基于 LWE 的全同态身份基广播加密方案

doi:10.13868/j.cnki.jcr.000215

摘要
图/表
参考文献(22)
相关文章 (10)

全文: PDF (742 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要

全同态加密方案是一类允许第三方在不知晓解密密钥的前提下对密文进行任意运算的加密方案, 为云计算场景下数据隐私保护提供了有效的密码学工具, 具有重要的应用价值. 在复杂的网络环境下, 消息的接收者往往不是单一的. 如何将一个具备可计算性的密文安全地分享给一个任意选定的接收者集合, 是传统的全同态加密方案尚未解决的问题. 本文结合全同态加密和身份基广播加密的思想, 提出了新的密码学原型——全同态身份基广播加密(identity based broadcast fully homomorphic encryption, IBBFHE), 并基于LWE困难问题假设给出了具体的方案. 数据通过IBBFHE方案加密后允许不具备解密能力的第三方进行同态运算, 且仅能被指定集合内的接收者正确解密, 从而实现了云计算环境下数据的动态群组分享. 本文在LWE假设下, 证明了所提方案的抗半适应性选择身份集合选择明文攻击的安全性. 由于LWE 问题是公认的抗量子攻击难题, 本方案也具备抗量子攻击的安全性.

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	冯翰文
	刘建伟
	伍前红

关键词 ：全同态加密, 身份基广播加密, LWE 问题, 抗量子密码学

Abstract：

Fully homomorphic encryption (FHE) is an emerging public key encryption paradigm, which enables a third party to execute operations on ciphertexts without knowing the decryption key. It can serve as a powerful cryptographic tool for data privacy protection in cloud computing environment, and has significant applications. However, in a complex network environment, a message may be received by multiple receivers. It has not been well solved by the traditional FHE schemes as how to share a computable ciphertext with an arbitrarily chosen set of receivers. Inspired by identity-based broadcast encryption, we introduce a novel cryptography primitive called identity-based broadcast fully homomorphic encryption (IBBFHE), and present a concrete scheme based on LWE assumption to solve the problem mentioned above. The data encrypted under IBBFHE schemes can still be homomorphic computed by third parties who do not have decryption abilities, and it can only be decrypted by the authorized receivers in a specific group. Thus, data secure sharing can be made possible in cloud computing environment. The IND-smCIS-CPA security of the proposed scheme under LWE assumption is proved. Furthermore, LWE problem is believed to be unsolvable by quantum computers, thus the proposed scheme also possesses this property.

Key words： fully homomorphic encryption (FHE) identity-based broadcast encryption LWE problem quantum-resistant cryptography

收稿日期: 2017-05-22

基金资助:

国家重点研发计划``现代服务业共性关键技术研发及应用示范''重点专项(2017YFB1400700); 国家自然科学基金(61672083, 61370190); 北京市自然科学基金(4182033); 北航金华北斗应用研究院开放资金(BARI1702)

通讯作者: 伍前红, E-mail: qianhong.wu@buaa.edu.cn

引用本文:

冯翰文, 刘建伟, 伍前红. 基于 LWE 的全同态身份基广播加密方案[J]. 密码学报, 2018, 5(1): 21-34.
FENG H W, LIU J W, WU Q H. Identity-based Broadcast Fully Homomorphic Encryption Scheme from LWE. Journal of Cryptologic Research, 2018, 5(1): 21-34.

链接本文:

http://www.jcr.cacrnet.org.cn/CN/10.13868/j.cnki.jcr.000215 或 http://www.jcr.cacrnet.org.cn/CN/Y2018/V5/I1/21

[1] FENG D G, ZHANG M, ZHANG Y, et al. Study on cloud computing security[J]. Journal of Software, 2011, 22(1): 71–83. [DOI: 10.3724/SP.J.1001.2011.03958]
[2] RIVEST R L, ADLEMAN L, DERTOUZOS M L. On data banks and privacy homomorphisms[J]. Foundations of Secure Computation, 1978, 4(11): 169–180.
[3] FIAT A, NAOR M. Broadcast encryption[C]. In: Advances in Cryptology—CRYPTO 1993. Springer Berlin Heidelberg, 1993: 480–491. [DOI: 10.1007/3-540-48329-2_40]
[4] GENTRY C, SAHAI A, WATERS B. Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attribute-based[C]. In: Advances in Cryptology—CRYPTO 2013. Springer Berlin Heidelberg, 2013: 75–92. [DOI: 10.1007/978-3-642-40041-4_5]
[5] WANG J, BI J. Lattice-based identity-based broadcast encryption[J]. IACR ePrint Archive, 2010: 2010/288.
[6] REGEV O. On lattices, learning with errors, random linear codes, and cryptography[J]. Journal of the ACM (JACM), 2009, 56(6): 34. [DOI: 10.1145/1568318.1568324]
[7] GENTRY C. A fully homomorphic encryption scheme[D]. Stanford University, 2009. http://crypto.stanford.edu/craig.
[8] BRAKERSKI Z, VAIKUNTANATHAN V. Fully homomorphic encryption from ring-LWE and security for key dependent messages[C]. In: Advances in Cryptology—CRYPTO 2011. Springer Berlin Heidelberg, 2011: 505–524. [DOI: 10.1007/978-3-642-22792-9_29]
[9] BRAKERSKI Z, VAIKUNTANATHAN V. Efficient fully homomorphic encryption from (standard) LWE[C]. In: IEEE 52nd Annual Symposium on Foundations of Computer Science—FOCS 2011. IEEE, 2011: 97–106. [DOI: 10.1109/FOCS.2011.12]
[10] BRAKERSKI Z, GENTRY C, VAIKUNTANATHAN V. (Leveled) fully homomorphic encryption without
boot-strapping[C]. In: Innovations in Theoretical Computer Science, 2012. ACM, 2012: 309–325. [DOI: 10.1145/2090236.2090262]
[11] DODIS Y, FAZIO N. Public key broadcast encryption for stateless receivers[C]. In: ACM Workshop on Digital Rights Management. Springer Berlin Heidelberg, 2002: 61–80. [DOI: 10.1007/978-3-540-44993-5_5]
[12] BONEH D, GENTRY C, WATERS B. Collusion resistant broadcast encryption with short ciphertexts and private keys[C]. In: Advances in Cryptology—CRYPTO 2005. Springer Berlin Heidelberg, 2005: 258–275. [DOI: 10.1007/11535218_16]
[13] LIBERT B, PATERSON K G, QUAGLIA E A. Anonymous broadcast encryption: Adaptive security and efficient constructions in the standard model[C]. In: 15th International Conference on Practice and Theory in Public Key Cryptography—PKC 2012. Springer Berlin Heidelberg, 206–224. [DOI: 10.1007/978-3-642-30057-8_13]
[14] DELERABLÉE C. Identity-based broadcast encryption with constant size ciphertexts and private keys[C]. In: Advances in Cryptology—ASIACRYPT 2007. Springer Berlin Heidelberg, 2007: 200–215. [DOI: 10.1007/978-3-540-76900-2_12]
[15] LIU W, LIU J, WU Q, et al. Practical chosen-ciphertext secure hierarchical identity-based broadcast encryption[J]. International Journal of Information Security, 2016, 15(1): 35–50. [DOI: 10.1007/s10207-015-0287-8]
[16] BONEH D, FRANKLIN M K. Identity-based encryption from the Weil pairing[C]. In: Advances in Cryptology—CRYPTO 2001. Springer Berlin Heidelberg, 2001: 213–229. [DOI: 10.1007/3-540-44647-8_13]
[17] GENTRY C, PEIKERT C, VAIKUNTANATHAN V. Trapdoors for hard lattices and new cryptographic constructions[C]. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing. ACM, 2008: 197–206. [DOI: 10.1145/1374376.1374407]
[18] CASH D, HOFHEINZ D, KILTZ E, et al. Bonsai trees, or how to delegate a lattice basis[C]. In: Advances in Cryptology—EUROCRYPT 2010. Springer Berlin Heidelberg, 2010: 523–552. [DOI: 10.1007/978-3-642-13190-5_27]
[19] CASH D, HOFHEINZ D, KILTZ E. How to delegate a lattice basis[J]. IACR Cryptology ePrint Archive 2009: 2009/351.
[20] PEIKERT C. A decade of lattice cryptography[J]. Foundations and Trends in Theoretical Computer Science, 2016, 10(4): 283–424. [DOI: 10.1561/0400000074]
[21] CLEAR M, MCGOLDRICK C. Multi-identity and multi-key leveled FHE from learning with errors[C]. In: Advances in Cryptology—CRYPTO 2015. Springer Berlin Heidelberg, 2015: 630–656. [DOI: 10.1007/978-3-662-48000-7_31]
[22] MICCIANCIO D, PEIKERT C. Trapdoors for lattices: Simpler, tighter, faster, smaller[C]. In: Advances in Cryptology—EUROCRYPT 2012. Springer Berlin Heidelberg, 2012: 700–718. [DOI: 10.1007/978-3-642-29011-4_41]