CN117118600A - Block chain agent re-encryption method and system based on lattice password improvement - Google Patents
Block chain agent re-encryption method and system based on lattice password improvement Download PDFInfo
- Publication number
- CN117118600A CN117118600A CN202310603190.5A CN202310603190A CN117118600A CN 117118600 A CN117118600 A CN 117118600A CN 202310603190 A CN202310603190 A CN 202310603190A CN 117118600 A CN117118600 A CN 117118600A
- Authority
- CN
- China
- Prior art keywords
- key
- proxy
- public
- data owner
- transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 230000006872 improvement Effects 0.000 title claims abstract description 23
- 238000012795 verification Methods 0.000 claims abstract description 13
- 239000013598 vector Substances 0.000 claims description 43
- 238000004422 calculation algorithm Methods 0.000 claims description 42
- 239000003795 chemical substances by application Substances 0.000 claims description 42
- 239000011159 matrix material Substances 0.000 claims description 15
- 238000004364 calculation method Methods 0.000 claims description 14
- 230000008569 process Effects 0.000 claims description 10
- 238000005070 sampling Methods 0.000 claims description 9
- 230000007246 mechanism Effects 0.000 description 5
- 238000013475 authorization Methods 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000003745 diagnosis Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 241001391944 Commicarpus scandens Species 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/76—Proxy, i.e. using intermediary entity to perform cryptographic operations
Abstract
The invention belongs to the technical field of blockchain information security, and particularly relates to a blockchain agent re-encryption method and system based on lattice password improvement; the method comprises the following steps: the key generation center generates a master key and part of public and private key pairs of the transaction users and distributes the part of public and private keys to the corresponding transaction users; the transaction user calculates the complete public key and private key of the transaction user; the data owner generates public parameters and broadcasts, and the data owner calculates hash plaintext data; the data owner calculates the proxy re-key and sends it to the proxy; calculating an initial ciphertext by a data owner; the agent calculates an agent ciphertext; calculating an initial signature by a data owner; the agent calculates an agent re-signature; the verifier verifies the related information, and after the verification is passed, the authorized user decrypts the proxy ciphertext to obtain transaction plaintext data; the invention can improve the tamper resistance and the non-counterfeitability of the signature, can effectively resist quantum attack and ensures the security and confidentiality of transaction data.
Description
Technical Field
The invention belongs to the technical field of blockchain information security, and particularly relates to a blockchain agent re-encryption method and system based on lattice password improvement.
Background
The blockchain technology is an important field in the current new infrastructure category, and it is important to ensure the blockchain security efficiently. The blockchain adopts a traditional classical cryptographic algorithm, and the security of the blockchain is based on a public key signature mechanism and a consensus proving mechanism. Under the strong computational power attack of the quantum computer, the existing key system is easy to break, thereby causing a significant information security problem. For example, the shor algorithm can break through the currently mainstream public key cryptosystem, including RSA, ECC, ECDSA and other classical encryption algorithms. The design of the post quantum cryptography algorithm capable of simultaneously resisting classical algorithm attack and quantum algorithm attack is an important research direction for improving the security of a network system.
Typically in a trellis-based cryptosystem, the dimension of the trellis expands as the depth of the system increases. The dimension of the grid is closely related to efficiency indexes such as trapdoor size, public and private key size, ciphertext size and the like, and as the dimension of the generated sub-grid is increased, the lengths of the ciphertext and the key are also increased, so that the storage space is consumed, and the calculation efficiency is reduced. Proxy Re-encryption (PRE) is a special ciphertext conversion system, and under the condition that a private key of an authorizer is not needed, a third-party semi-trusted agent can perform ciphertext conversion of data, and convert the authorizer ciphertext into an authorizer decryptable text, so that ciphertext data sharing is realized.
The existing proxy re-encryption method based on the lattice password mainly has the following two problems, firstly, most of the problems are based on SIS minimum integer solution, encryption and decryption operations mainly depend on matrix vector operation, and the problems that the public and private keys are overlong in size and the calculation efficiency is reduced exist; second, existing proxy re-encryption schemes reduce the burden of the data owner, but most of them are based on the discrete logarithm difficulty problem, and the verifier involves a large number of exponential operations, which is not only inefficient, but also cannot completely resist quantum attacks. Therefore, in order to improve the integrity of data privacy and the security and reliability of network technology, it is important to design a base Yu Ge password-improved proxy re-encryption method capable of effectively resisting quantum attack to realize secure sharing and access of data.
