CN117254897B - Identity base matrix homomorphic encryption method based on fault-tolerant learning - Google Patents
Identity base matrix homomorphic encryption method based on fault-tolerant learning Download PDFInfo
- Publication number
- CN117254897B CN117254897B CN202311540460.9A CN202311540460A CN117254897B CN 117254897 B CN117254897 B CN 117254897B CN 202311540460 A CN202311540460 A CN 202311540460A CN 117254897 B CN117254897 B CN 117254897B
- Authority
- CN
- China
- Prior art keywords
- matrix
- key
- identity
- ciphertext
- auxiliary
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 239000011159 matrix material Substances 0.000 title claims abstract description 228
- 238000000034 method Methods 0.000 title claims abstract description 48
- 238000004364 calculation method Methods 0.000 claims abstract description 36
- 230000007704 transition Effects 0.000 claims abstract description 27
- 230000006870 function Effects 0.000 claims abstract description 14
- 239000013598 vector Substances 0.000 claims description 28
- 238000004422 calculation algorithm Methods 0.000 claims description 14
- 230000008569 process Effects 0.000 claims description 12
- 238000009826 distribution Methods 0.000 claims description 11
- 238000010276 construction Methods 0.000 claims description 9
- 238000005070 sampling Methods 0.000 claims description 9
- 230000001052 transient effect Effects 0.000 claims description 3
- 238000009827 uniform distribution Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 claims description 2
- 230000009286 beneficial effect Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 4
- 238000004590 computer program Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention discloses an identity matrix homomorphic encryption method based on fault-tolerant learning, which comprises the following steps: the sender generates a private key by using the identity trapdoor and the public parameter, generates a transition key and an auxiliary key corresponding to the user according to the identity matrix, the public parameter and the auxiliary matrix, and generates a public key by using the identity matrix, the transition key and the auxiliary key; generating a fault-tolerant learning problem instance by using the public key and the scrambling matrix, taking the fault-tolerant learning problem instance as a ciphertext auxiliary matrix, and encrypting the plaintext matrix by using the public key and the ciphertext auxiliary matrix; the receiving side carries out homomorphic calculation on the ciphertext according to the calculation function, and returns the obtained ciphertext matrix to the sending side; the sender decrypts the ciphertext matrix using the private key. The beneficial effects of the invention are as follows: by adding the transition key and the auxiliary key in a matrix form to generate the private key and the public key, the encryption space of the scheme is expanded, and convenient management and efficient multi-data encryption and decryption and homomorphic calculation aiming at a single user key are realized.
Description
Technical Field
The invention relates to the technical field of public key encryption, in particular to an identity base matrix homomorphic encryption method based on fault-tolerant learning.
Background
Identity-based encryption is a cryptographic scheme evolving from traditional public key encryption that allows the direct use of the user's identity (unique identifier) as a public key, avoiding the step of the sender obtaining the public key certificate of the receiver, simplifying the key management process and ensuring confidentiality of information.
Homomorphic encryption techniques, which allow any algebraic operation on ciphertext with knowledge of only common parameters and no knowledge of the key, allow the decryption result of the ciphertext to be identical to the result of performing the same operation on the plaintext, the flow of which is shown in fig. 1. The concept of homomorphic encryption is introduced into identity-based encryption to realize an identity-based homomorphic encryption scheme, and is the research focus in the field in recent years. Since 2013 Gentry first proposed identity-based homomorphic encryption, this field has been extensively studied. However, in recent years, identity-based homomorphic encryption schemes focus mainly on the computational task of single data, which is time and space consuming for large-scale data computation, resulting in inefficiency and excessive traffic.
The fault tolerant learning (Learning with Errors, LWE) problem is one derived difficulty problem based on lattice theory. The LWE problem includes both decision LWE and search LWE variants. In view of the fact that no effective quantum algorithm has been found to solve the LWE problem, encryption schemes based on fault tolerant learning assumptions are considered to have properties of anti-quantum computation. Therefore, the fault tolerant learning problem is widely used to ensure the security of homomorphic encryption schemes. However, the encryption scheme based on the fault-tolerant learning assumption still cannot solve the defects of the identity-based homomorphic encryption scheme, that is, the calculated amount is still too large, and the calculation efficiency is low.
