云环境下基于多密钥全同态加密的定向解密协议设计  被引量：2

作　　者：李宁波[1,2] 周昊楠[1,2] 车小亮 杨晓元[1,2] LI Ningbo;ZHOU Haonan;CHE Xiaoliang;YANG Xiaoyuan(Key Laboratory of Network&Information Security under the People’s Armed Police,Xi’an 710086,China;Engineering University of People's Armed Police,Xi’an 710086,China)

机构地区：[1]网络与信息安全武警部队重点实验室,西安710086 [2]武警工程大学,西安710086

出　　处：《信息网络安全》2020年第6期10-16,共7页Netinfo Security

基　　金：国家重点研发计划[2017YFB0802000];国家自然科学基金[U1636114];陕西省自然科学基金[2018JM6028]。

摘　　要：如何在不泄露个人隐私的前提下,对多用户的隐私数据进行分析处理,是当前云环境下迫切需要解决的问题。多密钥全同态加密(Multi-key Fully Homomorphic Encryption,MKFHE)支持对不同用户(密钥)的密文数据进行分析处理,处理后的结果可由所有参与计算的用户联合解密,是实现云环境下多用户数据间安全分析与隐私保护的有力工具。当前主流的MKFHE在联合解密的过程中,通常需要利用安全多方计算中的相关技术,如OT(不经意传输)协议等,来保证广播过程的安全,从而使得解密过程较为复杂。与此同时,解密结果不具备可控性,即对于合法用户而言最终解密的场景并不适用。为了解决这一问题,文章设计实现了基于GSW型MKFHE的定向解密协议,协议底层的全同态加密方案基于误差学习问题(Learning with Errors,LWE),其安全性可以规约到标准模型下理想格的困难问题。该协议能够允许任意合法用户来执行最终的解密过程,相较于GSW型MKFHE方案MW16的解密过程,该解密协议增强了数据拥有者对于密文结果的可控性,且不需要使用安全多方计算中的相关技术,降低了解密过程的交互次数和复杂性,提高了解密过程效率,具有良好的应用前景。How to analyze and process the privacy data of multiple users in the cloud environment without leaking personal privacy is an urgent problem to be solved.Multi-key fully homomorphic encryption(MKFHE)supports computations on encrypted data under different public keys(users),and the result ciphertext can be jointly decrypted by all involved users,which can be used to realize secure data process and privacy protection between different users in cloud environment.During the process of joint decryption,current MKFHE schemes usually need relevant techniques in secure multi-party computing(MPC),such as oblivious transfer(OT)protocol,to ensure the security of the ciphertexts broadcast process,thus making the decryption process complicated.Beyond that,the final decryption result is not controllable,which is not suitable for the scenario that we need the specified legitimate users to get the final result.In order to solve this problem,this paper designs a directional decryption protocol based on MKFHE,and protocol’s security is based on LWE(learning with errors)problem,which can be reduced to the worst-case hardness of problems on ideal lattices.Comparing to the decrypting process in MKFHE scheme MW16,the directional decryption protocol in this paper allows any legitimate user to perform the final decryption process,thus enhance the controllability of decryption result for the data owner.Moreover,the relevant techniques of MPC are not needed in our protocol,which reduces the complexity of the decryption process,and is promising for future applications.

关 键 词：多密钥全同态加密 隐私保护 定向解密 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]