利用混淆器构造多身份的全同态加密体制  被引量：1

作　　者：王威力[1] 胡斌[1] 

机构地区：[1]解放军信息工程大学,郑州450001

出　　处：《密码学报》2017年第2期165-175,共11页Journal of Cryptologic Research

基　　金：国家自然科学基金(61272041);河南省自然科学基金(162300410332);信息保障技术重点实验室基金(KJ-15-006)

摘　　要：全同态加密能够在不解密的前提下直接对密文进行操作,是当前大数据和云安全背景下一个热门研究方向,但目前已有的全同态加密体制普遍存在公钥尺寸大、计算效率较低等问题.基于身份的全同态加密是近年来新兴的一种公钥加密体制,该加密体制既具有密文数据同态操作特性,又能有效管理密钥从而解决当前全同态密码公钥尺寸大的问题,因此具有更广阔的应用前景.CRYPTO 2013中,Gentry等构造了第一个真正意义上单身份的全同态加密体制,相比单身份的全同态加密体制,多身份的全同态加密体制实用性更强.本文利用不可区分混淆器和可穿孔伪随机函数,提出了身份转换算法.在身份转换算法的基础上,构造了支持多身份的全同态加密体制,该体制可支持属于不同身份密文间的同态运算和多次同态运算,同时体制的安全性在标准模型下可归约到LWE困难问题.与现有基于身份的全同态加密体制相比,我们构造的多身份的全同态加密体制、规模和效率上更优、解密操作更简洁、功能性更强、应用范围更广.Fully homomorphic encryption allows us to evaluate any operation on encrypted data without decryption, so it is an attractive research topic in the context of big data and cloud security. However, the existing schemes are faced with challenges like large size of public key or low computation efficiency. Identity-based fully homomorphic encryption is an emerging public key cryptosystem in recent years. The system can do homomorphic operations, as well as effectively manage public keys. So such cryptosystem has broad application prospects. In CRYPTO 2013, Gentry, Sahai and Waters presented the first real identity-based fully homomorphic encryption scheme, which only works in the single-identity setting. Multi-identity IBFHE is more practical than single-identity IBFHE. In this paper, we propose a conversion algorithm of identities based on indistinguishable obfuscation and punctured pseudorandom functions. Based on this algorithm, we present a multi-identity IBFHE scheme, which is selectively secure under the hardness of LWE in the standard model. Moreover, the schemesupports cipher operation in different identities, and can carry out multiple homomorphic operations. Compared with the previous schemes, our multi-identity based fully homomorphic encryption scheme is of better efficiency, simpler operation, more functionalities and wider applications.

关 键 词：全同态加密 身份基加密 不可区分混淆器 LWE问题 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]