| Group encryption is a cryptographic primitive which is the encryption analogue of group signature.In group encryption scheme,the message sender can send a ciphertext to a given group member while keeping anonymity of the receiver's identity.At the same time,the sender is capable of proving that some(anonymous)group member is able to decrypt the ciphertext.In case of a dispute,the identity of the intended receiver can be recovered by a designated authority.As the group encryption can hide the identity of the receiver in several legitimate group members,it can be used in trusted third party,e-voting and cloud computing with bright future.The traditional group encryption has a drawback that there is only one authority can open the part of ciphertext and reveal its receiver.This makes the authority has the whole privilege.If the authority abuses this privilege or is compromised by the attacker,it will influence the security of the whole system.Also the traditional group encryption has another drawback that the sender can only send one message to one receiver of a given group.If he wants to send the same message to several receivers,he has to encrypt the message for several times,generate several different ciphertexts and then send them to the corresponding receiver.This increases the computation costs and the network bandwidth.Group encryption can be used in cloud computing.It is common to inject files to the virtual machine in cloud computing.The traditional method of doing this is injected one file to one virtual machine with plaintext.This method can not protect the anonymity of the receiver virtual machine and also has a low efficiency.To address these issues,this paper has researched the traditional group encryption in depth.The main research results obtained are as follow:(1)A group encryption with multi-authority is proposed.In this thesis,we introduce the threshold Elgamal encryption to group encryption.When there is a need to open the ciphertext to reveal the identity of the receiver,it must contain several authorities to collaborate to do this.The security analysis shows that our scheme meets the requirements of anonymity,anti-collusion attack,subkey verifiability,traceablity.The performance estimation shows that though our scheme spends more time to reveal the receiver,it doesn't influence the performance very much for less frequent dispute.(2)A group encryption with multi-receiver is proposed.In order to improve the efficiency,we add the anonymous multi-receiver mechanism to group encryption.The sender can only generate one ciphertext and let several receivers to receive the message.The sender uses the receivers' public key to encrypt the message and then the receivers decrypt this message by their own private key.In case of a dispute,the identity of the intended receiver can be recovered by a designated authority.It avoids repeating encryption and improves the efficiency of encryption and sending.The security analysis shows that our scheme has of anonymity and traceablity.The performance estimation shows that our scheme spends less time to decrypt message and has a low communication costs.(3)A method of inject file to virtual machine is proposed.This method can be used to inject files to the virtual machines in cloud platform.When there is a need to inject the file to virtual machines,several virtual machines can be treated as a group.Then we can send files to these virtual machines.The security analysis shows that we can promise the security of injected file by decrypting it.We can also keep the anonymity of receiver virtual machine.As injecting a file to several virtual machines at one time,the efficiency of the scheme can be improved markedly. |
PDF Full Text Request