摘要
传统基于证书加密方案的安全性一般在理想环境下考虑,敌手无法获得方案的私钥.在现实世界中,敌手可以通过侧信道攻击获得方案的部分私钥,传统基于证书加密方案很可能被攻破.针对这种攻击,可构造弹性泄漏基于证书加密方案.首先形式化基于证书加密方案的安全模型,在该安全模型中,增强两类敌手的攻击能力,允许敌手通过侧信道攻击获得私钥的部分信息.接着构造一种新型的弹性泄漏基于证书加密方案.最后证明该方案在随机谕言模型下是选择明文安全的,并给出方案允许泄漏的界限.
The security of conventional certificate-based encryption scheme,in general,has been taken into account in an ideal environment,where the adversary cannot obtain the secret key of the scheme.However,in the real world,an adversary can gain partial secret key through the side channel attack,and the conventional certificate-based encryption scheme is likely to be breached.In view of this attack,a certificate-based encryption scheme with leakage resilience can be constructed.We first define a secure model of certificatebased encryption.In this model,the attack ability of the two kinds of adversaries is enhanced,and the adversary is permitted to get some information of the secret key through the side channel attack.Moreover,a new leakage-resilient certificate-based encryption scheme is constructed.Finally,this scheme is secure against chosen-plaintext attack in the random oracle model,and the permissible leakage bounds of the scheme are given.
引文
[1]GENTRY C.Certificate-based encryption and the certificate revocation problem[C]//Proceedings of the international conference on advances in Cryptology-EUROCRYPT 2003.Berlin:Springer,2003:272-293.
[2]陆阳,李继国,肖军模.标准模型下基于证书的加密方案的通用构造[J].计算机科学,2009,36(6):89-92.
[3]LU Yang,LI Jiguo.Efficient certificate-based encryption scheme secure against key replacement attacks in the standard model[J]. Journal of Information Science and Engineering,2014,30(5):1553-1568.
[4]李继国,张亦辰,卫晓霞.可证安全的基于证书广播加密方案[J].电子学报,2016,44(5):1101-1110.
[5]LU Yang,LI Jiguo.A provably secure certificate-based encryption scheme against malicious CA attacks in the standard model[J]. Information Sciences,2016,372:745-757.
[6]徐海琳,陆阳.高效无双线性对的带关键词搜索的基于证书加密方案[J].计算机应用,2018,38(2):379-385.
[7]陈运,吴震,陈俊,等.防范边信道攻击的等功耗编码实现算法[J].电子科技大学学报,2008,37(2):168-171.
[8]HALDERMAN J A,SCHOEN S D,HENINGER N,et al.Lest we remember:cold-boot attacks on encryption keys[J]. Communications of the ACM,2009,52(5):91-98.
[9]杨阳,关志,陈钟.冷启动攻击研究综述[J].计算机应用研究,2015,32(10):2886-2890.
[10]王丽娜,谈诚,余荣威,等.针对数据泄漏行为的恶意软件检测[J].计算机研究与发展,2017,54(7):1537-1548.
[11]于启红,李继国.基于证书的抗泄漏的安全加密方案[J].计算机应用研究,2014,31(1):210-212.
[12]张明武,陈泌文,何德彪,等.高效弹性泄漏下CCA2安全公钥加密体制[J].计算机学报,2016,39(3):492-502.
[13]于启红,李继国.基于身份的抗私钥泄漏的广播加密方案[J].计算机应用与软件,2016,33(11):282-287.
[14]马海英,曾国荪,包志华,等.抗连续辅助输入泄漏的属性基加密方案[J].计算机研究与发展,2016,53(8):1867-1878.
[15]ALWEN J,DODIS Y,NAOR M,et al.Public-key encryption in the bounded-retrieval model[C]//Proceedings of the international conference on advances in Cryptology-EUROCRYPT 2010.Berlin:Springer,2010:113-134.
[16]BONEH D,BOYEN X.Efficient selective-ID secure identity-based encryption without random oracles[C]//Proceedings of the international conference on advances in cryptology-EUROCRYPT 2004.Berlin:Springer,2004:223-238.