ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2017, Vol. 54 ›› Issue (10): 2193-2204.doi: 10.7544/issn1000-1239.2017.20170394

• 信息安全 • 上一篇    下一篇

基于LWE的高效身份基分级加密方案

叶青,胡明星,汤永利,刘琨,闫玺玺   

  1. (河南理工大学计算机科学与技术学院 河南焦作 454000)(yeqing@hpu.edu.cn)
  • 出版日期: 2017-10-01
  • 基金资助: 
    国家自然科学基金项目(61300216);河南省科技厅基础与前沿技术研究计划项目(142300410147);河南省教育厅自然科学研究项目(12A520021);河南省教育厅高等学校重点科研项目(16A520013)

Efficient Hierarchical Identity-Based Encryption Scheme from Learning with Errors

Ye Qing, Hu Mingxing, Tang Yongli, Liu Kun, Yan Xixi   

  1. (School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, Henan 454000)
  • Online: 2017-10-01

摘要: 格上可固定维数陷门派生的身份基分级加密(hierarchical identity-based encryption, HIBE)体制,因其具有在陷门派生前后格的维数保持不变的特性而受到广泛关注,但这种体制普遍存在陷门派生复杂度过高的问题.针对这一问题,分别给出随机预言模型和标准模型下的改进方案.首先利用MP12陷门函数的特性提出一种优化的Z\-q可逆矩阵提取算法,再基于该优化算法结合固定维数的陷门派生算法和MP12陷门函数完成方案的建立和陷门派生阶段,然后与对偶Regev算法相结合完成随机预言模型下HIBE方案的构造.并且利用二进制树加密系统将该方案改进为标准模型下的HIBE方案.两方案安全性均可归约至LWE问题的难解性,其中随机预言模型下的方案满足适应性安全,而标准模型下的方案满足选择性安全,并给出严格的安全性证明.对比分析表明:在相同的安全性下,随机预言模型下的方案较同类方案在陷门派生复杂度方面显著降低,而标准模型下的方案是同类最优方案的1/6,且格的维数、陷门尺寸和密文扩展率等参数均有所降低,计算效率明显优化.

关键词: 格, 基于身份的分级加密, 陷门派生, 容错学习, 随机预言模型, 标准模型

Abstract: Hierarchical identity-based encryption (HIBE) in fixed dimension has drawn wide attention because its lattice dimension keeps unchanged upon delegation, but there is a common defect of high complexity in trapdoor delegation stage of these schemes. Aiming at this problem, we propose two improved HIBE schemes under random oracle model and standard model respectively. We first use the MP12 trapdoor function to construct an optimized Z\-q-invertible matrix sample algorithm. Based on this optimized algorithm, combined with trapdoor delegation algorithm in fixed dimension and MP12 trapdoor function, we design system setup and trapdoor delegation stages. And we complete the HIBE scheme under random oracle model in conjunction with Dual-Regev algorithm. And then, we remove the random oracle by employing binary tree encryption system. The security of both proposed schemes strictly reduce to the hardness of learning with errors (LWE) problem, in which the scheme under random oracle model satisfies the adaptive security while the scheme under standard model satisfies selective security. Comparative analysis shows that, under the same security level, the overhead of trapdoor delegation in our scheme under random oracle model is reduced significantly compared with the relevant schemes, while the overhead of our scheme under standard model is reduced nearly 6 times compared with the relevant optimal schemes. Furthermore, the parameters such as lattice dimension, trapdoor size and ciphertext expansion rate etc., all decrease in some degree, and the computational cost is reduced obviously.

Key words: lattice, hierarchical identity-based encryption (HIBE), trapdoor delegation, learning with errors (LWE), random oracle model, standard model

中图分类号: