Analysis And Design Of Cryptographic Scheme Supporting Reprocessing

In the information age,the rapid development of data transmission and processing technology has not only changed all aspects of daily life in society,but has also increased the value of personal data.It is a hot topic in the field of information technology to mine data value by eliminating the isolated information islands,promoting data flow and integrating effective data.However,personal data is closely related to the vital interests of users.Considering the increasingly serious threats of information security and the enhancement in privacy awareness,security and privacy issues have become the key issues that need to be solved in the development of the Internet information industry.Fortunately,cryptography is one of the key technologies to maintain network and information security,which can ensure secure communication in an open and complex network environment.Cryptography is an important technical guarantee for data privacy protection,which can realize many functions including data encryption,digital signature,identity authentication etc.However,the novel Internet application and environment pose new challenges to cryptography.Although the traditional cryptography technology can protect data privacy to a great extent,it completely covers up the information of data.The processed data cannot participate in the meaningful data fusion process,thus restricting the availability of data.The popularity of computable devices and the sinking of application scenarios have new requirements for the computational efficiency and traffic performance of cryptographic schemes.Therefore,considering the security and availability of data,it is of great theoretical and practical significance to study the privacy preserving cryptographic scheme supporting efficient calculation of encrypted data in the aspects of data collection,storage,exchange,sharing,processing and usage.In this thesis,we focus on the analysis and design of the cryptographic schemes supporting reprocessing,and present our contribution by the following four related works.1.For the fully homomorphic encryption supporting the computing of encrypted data,an efficient attack algorithm based on the continued fraction is proposed for a symmetric homomorphic cryptosystem.Fully homomorphic encryption(FHE)supports meaningful operations on encrypted data,and can provide secure data computing services for third-party computing platforms such as cloud computing.At the same time,rich application scenarios of cloud computing also promote the rapid development of FHE.In this thesis,a known plaintext attack algorithm based on the continued fraction is proposed for a symmetric homomorphic encryption algorithm for privacy preserving association rule mining,which is used to recover the symmetric key and obtain the plaintext information.The computational complexity of the proposed attack algorithm is O(log4p),and the average time to obtain the key from three plaintext/ciphertext pairs is 0.18 s.The proposed attack algorithm not only breaks down the original scheme efficiently,but also provides a new tool for analyzing the security of symmetric homomorphic cryptosystem.2.For the proxy re-encryption supporting the transformation of encrypted data,we propose a proxy re-encryption(PRE)scheme with delegatable verifiability which is secure against chosen ciphertext attack(CCA).Proxy re-encryption supports the conversion of ciphertext decryption authority through a third-party proxy without revealing the plaintext information,thereby realizing the safe sharing of data.However,in the complex network environment,it is impossible to guarantee that the proxy is completely honest and trustworthy.Verifiable proxy re-encryption scheme can ensure that the re-encrypted ciphertext received by the user is calculated according to the protocol,which is an important measure to protect the rights and interests of users.On the one hand,delegatable verifiability can protect the privacy of users' data and reduce users' computing burden.On the other hand,delegatable verifiability further enriches the verification methods,and users can flexibly choose the appropriate verification methods under different requirements.3.Aiming at the aggregate signature supporting batch processing signatures,this thesis analyzes the security of two certificateless aggregate signature(CLAS)schemes in healthcare wireless medical sensor networks.It is pointed out that the two schemes cannot achieve the expected security goals.The key generation center(KGC)with the system master key can forge legal signatures for any message without the target user's private key,which damages the user's interests.In order to fix the security vulnerability,a novel efficient CLAS scheme based on the elliptic curve is proposed.Security analysis shows that the proposed CLAS scheme is existentially unforgeable against chosen message attacks(EUF-CMA)under the random oracle model.4.In order to solve the issue that the length of aggregate signature is linearly with the number of users in the existing CLAS schemes,a CLAS scheme with fixed aggregate signature length is constructed.The proposed scheme is suitable for users with limited storage and computing capabilities,and meets the security requirements of data integrity protection.Meanwhile,the proposed CLAS scheme with fixed aggregate signature length satisfies EUF-CMA security under the random oracle model,and can resist attacks from external adversary,KGC and aggregator.Based on the elliptic curve cryptosystem and the fixed length of aggregate signature,the proposed scheme has a significant advantage in communication overhead compared with the related schemes.Considering the computational efficiency and communication overhead,the proposed CLAS scheme is more suitable for resource constrained network scenarios.