本文關(guān)鍵詞：線性映射在安全協(xié)議中的應(yīng)用研究　出處：《西安電子科技大學(xué)》2016年博士論文　論文類型：學(xué)位論文

  更多相關(guān)文章： 線性映射 可驗(yàn)證計(jì)算 函數(shù)加密 重加密 安全多方計(jì)算

【摘要】：線性映射或線性對(duì)作為一個(gè)強(qiáng)有力的數(shù)學(xué)工具,在現(xiàn)代密碼學(xué)中扮演著重要的角色,大量密碼學(xué)方案基于各種線性映射來構(gòu)造。密碼學(xué)中使用的線性映射主要分為雙線性映射和多線性映射,兩者在現(xiàn)代密碼學(xué)中都有相當(dāng)多的應(yīng)用場(chǎng)景。自一輪三方Diffie-Hellman密鑰交換協(xié)議和基于身份的加密方案起,雙線性映射方面的研究就成為了現(xiàn)代密碼學(xué)研究的主流方向之一。此外,作為一個(gè)已經(jīng)較為成熟的工具,雙線性映射的典型應(yīng)用還包括：基于屬性的加密／簽名方案,部分函數(shù)加密方案,高效的非交互零知識(shí)證明系統(tǒng)等。多線性映射雖然仍不是非常成熟,但作為一個(gè)前景十分光明的密碼學(xué)工具,其亦在一些領(lǐng)域中得到了應(yīng)用,如不可區(qū)分混淆�；谠撁艽a學(xué)原語(yǔ),近些年來有許多新穎的方案被構(gòu)造出來。粗略地講,線性映射的研究可以分為對(duì)線性映射本身的研究和對(duì)基于線性映射的應(yīng)用方案的研究,本文主要關(guān)注后者。盡管線性映射是十分強(qiáng)大的密碼學(xué)工具,但是它們并非萬(wàn)能的,也不是沒有任何劣勢(shì)的。一般情況下,基于線性對(duì)的方案效率都會(huì)偏低,這主要是因?yàn)槿洪g的對(duì)運(yùn)算e：G×G→GT相比普通的群內(nèi)運(yùn)算效率更低。因此在達(dá)到相同功能的前提下,無(wú)線性對(duì)的方案通常比依賴線性對(duì)的方案效率更高,這使得在方案構(gòu)造中不使用線性對(duì)成為了密碼學(xué)中的一個(gè)研究方向。該方向重在提高密碼方案的效率和降低依賴的安全性假設(shè)。此外,盡管已經(jīng)有很多利用線性對(duì)構(gòu)造的方案,但仍有許多方案需要被設(shè)計(jì)或者仍待改進(jìn)。本文主要研究基于線性映射的方案的功能和安全性假設(shè)方面。更具體的說,論文的主要貢獻(xiàn)如下：(1)在基于函數(shù)加密的可驗(yàn)證計(jì)算方面。我們提出了兩個(gè)基于函數(shù)加密的可驗(yàn)證計(jì)算方案。第一個(gè)方案基于內(nèi)積加密,且該方案擁有更好的隱私性。更具體地講,與該方向此前Parno等人的工作相比,我們的第一個(gè)方案同時(shí)達(dá)到了輸入隱私和函數(shù)隱私,而他們的方案則不具備這兩個(gè)優(yōu)良的性質(zhì)。該方案的一個(gè)不足之處就是無(wú)法支持一般電路代表的函數(shù),而只能支持向量?jī)?nèi)積所能表達(dá)的函數(shù)。但是在現(xiàn)實(shí)生活中,內(nèi)積函數(shù)已經(jīng)足夠使用。我們的第二個(gè)方案最大的特點(diǎn)是能夠支持一般電路所代表的函數(shù),從而極大的拓展了可代理計(jì)算的函數(shù)的范圍。作為折中,我們的第二個(gè)方案無(wú)法實(shí)現(xiàn)輸入隱私和函數(shù)隱私。為了實(shí)現(xiàn)輸入隱私,在第二個(gè)方案的基礎(chǔ)之上,我們發(fā)展了兩種方法,從而產(chǎn)生了第二個(gè)方案的兩個(gè)變種。盡管我們的第二個(gè)方案并未達(dá)到函數(shù)隱私,但其仍然為PKC 2014中Ananth等人提出的公開問題提供了一個(gè)部分的候選解決方案。(2)在基于身份的代理重加密方面。我們構(gòu)造了兩個(gè)基于身份的重加密方案。這兩個(gè)方案采用了類似的思想,實(shí)現(xiàn)的功能相近,且均構(gòu)筑于同態(tài)加密和基于身份的重加密之上。兩方案之間最顯著的區(qū)別是第一個(gè)方案只能支持單跳(single-hop)的重加密密文,而第二個(gè)方案則可以支持多跳(multi-hop)的重加密密文。第二個(gè)方案之所以能達(dá)到更強(qiáng)的特性,其與第一個(gè)方案的不同之處主要在于群元素X和底層的基于身份的加密算法,由此導(dǎo)致第二個(gè)方案中的同態(tài)密文計(jì)算電路更加復(fù)雜。這兩個(gè)方案都能夠讓資源受限的用戶僅需十分輕量級(jí)的工作量就能夠完成重加密任務(wù),避免了一些額外的開銷,如發(fā)送一些與自己的私鑰有關(guān)的信息給服務(wù)器。(3)在安全多方計(jì)算方面。我們主要提出了兩個(gè)安全的計(jì)算三角形面積的三方計(jì)算協(xié)議。這兩個(gè)協(xié)議除了無(wú)需線性對(duì)以外,其最大的優(yōu)勢(shì)體現(xiàn)在它們的構(gòu)造模塊和所依賴的安全性假設(shè)上。在構(gòu)造模塊方面,它們避免了不經(jīng)意傳輸協(xié)議的使用,而后者在大多數(shù)安全多方計(jì)算協(xié)議中已經(jīng)是一個(gè)必不可少的構(gòu)造模塊了。在安全性假設(shè)方面,我們的協(xié)議基于非常弱的安全性假設(shè),即只需假定偽隨機(jī)數(shù)發(fā)生器的存在性。最后,我們的基于模擬的證明亦具有一定的創(chuàng)新性,可以令敵手自適應(yīng)地選擇協(xié)議的結(jié)果,然后進(jìn)行模擬證明。
[Abstract]:Linear or linear mapping as a powerful mathematical tool, plays an important role in modern cryptography, a large number of cryptographic schemes based on various linear mapping structure. Linear mapping used in cryptography is divided into bilinear mapping and multilinear mapping, both have considerable applications in modern cryptography since. Diffie-Hellman round of the three party key exchange protocol and identity based encryption scheme, the research of bilinear mapping has become one of the mainstream of modern cryptography. In addition, as a mature tool, the typical application of bilinear mapping include: encryption and signature scheme based on attribute function, some efficient encryption scheme. Non interactive zero knowledge proof system. Multi linear mapping is still not very mature, but as a very bright prospects for cryptography The tool also has been applied in some fields, such as do not distinguish the confusion. The cryptographic primitives based on, in recent years there are many novel schemes are constructed. Roughly speaking, the study of linear mapping can be divided into the study of the linear mapping itself and the application of linear mapping scheme based on this paper attention to the latter. Although linear maps are very powerful tools in cryptography, but they