时控性加密的匿名查询机制构造  被引量：1

作　　者：袁科[1,2] 王籽霖 杜展飞 贺新征 贾春福[1,3] 何源 YUAN Ke;WANG Zilin;DU Zhanfei;HE Xinzheng;JIA Chunfu;HE Yuan(School of Computer and Info.Eng.,Henan Univ.,Kaifeng 475004,China;Henan Province Eng.Research Center of Spatial Info.Processing,Kaifeng 475004,China;College of Cybersecurity,Nankai Univ.,Tianjin 300350,China;International Education College,Henan Univ.,Zhengzhou 450046,China)

机构地区：[1]河南大学计算机与信息工程学院,河南开封475004 [2]河南省空间信息处理工程研究中心,河南开封475004 [3]南开大学网络空间安全学院,天津300350 [4]河南大学国际教育学院,河南郑州450046

出　　处：《工程科学与技术》2022年第3期64-71,共8页Advanced Engineering Sciences

基　　金：国家重点研发计划项目(2018YFA0704703);国家自然科学基金项目(61802111,61972073,61972215);天津市自然科学基金项目(20JCZDJC00640);河南省重点研发与推广专项(222102210062);河南省高等学校重点科研项目基础研究计划(22A413004);国家级大学生创新训练项目(202110475119)。

摘　　要：现实世界中,很多问题都具有在特定时间开展相关业务的需求。时控性加密(timed-release encryption,TRE)是一种由发送方指定接收方解密时间的密码原语,可满足该需求。针对目前TRE方案中,基于非交互时间服务器周期性广播时间陷门的方式无法满足用户任意指定解密时间,而能够满足任意解密时间的交互式时间服务器方式无法保障用户身份隐私的问题,提出一种使用洋葱路由网络的TRE方案。在该方案中,接收方在临近解密时间时,将时间陷门请求作为最内层洋葱,构造层层加密的洋葱传递给时间服务器,时间服务器生成对应的时间陷门按照原路由返回给接收者,使得用户可以在进行任意时间的陷门查询时隐藏其身份信息。同时,针对洋葱路由传递过程中的节点失效问题,提出一种基于广播加密技术构造每层洋葱的方法,使得每层洋葱节点均可以解密该层洋葱。该方案在保证用户身份匿名的前提下,实现向时间服务器成功查询任意时间的陷门。安全性分析表明,该方案对于可能遇到的单点推测、监听攻击、重放攻击及共谋攻击是安全的,并具有较强的鲁棒性。效率分析表明,与基于配对的洋葱路由方案相比,该方案解决节点失效问题的耗时减少约59%,从而实现了高效的匿名查询。In the real world,many problems have the need to conduct relevant operations at a specific time.Timed-release encryption(TRE)is a cryptographic primitive in which the sender specifies the decryption time of the receiver,which can meet the above requirement.To address the problem that the current TRE schemes based on the periodic broadcast time trapdoor of the non-interactive time server cannot meet the user’s arbitrary specified decryption time,and the interactive time server mode meets the arbitrary decryption time but cannot guarantee the user’s identity privacy,a TRE scheme using onion routing network was proposed.In the scheme,when the decryption time approaches,the time trapdoor request was taken as the innermost onion,and the layer by layer encrypted onion was constructed and transmitted to the time server.The time server generates the corresponding time trapdoor and returns it to the receiver according to the original route,so that the user can hide the identity information when making a trapdoor query at any time.Meanwhile,for the node failure problem in the process of onion routing delivery,a method for constructing each layer of onion based on broadcast encryption was proposed,so that each layer of onion node can decrypt that layer of onion.The scheme achieves the trapdoor of successfully querying arbitrary time to the time server while ensuring the anonymity of user’s identity.Se-curity analysis showed that the scheme is secure and robust against possible single-point speculation,monitoring attacks,replay attacks,and collu-sion attacks.Efficiency analysis showed that compared with the pairing-based onion routing scheme,the proposed scheme reduces the time con-sumption of solving the node failure problem by about 59%,thus realizing efficient anonymous query.

关 键 词：时控性加密 匿名查询 时间陷门 洋葱路由 广播加密 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]