Disclosure of Invention
Aiming at the defects existing in the prior art, the invention provides a block chain agent re-encryption method and a system based on the improvement of a lattice password, wherein the method comprises the following steps:
s1: the key generation center generates a master key;
s2: the key generation center generates partial public and private key pairs of the transaction users according to the master key and the transaction user identity and distributes the partial public and private key pairs to the corresponding transaction users; wherein the transaction user comprises a data owner and an authorized user;
s3: the transaction user calculates complete public keys and private keys according to the partial public and private key pairs;
s4: the data owner generates common parameters and broadcasts; the data owner carries out hash calculation on the transaction plaintext data to obtain hash plaintext data;
s5: the data owner calculates a proxy re-key according to the identity of the data owner, the identity of the authorized user, the private key of the data owner, the public parameter and the public key of the authorized user; the data owner sends the proxy re-key to the proxy;
s6: the data owner adopts an initial quantum encryption algorithm according to the identity of the data owner, the public key of the data owner, the public parameters and the hash plaintext data to obtain an initial ciphertext;
s7: the agent adopts an anti-quantum agent re-encryption algorithm according to the agent re-key, the transaction user identity and the initial ciphertext to obtain an agent ciphertext;
s8: the data owner calculates an initial signature according to the public key and the private key of the data owner;
s9: the agent adopts an agent re-signature algorithm according to the public key, the agent re-key, the agent ciphertext and the initial signature of the data owner to obtain an agent re-signature;
s10: and the verifier verifies the proxy re-signature, the hash plaintext data and the public parameters, and after the verification is passed, the authorized user decrypts the proxy ciphertext by adopting a re-ciphertext decryption algorithm according to the private key of the authorized user to obtain the transaction plaintext data.
Preferably, the process of generating the master key by the key generation center includes: the key generation center selects a safety parameter, and after the safety parameter is used as an algorithm input, algorithm output is completed in polynomial time; generating a random uniform matrix by adopting a trapdoor generation algorithm according to the safety parameters; and obtaining a group of lattice bases according to the random uniform matrix, and taking the lattice bases as a master key.
Preferably, the process of generating the part of public and private key pairs of the transaction user by the key generation center comprises the following steps:
s21: the key generation center performs hash function calculation according to the identity of the transaction user to obtain hash parameters;
s22: and the key generation center adopts a wiegand entrusting algorithm to generate partial public and private key pairs of the transaction users according to the master key and the hash parameters.
Preferably, the process of calculating the complete public and private keys includes:
s31: the transaction user obtains a linear irrelevant random matrix according to part of public and private key pairs of the transaction user, and takes the random matrix as a secret value;
s32: and the transaction user calculates the complete public key and the private key of the transaction user according to the secret value and the partial public-private key pair of the transaction user.
Preferably, the process of obtaining the initial ciphertext includes:
s61: the data owner selects L linearly independent vectors according to the attribute quantity of the identity marks of the data owner; wherein L is the attribute number plus 1;
s62: calculating a first parameter from the linearly independent vector;
s63: selecting a random vector, calculating a second parameter according to the random vector, and calculating a third parameter according to the random vector and the first parameter; and calculating the initial ciphertext according to the second parameter and the third parameter.
Preferably, the process of calculating the initial signature includes:
s81: the data owner selects a random value t; wherein the random value t belongs to the set D,r represents a real number, s represents a Gaussian parameter;
s82: the data owner adopts a Gaussian domain sampling algorithm according to the random value and the private key of the data owner to obtain a first vector;
s83: calculating a second vector based on the hashed plaintext data and the first vector;
s84: the data owner obtains an initial signature by adopting an original image sampling algorithm according to the public key and the private key of the data owner, the Gaussian parameter and the second vector;
s85: and judging whether the initial signature meets the requirement, if not, reserving the initial signature, otherwise, returning to the step S81.
Further, the formula for calculating the second vector is:
wherein μ represents a second vector, d represents the length of the hash plaintext, and M [ i ]]Hash plaintext data representing an ith data owner, c i Representing secret values, PK i Representing the public key of the data owner, u represents the first vector.
Further, the formula for judging whether the initial signature meets the requirement is as follows:
and e is not equal to 0
Where e represents the initial signature, s represents the gaussian parameter, and m represents the intermediate parameter.
A blockchain proxy re-encryption system based on lattice password improvement, comprising: the system comprises a system establishment module, a key generation module, an encryption module, a signature module, a verification module and a decryption module;
the system establishment module is used for generating partial public and private key pairs of transaction users;
the key generation module is used for generating a complete public key and a complete private key of a transaction user according to part of public and private key pairs and calculating a proxy re-key;
the encryption module is used for encrypting the hash plaintext data according to the public key of the data owner to obtain an initial ciphertext; encrypting the initial ciphertext according to the proxy re-key to obtain a proxy ciphertext;
the signature module is used for carrying out initial signature on the initial ciphertext and carrying out proxy re-signature on the proxy ciphertext;
the verification module is used for verifying the proxy re-signature;
the decryption module is used for decrypting the proxy ciphertext according to the private key of the authorized user to obtain transaction plaintext data.
The beneficial effects of the invention are as follows: the invention is based on a fixed wiegand entrusting technology in a lattice cryptosystem to generate a lattice agent generating method with unchanged sub-lattice dimension, effectively ensures that the lengths of ciphertext and secret keys cannot be increased along with the increase of sub-lattices, reduces the complexity of trapdoor derivation, saves storage space, improves network efficiency, and solves the problems of overlarge size and low calculation efficiency of the traditional secret keys; sampling the grids from the discrete Gaussian probability distribution by adopting a sampling algorithm based on the original image and using a high-quality base to generate effective signature parameters, so that the tamper resistance and the non-counterfeitability of the signature are improved; and generating a lattice-based proxy re-key, and performing secondary proxy re-encryption on the original ciphertext, so that quantum attack can be effectively resisted, and the security and confidentiality of transaction data are ensured.
Drawings
FIG. 1 is a flowchart of a blockchain proxy re-encryption method based on the improvement of Yu Ge passwords in the invention;
FIG. 2 is a logic diagram of a blockchain proxy re-encryption method based on the improvement of the Yu Ge password in the invention;
FIG. 3 is a block chain proxy re-encryption method system architecture diagram based on the Yu Ge cryptographic improvement of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Aiming at the defects of the existing encryption method, the invention provides a block chain agent re-encryption method and a system based on the grid password improvement, which can effectively resist quantum attack on the basis of meeting the high-efficiency performance of a block chain network and realize the safe sharing and access of data in order to further improve the block chain data information encryption system and improve the safety performance of resisting quantum attack.
As shown in fig. 1 and 2, the block chain agent re-encryption method based on the lattice password improvement of the present invention comprises the following steps:
s1: the key generation center generates a master key.
The trusted third party key generation center KGC selects a security parameter 1 λ Lambda is the number of bits of the character string; with security parameter 1 λ For algorithm input, the trapdoor generation algorithm TtapGen (1 λ ) Ensuring that the random uniform matrix can be generated in polynomial timeObtaining a group of lattice S corresponding to the random uniform matrix 0 ∈Λ ⊥ (A 0 Q), the lattice baseAs master key MK, i.e. mk=s 0 The method comprises the steps of carrying out a first treatment on the surface of the Wherein (1)>S 0 For a matrix of n rows and m columns, q represents the modulus, taking a prime number greater than 3,
A 0 S 0 =0mod q,||S 0 ||≤O(nlogq)。
s2: the key generation center generates partial public and private key pairs of the transaction users according to the master key and the transaction user identity and distributes the partial public and private key pairs to the corresponding transaction users; where the transaction user includes a data owner (authorizer) and an authorized user (authorizer).