are not omnipotent, is not without any disadvantage. In general, the scheme of linear based efficiency will be lower, this is mainly because the groups of e:G * G, GT operation compared with the ordinary group. Therefore lower operation efficiency on the premise of achieving the same function, non linear of scheme is higher than linear dependence on the system efficiency, which makes the use of linear structure in the program has become a research direction in cryptography The direction is to improve the efficiency of the password. The scheme and reduce the security assumptions dependent. In addition, although there are many linear schemes on the structure, but there are still many schemes need to be designed or should be improved. This thesis focuses on the linear mapping scheme of function and safety. Assuming more specifically the main contributions of this thesis are as follows: (1) the function of encryption based on verifiable calculation. We propose two function encryption scheme based on verifiable calculation. The first scheme is based on the inner product of encryption, privacy and the scheme has better. More specifically, compared with the previous direction of the work of Parno et al. Our first scheme at the same time the input function of privacy and privacy, and their plans do not have these two properties. One drawback of the program is to support the general circuit on behalf of The function, function and can only support vector inner product can express. But in real life, the inner product function has been enough to use. The biggest feature of our second scheme is able to support the function represented by the general circuit, which greatly expanded the scope of function calculation agent. As a compromise, we second cannot realize the input of privacy and privacy. In order to realize the function of input privacy, on the basis of the second schemes, we develop two methods, resulting in two varieties of second schemes. Although our second case did not achieve the function of privacy, but provides a part of the candidate is still open PKC 2014 in Ananth et al. Proposed solutions. (2) in the identity based proxy re encryption. We construct two heavy identity based encryption scheme. This scheme uses a class of two Like thoughts similar functions, and are based on homomorphic encryption and re encryption based on identity. The most significant difference between the two schemes is the first scheme can only support single hop (single-hop) re encrypted ciphertext, while the second scheme can support multi hop (multi-hop) re encrypted ciphertext second. A scheme can achieve better characteristics, the difference with the first scheme is the main group elements and underlying X identity based encryption algorithm, resulting in second scheme homomorphism ciphertext calculation circuit more complicated. The two scheme can make the resource constrained users only need very lightweight workload can to complete the re encryption task, to avoid some additional expenses, such as information about the private key and send some of their own server. (3) in the secure multi-party computation. We mainly put forward two. All the three party triangle area computing protocol. The two protocols except without the linear of, its biggest advantage is reflected in the structure of their module and safety depends on the assumption. In constructing module, they avoid the use of oblivious transfer, and the latter in the most secure multi-party computation protocol is an essential structural module. In the security assumption, we assume the security protocol based on very weak, which only needs to assume the existence of a pseudo random number generator. Finally, we prove that based on simulation also has certain innovation, can make the match selection protocol adaptively results then, simulation is proved.

