SM9 Identity-Based Encryption Scheme with Equality Test and Cryptographic Reverse Firewalls

The identity-based encryption with equality test (IBEET) scheme solves the problem of certificate management in traditional equality test schemes and gets wide attention. However, the existing IBEET systems are difficult to resist penetration attacks and based on foreign cipher algorithm designs without independent intellectual property rights. To deal with this challenge, we propose a SM9 identity-based encryption scheme with equality test and cryptographic reverse firewalls (SM9-IBEET-CRF). The cipher reverse firewalls (CRF) which are deployed in the upstream channel between users and cloud server can re-randomize the information to protect against penetration attacks. This scheme expands SM9 identity-based encryption algorithm to IBEET, improves its efficiency and enriches the research of secret algorithm in cloud computing. We give the definition of SM9-IBEET-CRF and corresponding security models. In random oracle model, the scheme formalizes the IBE-IND-CCA and IBE-OW-CCA security into the BDH difficulty assumption by considering two different opponents. At the same time, we demonstrate that CRF deployment provides functionality-maintaining, security-preserving and exfiltration-resistant by considering the third opponent. The experimental simulation and analysis results show the effectiveness of the scheme.