Disclosure of Invention
Aiming at the problems, the invention provides an identity base matrix homomorphic encryption method based on fault-tolerant learning, which mainly solves the problems of overlarge calculated amount and low calculation efficiency of an encryption scheme based on fault-tolerant learning assumption.
The invention provides an identity base matrix homomorphic encryption method based on fault-tolerant learning, which comprises the following steps:
initializing a user Identity (ID) by a sender according to preset security parameters to obtain a master key and public parameters of a corresponding user;
the sender generates an identity matrix and an identity trapdoor of a corresponding user according to the user identity ID, the public parameter and the master key, generates a private key by using the identity trapdoor and the public parameter, generates a transition key and an auxiliary key of the corresponding user according to the identity matrix, the public parameter and the auxiliary matrix, and generates a public key by using the identity matrix, the transition key and the auxiliary key;
a sender acquires a plaintext matrix, generates a fault-tolerant learning problem instance by using the public key and the disturbing matrix, takes the fault-tolerant learning problem instance as a ciphertext auxiliary matrix, encrypts the plaintext matrix by using the public key and the ciphertext auxiliary matrix, and sends the ciphertext matrix and a calculation function obtained by encryption to a receiver;
the receiving side carries out homomorphic calculation on the ciphertext according to the calculation function, and returns the obtained ciphertext matrix to the sending side;
and the sender decrypts the ciphertext matrix by using the private key, and restores the plaintext message corresponding to the plaintext matrix.
The second aspect of the present invention proposes an identity base matrix homomorphic encryption system based on fault tolerant learning, comprising:
the initialization module is used for initializing the user identity ID according to preset security parameters to obtain a master key and public parameters of a corresponding user;
the key generation module is used for generating an identity matrix and an identity trapdoor of a corresponding user according to the user identity ID, the public parameter and the master key, generating a private key by using the identity trapdoor and the public parameter, generating a transition key and an auxiliary key of the corresponding user according to the identity matrix, the public parameter and the auxiliary matrix, and generating a public key by using the identity matrix, the transition key and the auxiliary key;
the encryption module is used for obtaining a plaintext matrix, generating a fault-tolerant learning problem instance by using the public key and the disturbing matrix, taking the fault-tolerant learning problem instance as a ciphertext auxiliary matrix, encrypting the plaintext matrix by using the public key and the ciphertext auxiliary matrix, and transmitting the ciphertext matrix and a calculation function obtained by encryption to a receiver;
the homomorphic calculation module is used for carrying out homomorphic calculation on the ciphertext according to the calculation function and returning the obtained ciphertext matrix to a sender;
and the decryption module is used for decrypting the ciphertext matrix by using the private key and restoring the plaintext message corresponding to the plaintext matrix.
The invention provides an identity matrix homomorphic encryption device based on fault-tolerant learning, which comprises a memory, a processor and a communication module, wherein the memory is used for storing executable program codes; the processor is coupled with the memory; and the processor calls the executable program codes stored in the memory to execute the identity base matrix homomorphic encryption method based on fault-tolerant learning.
A fourth aspect of the present invention proposes a computer-readable medium storing computer instructions for executing the above-described identity-based matrix homomorphic encryption method based on fault-tolerant learning when called.
The beneficial effects of the invention are as follows: by additionally arranging the transition key and the auxiliary key in a matrix form to generate the private key and the public key, the encryption space of the scheme is expanded, and convenient management and efficient multi-data encryption and decryption and homomorphic calculation aiming at the single-user key are realized, so that the problems that the common identity-based homomorphic encryption scheme based on fault-tolerant learning is large in calculated amount and low in calculation efficiency, and multi-data encryption and decryption and homomorphic calculation cannot be simultaneously carried out are solved.
