基于国产密码SM2的实用公钥广播加密方案  被引量：5

作　　者：陈泌文 向涛[1] 何德彪 黄欣沂[3] Biwen CHEN;Tao XIANG;Debiao HE;Xinyi HUANG(College of Computer Science,Chongqing University,Chongqing 400044,China;School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China;Computer and Cyber Security,Fuvjian Normal University,Fuzhou 350117,China;Guangri Key Laboratory of Trusted Software,Guilin University of Electronic Technology,Guilin 541004,China)

机构地区：[1]重庆大学计算机学院,重庆400044 [2]武汉大学国家网络安全学院,武汉430072 [3]福建师范大学计算机与网络空间安全学院,福州350117 [4]桂林电子科技大学广西可信软件重点实验室,广西541004

出　　处：《中国科学：信息科学》2022年第12期2321-2335,共15页Scientia Sinica(Informationis)

基　　金：国家自然科学基金(批准号:U20A20176,62102050,62032005,U21A20466);教育部科技司区块链核心技术战略项目(批准号:2020KJ010301);中国博士后科学基金(批准号:BX2021399);湖北省重点研发计划(批准号:2020AEA013);中央高校基本科研业务费专项资金(批准号:2042021kf1030);湖北省自然科学基金重点项目(批准号:2020CFA052);武汉市科技计划项目(批准号:2020010601012187);广西可信软件重点实验室研究课题(批准号:kx202043)资助。

摘　　要：近年来网络攻击与数据泄露事件层出不穷,网络安全受到国家及相关部门的高度关注.国产密码算法作为保障我国网络与信息安全的关键技术,推动其应用与实施既符合构建我国网络强国的战略需求,又能保障实际应用的健康发展.SM2公钥加密算法是我国自主设计的国产商用密码之一,可有效保障数据在通信过程中的安全性.然而,经典SM2公钥加密算法适合“一对一”通信场景,在“一对多”通信场景中需承担较大的计算与通信开销.为提升SM2公钥加密算法在“一对多”通信场景中计算与通信效率,扩展我国商用密码的应用范围,本文将我国商用密码SM2公钥加密算法和广播加密概念相结合,利用Diffie-Hellman密钥交换和多项式秘密分享的思想,设计了基于SM2的公钥广播加密方案.所构造方案最大程度地保留原有SM2公钥加密算法结构,通过简单地扩展即可实现在多用户场景下消息安全广播的自主可控.与现有广播加密方案相比,所构造方案的系统参数大小与接收者数量无线性关系,以及系统无需指定数据发送者广播消息.所构造方案的安全性分析表明,本文方案与SM2公钥加密算法具有相同安全强度.理论分析与实验仿真表明,所构造方案具有较好的性能,显著增强了我国商用密码的实用性.Because of the increasing frequency of cyber-attacks and data breaches, network security has received a large emphasis from the related departments. Therefore, the development of national cryptographic algorithms not only conforms to the needs of building an internet superpower but also guarantees healthy and secure application development. The SM2 is a domestically designed commercial cryptographic algorithm that guarantees the confidentiality of data during data transmission. The SM2 encryption algorithm is suitable for one-to-one communication scenarios but incurs large repetitive computation and communication costs when applied to oneto-many communication scenarios. To enhance the performance and expand the application areas of the SM2, this paper combines the ideas of the SM2 encryption algorithm and broadcast encryption and defines the first public key broadcast encryption based on SM2 by leveraging the Diffie-Hellman key exchange and polynomial-based secret share scheme. Specifically, the proposed scheme keeps the original SM2 framework as much as possible and achieves an independent and controllable information transformation by simply upgrading the communication facilities with SM2. Compared with existing broadcast encryption schemes, the designed scheme has constant-size public system parameters and does not need to specify a broadcaster to send messages. Additionally, the designed scheme has the same security as the SM2, and evaluation and performance tests demonstrate its practicality.

关 键 词：公钥加密 SM2公钥密码算法 广播加密 DIFFIE-HELLMAN密钥协商 

分 类 号：TN918.4[电子电信—通信与信息系统]