Abstract
Threshold proxy re-encryption (TPRE) can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies, and can also provide normal services even when certain proxy servers are paralyzed or damaged. A non-interactive identity-based TPRE (IB-TPRE) scheme over lattices is proposed which removes the public key certificates. To accomplish this scheme, Shamir’s secret sharing is employed twice, which not only effectively hides the delegator’s private key information, but also decentralizes the proxy power by splitting the re-encryption key. Robustness means that a combiner can detect a misbehaving proxy server that has sent an invalid transformed ciphertext share. This property is achieved by lattice-based fully homomorphic signatures. As a result, the whole scheme is thoroughly capable of resisting quantum attacks even when they are available. The security of the proposed scheme is based on the decisional learning with error hardness assumption in the standard model. Two typical application scenarios, including a file-sharing system based on a blockchain network and a robust key escrow system with threshold cryptography, are presented.
摘要
门限代理重加密通过设置多个代理者, 不仅能有效防止单个代理者和被授权者合谋, 从而违背授权者的意愿随意转化任意文件, 而且能在某些代理者瘫痪或者损毁的情况下仍然提供正常服务. 本文提出一个格上非交互的基于身份门限代理重加密方案, 无需公钥证书. 在设计方案过程中, 采用了两次Shamir的秘密共享方法, 一方面有效隐藏了授权者的私钥信息, 另一方面通过分割代理重加密密钥, 实现了代理权限的去中心化. 鲁棒性是指某个代理者如果提交了非法的密文转化密文份额, 那么组合者会立刻识别出这个恶意的代理者. 本文方案通过格上全同态签名实现了这一属性. 因此, 即使未来量子攻击变得可行, 我们整个方案也能完全抵抗量子攻击. 本文方案的安全性在标准模型下规约为判定性差错学习困难假设. 最后, 给出本文方案的两个典型应用场景, 包括基于区块链的文件共享系统和基于门限密码学的鲁棒密钥托管系统.
This is a preview of subscription content, log in via an institution to check access.
We’re sorry, something doesn't seem to be working properly.
Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.
References
Agrawal S, Boneh D, Boyen X, 2010. Efficient lattice (H)IBE in the standard model. Int Conf on the Theory and Applications of Cryptographic Techniques, p.553–572. https://doi.org/10.1007/978-3-642-13190-5_28
Aono Y, Boyen X, Phong LT, et al., 2013. Key-private proxy re-encryption under LWE. Int Conf on Cryptology in India, p.1–18. https://doi.org/10.1007/978-3-319-03515-4_1
Blaze M, Bleumer G, Strauss M, 1998. Divertible protocols and atomic proxy cryptography. Int Conf on the Theory and Applications of Cryptographic Techniques, p.127–144. https://doi.org/10.1007/BFb0054122
Boneh D, Freeman DM, 2011. Homomorphic signatures for polynomial functions. Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.149–168. https://doi.org/10.1007/978-3-642-20465-4_10
Boneh D, Gennaro R, Goldfeder S, et al., 2017. A lattice-based universal thresholdizer for cryptographic systems. IACR Cryptology ePrint Archive. https://eprint.iacr.org/2017/251
Cheng Y, Wang ZY, Ma J, et al., 2013. Efficient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage. J Zhejiang Univ-Sci C (Comput & Electron), 14(2):85–97. https://doi.org/10.1631/jzus.C1200240
Cohen A, 2019. What about Bob? The inadequacy of CPA security for proxy reencryption. IACR Int Workshop on Public Key Cryptography, p.287–316. https://doi.org/10.1007/978-3-030-17259-6_10
David N, 2018. UMBRAL: a Threshold Proxy Re-encryption Scheme. https://github.com/nucypher/umbral-doc/blob/master/umbral-doc.pdf
Egorov M, Wilkison M, Nuñez D, 2017. NuCypher KMS: Decentralized Key Management System. https://arxiv.org/abs/1707.06140
Fuchsbauer G, Kamath C, Klein K, et al., 2019. Adaptively secure proxy re-encryption. IACR Int Workshop on Public Key Cryptography, p.317–346. https://doi.org/10.1007/978-3-030-17259-6_11
Gorbunov S, Vaikuntanathan V, Wichs D, 2015. Leveled fully homomorphic signatures from standard lattices. Proc 47th Annual ACM Symp on Theory of Computing, p.469–477. https://doi.org/10.1145/2746539.2746576
Green M, Ateniese G, 2007. Identity-based proxy re-encryption. Int Conf on Applied Cryptography and work Security, p.288–306. https://doi.org/10.1007/978-3-540-72738-5_19
Kirshanova E, 2014. Proxy re-encryption from lattices. Int Workshop on Public Key Cryptography, p.77–94. https://doi.org/10.1007/978-3-642-54631-0_5
Li JY, Ma CG, Zhao Q, 2017. Resplittable threshold multi-broker proxy re-encryption scheme from lattices. J Commun, 38(5):157–164 (in Chinese). https://doi.org/10.11959/jissn.1000-436x.2017109
Lindner R, Peikert C, 2011. Better key sizes (and attacks) for LWE-based encryption. Cryptographers’ Track at the RSA Conf, p.319–339. https://doi.org/10.1007/978-3-642-19074-2_21
Lou SM, Cao ZF, 2010. Identity-based proxy re-encryption with threshold multi-proxy. J Nat Sci Heilongjiang Univ, 27(2):151–156 (in Chinese).
Micciancio D, Regev O, 2007. Worst-case to average-case reductions based on Gaussian measures. SIAM J Comput, 37(1):267–302. https://doi.org/10.1137/S0097539705447360
Nuñez D, Agudo I, Lopez J, 2015. NTRUReEncrypt: an efficient proxy re-encryption scheme based on NTRU. Proc 10th ACM Symp on Information, Computer and Communications Security, p.179–189. https://doi.org/10.1145/2714576.2714585
Polyakov Y, Rohloff K, Sahu G, et al., 2017. Fast proxy re-encryption for publish/subscribe systems. ACM Trans Priv Secur, 20(4):14. https://doi.org/10.1145/3128607
Polyakov Y, Rohloff K, Ryan GW, 2018. PALISADE Lattice Cryptography Library User Manual v1.2.0. Regev O, 2009. On lattices, learning with errors, random linear codes, and cryptography. J ACM, 56(6):34. https://doi.org/10.1145/1568318.1568324
Shor PW, 1997. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J Comput, 26(5):1484–1509. https://doi.org/10.1137/S0097539795293172
Singh K, Rangan CP, Banerjee AK, 2014. Lattice based identity based unidirectional proxy re-encryption scheme. Int Conf on Security, Privacy, and Applied Cryptography Engineering, p.76–91. https://doi.org/10.1007/978-3-319-12060-7_6
Wang Z, Ma ZF, Luo SS, et al., 2019. Key escrow protocol based on a tripartite authenticated key agreement and threshold cryptography. IEEE Access, 7:149080–149096. https://doi.org/10.1109/ACCESS.2019.2946874
Xagawa K, 2010. Cryptography with Lattices. MS Thesis, Tokyo Institute of Technology, Tokyo, Japan.
Yin W, Wen QY, Li WM, et al., 2018. A new insight-proxy re-encryption under LWE with strong anti-collusion. Int Conf on Information Security Practice and Experience, p.559–577. https://doi.org/10.1007/978-3-319-99807-7_36
Author information
Authors and Affiliations
Contributions
Liqiang WU designed the research. Xiaoyuan YANG processed the data. Yiliang HAN performed the security proof. Liqiang WU drafted the paper. Minqing ZHANG helped organize the paper. Yiliang HAN and Xiaoyuan YANG revised and finalized the paper.
Corresponding authors
Ethics declarations
Liqiang WU, Yiliang HAN, Xiaoyuan YANG, and Minqing ZHANG declare that they have no conflict of interest.
Additional information
Project supported by the National Natural Science Foundation of China (Nos. U1636114, 61572521, and 61772550), the Innovative Research Team in Engineering University of People’s Armed Police, China (No. KYTD201805), the Natural Science Foundation of Shaanxi Province, China (No. 2021JM-252), and the Basic Research Project of Engineering University of People’s Armed Police, China (No. WJY201914)
Rights and permissions
About this article
Cite this article
Wu, L., Han, Y., Yang, X. et al. Identity-based threshold proxy re-encryption scheme from lattices and its applications. Front Inform Technol Electron Eng 23, 258–277 (2022). https://doi.org/10.1631/FITEE.2000366
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1631/FITEE.2000366