当前位置: X-MOL 学术Theor. Comput. Sci. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Attribute-based proxy re-encryption from standard lattices
Theoretical Computer Science ( IF 1.1 ) Pub Date : 2021-02-25 , DOI: 10.1016/j.tcs.2021.02.036
Fucai Luo , Saif Al-Kuwari , Fuqun Wang , Kefei Chen

Attribute-based proxy re-encryption (ABPRE), which combines the notions of proxy re-encryption (PRE) and attribute-based encryption (ABE), allows a semi-trusted proxy to transform a ciphertext under a particular access-policy into a ciphertext under another access policy, without revealing any information about the underlying plaintext. This primitive is very useful in some applications, where encrypted data needs to be stored in untrusted environments, such as cloud storage. In its key-policy flavor, the secret key is associated with an access policy that specifies which type of ciphertexts can be decrypted by that key, where ciphertexts are marked with different sets of attributes. However, all existing key-policy attribute-based proxy re-encryption (KP-ABPRE) schemes are based on classical number-theoretic assumptions, which are vulnerable to quantum attacks. This paper proposes the first KP-ABPRE scheme based on the learning with errors (LWE) problem, which is widely believed to be quantum-resistant. Our scheme is multi-hop, supports polynomial-depth policy circuits and has short private keys, where the size of the keys is dependent only on the depth of the supported policy circuits. In addition, we prove that our scheme is CPA secure in the selective security model, based on the LWE assumption.



中文翻译:

从标准格中进行基于属性的代理重新加密

基于属性的代理重新加密(ABPRE)结合了代理重新加密(PRE)和基于属性的加密(ABE)的概念,允许半信任的代理将特定访问策略下的密文转换为密码。密文在另一种访问策略下进行,而不会泄露有关底层明文的任何信息。该原语在某些应用程序中非常有用,在这些应用程序中,加密数据需要存储在不受信任的环境中,例如云存储。秘密密钥以其密钥策略的形式与访问策略相关联,该访问策略指定了该密钥可以解密哪种类型的密文,其中密文用不同的属性集标记。但是,所有现有的基于密钥策略属性的代理重新加密(KP-ABPRE)方案都基于经典的数论假设,容易受到量子攻击。本文提出了第一个基于错误学习(LWE)问题的KP-ABPRE方案,该方案被普遍认为是抗量子的。我们的方案是多跳的,支持多项式深度策略电路,并且具有短私钥,其中密钥的大小仅取决于所支持策略电路的深度。此外,基于LWE假设,我们证明了我们的方案在选择性安全模型中是CPA安全的。

更新日期:2021-03-29
down
wechat
bug