Drawings
FIG. 1 is a schematic diagram of a homomorphic encryption process;
FIG. 2 is a schematic flow chart of an identity matrix homomorphic encryption method based on fault tolerant learning according to an embodiment of the invention;
FIG. 3 is a schematic diagram of an embodiment of the present invention discloses an identity-based matrix homomorphic encryption system based on fault-tolerant learning;
fig. 4 is a schematic structural diagram of an identity-based matrix homomorphic encryption device based on fault-tolerant learning according to a third embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the drawings and the detailed description below, in order to make the objects, technical solutions and advantages of the present invention more clear and distinct. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting thereof. It should be further noted that, for convenience of description, only some, but not all of the matters related to the present invention are shown in the accompanying drawings.
The embodiment provides an identity matrix homomorphic encryption method based on fault-tolerant learning, as shown in fig. 2, comprising the following steps:
s1, a sender initializes the user identity ID according to preset safety parameters to obtain a master key and public parameters of a corresponding user.
In S1 of this embodiment, the sender needs to preset a security parameter according to the security level of the scheme, where the parameters of matrix dimension, modulus, and sub-gaussian distribution in the scheme depend on the security parameter.
Specifically, the method for calculating the master key and the public parameter comprises the following steps:
s101, using a GenTrap algorithm to generate trapdoors by taking safety parameters as inputAnd with trapdoor->Trapdoor random matrix of information of (2)>. In this embodiment trapdoor +.>Means a secret parameter or information which can be decrypted effectively while maintaining the encryption strength, while the trapdoor random matrix +_>Is a matrix with random properties, comprising trapdoors->So that only trapdoor is known +.>Can effectively perform decryption operations.
The GenTrap algorithm is an algorithm for constructing trapdoor and trapdoor random matrix, the input of which is a security parameter, and the dimension and the parameter of the matrix depend on the size of the security parameter. In S101, trapdoor random matrixUsing a random moment subject to uniform distributionMatrix->A random matrix obeying the Gaussian distribution +.>And a fixed tool matrix->Constructing trapdoor random matrix->The corresponding trapdoor is->. Furthermore, the tool matrix described above->Is a constant matrix composed of a set of tool vectors, which are sequentially arranged according to powers of 2, i.eThe construction of the tool matrix is similar to the tool vector, except that it is expanded in dimension, i.e.,。
s102, generating random matrix sequences with equal length and independent and same distribution aiming at the ID length of the user identity ID, wherein the user identitySubscript->Representing the ID length.
S103, generating random vector sequences obeying uniform distribution by using pseudo-random number generator。
The above-described pseudo-random number generator is a random output algorithm for generating a sequence of numbers having randomness on the surface. Specifically, the generator uses an initial seed to initialize the state of the algorithm. Once the initialization is complete, the pseudorandom number generator generates a new state by transforming, mixing, and operating on the initial seed, and ultimately calculates one or more random values based on the updated state.
S104, trapdoor is to be openedOutput as master key, i.e. master key +.>And random matrix of trapdoor->Random matrix sequence->Random vector sequence->And ID length->As a common parameter +.>And outputting.
S2, the sender generates an identity matrix and an identity trapdoor of a corresponding user according to the identity ID of the user, the public parameters and the master key, generates a private key by using the identity trapdoor and the public parameters, generates a transition key and an auxiliary key of the corresponding user according to the identity matrix, the public parameters and the auxiliary matrix, and generates a public key by using the identity matrix, the transition key and the auxiliary key.
The calculation method of the private key and the public key comprises the following steps:
s201, with ID lengthFor reference, trapdoor random matrix +.>And the entire random matrix sequence +.>Commonly constructing identity matrix->。
In particular, identity matrixThe structure of (2) is as follows:
wherein,representing the trapdoor random matrix,>representing the ith in the random matrix sequence.
Then, and in an identity matrixAnd master key->As input to the ExtBusis algorithm, the identity matrix is obtained +.>Corresponding identity trapdoor->。
The ExtBusis algorithm is an extended version of the trapdoor and trapdoor random matrix generation algorithm, which is based on a given pair of trapdoor and trapdoor random matricesPerforming trapdoor random matrixExpanding and splicing any random matrixTrapdoor +.corresponding to trapdoor random matrix is generated>。
S202, adopting Sample sampling method to obtain random vector sequenceIdentity matrix->Corresponding identity trapdoor->To obtain a new set of random vectors +.>And combining the identity matrix and the random vector group to obtain a private key.
The main objective of S202 is to calculate the private key, specifically, to sequence random vectorsIdentity matrix->And identity trapdoor->Obtaining a plurality of vectors according to Sample sampling method>Let->The respective vectors are +.>Sequentially arranged to form a matrixMatrix->Binding identity matrix->Constitute private key->。
The Sample sampling method described above is an algorithm for sampling a random matrix of trapdoors based on a given pair of identity trapdoorsAnd identity matrix->And then select any random vector +.>A sample vector can be generated>So that。
S203, random vector sequenceAnd identity matrix->Common construction of transition keys->Constructing an auxiliary key using a preset auxiliary matrix>The transition key +.>Auxiliary and auxiliary deviceKey->Common construction public key->。
The main objective of S203 is to calculate a public key, and in this embodiment, the construction formula of the transition key is as follows:
in the method, in the process of the invention,representing the random vector sequence->Transpose of matrices formed by successive arrangements, i.e.,/>Representing identity matrix->Is a transpose of (2);
the construction formula of the auxiliary key is as follows:
in the method, in the process of the invention,representing a matrix with only the ith, j bits being 1 and the other positions being 0, +.>Represents a private key->The matrix of the tool is represented as such,/>representing the transient key->Representing a binary random matrix.
S3, the sender acquires a plaintext matrix, generates a fault-tolerant learning problem instance by using the public key and the scrambling matrix, takes the fault-tolerant learning problem instance as a ciphertext auxiliary matrix, encrypts the plaintext matrix by using the public key and the ciphertext auxiliary matrix, and sends the ciphertext matrix and the calculation function obtained by encryption to the receiver.
The encryption process of the plaintext matrix comprises the following steps:
s301, mapping the plaintext matrix according to a preset filling requirementFilling; the main objective of S301 is to make the plaintext matrix meet the matrix multiplication requirement, specifically, the plaintext matrix is an r×r matrix, and zero matrix is used for the original plaintext matrix +.>Filling is carried out.
S302, binary random matrixAnd a noise matrix obeying a sub-Gaussian distribution>A scrambling matrix is generated.
The binary random matrix in this embodiment means that each element in the matrix can only take two values of 0 or 1. In addition, the noise matrix of the sub-Gaussian distribution is a probability distribution with the characteristic of quicker decay of the tail part, and the tail probability of the noise matrix is more concentrated than that of the general probability distribution. Specifically, for a random variableIf there is a constant->So that for any ∈ ->The following inequality holds: />. Wherein (1)>Is->The absolute value of (2) is greater than +.>Is a probability of (2).
By using a noise matrix with sub-Gaussian distribution, the characteristic of fast attenuation of the tail is utilized, so that noise items are concentrated in a smaller range, and stronger safety is constructed.
S303, using the transition keyAnd generating a fault-tolerant learning problem instance by using the scrambling matrix, and taking the fault-tolerant learning problem instance as a ciphertext auxiliary matrix.
The main purpose of S303 is to calculate a ciphertext auxiliary matrix, which in one example。
Specifically, given a published matrixAnd a noise matrix comprising noise>The objective of the matrix fault-tolerant learning problem is to pass through the known ciphertext matrix +.>Public matrix->And binary random matrix->To recover the noise matrix->I.e. removing noise from the encrypted data. Due to the randomness of the noise, the noise matrix is recovered from the linear equation>Becomes relatively difficult. The invention adopts sub-Gaussian distribution as probability distribution of noise, thereby constructing a matrix fault-tolerant learning problem example to ensure the safety of the scheme.
S304, generating a ciphertext matrix by using the public key and the ciphertext auxiliary matrix.
