ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2017, Vol. 54 ›› Issue (7): 1549-1556.doi: 10.7544/issn1000-1239.2017.20160034

• 信息安全 • 上一篇    下一篇



  1. 1(西安科技大学计算机科学与技术学院 西安 710054);2(信息安全国家重点实验室(中国科学院信息工程研究所) 北京 100093);3(陕西师范大学计算机科学学院 西安 710062);4(清华大学计算机科学与技术系 北京 100084);5(华南农业大学数学与信息学院 广州 510642) (
  • 出版日期: 2017-07-01
  • 基金资助: 

Protocols for Secure Computation of Set-Inclusion with the Unencrypted Method

Chen Zhenhua1,2, Li Shundong3, Wang Daoshun4, Huang Qiong5, Dong Lihong1   

  1. 1(School of Computer Science and Technology, Xi’an University of Science and Technology, Xi’an 710054);2(State Key Laboratory of Information Security (Institute of Information Engineering, Chinese Academy of Sciences), Beijing 100093);3(School of Computer Science, Shaanxi Normal University, Xi’an 710062);4(Department of Computer Science and Technology, Tsinghua University, Beijing 100084);5(College of Mathematics and Informatics, South China Agricultural University, Guangzhou 510642)
  • Online: 2017-07-01

摘要: 针对已存在的安全计算集合包含关系的协议大多基于多次公钥加密算法,计算复杂性较高,并且不能公开计算,应用受限的问题.提出了2种非加密安全计算集合包含关系的协议.协议1首先将集合包含问题转化为向量内积问题;然后利用数学难解问题解决了此问题;最后针对不可信第三方存在的应用场景,利用双线性对和数学难解问题给出了可公开判断集合包含关系的实用性协议2.协议1和协议2都没有使用任何公钥加密方法,避免了前人方案中繁琐的公私钥产生和加解密过程以及多次匹配查找,因此更加高效而简洁.此外,协议2开拓了保密判断集合关系的新应用场景.

关键词: 集合包含, 安全计算, 双线性对, 数学难题, 公开判断

Abstract: The most existing protocols for secure computation of set-inclusion are based on multiple public-key encryption algorithms and cannot either be computed publicly, which makes the computation complexity high and the application range limited as well. To cope with these problems, we design two protocols for secure computation of set-inclusion with the unencrypted method. Protocol 1 first transforms the original problem into the scalar-product problem, and then solves it with the hard problem in cryptography. Next, we present the practical protocol 2 under a certain scenario with a third untrusted party, in which we solve the set-inclusion problem combing the bilinear pairing with the hard problem in cryptography. Lastly, we give the security proof of two protocols, the performance analysis and comparison with others. Both of our protocols employ neither any public-key encryption algorithm nor multiple matching searches so as to avoid the intricate procedures of key-generation, encryption and decryption. This makes our protocols more efficient and concise than the previously known. In addition, we extend the secure computation of set-inclusion to a new application scenario, in which we can determine the set-inclusion relation publicly without revealing the privacy of both sets even if the untrusted third party exists.

Key words: set-inclusion, secure computation, bilinear pairing, hard mathematics problem, public determination