论文中文题名: |
面向特定隐私保护场景的模糊公钥加密方案设计
|
姓名: |
管智安
|
学号: |
20208088078
|
保密级别: |
公开
|
论文语种: |
chi
|
学科代码: |
083500
|
学科名称: |
工学 - 软件工程
|
学生类型: |
硕士
|
学位级别: |
工学硕士
|
学位年度: |
2023
|
培养单位: |
西安科技大学
|
院系: |
计算机科学与技术学院
|
专业: |
软件工程
|
研究方向: |
密码学与信息安全
|
第一导师姓名: |
陈振华
|
第一导师单位: |
西安科技大学
|
论文提交日期: |
2023-12-14
|
论文答辩日期: |
2023-12-04
|
论文外文题名: |
Design on fuzzy public key encryption scheme for specific privacy preserving scenarios
|
论文中文关键词: |
模糊加密 ; 项目合作评估 ; 电子医疗 ; 保护隐私 ; 非子集 ; 字符串近似匹配
|
论文外文关键词: |
Fuzzy encryption ; Project collaborative evaluation ; Electronic medical ; Privacy-preserving ; Non-subset membership ; Approximate string matching
|
论文中文摘要: |
︿
模糊公钥加密体制是在第一篇基于身份的模糊公钥加密方案(解密谓词关系为两集合的交集大于等于阈值)提出后发展而来的一种允许加密方和解密方的身份属性存在一定容错的近似匹配加密体制,而不要求准确匹配。但已存的各类模糊公钥加密并不能满足多种应用场景下的现实需求,比如保护隐私的项目合作评估中评估团队组建问题和保护隐私的电子医疗系统中的医疗诊断问题。前者需要一种高效的能够处理负属性析取访问策略的加密方案,后者的解密谓词关系则需要基于一种新的字符串近似匹配准则。因此,为了提高模糊公钥加密的效率和丰富模糊公钥加密的谓词表达类型,以便适用更多的场景需求,本文针对以上两个具体的特定场景,研究了其它类型解密谓词关系并兼顾效率的模糊公钥加密。
(1)针对保护隐私的项目合作评估场景中评估团队组建问题,研究了如何构造解密谓词关系为“非子集关系”的模糊公钥加密方案。在该场景中,为了确保项目评估时的客观性和公平性,当组建评估团队时,要求评估团队成员集合W至少有一个成员不在项目公司成员集合S中,即集合W不是集合S的子集。当这种解密谓词关系满足时,评估团队才能组建成功,并解密获取到公司机密的项目数据M,进行进一步的详细评估。为了解决该问题,本文设计了一种高效的非子集加密(Non-Subset Membership Encryption,NSME)方案。首先,通过一种确定性私钥算法和一个压缩技巧,实现了加密方案的常数级密文和解密私钥;此外,通过对属性集合中每个元素映射的预设置,极大减少了方案在加密和解密阶段的模指数运算个数,达到常数级的模指数运算;最后,在选择安全模型下证明了该方案的安全性。由于该方案的常数级别的私钥和密文,以及计算成本,因此将该方案应用到项目合作评估中的团队组建时,可以高效处理该问题。
(2)针对保护隐私的电子医疗系统中的医疗诊断问题,研究了如何构造一个新的基于字符串近似匹配准则的模糊公钥加密方案,在该场景中,医生需要在病理数据库中给病人基因S’寻求到近似匹配基因S,从而迅速获取该类基因相关的病理信息,完成对病人的一个初步诊断。但由于基因信息可能存在碱基的重复、错位、缺失等情况,需要一种特定的允许容错的匹配准则。即“两非等长字符串字符间距差小于某个阈值的相等字符个数大于等于另一个阈值”。当这种谓词关系满足时,医院才能解密获取病理数据库中过往病人的隐私病理信息M。为了解决该问题,本文提出了一种新的字符串近似匹配加密方案。首先,通过一个数学转化技巧,将原字符串近似匹配问题,转化成集合交集阈值问题;之后,通过利用一个效率较高的集合交集阈值加密方案,实现了本文的加密方案;最后,通过将本文的加密方案的安全性规约到集合交集阈值加密方案的安全性,在选择安全模型下,证明了该方案的安全性。由于该方案给出了一种表达力更为丰富的字符串近似匹配准则,适合处理电子医疗系统中的医疗诊断问题。
﹀
|
论文外文摘要: |
︿
The fuzzy public key encryption system is an approximate matching encryption system that allows some tolerance for the identity of the encryptor and decryptor without requiring an exact matching, developed after the first identity-based fuzzy public key encryption scheme (where the predicate relationship for decryption is the intersection of two sets larger than or equal to a threshold) was proposed. However, the existing fuzzy public key encryptions of various types do not meet the realistic requirements in a variety of application scenarios, such as the evaluation team formation problem in privacy-preserving collaborative project evaluation and the medical diagnosis problem in privacy-preserving electronic medical systems. The former requires an efficient encryption scheme that can handle disjunction for negative attributes, while the latter predicate relations for decryption need to be based on a new string approximate matching criterion. Therefore, in order to improve the efficiency of fuzzy public key encryption and enrich the types of predicate expressions for fuzzy public key encryption for more scenarios, this paper aims to research other types of fuzzy public key encryption that decrypt predicate relations and take into account the efficiency for the above two specific scenarios.
