conventional ciphertext equivalent test technology, so that an adversary can obtain the authority passing the verification by forging the test part ciphertext, and the violation information is transmitted. The ciphertext equivalent test crime adopted by the invention considers the consistency of the test ciphertext and the transmission ciphertext, so that an adversary cannot deceptively deceive the central server through forging the test part, thereby achieving the purpose of transmitting the violation information.
The invention also provides a ciphertext transmission system based on the equivalence test, which comprises the following steps:
the sender is used for encrypting plaintext information m according to public key PK= (n, G, G1, e, G and h) of the central server, public parameter k generated by the authority mechanism and public key PK=g2 of the receiver to obtain a sender ciphertext packet; the sender ciphertext packet comprises: the first encrypted ciphertext package C1, the second encrypted ciphertext package C2, the third encrypted ciphertext package C3, the fourth encrypted ciphertext package C4, and the fifth encrypted ciphertext package C5;
C1=m k h r2 ;
C2=g” r2’ ;r2’=H1(r2)
C3=g2 r2’ *r2
C4=H 2 (C1||C2||C3||m||r2)
C5=(s1,s2);s1=g” x modp,s2=(C4-α*s1)x -1 mod(p-1)
wherein r2 and x are random numbers selected by a sender, p is a system parameter output by the sender, alpha is an integer randomly selected by the sender, g 'is a system parameter output by a receiver, g2 is a public key of the receiver, and g2=g'; β ;
a central server for receiving the second encrypted ciphertext packet C of the authority, c=m k h r1 Receiving a sender ciphertext packet of the sender;
the method is also used for decrypting the first encrypted ciphertext package C1 in the sender ciphertext package to obtain a first decrypted ciphertext; decrypting the second encrypted ciphertext package C to obtain a second decrypted ciphertext;
the method is also used for judging whether the first decryption ciphertext belongs to the second decryption ciphertext, and if so, intercepting the sender ciphertext packet; if not, the sender ciphertext packet is sent to a receiver;
the receiver is used for carrying out signature verification on the fourth encrypted ciphertext package C4 and the fifth encrypted ciphertext package C5 according to the public key of the sender;
the method is further used for decrypting the third encrypted ciphertext package C3 by using a private key beta according to the second encrypted ciphertext package C2 after the signature verification is passed, so as to obtain a random number r2 of a receiver;
and is further configured to decrypt the first encrypted ciphertext packet C1 according to the public parameter k, the parameter h in the public key of the central server, and the random number r2, where there isAnd finally obtains the plaintext message m of the sender.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims (9)
1. The ciphertext examination method based on the equivalence test is characterized by comprising the following steps of:
acquiring a first encrypted ciphertext packet C1, c1=m formulated by a sender for plaintext information m thereof k h r2 Obtaining a second encrypted ciphertext package C, c=m formulated by the authority for its blacklist of violation information M k h r1 The method comprises the steps of carrying out a first treatment on the surface of the The violation information set m= { M1, M2, M3..the first place; wherein k is a public parameter set by an authority, and h is one parameter of a public key of a central server; r1 is a random number selected by an authority and is used for encrypting the blacklist M together with a public key parameter h of a central server; r2 is a random number selected by a sender and is used for encrypting the plaintext message m together with the public key parameter h of the central server;
decrypting the first encrypted ciphertext packet using the central server private key q1 to obtain a first decrypted ciphertext (m k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the second encrypted ciphertext packet using the central server private key q1 to obtain a second decrypted ciphertext (M k ) q1 ;
Judging the first decrypted ciphertext (m k ) q1 Whether or not it belongs to the second decrypted ciphertext (M k ) q1 If so, intercepting the first encrypted ciphertext packet; and if the first encrypted ciphertext packet does not belong to the encrypted ciphertext packet, transmitting the first encrypted ciphertext packet to a receiver.
