支持门限解密的多身份全同态加密方案
Multi-identity Fully Homomorphic Encryption Scheme Supporting Threshold Decryption
作者:杨晓元(武警工程大学 密码工程学院, 陕西 西安 710086;网络和信息安全武警部队重点实验室, 陕西 西安 710086);涂广升(武警工程大学 密码工程学院, 陕西 西安 710086;网络和信息安全武警部队重点实验室, 陕西 西安 710086);孔咏骏(武警工程大学 密码工程学院, 陕西 西安 710086;网络和信息安全武警部队重点实验室, 陕西 西安 710086);周潭平(武警工程大学 密码工程学院, 陕西 西安 710086;网络和信息安全武警部队重点实验室, 陕西 西安 710086)
Author:YANG Xiaoyuan(School of Cryptographic Eng., Eng. Univ. of PAP, Xi'an 710086, China;Key Lab. of Network and Information Security of PAP, Xi'an 710086, China);TU Guangsheng(School of Cryptographic Eng., Eng. Univ. of PAP, Xi'an 710086, China;Key Lab. of Network and Information Security of PAP, Xi'an 710086, China);KONG Yongjun(School of Cryptographic Eng., Eng. Univ. of PAP, Xi'an 710086, China;Key Lab. of Network and Information Security of PAP, Xi'an 710086, China);ZHOU Tanping(School of Cryptographic Eng., Eng. Univ. of PAP, Xi'an 710086, China;Key Lab. of Network and Information Security of PAP, Xi'an 710086, China)
收稿日期:2018-11-14 年卷(期)页码:2019,51(4):133-139
期刊名称:工程科学与技术
Journal Name:Advanced Engineering Sciences
关键字:身份基加密;全同态加密;多身份;门限解密
Key words:identity-based encryption;fully homomorphic encryption;multi-identity;threshold decryption
基金项目:国家重点研发计划项目(2017YFB0802000);国家自然科学基金项目(U1636114;61772550;61572521);国家密码发展基金项目(MMJJ20170112)
中文摘要
针对传统的身份基全同态加密方案只能对同一身份下的密文进行同态运算和访问控制的问题,提出了一个基于LWE问题的多身份全同态加密方案。首先,使用工具矩阵得到新的加解密形式,约减噪音,并改变身份基加密中底层格基的维度,对身份基全同态加密方案进行优化。其次,利用多密钥全同态转化机制,构造身份基全同态加密方案的屏蔽系统,生成辅助密文。最后,将多密钥全同态加密中的多用户场景延伸到多身份场景,构造多身份全同态加密方案,实现对不同身份下密文的同态运算和访问控制。结果表明,本方案实现了身份基加密与多密钥全同态加密的结合,并证明为选择身份下的IND-CPA安全。与其他方案相比,本方案加密单比特明文消息时密文规模更小,对密文进行同态运算时噪音扩张率更低,并且允许多个PKG参与密钥的生成、分发。同时,给出本方案的门限解密过程,据此可以构造一个2轮多方计算协议。
英文摘要
In order to solve the problem that traditional identity-based fully homomorphic encryption schemes can only perform homomorphic operations and access control on ciphertexts under the same identity, a multi-identity fully homomorphic encryption scheme was proposed based on LWE problem. Firstly, the identity-based fully homomorphic encryption scheme was optimized by using a gadget matrix and a new form of encryption and decryption was obtained, which reduced noise, and changed the dimension of the underlying lattice basis in the identity-based encryption. Secondly, by using the multi-key fully homomorphic transformation mechanism, the masking system was constructed to generate auxiliary ciphertext. Finally, the multi-identity fully homomorphic encryption scheme was constructed to handle ciphertexts under different identities in which the multi-key scenario was extended to the multi-identity scenario. The results showed that the proposed scheme combined identity-based encryption with multi-key fully homomorphic encryption, and was proved to be IND-CPA security under the selected identity. Compared with other schemes, the ciphertext size and noise expansion were reduced when encrypting a single-bit message and evaluating ciphertexts, and more PKGs were allowed to participate in the generation and distribution of private key. Meanwhile, a 2-round multi-party computation protocol could be constructed by the given threshold decryption scheme.
【关闭】