S21: the key generation center performs hash function calculation according to the transaction user identity ID to obtain a hash parameter H (ID); wherein the transaction user identification ID comprises the identification ID of the data owner i And the identity ID of the authorized user j ;
S22: the key generation center adopts a Wiegki delegation algorithm BassDel (A) according to the master key MK and a hash parameter H (ID) 0 ,H(ID),S 0 S) generating a partial public-private key Pair (PK) of a transacting user p ,SK p ) The method comprises the steps of carrying out a first treatment on the surface of the Wherein part of the public-private key pair (PK p ,SK p ) Partial public private key Pair (PK) comprising data owner pi ,SK pi ) And a partial public-private key Pair (PK) of an authorizer user pj ,SK pj ) Partial public key PK of data owner pi =A 0 H(ID i ) -1 Partial private key SK of data owner pi =Λ ⊥ (A 0 H(ID i ) -1 ) Partial public key PK of authorizer user pj =A 0 H(ID j ) -1 Partial private key SK of authorizer user pj =Λ ⊥ (A 0 H(ID i ) -1 ) S represents a gaussian parameter.
The key generation center distributes partial public and private keys of the transaction users to the corresponding transaction users.
S3: the transaction user calculates the complete public key and private key according to the partial public-private key pair.
S31: the transaction user selects a group of vectors which are irrelevant to linearity according to the public and private key pairs of the transaction userForming a linear independent random matrix C id The random matrix C id As a secret value; wherein d represents the number of vectors, which is equal in number to the length of the hash plaintext;
s32: the transaction user calculates a complete public key and a private key of the transaction user according to the secret value and a part of public and private key pairs of the transaction user;
computing a complete public key PK of a data owner i :
PK i =(PK pi ,T)
Computing a complete private key SK of a data owner i :
SK i =SK pi ×C id
Computing a complete public key PK for an authorised user j :
PK j =(PK pj ,T')
Computing a complete private key SK of an authorised user j :
SK j =SK pj ×C id
S4: the data owner generates a common parameter pp= (a 0 ,C id ) And broadcast to all nodes in the P2P network; the data owner carries out hash calculation on the transaction plaintext data to obtain hash plaintext data, namely:
M=H(msg),M∈(0,1) d
where M represents hash plaintext data, msg represents transaction plaintext data, and H () represents hash operation.
S5: the data owner based on the ID of the data owner i Identification ID of authorized user j Private key SK of data owner i Public parameter PP and public key PK of an authorized user j Computing proxy rekey RK i→j The method comprises the steps of carrying out a first treatment on the surface of the The data owner will proxy the rekey RK i→j Sending to the agent;
the proxy rekey generation algorithm is performed by the data owner, and the computation of the proxy rekey is expressed as:
RK i→j ←RekeyGen(PP,ID i ,ID j ,SK i ,PK j )
s6: and the data owner adopts an initial quantum encryption algorithm according to the identity of the data owner, the public key of the data owner, the public parameters and the hash plaintext data to obtain an initial ciphertext.
S61: the data owner selects L linearly independent vectors gamma according to the attribute number of the identity marks of the data owner 0 ,γ 1 ...γ L ∈Z n The method comprises the steps of carrying out a first treatment on the surface of the Where L is the number of attributes plus 1.
ID i =(id i1 ,id i2 ...id iL ) Representing data owner ID i The identity information of (1) contains L attribute information, and optionally, the attribute number of each user can be different; for example, in a blockchain-based medical intelligent sharing system, the identity of doctor a may be represented as department number 001, department number 0001, in hospital number 01, i.e., the identity information of this identity contains 4 kinds of attribute information, i.e., L is 4, of the hospital, department and industry number.
S62: calculating a first parameter from the linearly independent vector; the calculation formula is as follows:
wherein U is i Representing the first parameter, id il Representing data owner identity ID i Is the first attribute information of (a).
S63: selecting a random vector, calculating a second parameter according to the random vector, and calculating a third parameter according to the random vector and the first parameter; and calculating the initial ciphertext according to the second parameter and the third parameter.
And randomly selecting a vector v, and calculating a second parameter according to the random vector v, wherein the calculation formula is as follows:
e 1 ←χ m
wherein y represents the second parameter, vector e 1 ←χ m Indicating obeying error distribution χ m The representation being Z q Gaussian distribution over the whole.
And calculating a third parameter according to the random vector v and the first parameter y, wherein the calculation formula is as follows:
wherein c i Representing a third parameter.
Calculating an initial ciphertext according to the second parameter and the third parameter, wherein the calculation formula is as follows:
C=(y,c i )
where C represents the initial ciphertext.