2. The ciphertext inspection method of claim 1, wherein the formulating the first encrypted ciphertext packet comprises:
acquiring the public parameter k, and encrypting the plaintext information m according to the public parameter k to obtain a first ciphertext segment m k ;
Obtaining public keys PK, PK= (n, G, G1, e, G, h) of a central server;
selecting a random number r2, and aiming at the first ciphertext segment m according to the random number r2 and a parameter h k Encrypting to obtain the first encrypted ciphertext packet C1, c1=m k h r2 。
3. The ciphertext inspection method based on the equivalence test of claim 1 or 2, wherein the formulating of the second encrypted ciphertext packet comprises:
the public parameter k is obtained, and the blacklist M of the violation information is encrypted according to the public parameter k to obtain a second ciphertext segment M k ;
Obtaining public keys PK, PK= (n, G, G1, e, G, h) of a central server; the method comprises the steps of carrying out a first treatment on the surface of the
Selecting a random number r1, and aiming at the second ciphertext segment M according to the random number r1 and a parameter h k Encrypting to obtain the second encrypted ciphertext packet C, wherein C=M k h r1 。
4. The ciphertext inspection method based on an equivalence test of claim 3, wherein the obtaining the public key PK of the center server comprises:
acquiring security parameters tau, tau e Z + ;
Operating G (τ) according to said security parameter τ to obtain tuples (q 1, q2, G1, e);
outputting a public key pk= (n, G1, e, G, h), a private key sk=q1 of the central server according to the tuple (q 1, q2, G1, e); wherein n=q1×q2; a number g is randomly generated and is used for generating a plurality of data,h=u q2 。
5. the ciphertext inspection method of claim 4, wherein decrypting the first encrypted ciphertext packet to obtain a first decrypted ciphertext comprises:
acquiring a private key SK of a central server, wherein SK=q1;
decrypting the first encrypted ciphertext package C1 according to the private key SK to obtain a first decrypted ciphertext C1 q1 :
C1 q1 =(m k h r2 ) q1 =(m k ) q1 。
6. The ciphertext inspection method of claim 5, wherein decrypting the second encrypted ciphertext packet to obtain a second decrypted ciphertext comprises:
acquiring a private key SK of a central server, wherein SK=q1;
for the second encrypted ciphertext package c=m according to the private key SK k h r1 Decrypting to obtain a second decrypted ciphertext C q1 :
C q1 =(M k h r1 ) q1 =(M k ) q1 ={(m1 k ) q1 ,(m2 k ) q1 ,(m3 k ) q1 ,......} 1 。
7. The ciphertext inspection method of claim 6, wherein the determining whether the first decrypted ciphertext belongs to the second decrypted ciphertext, and if so, intercepting the first encrypted ciphertext packet comprises:
if the plaintext information M belongs to the blacklist M of the offending information, there is (M k ) q1 ∈(M k ) q1 I.e. (m) k ) q1 And (M) k ) q1 If the values of the information are equal, m is the violation information, and the information is intercepted.
8. Ciphertext examination device based on equivalence test, characterized by comprising:
an acquisition unit for acquiring a first encrypted ciphertext packet C1, c1=m formulated by a sender for its plaintext information m k h r2 Obtaining a second encrypted ciphertext package C, c=m formulated by the authority for its blacklist of violation information M k h r1 The method comprises the steps of carrying out a first treatment on the surface of the The violation information set m= { M1, M2, M3..the first place; wherein k is a public parameter set by an authority, and h is one parameter of a public key of a central server; r1 is a random number selected by an authority and is used for encrypting the blacklist M together with a public key parameter h of a central server; r2 is a random number selected by a sender and is used for encrypting the plaintext message m together with the public key parameter h of the central server;
a decryption unit that decrypts the first encrypted ciphertext packet using a center server private key q1 to obtain a first decrypted ciphertext (m k ) q1 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the second encrypted ciphertext packet using the central server private key q1 to obtain a second decrypted ciphertext (M k ) q1 ;
A judging unit for judging whether the first decrypted ciphertext (m k ) q1 Whether or not it belongs to the second decrypted ciphertext (M k ) q1 If so, intercepting the first encrypted ciphertext packet; and if the first encrypted ciphertext packet does not belong to the encrypted ciphertext packet, transmitting the first encrypted ciphertext packet to a receiver.
9. A ciphertext transmission system based on equivalence testing, comprising:
the sender is used for encrypting plaintext information m according to public key PK= (n, G, G1, e, G and h) of the central server, public parameter k generated by the authority mechanism and public key PK=g2 of the receiver to obtain a sender ciphertext packet; the sender ciphertext packet comprises: the first encrypted ciphertext package C1, the second encrypted ciphertext package C2, the third encrypted ciphertext package C3, the fourth encrypted ciphertext package C4, and the fifth encrypted ciphertext package C5;
C1=m k h r2 ;
C2=g” r2’ ;r2’=H1(r2)
C3=g2 r2’ *r2
C4=H 2 (C1||C2||C3||m||r2)
C5=(s1,s2);s1=g” x modp,s2=(C4-α*s1)x -1 mod(p-1)
wherein r2 and x are random numbers selected by a sender, p is a system parameter output by the sender, alpha is an integer randomly selected by the sender, g 'is a system parameter output by a receiver, g2 is a public key of the receiver, and g2=g'; β ;
a central server for receiving the second encrypted ciphertext packet C of the authority, c=m k h r1 Receiving a sender ciphertext packet of the sender;
the method is also used for decrypting the first encrypted ciphertext package C1 in the sender ciphertext package to obtain a first decrypted ciphertext; decrypting the second encrypted ciphertext package C to obtain a second decrypted ciphertext;
the method is also used for judging whether the first decryption ciphertext belongs to the second decryption ciphertext, and if so, intercepting the sender ciphertext packet; if not, the sender ciphertext packet is sent to a receiver;
the receiver is used for carrying out signature verification on the fourth encrypted ciphertext package C4 and the fifth encrypted ciphertext package C5 according to the public key of the sender;
the method is further used for decrypting the third encrypted ciphertext package C3 by using a private key beta according to the second encrypted ciphertext package C2 after the signature verification is passed, so as to obtain a random number r2 of a receiver;
and is further configured to decrypt the first encrypted ciphertext packet C1 according to the public parameter k, the parameter h in the public key of the central server, and the random number r2, where there isAnd finally obtains the plaintext message m of the sender.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310845033.5A CN116707798A (en) | 2023-07-11 | 2023-07-11 | Ciphertext examination method, device and system based on equivalence test |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310845033.5A CN116707798A (en) | 2023-07-11 | 2023-07-11 | Ciphertext examination method, device and system based on equivalence test |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116707798A true CN116707798A (en) | 2023-09-05 |
Family
ID=87845193
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310845033.5A Pending CN116707798A (en) | 2023-07-11 | 2023-07-11 | Ciphertext examination method, device and system based on equivalence test |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116707798A (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170019261A1 (en) * | 2015-07-13 | 2017-01-19 | Fujitsu Limited | Relational encryption for password verification |
CN107733870A (en) * | 2017-09-14 | 2018-02-23 | 北京航空航天大学 | Can be audited accountable anonymity message sink system and method |
CN109902501A (en) * | 2019-03-19 | 2019-06-18 | 中国海洋大学 | A kind of structuring encryption method and system carrying out equality test based on cloud service platform |
CN111786786A (en) * | 2020-07-27 | 2020-10-16 | 国网河南省电力公司郑州供电公司 | Agent re-encryption method and system supporting equation judgment in cloud computing environment |
CN115473703A (en) * | 2022-08-24 | 2022-12-13 | 华南农业大学 | Identity-based ciphertext equivalence testing method, device, system and medium for authentication |
CN115473715A (en) * | 2022-09-05 | 2022-12-13 | 华南农业大学 | Forward security ciphertext equivalence test public key encryption method, device, system and medium |
