Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
New Constructions of Identity-Based Dual Receiver Encryption from Lattices
Entropy ( IF 2.7 ) Pub Date : 2020-05-28 , DOI: 10.3390/e22060599 Yuan Liu , Licheng Wang , Xiaoying Shen , Lixiang Li
Entropy ( IF 2.7 ) Pub Date : 2020-05-28 , DOI: 10.3390/e22060599 Yuan Liu , Licheng Wang , Xiaoying Shen , Lixiang Li
Dual receiver encryption (DRE), being originally conceived at CCS 2004 as a proof technique, enables a ciphertext to be decrypted to the same plaintext by two different but dual receivers and becomes popular recently due to itself useful application potentials such secure outsourcing, trusted third party supervising, client puzzling, etc. Identity-based DRE (IB-DRE) further combines the bilateral advantages/facilities of DRE and identity-based encryption (IBE). Most previous constructions of IB-DRE are based on bilinear pairings, and thus suffers from known quantum algorithmic attacks. It is interesting to build IB-DRE schemes based on the well-known post quantum platforms, such as lattices. At ACISP 2018, Zhang et al. gave the first lattice-based construction of IB-DRE, and the main part of the public parameter in this scheme consists of 2n+2 matrices where n is the bit-length of arbitrary identity. In this paper, by introducing an injective map and a homomorphic computation technique due to Yamada at EUROCRYPT 2016, we propose another lattice-based construction of IB-DRE in an even efficient manner: The main part of the public parameters consists only of 2pn1p+2 matrices of the same dimensions, where p(≥2) is a flexible constant. The larger the p and n, the more observable of our proposal. Typically, when p=2 and n=284 according to the suggestion given by Peikert et al., the size of public parameters in our proposal is reduced to merely 12% of Zhang et al.’s method. In addition, to lighten the pressure of key generation center, we extend our lattice-based IB-DRE scheme to hierarchical scenario. Finally, both the IB-DRE scheme and the HIB-DRE scheme are proved to be indistinguishable against adaptively chosen identity and plaintext attacks (IND-ID-CPA).
中文翻译:
格的基于身份的双接收加密的新构造
双接收器加密 (DRE) 最初是在 CCS 2004 中作为一种证明技术构思的,它使密文能够被两个不同但双接收器解密为相同的明文,并且由于其有用的应用潜力,例如安全外包、可信第三方,最近变得流行基于身份的 DRE (IB-DRE) 进一步结合了 DRE 和基于身份的加密 (IBE) 的双边优势/设施。IB-DRE 的大多数先前构造都基于双线性对,因此受到已知的量子算法攻击。基于众所周知的后量子平台(例如格子)构建 IB-DRE 方案很有趣。在 ACISP 2018 上,Zhang 等人。给出了第一个基于晶格的 IB-DRE 构造,该方案中公共参数的主要部分由 2n+2 个矩阵组成,其中 n 是任意标识的位长。在本文中,通过在 EUROCRYPT 2016 上引入 Yamada 的单射映射和同态计算技术,我们以一种更有效的方式提出了另一种基于格的 IB-DRE 构造:公共参数的主要部分仅包含 2pn1p+ 2 个相同维度的矩阵,其中 p(≥2) 是一个灵活的常数。p 和 n 越大,我们的提议就越容易被观察到。通常,根据 Peikert 等人给出的建议,当 p=2 和 n=284 时,我们提案中的公共参数的大小将减少到仅是 Zhang 等人方法的 12%。此外,为了减轻密钥生成中心的压力,我们将基于格的 IB-DRE 方案扩展到分层场景。最后,
更新日期:2020-05-28
中文翻译:
格的基于身份的双接收加密的新构造
双接收器加密 (DRE) 最初是在 CCS 2004 中作为一种证明技术构思的,它使密文能够被两个不同但双接收器解密为相同的明文,并且由于其有用的应用潜力,例如安全外包、可信第三方,最近变得流行基于身份的 DRE (IB-DRE) 进一步结合了 DRE 和基于身份的加密 (IBE) 的双边优势/设施。IB-DRE 的大多数先前构造都基于双线性对,因此受到已知的量子算法攻击。基于众所周知的后量子平台(例如格子)构建 IB-DRE 方案很有趣。在 ACISP 2018 上,Zhang 等人。给出了第一个基于晶格的 IB-DRE 构造,该方案中公共参数的主要部分由 2n+2 个矩阵组成,其中 n 是任意标识的位长。在本文中,通过在 EUROCRYPT 2016 上引入 Yamada 的单射映射和同态计算技术,我们以一种更有效的方式提出了另一种基于格的 IB-DRE 构造:公共参数的主要部分仅包含 2pn1p+ 2 个相同维度的矩阵,其中 p(≥2) 是一个灵活的常数。p 和 n 越大,我们的提议就越容易被观察到。通常,根据 Peikert 等人给出的建议,当 p=2 和 n=284 时,我们提案中的公共参数的大小将减少到仅是 Zhang 等人方法的 12%。此外,为了减轻密钥生成中心的压力,我们将基于格的 IB-DRE 方案扩展到分层场景。最后,
京公网安备 11010802027423号