S7: the agent re-keys RK according to the agent i→j Transaction user Identification (ID) i With ID j ) And an initial ciphertext C, performing an anti-quantum proxy re-encryption algorithm C' ≡re-encryption (PK) i→j ,C,ID i ,ID j PP) to obtain the proxy ciphertext C'.
S8: the data owner computes an initial signature from the data owner's public and private keys.
S81: the data owner selects a random value t; wherein the random value t belongs to the set D,r represents a real number, s represents a Gaussian parameter;
s82: the data owner adopts a Gaussian domain sampling algorithm SampleDom (SK) according to the random value and the private key of the data owner i T) to obtain a first vector u, i.e., u+.sampledom (SK) i ,t);
S83: calculating a second vector based on the hashed plaintext data and the first vector; the formula for calculating the second vector is:
where μ represents the second vector, d represents the length of the hash plaintext, M [ i ] represents the hash plaintext data of the ith data owner, and u represents the first vector.
S84: the data owner obtains an initial signature by adopting a primary image sampling algorithm according to the public key and the private key of the data owner, the Gaussian parameter and the second vectorNamely e → SamplePre (PK) i ,SK i ,μ,s);
S85: judging whether the initial signature meets the requirement, if not, reserving the initial signature, otherwise, returning to the step S81;
the formula for judging whether the initial signature meets the requirement is as follows:
and e is not equal to 0
Where e represents the initial signature and s represents the gaussian parameter; m represents an intermediate parameter which satisfies m.gtoreq.5 nlogq.
S9: the agent adopts an agent re-signature algorithm PreSign according to the public key, the agent re-key, the agent ciphertext and the initial signature of the data owner to obtain an agent re-signature e ', namely e' ≡presign (RK) i→j ,PK i ,e,C′)。
S10: and the verifier verifies the proxy re-signature, the hash plaintext data and the public parameters, and after the verification is passed, the authorized user decrypts the proxy ciphertext by adopting a re-ciphertext decryption algorithm according to the private key of the authorized user to obtain the transaction plaintext data.
The formula for verifying the proxy re-signature, the hash plaintext data and the public parameters by the verifier is as follows:
and e' noteq0
M=H(msg)
Verification passes then illustrates that the base Yu Ge cryptographically improved blockchain proxy re-encryption method of the present invention is effective.
The authorized user adopts a re-ciphertext decryption algorithm to decrypt the proxy ciphertext according to the private key of the authorized user, namely DelDecrypt (PP, C', SK) j ,PK i ) Transaction plaintext data may be obtained.
For the data owner, the initial ciphertext decryption algorithm, namely Decrypt (PP, C, SK), can be adopted according to the initial ciphertext and the private key of the data owner i ) And obtaining transaction plaintext data.
As shown in fig. 3, the invention further provides a block chain agent re-encryption system based on the lattice password improvement, which comprises a system establishment module, a key generation module, an encryption module, a signature module, a verification module and a decryption module;
the system establishment module is used for generating partial public and private key pairs of transaction users;
the key generation module is used for generating a public key and a private key of a transaction user according to part of public and private key pairs and calculating a proxy re-key;
the encryption module is used for encrypting the hash plaintext data according to the public key of the data owner to obtain an initial ciphertext; encrypting the initial ciphertext according to the proxy re-key to obtain a proxy ciphertext;
the signature module is used for carrying out initial signature on the initial ciphertext and carrying out proxy re-signature on the proxy ciphertext;
the verification module is used for verifying the proxy re-signature;
and the decryption module is used for decrypting the proxy ciphertext according to the private key of the authorized user to obtain transaction plaintext data.
In some embodiments of the invention, the invention may be used for transactions based on common post quantum blockchain systems, such as: on the post quantum blockchain based on the lattice password improvement, the user generates a public-private key pair based on a post quantum algorithm based on the lattice password improvement. User A versus user B in transaction tx 1 Transfer transactions with funds in them, the transaction tx now needs to be constructed 2 User a needs to transfer to user B. User A generates generationAnd (5) managing the re-key, and uploading the blockchain network after the agent uses the agent re-key to conduct agent re-encryption and agent re-signing on the transaction information. The absenteeism (verifier) in the blockchain network will verify the correctness of the proxy re-signature, if the verification is passed, the signature is proved to be the true signature of the user A, otherwise, the risk of forging exists, and the acceptance of the transaction is refused. Detection of trade tx by spacious workers 2 Indeed belonging to an unconsumed UTXO, the transaction tx 2 Will be placed into a new block. Miners compete for block uplink rights to obtain rewards through the unique consensus mechanism of the block chain. Through the block chain consensus mechanism, miners can communicate with each other, obtain miners who get block rights and agree on a set of validated transactions and add them to the block chain distributed ledger, and the miners get rewards. After 7 more blocks are added to the chain, transaction tx for this block 2 Will be validated. User B may decrypt the encrypted currency using the corresponding private key and have the currency usage rights.
In some embodiments of the invention, the invention may be used in transactions of a medical data asset sharing network based on post quantum blockchain technology, such as: the medical data asset sharing system based on the post-quantum blockchain technology mainly relates to four types of entities, namely a psychological person BCM, a medical service providing mechanism BCP, a patient user UP and a medical staff user DP in a blockchain medical system management. The BCM is used as a key generation center and is responsible for generating and distributing partial key pairs to manage the whole blockchain medical system. The user UP encrypts the medical history information to obtain an initial ciphertext C and then uploads the initial ciphertext C to the medical service institution BCP for storage. If it belongs to BCP 100 Patient UP of medical institution 1 BCP to medical institution 200 Is mainly used for treating DP of doctors 1 For diagnosis and treatment, patient UP 1 According to the DP of the attending doctor 1 Generates an authorization key (proxy re-key) and uploads to the BCP 100 Medical institution network, BCP 100 Proxy re-encryption is carried out on the initial ciphertext by using the proxy re-key to obtain a proxy ciphertext C', BCP 100 Signing proxy ciphertext C' and uploading to BCMBCM verifies the signature accuracy, and after confirming that the signature is accurate and valid, the BCM can send the re-encrypted ciphertext to the BCP of the medical institution 200 Is mainly used for treating DP of doctors 1 ,DP 1 The private key can be used for decrypting the agent re-encrypted ciphertext to obtain the patient history information for consultation. When DP 1 After a new diagnosis and treatment record is formed with the patient, the new transaction form is uploaded to the blockchain network for verification and storage, and medical data sharing is realized.
The post quantum block chain agent re-encryption scheme and the post quantum block chain agent re-encryption system are based on the problem of difficulty in grid, not only can resist quantum attack, but also can effectively ensure confidentiality of user privacy information and data files. The invention can re-encrypt the encrypted information of the data owner by proxy under the operation of not decrypting, and can convert the ciphertext for multiple times, thereby effectively solving the problem that repeated authorization consumes huge calculation in a sharing scene, reducing the burden of users, realizing high-efficiency flexible data sharing and improving the system efficiency.
The invention is realized based on the matrix operation of the lattice, the lattice-based delegation algorithm based on the fixed dimension keeps generating the lattice-based agent with unchanged sub-lattice dimension, can ensure that the lengths of ciphertext and secret key can not be increased along with the increase of the sub-lattice, and effectively saves the storage space; the original image sampling algorithm uses a high-quality basis to sample the grids from the discrete Gaussian probability distribution and generate effective signature parameters, so that the integrity and confidentiality of transaction data are ensured.
While the foregoing is directed to embodiments, aspects and advantages of the present invention, other and further details of the invention may be had by the foregoing description, it will be understood that the foregoing embodiments are merely exemplary of the invention, and that any changes, substitutions, alterations, etc. which may be made herein without departing from the spirit and principles of the invention.
Claims (9)
1. A blockchain proxy re-encryption method based on lattice password improvement, comprising:
s1: the key generation center generates a master key;
s2: the key generation center generates partial public and private key pairs of the transaction users according to the master key and the transaction user identity and distributes the partial public and private key pairs to the corresponding transaction users; wherein the transaction user comprises a data owner and an authorized user;
s3: the transaction user calculates complete public keys and private keys according to the partial public and private key pairs;
s4: the data owner generates common parameters and broadcasts; the data owner carries out hash calculation on the transaction plaintext data to obtain hash plaintext data;
s5: the data owner calculates a proxy re-key according to the identity of the data owner, the identity of the authorized user, the private key of the data owner, the public parameter and the public key of the authorized user; the data owner sends the proxy re-key to the proxy;
s6: the data owner adopts an initial quantum encryption algorithm according to the identity of the data owner, the public key of the data owner, the public parameters and the hash plaintext data to obtain an initial ciphertext;
s7: the agent adopts an anti-quantum agent re-encryption algorithm according to the agent re-key, the transaction user identity and the initial ciphertext to obtain an agent ciphertext;
s8: the data owner calculates an initial signature according to the public key and the private key of the data owner;
s9: the agent adopts an agent re-signature algorithm according to the public key, the agent re-key, the agent ciphertext and the initial signature of the data owner to obtain an agent re-signature;
s10: and the verifier verifies the proxy re-signature, the hash plaintext data and the public parameters, and after the verification is passed, the authorized user decrypts the proxy ciphertext by adopting a re-ciphertext decryption algorithm according to the private key of the authorized user to obtain the transaction plaintext data.
2. The blockchain proxy re-encryption method based on the lattice password improvement of claim 1, wherein the process of generating the master key by the key generation center comprises: the key generation center selects a safety parameter, and after the safety parameter is used as an algorithm input, algorithm output is completed in polynomial time; generating a random uniform matrix by adopting a trapdoor generation algorithm according to the safety parameters; and obtaining a group of lattice bases according to the random uniform matrix, and taking the lattice bases as a master key.
3. The blockchain proxy re-encryption method based on the lattice password improvement of claim 1, wherein the process of generating the part of the public-private key pair of the transaction user by the key generation center comprises the following steps:
s21: the key generation center performs hash function calculation according to the identity of the transaction user to obtain hash parameters;
s22: and the key generation center adopts a wiegand entrusting algorithm to generate partial public and private key pairs of the transaction users according to the master key and the hash parameters.
4. The blockchain proxy re-encryption method based on the lattice password improvement of claim 1, wherein the process of calculating the complete public key and private key comprises:
s31: the transaction user obtains a linear irrelevant random matrix according to part of public and private key pairs of the transaction user, and takes the random matrix as a secret value;
s32: and the transaction user calculates the complete public key and the private key of the transaction user according to the secret value and the partial public-private key pair of the transaction user.
5. The method for block chain proxy re-encryption based on lattice password improvement of claim 1, wherein the process of obtaining the initial ciphertext comprises:
s61: the data owner selects L linearly independent vectors according to the attribute quantity of the identity marks of the data owner; wherein L is the attribute number plus 1;
s62: calculating a first parameter from the linearly independent vector;
s63: selecting a random vector, calculating a second parameter according to the random vector, and calculating a third parameter according to the random vector and the first parameter; and calculating the initial ciphertext according to the second parameter and the third parameter.
6. The method for block chain proxy re-encryption based on lattice password improvement of claim 1, wherein the process of calculating the initial signature comprises:
s81: the data owner selects a random value t; wherein the random value t belongs to the set D,r represents a real number, s represents a Gaussian parameter;
s82: the data owner adopts a Gaussian domain sampling algorithm according to the random value and the private key of the data owner to obtain a first vector;
s83: calculating a second vector based on the hashed plaintext data and the first vector;
s84: the data owner obtains an initial signature by adopting an original image sampling algorithm according to the public key and the private key of the data owner, the Gaussian parameter and the second vector;
s85: and judging whether the initial signature meets the requirement, if not, reserving the initial signature, otherwise, returning to the step S81.
7. The method for block chain proxy re-encryption based on lattice password improvement of claim 6, wherein the formula for calculating the second vector is:
wherein μ represents a second vector, d represents the length of the hash plaintext, and M [ i ]]Hash plaintext data representing an ith data owner, c i Representing secret values, PK i Representing the public key of the data owner, u represents the first vector.
8. The blockchain proxy re-encryption method based on the trellis coded improvement of claim 6, wherein the formula for determining whether the initial signature satisfies the requirements is:
and e is not equal to 0
Where e represents the initial signature, s represents the gaussian parameter, and m represents the intermediate parameter.
9. A blockchain proxy re-encryption system based on lattice password improvement, comprising: the system comprises a system establishment module, a key generation module, an encryption module, a signature module, a verification module and a decryption module;
the system establishment module is used for generating partial public and private key pairs of transaction users;
the key generation module is used for generating a public and private key of a transaction user according to part of public and private key pairs and calculating a proxy re-key;
the encryption module is used for encrypting the hash plaintext data according to the public key of the data owner to obtain an initial ciphertext; encrypting the initial ciphertext according to the proxy re-key to obtain a proxy ciphertext;
the signature module is used for carrying out initial signature on the initial ciphertext and carrying out proxy re-signature on the proxy ciphertext;
the verification module is used for verifying the proxy re-signature;
the decryption module is used for decrypting the proxy ciphertext according to the private key of the authorized user to obtain transaction plaintext data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310603190.5A CN117118600A (en) | 2023-05-25 | 2023-05-25 | Block chain agent re-encryption method and system based on lattice password improvement |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310603190.5A CN117118600A (en) | 2023-05-25 | 2023-05-25 | Block chain agent re-encryption method and system based on lattice password improvement |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117118600A true CN117118600A (en) | 2023-11-24 |
Family
ID=88793592
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310603190.5A Pending CN117118600A (en) | 2023-05-25 | 2023-05-25 | Block chain agent re-encryption method and system based on lattice password improvement |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117118600A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117376917A (en) * | 2023-12-05 | 2024-01-09 | 成都本原星通科技有限公司 | Satellite communication method for satellite terminal authentication based on lattice proxy signcryption algorithm |
-
2023
- 2023-05-25 CN CN202310603190.5A patent/CN117118600A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117376917A (en) * | 2023-12-05 | 2024-01-09 | 成都本原星通科技有限公司 | Satellite communication method for satellite terminal authentication based on lattice proxy signcryption algorithm |
| CN117376917B (en) * | 2023-12-05 | 2024-03-26 | 成都本原星通科技有限公司 | Satellite communication method for satellite terminal authentication based on lattice proxy signcryption algorithm |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11552792B2 (en) | Systems and methods for generating signatures | |
| CN112019591B (en) | Cloud data sharing method based on block chain | |
| Chatterjee et al. | An effective ECC‐based user access control scheme with attribute‐based encryption for wireless sensor networks | |
| US9374373B1 (en) | Encryption techniques for improved sharing and distribution of encrypted content | |
| Barker et al. | Recommendation for cryptographic key generation | |
| CN114039790B (en) | Fine-grained cloud storage security access control method based on blockchain | |
| Guo et al. | TABE-DAC: Efficient traceable attribute-based encryption scheme with dynamic access control based on blockchain | |
| CN107911209B (en) | Method for establishing security public key password for resisting quantum computing attack | |
| CN109660338B (en) | Anti-quantum computation digital signature method and system based on symmetric key pool | |
| US20210152370A1 (en) | Digital signature method, device, and system | |
| CN114219483B (en) | Method, equipment and storage medium for sharing block chain data based on LWE-CPBE | |
| CN113162751B (en) | Encryption method and system with homomorphism and readable storage medium | |
| Ogundoyin et al. | PAASH: A privacy-preserving authentication and fine-grained access control of outsourced data for secure smart health in smart cities | |
| Itoo et al. | CKMIB: Construction of key agreement protocol for cloud medical infrastructure using blockchain | |
| CN113434875A (en) | Lightweight access method and system based on block chain | |
| Sammy et al. | An efficient blockchain based data access with modified hierarchical attribute access structure with CP-ABE using ECC scheme for patient health record | |
| CN117118600A (en) | Block chain agent re-encryption method and system based on lattice password improvement | |
| CN113079177B (en) | Remote sensing data sharing method based on time and decryption frequency limitation | |
| Qin et al. | Flexible and lightweight access control for online healthcare social networks in the context of the internet of things | |
| CN110519040B (en) | Anti-quantum computation digital signature method and system based on identity | |
| CN110048852B (en) | Quantum communication service station digital signcryption method and system based on asymmetric key pool | |
| Zhang et al. | Antiquantum privacy protection scheme in advanced metering infrastructure of smart grid based on consortium blockchain and rlwe | |
| CN114185993B (en) | Auditable data sharing method based on block chain | |
| CN114157424B (en) | Attribute-based encryption system and method without key escrow and supporting user revocation | |
| Hussein | Cloud-Based Efficient and Secure Scheme for Medical Images Storage and Sharing using ECC and SHA-3 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |