基于R-SIS和R-LWE构建的IBE加密方案  被引量：4

作　　者：钱心缘 吴文渊[1] QIAN Xin-yuan;WU Wen-yuan(Chongqing Key Laboratory of Automated Reasoning and Cognition,Chongqing Institute of Green and Intelligent Technology,Chinese Academy of Sciences,Chongqing 400714,China;University of Chinese Academy of Sciences,Beijing 101408,China)

机构地区：[1]中国科学院重庆绿色智能技术研究院自动推理与认知重庆市重点实验室,重庆400714 [2]中国科学院大学,北京101408

出　　处：《计算机科学》2021年第6期315-323,共9页Computer Science

基　　金：重庆市科委项目(cstc2018jcyj-yszxX0002,cstc2019yszx-jcyjX0003);中科院前沿科学重点项目(QYZDB-SSW-SYS026);贵州省科技计划项目([2020]4Y056)。

摘　　要：格上基于身份的加密机制(Identity-Based Encryption, IBE)能够有效抵抗量子攻击,并且该机制将每个人的身份信息作为公钥,能够简化公钥基础设施(Public Key Infrastructure, PKI)对海量用户的公钥管理,这种加密机制是对传统PKI的改进,能够解决PKI在物联网环境下暴露的众多问题。然而,目前国内外学者提出的基于格的IBE方案大多比较笨重,并且实现的方案很少。针对上述问题,提出了一种基于R-SIS以及R-LWE困难问题的IND-sID-CPA安全的IBE低膨胀率方案。首先,提出了分块复用技术,通过重用占存储空间较大的辅助解密密文块,极大地降低了密文膨胀率并提高了加密效率。然后,利用了Kyber提出的压缩算法并引入明文扩张参数,对以上两个参数指标进行进一步优化。通过严格的理论推导分析了所提方案的安全性、正确性和计算复杂度,利用数值实验给出了该方案在3种场景下的较优参数取值。最后,通过C++程序实现新方案,对比了所提方案与BFRS18方案在3种场景下的性能。实验结果表明,该方案在保证正确性和安全性的同时,有效提高了原方案的加解密效率,降低了密文膨胀率。The identity-based encryption(IBE)by lattice can effectively resist quantum attacks,and this mechanism takes users’identity information as public keys,which can ease the management of public key infrastructure(PKI)with an extremely large number of users.The lattice-based IBE system is an improvement of the traditional PKI to solve some problems in the Internet of Things(IoT)environment.However,previous IBE schemes based on lattices are cumbersome,and there are few implementations of these schemes.Aiming at this problem,this paper proposes an IBE scheme based on R-SIS and R-LWE with advantages of low expansion rate,which is secure against IND-sID-CPA.Firstly,a block reusing technology is proposed to reuse a ciphertext block for auxiliary decryption which occupies a significant amount in storage so that the expansion rate of ciphertext decreases and the encryption efficiency improves in a large extent.Then,by using a compression algorithm and introducing a plaintext expansion parameter,the two indicators of the scheme have been further optimized.Next,the scheme’s security,correctness,and computing complexity are analyzed through rigorous theoretical derivation,and numerical experiments with Maple give the optimal parameter values of this scheme under three scenarios.Finally,the new scheme is implemented with C++,and the performance of the scheme and the BFRS scheme in three scenarios are compared.Experiments and comparisons show that,while ensuring the correctness and security,this scheme improves the encryption and decryption efficiency of the original scheme and reduces the ciphertext expansion rate effectively.

关 键 词：基于身份加密 格密码 环小整数解问题 环容错学习问题 分块复用技术 压缩技术 高斯采样 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]