【學(xué)位授予單位】：西安電子科技大學(xué)
【學(xué)位級(jí)別】：博士
【學(xué)位授予年份】：2016
【分類號(hào)】：TN918.1

【相似文獻(xiàn)】

相關(guān)期刊論文 前3條

1 賈金平;朱軍;;有限套代數(shù)上保3-單位積的線性映射[J];杭州電子科技大學(xué)學(xué)報(bào);2007年06期

2 龔明;朱軍;;一階線性非奇次微分方程的穩(wěn)定性[J];杭州電子科技大學(xué)學(xué)報(bào);2011年01期

3 ;[J];;年期

相關(guān)博士學(xué)位論文 前4條

1 景征駿;基于多線性映射的公鑰密碼方案研究[D];南京郵電大學(xué);2015年

2 劉亮;線性映射在安全協(xié)議中的應(yīng)用研究[D];西安電子科技大學(xué);2016年

3 張楊;矩陣空間之間的保持問題[D];哈爾濱工業(yè)大學(xué);2008年

4 李欣;算子系統(tǒng)上的正線性映射與不等式[D];華東師范大學(xué);2013年

相關(guān)碩士學(xué)位論文 前8條

1 趙海利;由置換對(duì)構(gòu)造的線性映射的正性判據(jù)[D];太原理工大學(xué);2013年

2 朱園園;關(guān)于B（H）上保持部分等距的線性映射的研究[D];陜西師范大學(xué);2012年

3 陳超群;保持正交的線性映射[D];蘇州大學(xué);2013年

4 周鳳芹;Q_p~m上線性映射的熵[D];蘇州大學(xué);2008年

5 周立娜;有限次對(duì)角代數(shù)的漂移向量及其乘子和保一秩線性映射[D];陜西師范大學(xué);2006年

6 龐超然;B（X）上的保相似線性映射[D];蘇州大學(xué);2011年

7 吳海燕;M-P逆的加法保持映射[D];黑龍江大學(xué);2007年

8 林慧;算子代數(shù)上的冪等算子及保冪等的線性映射[D];黑龍江大學(xué);2005年

，

本文編號(hào)：1433648