身份认证是P2P(peer to peer)网络安全的重要组成部分,但传统的PKI(金钥基础设施)认证方式因为具有静态的集中化控制和固定的证书内容等特点,不能很好地满足P2P网络安全认证的需要,且在公钥的分发过程中容易遭受中间人攻击。为此,提出...身份认证是P2P(peer to peer)网络安全的重要组成部分,但传统的PKI(金钥基础设施)认证方式因为具有静态的集中化控制和固定的证书内容等特点,不能很好地满足P2P网络安全认证的需要,且在公钥的分发过程中容易遭受中间人攻击。为此,提出了一种新型的公钥管理架构和身份认证方案,每个节点可以自己产生并分发公私钥,认证服务器仅在节点加入网络时参与完成公钥的分发。超级节点负责管理本组内全部节点的公钥,节点在相互认证时无需认证服务器的参与,仅通过超级节点来完成。分析结果表明,这种认证方案可以有效地抵抗中间人攻击,在保持高效率的基础上又保证了认证的安全性。展开更多
Public key encryption scheme with keyword search (PEKS) enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor...Public key encryption scheme with keyword search (PEKS) enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor corresponding to the keyword. The PEKS is useful to keep the management of large data storages secure such as those in a cloud. In this paper, to protect against quantum computer attacks, we present a lattice-based identity-based encryption scheme with key- word search. We have proved that our scheme can achieve ciphertext indistinguishability in the random oracle model, and our scheme can also achieve trapdoor security. In particular, our scheme can designate a unique tester to test and return the search results, therefore it does not need a secure channel. To the best of our knowledge, our scheme is the first iden- tity-based encryption scheme with keyword search from lattice assumption.展开更多
In order to ensure the security of cloud storage, on the basis of the analysis of cloud storage security requirements, this paper puts forward a kind of" hidden mapping hyper-combined public key management scheme...In order to ensure the security of cloud storage, on the basis of the analysis of cloud storage security requirements, this paper puts forward a kind of" hidden mapping hyper-combined public key management scheme based on the hyperelliptic curve crypto system, which is applicable to the distributed cloud storage. A series of operation processes of the key management are elaborated, including key distribution, key updating and key agreement, etc. Analysis shows that the scheme can solve the problem of large-scale key management and storage issues in cloud storage effectively. The scheme feathers high efficiency and good scalability. It is able to resist collusion attack and ensure safe and reliable service provided by the cloud storaee system展开更多
文摘身份认证是P2P(peer to peer)网络安全的重要组成部分,但传统的PKI(金钥基础设施)认证方式因为具有静态的集中化控制和固定的证书内容等特点,不能很好地满足P2P网络安全认证的需要,且在公钥的分发过程中容易遭受中间人攻击。为此,提出了一种新型的公钥管理架构和身份认证方案,每个节点可以自己产生并分发公私钥,认证服务器仅在节点加入网络时参与完成公钥的分发。超级节点负责管理本组内全部节点的公钥,节点在相互认证时无需认证服务器的参与,仅通过超级节点来完成。分析结果表明,这种认证方案可以有效地抵抗中间人攻击,在保持高效率的基础上又保证了认证的安全性。
基金supported by the National Natural Science Foundation of China (No.61370203)China Postdoctoral Science Foundation Funded Project (No.2017M623008)+1 种基金Scientific Research Starting Project of SWPU (No.2017QHZ023)State Scholarship Foundation of China Scholarship Council (No.201708515149)
文摘Public key encryption scheme with keyword search (PEKS) enables us to search the encrypted data in a cloud server with a keyword, and no one can obtain any infor- mation about the encrypted data without the trapdoor corresponding to the keyword. The PEKS is useful to keep the management of large data storages secure such as those in a cloud. In this paper, to protect against quantum computer attacks, we present a lattice-based identity-based encryption scheme with key- word search. We have proved that our scheme can achieve ciphertext indistinguishability in the random oracle model, and our scheme can also achieve trapdoor security. In particular, our scheme can designate a unique tester to test and return the search results, therefore it does not need a secure channel. To the best of our knowledge, our scheme is the first iden- tity-based encryption scheme with keyword search from lattice assumption.
基金This work was supported in part by the National Science Foundation Project of P.R.China,the Fundamental Research Funds for the Central Universities under Grant No.FRF-TP-14-046A2
文摘In order to ensure the security of cloud storage, on the basis of the analysis of cloud storage security requirements, this paper puts forward a kind of" hidden mapping hyper-combined public key management scheme based on the hyperelliptic curve crypto system, which is applicable to the distributed cloud storage. A series of operation processes of the key management are elaborated, including key distribution, key updating and key agreement, etc. Analysis shows that the scheme can solve the problem of large-scale key management and storage issues in cloud storage effectively. The scheme feathers high efficiency and good scalability. It is able to resist collusion attack and ensure safe and reliable service provided by the cloud storaee system
