计算机工程与应用
計算機工程與應用
계산궤공정여응용
COMPUTER ENGINEERING AND APPLICATIONS
2014年
19期
1-6
,共6页
混合加密%基于证书%标准模型%云计算%不含双线性对
混閤加密%基于證書%標準模型%雲計算%不含雙線性對
혼합가밀%기우증서%표준모형%운계산%불함쌍선성대
hybrid encryption%certificate-based cryptosystems%standard model%cloud computing%without bilinear pairing
随着云计算的快速发展,数据安全已成为云安全的一个关键问题,尤其是云中存储和传输的数据量巨大,对安全性要求较高。另一方面,基于证书密码体制克服了传统公钥密码体制的证书管理问题及基于身份密码体制的密钥托管问题,为构造安全高效的PKI提供了新的方法,但现有基于证书加密方案大都采用双线性对构造,计算效率较低。针对云计算环境,基于判定性缩减Diffie-Hellman难题,提出了一个不含对运算的基于证书混合加密方案,分析了安全性和效率。该方案是建立在密钥封装算法、对称加密算法、消息认证码算法基础上的一次一密型加密方案。分析表明,该方案在标准模型下可以抵抗适应性选择密文攻击,计算效率较高,适合于对云计算中安全性要求较高的长消息的加密。
隨著雲計算的快速髮展,數據安全已成為雲安全的一箇關鍵問題,尤其是雲中存儲和傳輸的數據量巨大,對安全性要求較高。另一方麵,基于證書密碼體製剋服瞭傳統公鑰密碼體製的證書管理問題及基于身份密碼體製的密鑰託管問題,為構造安全高效的PKI提供瞭新的方法,但現有基于證書加密方案大都採用雙線性對構造,計算效率較低。針對雲計算環境,基于判定性縮減Diffie-Hellman難題,提齣瞭一箇不含對運算的基于證書混閤加密方案,分析瞭安全性和效率。該方案是建立在密鑰封裝算法、對稱加密算法、消息認證碼算法基礎上的一次一密型加密方案。分析錶明,該方案在標準模型下可以牴抗適應性選擇密文攻擊,計算效率較高,適閤于對雲計算中安全性要求較高的長消息的加密。
수착운계산적쾌속발전,수거안전이성위운안전적일개관건문제,우기시운중존저화전수적수거량거대,대안전성요구교고。령일방면,기우증서밀마체제극복료전통공약밀마체제적증서관리문제급기우신빈밀마체제적밀약탁관문제,위구조안전고효적PKI제공료신적방법,단현유기우증서가밀방안대도채용쌍선성대구조,계산효솔교저。침대운계산배경,기우판정성축감Diffie-Hellman난제,제출료일개불함대운산적기우증서혼합가밀방안,분석료안전성화효솔。해방안시건립재밀약봉장산법、대칭가밀산법、소식인증마산법기출상적일차일밀형가밀방안。분석표명,해방안재표준모형하가이저항괄응성선택밀문공격,계산효솔교고,괄합우대운계산중안전성요구교고적장소식적가밀。
With the rapid development of cloud computing, data security has become a critical problem of cloud security, at the same time, the amount of cloud data storage and transmission is very huge and the safety requirements are very high. On the other hand, certificate-based cryptosystems can overcome the certificate manage problem in traditional public key cryptosystems and the private key escrow problem in identity-based cryptosystems, so it provides new ways for con-structing effective PKI. But there are pairing operations in most current certificate-based encryption schemes, so the effi-ciencies of those schemes are low. Based on judging truncated Diffie-Hellman problem, it presents a certificate-based hybrid encryption scheme without pairings, which efficiency has been analyzed, and security has been proved. Scheme is a one-time-one-key encryption scheme based on key encapsulation algorithm, symmetric encryption algorithm and message authentication code algorithm. Analysis shows that the scheme is efficient and can resist adaptive chosen ciphertext attack, so it can be used in cloud computing environment.
