期刊文献+

云环境下基于多密钥全同态加密的定向解密协议设计 被引量:1

Design of Directional Decryption Protocol Based on Multi-key Fully Homomorphic Encryption in Cloud Environment
下载PDF
导出
摘要 如何在不泄露个人隐私的前提下,对多用户的隐私数据进行分析处理,是当前云环境下迫切需要解决的问题。多密钥全同态加密(Multi-key Fully Homomorphic Encryption,MKFHE)支持对不同用户(密钥)的密文数据进行分析处理,处理后的结果可由所有参与计算的用户联合解密,是实现云环境下多用户数据间安全分析与隐私保护的有力工具。当前主流的MKFHE在联合解密的过程中,通常需要利用安全多方计算中的相关技术,如OT(不经意传输)协议等,来保证广播过程的安全,从而使得解密过程较为复杂。与此同时,解密结果不具备可控性,即对于合法用户而言最终解密的场景并不适用。为了解决这一问题,文章设计实现了基于GSW型MKFHE的定向解密协议,协议底层的全同态加密方案基于误差学习问题(Learning with Errors,LWE),其安全性可以规约到标准模型下理想格的困难问题。该协议能够允许任意合法用户来执行最终的解密过程,相较于GSW型MKFHE方案MW16的解密过程,该解密协议增强了数据拥有者对于密文结果的可控性,且不需要使用安全多方计算中的相关技术,降低了解密过程的交互次数和复杂性,提高了解密过程效率,具有良好的应用前景。 How to analyze and process the privacy data of multiple users in the cloud environment without leaking personal privacy is an urgent problem to be solved.Multi-key fully homomorphic encryption(MKFHE)supports computations on encrypted data under different public keys(users),and the result ciphertext can be jointly decrypted by all involved users,which can be used to realize secure data process and privacy protection between different users in cloud environment.During the process of joint decryption,current MKFHE schemes usually need relevant techniques in secure multi-party computing(MPC),such as oblivious transfer(OT)protocol,to ensure the security of the ciphertexts broadcast process,thus making the decryption process complicated.Beyond that,the final decryption result is not controllable,which is not suitable for the scenario that we need the specified legitimate users to get the final result.In order to solve this problem,this paper designs a directional decryption protocol based on MKFHE,and protocol’s security is based on LWE(learning with errors)problem,which can be reduced to the worst-case hardness of problems on ideal lattices.Comparing to the decrypting process in MKFHE scheme MW16,the directional decryption protocol in this paper allows any legitimate user to perform the final decryption process,thus enhance the controllability of decryption result for the data owner.Moreover,the relevant techniques of MPC are not needed in our protocol,which reduces the complexity of the decryption process,and is promising for future applications.
作者 李宁波 周昊楠 车小亮 杨晓元 LI Ningbo;ZHOU Haonan;CHE Xiaoliang;YANG Xiaoyuan(Key Laboratory of Network&Information Security under the People’s Armed Police,Xi’an 710086,China;Engineering University of People's Armed Police,Xi’an 710086,China)
出处 《信息网络安全》 CSCD 北大核心 2020年第6期10-16,共7页 Netinfo Security
基金 国家重点研发计划[2017YFB0802000] 国家自然科学基金[U1636114] 陕西省自然科学基金[2018JM6028]。
关键词 多密钥全同态加密 隐私保护 定向解密 multi-key fully homomorphic encryption privacy protection directional decryption
  • 相关文献

参考文献3

二级参考文献73

  • 1吴光远,何丕廉,曹桂宏,聂颂.基于向量空间模型的词共现研究及其在文本分类中的应用[J].计算机应用,2003,23(z1):138-140. 被引量:23
  • 2罗武庭.DJ—2可变矩形电子束曝光机的DMA驱动程序[J].LSI制造与测试,1989,10(4):20-26. 被引量:373
  • 3Organization for the Advancement of Structured Information Standards (OASIS) http://www.oasis-open.org/.
  • 4Distributed Management Task Force (DMTF) http://www.dmtf.org/home.
  • 5Cloud Security Alliance http://www.cloudsecurityalliance.org.
  • 6Crampton J, Martin K, Wild P. On key assignment for hierarchical access control. In: Guttan J, ed, Proc. of the 19th IEEE Computer Security Foundations Workshop--CSFW 2006. Venice: IEEE Computer Society Press, 2006. 5-7.
  • 7Damiani E, De S, Vimercati C, Foresti S, Jajodia S, Paraboschi S, Samarati P. An experimental evaluation of multi-key strategies for data outsourcing. In: Venter HS, Eloff MM, Labuschagne L, Eloff JHP, Solms RV, eds. New Approaches for Security, Privacy and Trust in Complex Environments, Proc. of the IFIP TC-11 22nd Int'l Information Security Conf. Sandton: Springer-Verlag, 2007. 395-396.
  • 8Bethencourt J, Sahai A, Waters B. Ciphertext-Policy attribute-based encryption. In: Shands D, ed. Proc. of the 2007 IEEE Symp. on Security and Privacy. Oakland: IEEE Computer Society, 2007. 321-334. [doi: 10.1109/SP.2007.11].
  • 9Yu S, Ren K, Lou W, Li J. Defending against key abuse attacks in KP-ABE enabled broadcast systems. In: Bao F, ed. Proc. of the 5th Int'l Conf. on Security and Privacy in Communication Networks. Singapore: Springer-Verlag, http://www.linkpdf.com/ ebook-viewer.php?url=http://www.ualr.edu/sxyul/file/SecureCommO9_AFKP_ABE.pdf.
  • 10Ibraimi L, Petkovic M, Nikova S, Hartel P, Jonker W. Ciphertext-Policy attribute-based threshold decryption with flexible delegation and revocation of user attributes. Technical Report, Centre for Telematics and Information Technology, University of Twente, 2009.

共引文献1109

同被引文献14

引证文献1

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部