计算机工程与应用 ›› 2014, Vol. 50 ›› Issue (19): 1-6.

• 博士论坛 • 上一篇    下一篇

云计算中的标准模型下基于证书混合加密方案

周  萍1,2,何大可1,张文芳1   

  1. 1.西南交通大学 信息科学与技术学院,成都 610031
    2.四川城市职业学院 信息工程系,成都 610101
  • 出版日期:2014-10-01 发布日期:2014-09-29

Certificate-based hybrid encryption scheme under standard model in cloud computing

ZHOU Ping1,2, HE Dake1, ZHANG Wenfang1   

  1. 1.College of Information Science & Technology, Southwest Jiaotong University, Chengdu 610031, China
    2.Department of Information Engineering, Urban Vocational College of Sichuan, Chengdu 610101, China
  • Online:2014-10-01 Published:2014-09-29

摘要: 随着云计算的快速发展,数据安全已成为云安全的一个关键问题,尤其是云中存储和传输的数据量巨大,对安全性要求较高。另一方面,基于证书密码体制克服了传统公钥密码体制的证书管理问题及基于身份密码体制的密钥托管问题,为构造安全高效的PKI提供了新的方法,但现有基于证书加密方案大都采用双线性对构造,计算效率较低。针对云计算环境,基于判定性缩减Diffie-Hellman难题,提出了一个不含对运算的基于证书混合加密方案,分析了安全性和效率。该方案是建立在密钥封装算法、对称加密算法、消息认证码算法基础上的一次一密型加密方案。分析表明,该方案在标准模型下可以抵抗适应性选择密文攻击,计算效率较高,适合于对云计算中安全性要求较高的长消息的加密。

关键词: 混合加密, 基于证书, 标准模型, 云计算, 不含双线性对

Abstract: With the rapid development of cloud computing, data security has become a critical problem of cloud security, at the same time, the amount of cloud data storage and transmission is very huge and the safety requirements are very high. On the other hand, certificate-based cryptosystems can overcome the certificate manage problem in traditional public key cryptosystems and the private key escrow problem in identity-based cryptosystems, so it provides new ways for constructing effective PKI. But there are pairing operations in most current certificate-based encryption schemes, so the efficiencies of those schemes are low. Based on judging truncated Diffie-Hellman problem, it presents a certificate-based hybrid encryption scheme without pairings, which efficiency has been analyzed, and security has been proved. Scheme is a one-time-one-key encryption scheme based on key encapsulation algorithm, symmetric encryption algorithm and message authentication code algorithm. Analysis shows that the scheme is efficient and can resist adaptive chosen ciphertext attack, so it can be used in cloud computing environment.

Key words: hybrid encryption, certificate-based cryptosystems, standard model, cloud computing, without bilinear pairing