Responsive image
博碩士論文 etd-0721117-175956 詳細資訊
Title page for etd-0721117-175956
論文名稱
Title
適用於雲端資料共享之高效率金鑰聚合代理重加密機制
Efficient Key-Aggregate Proxy Re-Encryption for Secure Data Sharing in Clouds
系所名稱
Department
畢業學年期
Year, semester
語文別
Language
學位類別
Degree
頁數
Number of pages
57
研究生
Author
指導教授
Advisor
召集委員
Convenor
口試委員
Advisory Committee
口試日期
Date of Exam
2017-07-24
繳交日期
Date of Submission
2017-08-21
關鍵字
Keywords
金鑰聚合、代理者重加密、雲端運算、標準模型、權限控管
The Standard Model, Key-Aggregate Cryptosystem, Access Control, Cloud Computing, Proxy Re-Encryption
統計
Statistics
本論文已被瀏覽 5969 次,被下載 65
The thesis/dissertation has been browsed 5969 times, has been downloaded 65 times.
中文摘要
雲端運算無疑是一個前所未有的技術,政府及業界無不視雲端運算為一個增加
生產力的工具。然而,保護儲存在雲端上的資料不讓駭客有機會可以竄改敏感資訊,
是決定雲端技術成功與否的關鍵。大部分的使用者希望將資料加密之後上傳到雲端上
面,也希望可以方便地將加密的資料分享。我們可以使用代理者重加密機制來讓使用
者運用轉加密金鑰來達到密文資訊分享的目的。然而,我們發現代理者重加密機制的
重加密金鑰數量與控制變數成正比增長,這對於資源有限的裝置來說是不實際的。在
這篇論文當中,我們首創一個金鑰聚合重加密機制,這個機制允許使用者對分享的檔
案進行客製化的權限控管。值得一提的是,這個機制的重加密金鑰的數量是固定不變
的。此外,我們也提供了在安全標準模型下的證明。
Abstract
Cloud computing is one of the most unprecedented techniques in rapidly developing industries.
Protecting sensitive files stored on the clouds from being tampered by malicious attackers is the
key to the success of the clouds. Proxy re-encryption schemes enable users to delegate their
encrypted files to other users by using re-encryption keys, which elegantly transfer the users’
burden to the cloud servers. Furthermore, one can use conditional proxy re-encryption schemes
to control the accesses on the files to be shared. Nevertheless, we observe that the number of
re-encryption keys, or condition keys, will grow linearly with the condition values, which may
be impractical in resource constrained devices. In this thesis, we combine key-aggregate cryptosystem and a proxy re-encryption scheme into a key-aggregate proxy re-encryption scheme.
To the best of our knowledge, it is the first key-aggregate proxy re-encryption scheme. It is
worth mentioning that the number of re-encryption keys is constant. We also prove that the
proposed scheme is CCA secure in adaptive model without using random oracles.
目次 Table of Contents
論文審定書 i
Acknowledgments iii
摘要 iv
Abstract v
List of Figures viii
List of Tables ix
Chapter 1 Introduction 1
1.1 Key-Aggregate Cryptosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 Contribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
1.3 Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Chapter 2 Preliminaries 6
2.1 Bilinear Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.2 Complexity Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.2.1 3-weak Decisional Bilinear Diffie-Hellman Inversion . . . . . . . . . . 6
2.3 Model and Security Notions of Unidirectional Key-Aggregate PRE . . . . . . . 7
2.3.1 Unidirectional Key-Aggregate PRE . . . . . . . . . . . . . . . . . . . . 7
2.3.2 Chosen-Ciphertext Security . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.3.3 Security of Second Level Ciphertext . . . . . . . . . . . . . . . . . . . . 9
2.3.4 Security of First Level Ciphertext . . . . . . . . . . . . . . . . . . . . . . 10
2.3.5 Master Secret Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Chapter 3 Related Works 12
3.1 Chu et al.’s CPBRE scheme [5] . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.2 Fang et al.’s C-PRE scheme [8] . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.3 Liang et al.’s IBCPRE scheme [11] . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.4 Weng et al.’s PRE scheme [18] . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.5 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Chapter 4 Our Construction 23
4.1 Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
4.2 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.2.1 Setup (λ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.2.2 KeyGen (i) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.2.3 ReKeyGen (S, ski, pkj ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.2.4 Enc2 (pki, m) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4.2.5 Enc1 (pkj, m) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
4.2.6 ReEnc (S, rkiÐ→Sj, C) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
4.2.7 Dec2 (ski, C) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.2.8 Dec1 (skj, C′) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.3 Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.4 Correctness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Chapter 5 Security Proof 31
5.1 Security Proof . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
5.2 Security of a Second Level Ciphertext . . . . . . . . . . . . . . . . . . . . . . . . 31
5.3 Security of a First Level Ciphertext . . . . . . . . . . . . . . . . . . . . . . . . . 37
5.4 Master Secret Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Chapter 6 Comparison 41
Chapter 7 Conclusion 42
Bibliography 44
參考文獻 References
[1] G. Ateniese, K. Benson, and S. Hohenberger. Key-private proxy re-encryption. In CTRSA,
pages 279–294. Springer, 2009.
[2] G. Ateniese, K. Fu, M. Green, and S. Hohenberger. Improved proxy re-encryption
schemes with applications to secure distributed storage. ACM Transactions on Information
and System Security (TISSEC), 9:1–30, 2006.
[3] R. Canetti and S. Hohenberger. Chosen-ciphertext secure proxy re-encryption. In Proceedings
of the 14th ACM conference on Computer and communications security, pages
185–194. ACM, 2007.
[4] C. K. Chu, S. S. Chow, W. G. Tzeng, J. Zhou, and R. H. Deng. Key-aggregate cryptosystem
for scalable data sharing in cloud storage. IEEE transactions on parallel and
distributed systems, 25:468–477, 2014.
[5] C. K. Chu, J. Weng, S. S. Chow, J. Zhou, and R. H. Deng. Conditional proxy broadcast
re-encryption. In ACISP, pages 327–342. Springer, 2009.
[6] J. S. Coron. On the exact security of full domain hash. In Annual International Cryptology
Conference, pages 229–235. Springer, 2000.
[7] R. H. Deng, J. Weng, S. Liu, and K. Chen. Chosen-ciphertext secure proxy re-encryption
without pairings. In International Conference on Cryptology and Network Security, pages
1–17. Springer, 2008.
[8] L. Fang, W. Susilo, and J. Wang. Anonymous conditional proxy re-encryption without
random oracle. In International Conference on Provable Security, pages 47–60. Springer,
2009.
[9] M. Green and G. Ateniese. Identity-based proxy re-encryption. In Applied Cryptography
and Network Security, pages 288–306. Springer, 2007.
[10] L. M. Kaufman. Data security in the world of cloud computing. IEEE Security and
Privacy, 7:61–64, 2009.
[11] K. Liang, Z. Liu, X. Tan, D. S. Wong, and C. Tang. A cca-secure identity-based conditional
proxy re-encryption without random oracles. In International Conference on
Information Security and Cryptology, pages 231–246. Springer, 2012.
[12] B. Libert and D. Vergnaud. Tracing malicious proxies in proxy re-encryption. pages
332–353, 2008.
[13] B. Libert and D. Vergnaud. Unidirectional chosen-ciphertext secure proxy re-encryption.
In International Workshop on Public Key Cryptography, pages 360–379. Springer, 2008.
[14] J. Shao and Z. Cao. Cca-secure proxy re-encryption without pairings. In Public Key
Cryptography, pages 357–376. Springer, 2009.
[15] H. Takabi, J. B. Joshi, and G. J. Ahn. Security and privacy challenges in cloud computing
environments. IEEE Security & Privacy, 8:24–31, 2010.
[16] Q. Tang. Type-based proxy re-encryption and its construction. In Indocrypt, pages 130–
144. Springer, 2008.
[17] J. Weng, M. Chen, Y. Yang, R. H. Deng, K. Chen, and F. Bao. Cca-secure unidirectional
proxy re-encryption in the adaptive corruption model without random oracles. Science
China Information Sciences, 53:593–606, 2010.
[18] J.Weng, R. H. Deng, X. Ding, C. K. Chu, and J. Lai. Conditional proxy re-encryption secure
against chosen-ciphertext attack. In Proceedings of the 4th International Symposium
on Information, Computer, and Communications Security, pages 322–332. ACM, 2009.
[19] J. Weng, Y. Yang, Q. Tang, R. H. Deng, and F. Bao. Efficient conditional proxy reencryption
with chosen-ciphertext security. In ISC, pages 151–166. Springer, 2009.
[20] P. Xu, T. Jiao, Q. Wu, W. Wang, and H. Jin. Conditional identity-based broadcast proxy
re-encryption and its application to cloud email. IEEE Transactions on Computers, 65:66–
79, 2016.
電子全文 Fulltext
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available


紙本論文 Printed copies
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。
開放時間 available 已公開 available

QR Code