(1)The fuzzy public-key encryption scheme that decrypts predicate relations as "non-subset relations" is researched for the evaluation team formation problem in the privacy-preserving project collaborative evaluation scenario. In this application, in order to ensure objectivity and fairness in project evaluation, at least one member of the evaluation member set W is not in the project company member set S, i.e., the set W is not a subset of the set S, when the evaluation team is formed. When this predicate relationship of decryption is satisfied, the evaluation team can be formed successfully and decrypted to obtain the confidential project data M of the company for further detailed evaluation. To solve this problem, an efficient Non-Subset Membership Encryption (NSME) scheme is designed in this paper. First, the ciphertext and decryption private key of the scheme are achieved at constant level by a deterministic private key algorithm and a compression technique; furthermore, the number of modular exponentiation operations in the encryption and decryption phases of the scheme is greatly reduced by pre-setting the mapping of each element in the attribute set, which achieves the modular exponentiation operations at constant level; finally, the security of the scheme is proved under the selective security model. Due to the constant-level private key and ciphertext of the scheme and the computational cost, it can efficiently handle the problem when applying the scheme to team formation in collaborative project evaluation.
(2)To address the problem of medical diagnosis in privacy-preserving electronic medical system, we research how to construct a fuzzy public key encryption scheme based on a new string approximate matching criterion, in which a doctor needs to seek to approximate matching gene S for a patient gene S' in a pathology database, so as to quickly obtain the pathology information related to that type of gene and complete a preliminary diagnosis of the patient. However, since gene information may contain base duplication, mismatch, deletion, etc., a specific matching criterion that allows for error tolerance is needed. In other words, "the number of equal characters in two non-equal strings whose spacing distance is less than a certain threshold is greater than or equal to a certain threshold". When such decryption predicate relationship is satisfied, the doctor can decrypt the private pathology information M of past patients in the pathology database. To solve this problem, this paper proposes a new string approximate matching encryption scheme. First, the original string approximate matching problem is transformed, through a mathematical transformation technique, into a set intersection threshold problem; after that, the encryption scheme of this paper is implemented by using a high efficient set intersection threshold encryption scheme; finally, the security of the encryption scheme of this paper is proved by a reduction to the security of the set intersection threshold encryption scheme under a selective security model. Since the scheme gives a more expressive string approximation matching criterion, it is suitable for handling medical diagnosis problems in electronic medical systems.
﹀
|
参考文献: |
︿
[1]Hellman M. New directions in cryptography[J]. IEEE transactions on Information Theory, 1976, 22(6): 644-654. [2]Rivest R L, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystems[J]. Communications of the ACM, 1978, 21(2): 120-126. [3]ElGamal T. A public key cryptosystem and a signature scheme based on discrete logarithms[J]. IEEE transactions on information theory, 1985, 31(4): 469-472. [4]Koblitz N. Elliptic curve cryptosystems[J]. Mathematics of computation, 1987, 48(177): 203-209. [5]Sahai A, Waters B. Fuzzy identity-based encryption[C]//Advances in Cryptology–EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005. Proceedings 24. Springer Berlin Heidelberg, 2005: 457-473. [6]Shamir A. Identity-based cryptosystems and signature schemes[C]//Workshop on the theory and application of cryptographic techniques. Springer, Berlin, Heidelberg, 1984: 47-53. [7]Boneh D, Franklin M. Identity-based encryption from the Weil pairing[C]//Advances in Cryptology—CRYPTO 2001: 21st Annual International Cryptology Conference, Santa Barbara, California, USA, August 19–23, 2001 Proceedings. Berlin, Heidelberg: Springer Berlin Heidelberg, 2001: 213-229.1. [8]Canetti R, Halevi S, Katz J. A forward-secure public-key encryption scheme[C]//Advances in Cryptology—EUROCRYPT 2003: International Conference on the Theory and Applications of Cryptographic Techniques, Warsaw, Poland, May 4–8, 2003 Proceedings 22. Springer Berlin Heidelberg, 2003: 255-271. [9]Boneh D, Boyen X. Efficient selective-ID secure identity-based encryption without random oracles[C]//Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004. Proceedings 23. Springer Berlin Heidelberg, 2004: 223-238. [10]Boneh D, Boyen X. Secure identity based encryption without random oracles[C]//Crypto. 2004, 3152: 443-459. [11]Waters B. Efficient identity-based encryption without random oracles[C]//Advances in Cryptology–EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005. Proceedings 24. Springer Berlin Heidelberg, 2005: 114-127. [12]Waters B. Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions[C]//Annual International Cryptology Conference. Springer, Berlin, Heidelberg, 2009: 619-636. [13]Boyen X, Waters B. Anonymous hierarchical identity-based encryption (without random oracles)[C]//Advances in Cryptology-CRYPTO 2006: 26th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 2006. Proceedings 26. Springer Berlin Heidelberg, 2006: 290-307. [14]Gentry C. Practical identity-based encryption without random oracles[C]//Advances in Cryptology-EUROCRYPT 2006: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, St. Petersburg, Russia, May 28-June 1, 2006. Proceedings 25. Springer Berlin Heidelberg, 2006: 445-464. [15]Ren Y, Wang S, Zhang X, et al. Fully secure anonymous identity-based encryption under simple assumptions[C]//2010 International Conference on Multimedia Information Networking and Security. IEEE, 2010: 428-432. [16]任艳丽, 谷大武, 王朔中,等. 标准模型中基于身份的匿名加密方案[J]. 中国科学技术大学学报, 2012, 42(4):6. [17]杨坤伟,李顺东.一种新的基于身份的匿名加密[J].计算机应用与软件,2015,32(01):283-285+333. [18]李顺东,杨坤伟,巩林明,毛庆,刘新.标准模型下可公开验证的匿名IBE方案[J].电子学报,2016,44(03):673-678. [19]Zhao X, Cao Z, Dong X, et al. Anonymous IBE from quadratic residuosity with fast encryption[C]//International Conference on Information Security. Springer, Cham, 2020: 3-19. [20]Gentry C, Peikert C, Vaikuntanathan V. Trapdoors for hard lattices and new cryptographic constructions[C]//Proceedings of the fortieth annual ACM symposium on Theory of computing. 2008: 197-206. [21]Cash D, Hofheinz D, Kiltz E, et al. Bonsai trees, or how to delegate a lattice basis[J]. Journal of cryptology, 2012, 25: 601-639. [22]Agrawal S, Boyen X. Identity-based encryption from lattices in the standard model[J]. Manuscript, July, 2009, 3. [23]Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]//Proceedings of the 13th ACM conference on Computer and communications security. 2006: 89-98. [24]Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption[C]//2007 IEEE symposium on security and privacy (SP'07). IEEE, 2007: 321-334. [25]Cheung L, Newport C. Provably secure ciphertext policy ABE[C]//Proceedings of the 14th ACM conference on Computer and communications security. 2007: 456-465. [26]Goyal V, Jain A, Pandey O, et al. Bounded ciphertext policy attribute based encryption[J]. Lecture Notes in Computer Science, 2008, 5126: 579-591. [27]Liang X, Cao Z, Lin H, et al. Provably secure and efficient bounded ciphertext policy attribute based encryption[C]//Proceedings of the 4th international symposium on information, computer, and communications security. 2009: 343-352. [28]Waters B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization[C]//International workshop on public key cryptography. Springer, Berlin, Heidelberg, 2011: 53-70. [29]Lewko A, Waters B. New proof methods for attribute-based encryption: Achieving full security through selective techniques[C]//Annual Cryptology Conference. Springer, Berlin, Heidelberg, 2012: 180-198. [30]Zhou Z, Huang D. On efficient ciphertext-policy attribute based encryption and broadcast encryption[C]//Proceedings of the 17th ACM conference on Computer and communications security. 2010: 753-755. [31]Zhang Y, Zheng D, Chen X, et al. Computationally efficient ciphertext-policy attribute- based encryption with constant-size ciphertexts[C]//International Conference on Provable Security. Springer, Cham, 2014: 259-273. [32]Herranz J, Laguillaumie F, Ràfols C. Constant size ciphertexts in threshold attribute-based encryption[C]//Public Key Cryptography–PKC 2010: 13th International Conference on Practice and Theory in Public Key Cryptography, Paris, France, May 26-28, 2010. Proceedings 13. Springer Berlin Heidelberg, 2010: 19-34. [33]Susilo W, Yang G, Guo F, et al. Constant-size ciphertexts in threshold attribute-based encryption without dummy attributes[J]. Information Sciences, 2018, 429: 349-360. [34]Guo F, Mu Y, Susilo W, et al. CP-ABE with constant-size keys for lightweight devices[J]. IEEE transactions on information forensics and security, 2014, 9(5): 763-771. [35]Odelu V, Das A K, Rao Y S, et al. Pairing-based CP-ABE with constant-size ciphertexts and secret keys for cloud environment[J]. Computer Standards & Interfaces, 2017, 54: 3-9. [36]Phuong T V X, Yang G, Susilo W. Hidden ciphertext policy attribute-based encryption under standard assumptions[J]. IEEE transactions on information forensics and security, 2015, 11(1): 35-45. [37]王悦,樊凯.隐藏访问策略的高效CP-ABE方案[J].计算机研究与发展,2019,56(10):2151- 2159. [38]Ostrovsky R, Sahai A, Waters B. Attribute-based encryption with non-monotonic access structures[C]//Proceedings of the 14th ACM conference on Computer and communications security. 2007: 195-203. [39]Lewko A, Sahai A, Waters B. Revocation systems with very small private keys[C]//2010 IEEE Symposium on Security and Privacy. IEEE, 2010: 273-285. [40]Attrapadung N, Libert B, Panafieu E. Expressive key-policy attribute-based encryption with constant-size ciphertexts[C]//International workshop on public key cryptography. Springer, Berlin, Heidelberg, 2011: 90-108. [41]Yamada S, Attrapadung N, Hanaoka G, et al. A framework and compact constructions for non-monotonic attribute-based encryption[C]//International Workshop on Public Key Cryptography. Springer, Berlin, Heidelberg, 2014: 275-292. [42]Lai J , Deng R H , Li Y , et al. Fully secure key-policy attribute-based encryption with constant-size ciphertexts and fast decryption[M]. ACM, 2014. [43]Zhang J, Gao H. A compact construction for non-monotonic key-policy attribute-based encryption[J]. International Journal of High Performance Computing and Networking, 2019, 13(3): 321-330. [44]Chase M. Multi-authority attribute based encryption[C]//Theory of Cryptography: 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands, February 21-24, 2007. Proceedings 4. Springer Berlin Heidelberg, 2007: 515-534. [45]Chase M, Chow S S M. Improving privacy and security in multi-authority attribute-based encryption[C]//Proceedings of the 16th ACM conference on Computer and communications security. 2009: 121-130. [46]Han J, Susilo W, Mu Y, et al. Privacy-preserving decentralized key-policy attribute-based encryption[J]. IEEE transactions on parallel and distributed systems, 2012, 23(11): 2150-2162. [47]Rahulamathavan Y, Veluru S, Han J, et al. User collusion avoidance scheme for privacy-preserving decentralized key-policy attribute-based encryption[J]. IEEE Transactions on Computers, 2015, 65(9): 2939-2946. [48]Ibraimi L, Tang Q, Hartel P, et al. Efficient and provable secure ciphertext-policy attribute-based encryption schemes[C]//Information Security Practice and Experience: 5th International Conference, ISPEC 2009 Xi’an, China, April 13-15, 2009 Proceedings 5. Springer Berlin Heidelberg, 2009: 1-12. [49]Ge A, Zhang R, Chen C, et al. Threshold ciphertext policy attribute-based encryption with constant size ciphertexts[C]//Information Security and Privacy: 17th Australasian Conference, ACISP 2012, Wollongong, NSW, Australia, July 9-11, 2012. Proceedings 17. Springer Berlin Heidelberg, 2012: 336-349. [50]Lewko A, Waters B. Decentralizing attribute-based encryption[C]//Advances in Cryptology–EUROCRYPT 2011: 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings 30. Springer Berlin Heidelberg, 2011: 568-588. [51]Liu Z, Cao Z, Huang Q, et al. Fully secure multi-authority ciphertext-policy attribute-based encryption without random oracles[C]//Computer Security–ESORICS 2011: 16th European Symposium on Research in Computer Security, Leuven, Belgium, September 12-14, 2011. Proceedings 16. Springer Berlin Heidelberg, 2011: 278-297. [52]Li J, Huang Q, Chen X, et al. Multi-authority ciphertext-policy attribute-based encryption with accountability[C]//Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security. 2011: 386-390. [53]Li W, Xue K, Xue Y, et al. TMACS: A robust and verifiable threshold multi-authority access control system in public cloud storage[J]. IEEE Transactions on parallel and distributed systems, 2015, 27(5): 1484-1496. [54]Liang X, Cao Z, Lin H, et al. Attribute based proxy re-encryption with delegating capabilities[C]//Proceedings of the 4th international symposium on information, computer, and communications security. 2009: 276-286. [55]Li K. Matrix access structure policy used in attribute-based proxy re-encryption[J]. arXiv preprint arXiv:1302.6428, 2013. [56]Liang K, Au M H, Liu J K, et al. A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing[J]. Future Generation Computer Systems, 2015, 52: 95-108. [57]汪倩倩,欧毓毅.可追踪且可撤销的基于OBDD访问结构的CP-ABE方案[J].计算机应用研究,2021,38(04):1185-1189.DOI:10.19734/j.issn.1001-3695.2020.05.0134. [58]Ohtake G, Safavi-Naini R, Zhang L F. Outsourcing scheme of ABE encryption secure against malicious adversary[J]. Computers & Security, 2019, 86: 437-452. [59]杨贺昆,冯朝胜,晋云霞,王蔺,罗王平,邓红辉.支持可验证加解密外包的CP-ABE方案[J]. 电子学报,2020,48(08):1545-1551. [60]Zhang M , Chen Y , Huang J . SE-PPFM: A Searchable Encryption Scheme Supporting Privacy-Preserving Fuzzy Multikeyword in Cloud Systems[J]. IEEE Systems Journal, 2020, PP(99):1-9. [61]Cheung D W, Mamoulis N, Wong W K, et al. Anonymous fuzzy identity-based encryption for similarity search[C]//Algorithms and Computation: 21st International Symposium, ISAAC 2010, Jeju Island, Korea, December 15-17, 2010, Proceedings, Part I 21. Springer Berlin Heidelberg, 2010: 61-72. [62]Guo F, Susilo W, Mu Y. Distance-based encryption: How to embed fuzziness in biometric-based encryption[J]. IEEE Transactions on Information Forensics and Security, 2015, 11(2): 247-257. [63]Guo F, Susilo W, Mu Y. Generalized closest substring encryption[J]. Designs, Codes and Cryptography, 2016, 80(1): 103-124. [64]Phuong T V X, Yang G, Susilo W, et al. Edit distance based encryption and its application[C]//Information Security and Privacy: 21st Australasian Conference, ACISP 2016, Melbourne, VIC, Australia, July 4-6, 2016, Proceedings, Part II 21. Springer International Publishing, 2016: 103-119. [65]Sun W, Wang B, Cao N, et al. Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking[J]. IEEE transactions on parallel and distributed systems, 2013, 25(11): 3025-3035. [66]Song D X, Wagner D, Perrig A. Practical techniques for searches on encrypted data[C]//Proceeding 2000 IEEE symposium on security and privacy. S&P 2000. IEEE, 2000: 44-55. [67]Boneh D, Di Crescenzo G, Ostrovsky R, et al. Public key encryption with keyword search[C]//Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004. Proceedings 23. Springer Berlin Heidelberg, 2004: 506-522. [68]Boneh D, Waters B. Conjunctive, subset, and range queries on encrypted data[C]//Theory of Cryptography: 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands, February 21-24, 2007. Proceedings 4. Springer Berlin Heidelberg, 2007: 535-554. [69]Iovino V, Persiano G. Hidden-vector encryption with groups of prime order[C]// International Conference on Pairing-Based Cryptography. Springer, Berlin, Heidelberg, 2008: 75-88. [70]Park J H. Efficient hidden vector encryption for conjunctive queries on encrypted data[J]. IEEE Transactions on Knowledge and Data Engineering, 2010, 23(10): 1483-1497. [71]Park J H, Lee K, Susilo W, et al. Fully secure hidden vector encryption under standard assumptions[J]. Information Sciences, 2013, 232: 188-207. [72]Katz J, Sahai A, Waters B. Predicate encryption supporting disjunctions, polynomial equations, and inner products[C]//annual international conference on the theory and applications of cryptographic techniques. Springer, Berlin, Heidelberg, 2008: 146-162. [73]Park J H. Inner-product encryption under standard assumptions[J]. Designs, Codes and Cryptography, 2011, 58(3): 235-257. [74]Attrapadung N, Libert B. Functional encryption for inner product: Achieving constant-size ciphertexts with adaptive security or support for negation[C]//International Workshop on Public Key Cryptography. Springer, Berlin, Heidelberg, 2010: 384-402. [75]Chen J, Libert B, Ramanna S C. Non-zero inner product encryption with short ciphertexts and private keys[C]//Security and Cryptography for Networks: 10th International Conference, SCN 2016, Amalfi, Italy, August 31–September 2, 2016, Proceedings 10. Springer International Publishing, 2016: 23-41. [76]Jiang P, Lai J, Guo F, et al. Identity-based revocation system: enhanced security model and scalable bounded IBRS construction with short parameters[J]. Information Sciences, 2019, 472: 35-52.
﹀
|
中图分类号: |
TP309.7
|
开放日期: |
2023-12-15
|