密文可验证的自主路径代理重加密

罗艳松, 高荣海, 邓伦治

贵州师范大学学报(自然科学版) ›› 2026, Vol. 44 ›› Issue (4) : 140 -150.

PDF (1159KB)
贵州师范大学学报(自然科学版) ›› 2026, Vol. 44 ›› Issue (4) : 140 -150. DOI: 10.16614/j.gznuj.zrb.2026.04.011
密码技术与网络安全防护

密文可验证的自主路径代理重加密

    罗艳松1,2, 高荣海1,3*, 邓伦治1,2
作者信息 +

Ciphertext-verifiable autonomous path proxy re-encryption scheme

    Luo Yansong1,2, Gao Ronghai1,3*, Deng Lunzhi1,2
Author information +
文章历史 +
PDF (1186K)

摘要

自主路径代理重加密允许数据所有者在授权过程中保持对自主路径的控制,在实现传统代理重加密的“安全共享”基础上有效解决密文流转路径不可控、难追溯等问题。通过研究发现,现有自主路径代理重加密方案中,云服务器可能篡改自主路径上授权人的信息,为了修补这一缺陷,提出了一种密文可验证的自主路径代理重加密方案。数据所有者生成重加密密钥时嵌入私钥,确保云服务器仅能对数据所有者指定的授权人执行重加密操作。授权人接收到重加密密文并解密后,能够验证重加密密文的来源,确保授权人解密后获得的明文与数据所有者意图共享的数据完全一致。证明了该方案基于双线性决策Diffie-Hellman(DBDH)问题,在随机预言模型下能够抵御选择密文攻击(Chosen-ciphertext attacks, CCAs)。理论分析和实验结果表明,提出的新方案显著降低了计算成本,提升了运行效率。

Abstract

Autonomous path proxy re-encryption allows data owners to maintain control over the path during authorization. While achieving "secure sharing" as in traditional proxy re-encryption, it effectively addresses issues such as uncontrollable and hard-to-trace ciphertext transmission paths. Research shows that in existing autonomous path proxy re-encryption schemes, cloud servers may tamper with authorizer information on the path. To fix this flaw, a verifiable ciphertext self-controllable path proxy re-encryption scheme is proposed. When generating the re-encryption key, the data owner embeds their private key to ensure the cloud server can only perform re-encryption for the specified authorizer. After decrypting the re-encrypted ciphertext, the authorizer can verify its source, ensuring the decrypted plaintext is exactly what the data owner intended to share. The scheme is proven secure under the Decisional Bilinear Diffie-Hellman (DBDH) assumption and resistant to chosen-ciphertext attacks (CCAs) in the random oracle model. Theoretical analysis and experimental results show that the proposed scheme significantly reduces computational costs and improves operational efficiency.

关键词

自主路径 / 代理重加密 / 数据共享 / 可验证 / 随机预言模型

Key words

autonomous path / proxy re-encryption / data sharing / verifiable / random oracle model

引用本文

引用格式 ▾
罗艳松, 高荣海, 邓伦治. 密文可验证的自主路径代理重加密[J]. 贵州师范大学学报(自然科学版), 2026, 44(4): 140-150 DOI:10.16614/j.gznuj.zrb.2026.04.011

登录浏览全文

4963

注册一个新账户 忘记密码

参考文献

[1] Blaze M,Bleumer G,Strauss M.Divertible protocols and atomic proxy cryptography[C]//International conference on the theory and applications of cryptographic techniques.Berlin,Heidelberg:Springer Berlin Heidelberg,1998:127-144.
[2] Wang Xuan,Yang Xiaoyuan.Identity based broadcast encryption based on one to many identity based proxy re-encryption[C]//2009 2nd IEEE International Conference on Computer Science and Information Technology.IEEE,2009:47-50.
[3] 李滨瀚,邓伦治,刘欢.基于云的条件广播代理重加密方案[J].计算机应用,2025,45(7):2278-2287.
[4] Yang Hongfei,Li Li,Yang Chunyan.A fine-grained certificateless conditional proxy broadcast re-encryption scheme without pairing[C]//2022 IEEE 10th Joint International Information Technology and Artificial Intelligence Conference (ITAIC).IEEE,2022,10:1414-1423.
[5] Maiti S,Misra S,Mondal A.ABP:attribute-based broadcast proxy re-encryption with coalitional game theory[J].IEEE Systems Journal,2024,18(1):85-95.
[6] Green M,Ateniese G.Identity-based proxy re-encryption[C]//Applied Cryptography and Network Security:5th International Conference,ACNS 2007,Zhuhai,China,June 5-8,2007.Proceedings 5.Springer Berlin Heidelberg,2007:288-306.
[7] Wang Hongbing,Cao Zhenfu,Wang Licheng.Multi-use and unidirectional identity-based proxy re-encryption schemes[J].Information Sciences,2010,180(20):4042-4059.
[8] Shao Jun,Cao Zhenfu.Multi-use unidirectional identity-based proxy re-encryption from hierarchical identity-based encryption[J].Information Sciences,2012,206:83-95.
[9] Libert B,Vergnaud D.Unidirectional chosen-ciphertext secure proxy re-encryption[C]//International Workshop on Public Key Cryptography.Berlin,Heidelberg:Springer Berlin Heidelberg,2008:360-379.
[10] Guo Hui,Zhang Zhenfeng,Xu Jing,et al.Accountable proxy re-encryption for secure data sharing[J].IEEE Transactions on Dependable and Secure Computing,2018,18(1):145-159.
[11] Mhiri S,Egio A,Compastié M,et al.Proxy re-encryption for enhanced data security in healthcare:a practical implementation[C]//Proceedings of the 19th International Conference on Availability,Reliability and Security.2024:1-11.
[12] Khashan O A,Khafajah N M,Alomoush W,et al.Innovative energy-efficient proxy re-encryption for secure data exchange in Wireless sensor networks[J].IEEe Access,2024,12:23290-23304.
[13] Bhateja R,Acharjya D P,Saxena N.Enhanced timing enabled proxy re-encryption model for e-health data in the public cloud[C]//2017 International Conference on Advances in Computing,Communications and Informatics (ICACCI).IEEE,2017:2040-2044.
[14] Liang Kaitai,Au Manho,Liu J K,et al.A DFA-based functional proxy re-encryption scheme for secure public cloud data sharing[J].IEEE Transactions on Information Forensics and Security,2014,9(10):1667-1680.
[15] Ge Chunpeng,Susilo W,Fang Liming,et al.A CCA-secure key-policy attribute-based proxy re-encryption in the adaptive corruption model for dropbox data sharing system[J].Designs,Codes and Cryptography,2018,86:2587-2603.
[16] Ge Chunpeng,Susilo W,Baek J,et al.A verifiable and fair attribute-based proxy re-encryption scheme for data sharing in clouds[J].IEEE Transactions on Dependable and Secure Computing,2021,19(5):2907-2919.
[17] Luo Fucai,Wang Haiyan,Susilo W,et al.Public trace-and-revoke proxy re-encryption for secure data sharing in clouds[J].IEEE Transactions on Information Forensics and Security,2024,19:2919-2934.
[18] 周涵,邓伦治.一个适用于云数据共享的高效代理广播重加密方案[J].贵州师范大学学报(自然科学版),2024,42(1):76-86.
[19] Chu Chengkang,Weng Jian,Chow S S M,et al.Conditional proxy broadcast re-encryption[C]//Australasian conference on information security and privacy.Berlin,Heidelberg:Springer Berlin Heidelberg,2009:327-342.
[20] Fang Liming,Wang Jiandong,Ge Chunpeng,et al.Fuzzy conditional proxy re-encryption[J].Science China Information Sciences,2013,56:1-13.
[21] Döttling N,Nishimakii R.Universal proxy re-encryption[C]//IACR International Conference on Public-Key Cryptography.Cham:Springer International Publishing,2021:512-542.
[22] Deng Hua,Qin Zheng,Wu Qianhong,et al.Identity-based encryption transformation for flexible sharing of encrypted data in public cloud[J].IEEE Transactions on Information Forensics and Security,2020,15:3168-3180.
[23] Jiang Peng,Ning Jianting,Liang Kaitai,et al.Encryption switching service:securely switch your encrypted data to another format[J].IEEE Transactions on Services Computing,2018,14(5):1357-1369.
[24] 柯小辉,李冬梅.可监管的工业物联网数据共享方案[J].重庆邮电大学学报(自然科学版),2024,36(3):601-608.
[25] Cao Zhenfu,Wang Hongbing,Zhao Yunlei.AP-PRE:autonomous path proxy re-encryption and its applications[J].IEEE Transactions on Dependable and Secure Computing,2017,16(5):833-842.
[26] Lin Zhongyun,Zhou Jun,Cao Zhenfu,et al.Generalized autonomous path proxy re-encryption scheme to support branch functionality[J].IEEE Transactions on Information Forensics and Security,2023,18:5387-5400.
[27] Hu Huidan,Cao Zhenfu,Dong Xiaolei.Autonomous path identity-based broadcast proxy re-encryption for data sharing in clouds[J].IEEE Access,2022,10:87322-87332.
[28] Chen Liqing,Zhang Meng,Li Jiguo.Conditional identity-based broadcast proxy re-encryption with anonymity and revocation[J].IEEE Transactions on Reliability,2025,7:1-12.

基金资助

国家自然科学基金项目(62462014);贵州省高层次创新人才项目(黔科合平台人才GCC[2022]018-1);贵州省教育厅自然科学研究项目(黔教技[2023]010);贵州省科技计划项目(黔科合基础-ZK[2024]重点058)

AI Summary AI Mindmap
PDF (1159KB)

0

访问

0

被引

详细

导航
相关文章

AI思维导图

/