-
2023
- 2023-07-11 CN CN202310845033.5A patent/CN116707798A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170019261A1 (en) * | 2015-07-13 | 2017-01-19 | Fujitsu Limited | Relational encryption for password verification |
CN107733870A (en) * | 2017-09-14 | 2018-02-23 | 北京航空航天大学 | Can be audited accountable anonymity message sink system and method |
CN109902501A (en) * | 2019-03-19 | 2019-06-18 | 中国海洋大学 | A kind of structuring encryption method and system carrying out equality test based on cloud service platform |
CN111786786A (en) * | 2020-07-27 | 2020-10-16 | 国网河南省电力公司郑州供电公司 | Agent re-encryption method and system supporting equation judgment in cloud computing environment |
CN115473703A (en) * | 2022-08-24 | 2022-12-13 | 华南农业大学 | Identity-based ciphertext equivalence testing method, device, system and medium for authentication |
CN115473715A (en) * | 2022-09-05 | 2022-12-13 | 华南农业大学 | Forward security ciphertext equivalence test public key encryption method, device, system and medium |
Non-Patent Citations (3)
Title |
---|
WILLY SUSILO ET AL.: "PKE-MET: Public-Key Encryption With Multi-Ciphertext Equality Test in Cloud Computing", IEEE TRANSACTIONS ON CLOUD COMPUTING, vol. 10, no. 2, 27 April 2020 (2020-04-27) * |
姚莉沙等: "物联网中基于属性加密与相等性测试", 微电子学与计算机, no. 06, 5 June 2019 (2019-06-05) * |
张琦等: "云计算中支持授权相等测试的基于身份加密方案", 信息网络安全, no. 06, 10 June 2018 (2018-06-10) * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10728028B2 (en) | Transmitter for encoding information with randomly flipped bits and transmitting that information through a communications channel | |
JP4550736B2 (en) | Secure communication | |
JP4639084B2 (en) | Encryption method and encryption apparatus for secure authentication | |
US11914754B2 (en) | Cryptographic method for verifying data | |
Alomair et al. | Efficient authentication for mobile and pervasive computing | |
CN107306181B (en) | Authentication system and encryption and verification method and device of authentication information thereof | |
CN107094108A (en) | The method for being connected to the part of data/address bus and encryption function being realized in the part | |
WO2018085771A1 (en) | Transmitter for encoding information with randomly flipped bits and transmitting that information through a communications channel | |
Kolesnikov et al. | On the limits of privacy provided by order-preserving encryption | |
US11956367B2 (en) | Cryptographic method for verifying data | |
CN115348006B (en) | Post-quantum security access control encryption and decryption method, device and system | |
Diovu et al. | Enhancing the security of a cloud‐based smart grid AMI network by leveraging on the features of quantum key distribution | |
JP2003188874A (en) | System for secure data transmission | |
CN115396115A (en) | Block chain data privacy protection method, device, equipment and readable storage medium | |
CN1241353C (en) | Auto-recoverable auto-certifiable cryptosystems | |
CN116707798A (en) | Ciphertext examination method, device and system based on equivalence test | |
Rasmussen et al. | Weak and strong deniable authenticated encryption: on their relationship and applications | |
CN110572257B (en) | Identity-based data source identification method and system | |
Libed et al. | Enhancing MD5 Collision Susceptibility | |
CN117454437B (en) | Transaction processing method, storage medium and electronic device | |
Albrecht et al. | Device-oriented group messaging: a formal cryptographic analysis of matrix’core | |
CN115277171B (en) | Data circulation control method based on cleanable attribute encryption in cloud environment | |
Rasmussen | On the Relationship Between Weak and Strong Deniable Authenticated Encryption | |
Wang et al. | CPPABK: conditional privacy-preserving authentication scheme for VANETs based on the key derivation algorithm | |
Khaleel et al. | A Framework for QKD-based Electronic Voting |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |