针对外包数据库的数据机密性和完整性等安全问题,结合数据库加密和NTRU(Number Theory Research Unit)签名技术,提出一种安全有效的密钥管理方案.方案中首先用户由数据表的结构特点选择属性参数,产生数据加密密钥,对数据进行加密保护.其...针对外包数据库的数据机密性和完整性等安全问题,结合数据库加密和NTRU(Number Theory Research Unit)签名技术,提出一种安全有效的密钥管理方案.方案中首先用户由数据表的结构特点选择属性参数,产生数据加密密钥,对数据进行加密保护.其次,通过对密文数据进行基于多项式环密码体制的签名,实现数据的完整性保护.最后将密文数据和签名数据一起存放到外包数据库中,而数据加密密钥储存到本地安全数据库中,并由系统主密钥加密保护,系统主密钥和签名验证密钥安全存放在硬件安全模块中.此外,解密数据时先验证请求数据的NTRU签名,如果验证通过则可以解密数据,否则不需要解密数据.实验中分别比较了密钥管理方案中密钥生成算法以及NTRU签名的效率,结果表明该方案安全有效,并且在不同的加密算法下该密钥管理方案均是安全稳定的,可以同时提供数据机密性保护和完整保护.展开更多
Identity-based signature has become an important technique for lightweight authentication as soon as it was proposed in 1984.Thereafter,identity-based signature schemes based on the integer factorization problem and d...Identity-based signature has become an important technique for lightweight authentication as soon as it was proposed in 1984.Thereafter,identity-based signature schemes based on the integer factorization problem and discrete logarithm problem were proposed one after another.Nevertheless,the rapid development of quantum computers makes them insecure.Recently,many efforts have been made to construct identity-based signatures over lattice assumptions against attacks in the quantum era.However,their efficiency is not very satisfactory.In this study,an efficient identity-based signature scheme is presented over the number theory research unit(NTRU) lattice assumption.The new scheme is more efficient than other lattice-and identity-based signature schemes.The new scheme proves to be unforgeable against the adaptively chosen message attack in the random oracle model under the hardness of the γ-shortest vector problem on the NTRU lattice.展开更多
文摘针对外包数据库的数据机密性和完整性等安全问题,结合数据库加密和NTRU(Number Theory Research Unit)签名技术,提出一种安全有效的密钥管理方案.方案中首先用户由数据表的结构特点选择属性参数,产生数据加密密钥,对数据进行加密保护.其次,通过对密文数据进行基于多项式环密码体制的签名,实现数据的完整性保护.最后将密文数据和签名数据一起存放到外包数据库中,而数据加密密钥储存到本地安全数据库中,并由系统主密钥加密保护,系统主密钥和签名验证密钥安全存放在硬件安全模块中.此外,解密数据时先验证请求数据的NTRU签名,如果验证通过则可以解密数据,否则不需要解密数据.实验中分别比较了密钥管理方案中密钥生成算法以及NTRU签名的效率,结果表明该方案安全有效,并且在不同的加密算法下该密钥管理方案均是安全稳定的,可以同时提供数据机密性保护和完整保护.
基金supported by the National Natural Science Foundation of China(Nos.61173151,61472309,and 61303217)the Fundamental Research Funds for the Central Universities,China(No.JB140115)the Natural Science Foundation of Shaanxi Province,China(Nos.2013JQ8002 and 2014JQ8313)
文摘Identity-based signature has become an important technique for lightweight authentication as soon as it was proposed in 1984.Thereafter,identity-based signature schemes based on the integer factorization problem and discrete logarithm problem were proposed one after another.Nevertheless,the rapid development of quantum computers makes them insecure.Recently,many efforts have been made to construct identity-based signatures over lattice assumptions against attacks in the quantum era.However,their efficiency is not very satisfactory.In this study,an efficient identity-based signature scheme is presented over the number theory research unit(NTRU) lattice assumption.The new scheme is more efficient than other lattice-and identity-based signature schemes.The new scheme proves to be unforgeable against the adaptively chosen message attack in the random oracle model under the hardness of the γ-shortest vector problem on the NTRU lattice.