Ciphertext matrixRepresenting ciphertext auxiliary matrix, < >>Is an auxiliary key->Is a plaintext matrix->I, j elements of (c).
S4, the receiving side carries out homomorphic calculation on the ciphertext according to the calculation function, and returns the obtained ciphertext matrix to the sending side.
In S4, the homomorphism calculation described above includes:
s401, directly adding two ciphertext matrixes,。
s402, alternatively, decomposing one of the ciphers by adopting a sub-Gaussian random sampling methodThe text matrix multiplies the decomposed ciphertext matrix with another ciphertext matrix,。
the sub-Gaussian random sampling method is a random and effective calculation functionAccording to a matrixFunction->Outputting a matrix such that +.>This is true.
S5, the sender decrypts the ciphertext matrix by using the private key, and restores the plaintext message corresponding to the plaintext matrix.
The decryption process of the ciphertext matrix comprises the following steps: the key matrix and the ciphertext matrix are respectively calculated by inner product according to rows and columns, and then rounding and rounding operations are carried out to restore the plaintext message。
Example two
The embodiment provides an identity base matrix homomorphic encryption system based on fault-tolerant learning, which comprises the following steps:
an initialization module 201, configured to initialize a user identity ID according to a preset security parameter, to obtain a master key and a public parameter of a corresponding user;
a key generation module 202, configured to generate an identity matrix and an identity trapdoor of a corresponding user according to the user identity ID, the public parameter and the master key, generate a private key using the identity trapdoor and the public parameter, then generate a transition key and an auxiliary key of the corresponding user according to the identity matrix, the public parameter and the auxiliary matrix, and generate a public key by using the identity matrix, the transition key and the auxiliary key;
the encryption module 203 is configured to obtain a plaintext matrix, generate a fault-tolerant learning problem instance by using a public key and a scrambling matrix, use the fault-tolerant learning problem instance as a ciphertext auxiliary matrix, encrypt the plaintext matrix by using the public key and the ciphertext auxiliary matrix, and send the ciphertext matrix and a calculation function obtained by encryption to a receiver;
the homomorphic calculation module 204 is configured to perform homomorphic calculation on the ciphertext according to the calculation function, and return the obtained ciphertext matrix to the sender;
the decryption module 205 is configured to decrypt the ciphertext matrix by using the private key, and restore a plaintext message corresponding to the plaintext matrix.
The specific functions of the modules 201-205 in this embodiment can refer to S1-S5 in the first embodiment, and will not be described herein.
Example III
Referring to fig. 4, fig. 4 is a schematic structural diagram of another identity-based matrix homomorphic encryption device based on fault-tolerant learning according to an embodiment of the invention. As shown in fig. 4, the control platform may include:
a memory 301 storing executable program code;
a processor 302 coupled with the memory 301;
the processor 302 invokes executable program code stored in the memory 301 for performing the steps in the identity-based matrix homomorphic encryption method based on fault-tolerant learning described in embodiment one.
Example IV
The embodiment of the invention discloses a computer program product, which comprises a non-transitory computer readable storage medium storing a computer program, and the computer program is operable to make a computer execute the steps in the identity matrix homomorphic encryption method based on fault tolerant learning described in the embodiment.
The apparatus embodiments described above are merely illustrative, wherein the modules illustrated as separate components may or may not be physically separate, and the components shown as modules may or may not be physical, i.e., may be located in one place, or may be distributed over a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
From the above detailed description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course by means of hardware. Based on such understanding, the foregoing technical solutions may be embodied essentially or in part in the form of a software product that may be stored in a computer-readable storage medium including Read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), programmable Read-Only Memory (Programmable Read-Only Memory, PROM), erasable programmable Read-Only Memory (Erasable Programmable Read Only Memory, EPROM), one-time programmable Read-Only Memory (OTPROM), electrically erasable programmable Read-Only Memory (EEPROM), compact disc Read-Only Memory (Compact Disc Read-Only Memory, CD-ROM) or other optical disc Memory, magnetic disc Memory, tape Memory, or any other medium that can be used for computer-readable carrying or storing data.
Finally, it should be noted that: the embodiment of the invention discloses an identity matrix homomorphic encryption method and device based on fault-tolerant learning, which are disclosed by the embodiment of the invention only for illustrating the technical scheme of the invention, but not limiting the technical scheme; although the invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art will understand that; the technical scheme recorded in the various embodiments can be modified or part of technical features in the technical scheme can be replaced equivalently; such modifications and substitutions do not depart from the spirit and scope of the corresponding technical solutions.
Claims (7)
1. The identity base matrix homomorphic encryption method based on fault-tolerant learning is characterized by comprising the following steps of:
initializing a user Identity (ID) by a sender according to preset security parameters to obtain a master key and public parameters of a corresponding user; the method for calculating the master key and the public parameter comprises the following steps: using the safety parameters as input, and generating trapdoor random matrixes with trapdoor information by using a Gentrap algorithm; generating random matrix sequences which are equal in length and are independently and uniformly distributed aiming at the ID length of the user identity ID; generating a random vector sequence obeying uniform distribution by using a pseudo-random number generator; outputting the trapdoor as the master key, and outputting the trapdoor random matrix, the random matrix sequence, the random vector sequence and the ID length as the public parameters;
the sender generates an identity matrix and an identity trapdoor of a corresponding user according to the user identity ID, the public parameter and the master key, generates a private key by using the identity trapdoor and the public parameter, generates a transition key and an auxiliary key of the corresponding user according to the identity matrix, the public parameter and the auxiliary matrix, and generates a public key by using the identity matrix, the transition key and the auxiliary key; the calculation method of the private key and the public key comprises the following steps: constructing the identity matrix by taking the ID length as a reference and jointly constructing the trapdoor random matrix and all the random matrix sequences, and acquiring an identity trapdoor corresponding to the identity matrix by taking the identity matrix and the master key as the input of an ExtBusis algorithm; obtaining a new random vector group from the random vector sequence, the identity matrix and the corresponding identity trapdoor by adopting a Sample sampling method, and combining an identity matrix and the random vector group to obtain the private key; constructing a transition key by the random vector sequence and the identity matrix, constructing an auxiliary key by adopting a preset auxiliary matrix, and constructing the public key by the transition key and the auxiliary key; the construction formula of the transition key is as follows:
in the method, in the process of the invention,representing the random vector sequence->Transpose of matrices formed by sequential arrangement, i.e.)>,Representing identity matrix->Is a transpose of (2);
the construction formula of the auxiliary key is as follows:
in the method, in the process of the invention,representing a matrix with only the ith, j bits being 1 and the other positions being 0, +.>Represents a private key->The matrix of the tool is represented as such,representing the transient key->Representing a binary random matrix;
a sender acquires a plaintext matrix, generates a fault-tolerant learning problem instance by using the public key and the disturbing matrix, takes the fault-tolerant learning problem instance as a ciphertext auxiliary matrix, encrypts the plaintext matrix by using the public key and the ciphertext auxiliary matrix, and sends the ciphertext matrix and a calculation function obtained by encryption to a receiver;
the receiving side carries out homomorphic calculation on the ciphertext according to the calculation function, and returns the obtained ciphertext matrix to the sending side;
and the sender decrypts the ciphertext matrix by using the private key, and restores the plaintext message corresponding to the plaintext matrix.
2. The identity matrix homomorphic encryption method based on fault-tolerant learning of claim 1, wherein the encryption process of the plaintext matrix comprises:
filling the plaintext matrix according to a preset filling requirement;
generating a disturbing matrix by a binary random matrix and a noise matrix conforming to sub-Gaussian distribution;
generating a fault-tolerant learning problem instance by using the transition key and the disturbing matrix, and taking the fault-tolerant learning problem instance as a ciphertext auxiliary matrix;
the ciphertext matrix is generated using the public key and the ciphertext auxiliary matrix.
3. The identity-based matrix homomorphic encryption method based on fault-tolerant learning of claim 1, wherein the homomorphic calculation comprises: and directly adding the two ciphertext matrixes, or decomposing one ciphertext matrix by adopting a sub-Gaussian random sampling method, and multiplying the decomposed ciphertext matrix with the other ciphertext matrix.
4. The identity-based matrix homomorphic encryption method based on fault-tolerant learning of claim 1, wherein the decryption process of the ciphertext matrix comprises: and respectively carrying out rounding and rounding operations after carrying out inner product calculation on the key matrix and the ciphertext matrix according to rows and columns, and restoring the plaintext message.
5. An identity matrix homomorphic encryption system based on fault tolerant learning, comprising:
the initialization module is used for initializing the user identity ID according to preset security parameters to obtain a master key and public parameters of a corresponding user; the method for calculating the master key and the public parameter comprises the following steps: using the safety parameters as input, and generating trapdoor random matrixes with trapdoor information by using a Gentrap algorithm; generating random matrix sequences which are equal in length and are independently and uniformly distributed aiming at the ID length of the user identity ID; generating a random vector sequence obeying uniform distribution by using a pseudo-random number generator; outputting the trapdoor as the master key, and outputting the trapdoor random matrix, the random matrix sequence, the random vector sequence and the ID length as the public parameters;
the key generation module is used for generating an identity matrix and an identity trapdoor of a corresponding user according to the user identity ID, the public parameter and the master key, generating a private key by using the identity trapdoor and the public parameter, generating a transition key and an auxiliary key of the corresponding user according to the identity matrix, the public parameter and the auxiliary matrix, and generating a public key by using the identity matrix, the transition key and the auxiliary key; the calculation method of the private key and the public key comprises the following steps: constructing the identity matrix by taking the ID length as a reference and jointly constructing the trapdoor random matrix and all the random matrix sequences, and acquiring an identity trapdoor corresponding to the identity matrix by taking the identity matrix and the master key as the input of an ExtBusis algorithm; obtaining a new random vector group from the random vector sequence, the identity matrix and the corresponding identity trapdoor by adopting a Sample sampling method, and combining an identity matrix and the random vector group to obtain the private key; constructing a transition key by the random vector sequence and the identity matrix, constructing an auxiliary key by adopting a preset auxiliary matrix, and constructing the public key by the transition key and the auxiliary key; the construction formula of the transition key is as follows:
in the method, in the process of the invention,representing the random vector sequence->Transpose of matrices formed by sequential arrangement, i.e.)>,Representing identity matrix->Is a transpose of (2);
the construction formula of the auxiliary key is as follows:
in the method, in the process of the invention,representing a matrix with only the ith, j bits being 1 and the other positions being 0, +.>Represents a private key->The matrix of the tool is represented as such,representing the transient key->Representing a binary random matrix;
the encryption module is used for obtaining a plaintext matrix, generating a fault-tolerant learning problem instance by using the public key and the disturbing matrix, taking the fault-tolerant learning problem instance as a ciphertext auxiliary matrix, encrypting the plaintext matrix by using the public key and the ciphertext auxiliary matrix, and transmitting the ciphertext matrix and a calculation function obtained by encryption to a receiver;
the homomorphic calculation module is used for carrying out homomorphic calculation on the ciphertext according to the calculation function and returning the obtained ciphertext matrix to a sender;
and the decryption module is used for decrypting the ciphertext matrix by using the private key and restoring the plaintext message corresponding to the plaintext matrix.
6. An identity matrix homomorphic encryption device based on fault-tolerant learning is characterized by comprising a memory, a processor and a communication module, wherein,
the memory is used for storing executable program codes;
the processor is coupled with the memory;
the processor invokes the executable program code stored in the memory to perform the fault tolerant learning based identity matrix homomorphic encryption method of any one of claims 1-4.
7. A computer-storable medium storing computer instructions that, when invoked, perform the fault-tolerant learning-based identity-based homomorphic encryption method of any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311540460.9A CN117254897B (en) | 2023-11-20 | 2023-11-20 | Identity base matrix homomorphic encryption method based on fault-tolerant learning |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311540460.9A CN117254897B (en) | 2023-11-20 | 2023-11-20 | Identity base matrix homomorphic encryption method based on fault-tolerant learning |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117254897A CN117254897A (en) | 2023-12-19 |
| CN117254897B true CN117254897B (en) | 2024-02-02 |
Family
ID=89135429
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311540460.9A Active CN117254897B (en) | 2023-11-20 | 2023-11-20 | Identity base matrix homomorphic encryption method based on fault-tolerant learning |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117254897B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107425955A (en) * | 2017-06-23 | 2017-12-01 | 河南理工大学 | A kind of identity base graded encryption method on lattice that can efficiently fix the derivation of dimension trapdoor |
| CN116896439A (en) * | 2023-08-18 | 2023-10-17 | 广州芳禾数据有限公司 | Text and travel data privacy calculation method and system based on multi-key homomorphic encryption |
| WO2023212391A1 (en) * | 2022-04-29 | 2023-11-02 | Ntt Research, Inc. | Ciphertext-policy attribute-based encryption with post-quantum security for broadcast systems |
-
2023
- 2023-11-20 CN CN202311540460.9A patent/CN117254897B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107425955A (en) * | 2017-06-23 | 2017-12-01 | 河南理工大学 | A kind of identity base graded encryption method on lattice that can efficiently fix the derivation of dimension trapdoor |
| WO2023212391A1 (en) * | 2022-04-29 | 2023-11-02 | Ntt Research, Inc. | Ciphertext-policy attribute-based encryption with post-quantum security for broadcast systems |
| CN116896439A (en) * | 2023-08-18 | 2023-10-17 | 广州芳禾数据有限公司 | Text and travel data privacy calculation method and system based on multi-key homomorphic encryption |
Non-Patent Citations (1)
| Title |
|---|
| 格上基于身份的全同态加密方案研究;胡明星;《CNKI中国优秀硕士学位论文全文数据库》;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117254897A (en) | 2023-12-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6720424B1 (en) | Key sharing device and method | |
| US9973334B2 (en) | Homomorphically-created symmetric key | |
| Acharya et al. | Image encryption using advanced hill cipher algorithm | |
| EP3583739B1 (en) | Key exchange devices and method | |
| US9264406B2 (en) | Public key cryptography with reduced computational load | |
| CN108183791B (en) | Intelligent terminal data security processing method and system applied to cloud environment | |
| CN111404952B (en) | Transformer substation data encryption transmission method and device, computer equipment and storage medium | |
| CN111010266B (en) | Message encryption and decryption, reading and writing method and device, computer equipment and storage medium | |
| Agrawal et al. | Elliptic curve cryptography with hill cipher generation for secure text cryptosystem | |
| CN115102688B (en) | Data processing method, polynomial calculation method and electronic equipment | |
| RU2459276C1 (en) | Method for coding of m message represented as multidigit binary number | |
| CN110851845A (en) | Light-weight single-user multi-data all-homomorphic data packaging method | |
| CN104396182A (en) | Method of encrypting data | |
| CN111817853B (en) | Signcryption algorithm for post-quantum security | |
| CN117254897B (en) | Identity base matrix homomorphic encryption method based on fault-tolerant learning | |
| CN107465508B (en) | Method, system and equipment for constructing true random number by combining software and hardware | |
| EP0605047B1 (en) | Method for blockwise encryption/decryption using linear algebraic codes | |
| JP5945525B2 (en) | KEY EXCHANGE SYSTEM, KEY EXCHANGE DEVICE, ITS METHOD, AND PROGRAM | |
| RU2780150C1 (en) | System for homomorphic data encryption based on a system of residual classes | |
| RU2580060C1 (en) | Method to encrypt messages, represented as a multi-bit binary number | |
| CN114244552B (en) | Data encryption transmission method and device based on block chain | |
| CN112822026B (en) | Digital signature method, device and system | |
| CN111314051A (en) | Encryption and decryption method and device | |
| CN114900442B (en) | Method for predicting business data and related product thereof | |
| CN115801227B (en) | Method and device for generating substitution table |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |