| Proxy re-encryption is an extension of public key encryption.In a proxy re-encryption scheme,the proxy can convert the encrypted ciphertext of the delegater to the ciphertext of the delegatee with the help of the re-encryption key,without knowing any information of plaintext.This interesting property makes proxy re-encryption applicable in cloud sharing of the encrypted data.At present,the security of most proxy re-encryption schemes is based on the Diffie-Hellman problem and its variants.However,the Shor algorithm can solve the discrete logarithms and decompose large integers in polynomial time with the help of quantum computer,thus posing a great threat to the security of the proxy re-encryption schemes.Lattice-based proxy re-encryption is a post-quantum cryptography with much concern.Research on it is of important theoretical significance and application value.This dissertation conducts a systematic research on the lattice-based proxy re-encryption scheme,and the innovative contributions acquired are as follows.?1?The first resplittable threshold proxy re-encryption scheme from lattices was constructed.In the construction of the scheme,the encryption algorithm of the fresh ciphertext is Lindner's encryption algorithm,while the re-encryption algorithm of re-encrypted ciphertext is Regev's encryption algorithm.In order to achieve the property of threshold multi-broker,Shamir secret sharing and Tsplit algorithm were introduced in this scheme.The delegater first computed the re-encryption key pieces and the verification key pieces,and distributed them to n different agents,and then each agent computed re-encrypted ciphertext pieces by re-encrypting the fresh ciphertext with his own re-encryption key piece.Finally,the delegatee can verify the correctness of the encrypted ciphertext pieces after receiving the re-encrypted ciphertext pieces.The delegatee can get the re-encrypted ciphertext if and only if the number of correct re-encrypted ciphertext pieces is more than or equal to t.This scheme ensures the transformation of ciphertext when certain agents are offline or provide no honest service.?2?A highly efficient fully homomorphic proxy re-encryption scheme from lattice was constructed.This scheme firstly proved theSTP-Binary-LWEn,q,?kwas hard based on the difficulty of LWE,and improved the fully homomorphic encryption scheme of Brakerskiki.Finally,a fully homomorphic proxy re-encryption scheme was constructed based on this fully homomorphic encryption scheme.The scheme implemented ciphertext-packing and can encrypt two plaintext bits at a time by extending the Key Switching with semi-tensor product,and reduced the size of the decryption key by Binary-LWE,increasing the efficiency of the algorithm.At last,we proved that the scheme is not only CPA secure but alos key privacy secure.In addition,it is possible to construct a scheme with k=3,4,…plaintexts bits bySTP-Binary-LWEn,q,?k.When the value of k becomes bigger,the security of the scheme will be reduced.Therefore,the scheme constructed can achieve a balance between efficiency and security,making it more flexible in practical applications.?3?The first identity-based conditional proxy re-encryption scheme from lattices was constructed.The construction of the encryption scheme was constructed based on the homomorphic encryption scheme of Gentry et al.,but it adds the condition in the encryption algorithm of fresh ciphertext,thus establishing the relationship between ciphertexts and condition through the noise matrix.The re-encryption key generation algorithm not only establishes the relationship between the delegater's decryption key and the delegatere's encryption key but also introduces the condition to establish the relationship among the three parties.Only ciphertexts satisfying a condition set by delegater can be transformed by the proxy and then decrypted by delegatere.Identity-based condition proxy re-encryption scheme can protect the privacy information of delegater effectively.?4?A deterministic public key proxy re-encryption from lattices was constructed.The construction of the encryption scheme was based on the deterministic public key encryption scheme of Xie et al.In order to ensure the simplicity of the constructed scheme,the decryption algorithm of this scheme is consistent with that of the scheme of Xie et al.Therefore,the algorithm in this scheme only adds re-encryption key generation algorithm and re-encryption algorithm based on the deterministic public key encryption algorithm of Xie et al.In addition,the scheme constructed in the Auxiliary-Input Setting proved to be multi-hop under appropriate parameters,so it is more practical. |
PDF Full Text Request