| In light of the rapid advances of information technology and the widespread penetration of the Internet,cryptosystems are widely adopted in environments with low security,such as mobile devices.Attackers can compromise system key information through physical and network attacks,posing a serious threat to individuals,enterprises,and even societal stability.Therefore,studying public key cryptographic schemes that can resist the risk of key exposure has become an important research direction in the field of cryptography.Traditional key exposure-resistant public key cryptographic schemes become ineffective in non-interactive environments and systems without public key certificates,while public key cryptographic schemes based on key evolution technology and revocable technology allow keys to be updated in non-interactive environments,reducing the risk of leakage and ensuring information security.However,existing public key cryptographic schemes based on key evolution technology and revocable technology still face challenges: how to solve the conflict between frequent key operations and system security,how to ensure the backward security of information and its provable security,how to achieve fine-grained revocation of compromised keys.In response to these challenges,this dissertation takes flexibility,efficiency,provable security and fine-grained revocation as the design goals,and conducts in-depth research on key exposure-resilient public key cryptography schemes from the aspects of efficiency,security and functionality.The main contents and innovations are as follows.1.This dissertation proposes an efficient certificateless parallel key-insulated signature scheme against signing key exposure.This scheme not only solves the key escrow problem,but also achieves secure and frequent key updates in a short period of time.This scheme utilizes dual helpers to alternately update the signing key periodically,thereby supporting frequent signing key updates in a short period of time without increasing the risk of helpers’ key leaks,and enhancing the system’s ability to resist key exposure.Moreover,the construction of this scheme does not require pairing operations,which greatly improves the computational efficiency of the system.Also,the scheme’s security has been proven under the random oracle model.2.This dissertation proposes a revocable certificateless signature scheme against signing key exposure and without physical security mediator.This scheme updates periodically the signature keys of non-revoked users,which ensures the backward security of information after the signing key is leaked without relying on physical security mediator.Moreover,the construction of this scheme eliminates ideal hash functions,and its security is proven under the standard model.3.This dissertation proposes a puncturable certificateless signature scheme with finegrained revocation against signing key exposure.This scheme not only solves the key escrow problem of the existing identity-based signature scheme that is resistant to signing key exposure,but also achieves the revocation of signature capability for the specific information after the signing key is leaked by using the puncturable mechanism.Moreover,this scheme efficiently achieves fine-grained update of the signing key by cleverly combining the bloom filter structure,and its security is proven under the random oracle model.4.This dissertation proposes a puncturable attribute-based encryption scheme with fine-grained revocation against decrypting key exposure.This scheme extends the puncturable feature with fine-grained revocation function to the attribute-based encryption systems,thereby improving the flexibility of key leakage-resistant cryptosystems.Moreover,this scheme not only realizes the revocation of the decryption capability for the specific information after the decryption key is leaked,but also solves the problem of limited traditional data access structure through the arithmetic span program.Also,this scheme uses dual-system encryption technology to provide a security proof of the proposed scheme under the standard model.Meanwhile,this dissertation applies the proposed puncturable ciphertext-policy attribute-based encryption scheme with provable security to the cloudassisted Internet of Things environment.This dissertation conducts theoretical analysis and simulation experiments on the above-mentioned key exposure-resilient public key cryptography schemes,and demonstrates the practicability and efficiency of the proposed scheme in key exposure protection. |
PDF Full Text Request