一种保护隐私的基于身份的加密体系结构的安全性分析

C. Adams
{"title":"一种保护隐私的基于身份的加密体系结构的安全性分析","authors":"C. Adams","doi":"10.4236/jis.2022.134018","DOIUrl":null,"url":null,"abstract":"Identity-Based Encryption (IBE) has seen limited adoption, largely due to the absolute trust that must be placed in the private key generator (PKG)—an authority that computes the private keys for all the users in the environment. Several constructions have been proposed to reduce the trust required in the PKG (and thus preserve the privacy of users), but these have generally relied on unrealistic assumptions regarding non-collusion between various entities in the system. Unfortunately, these constructions have not significantly improved IBE adoption rates in real-world environments. In this paper, we present a construction that reduces trust in the PKG without unrealistic non-collusion assumptions. We achieve this by incorporating a novel combination of digital credential technology and bilinear maps, and making use of multiple random-ly-chosen entities to complete certain tasks. The main result and primary contri-bution of this paper are a thorough security analysis of this proposed construction, examining the various entity types, attacker models, and collusion oppor-tunities in this environment. We show that this construction can prevent, or at least mitigate, all considered attacks. We conclude that our construction ap-pears to be effective in preserving user privacy and we hope that this construction and its security analysis will encourage greater use of IBE in real-world environments.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":"722 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Security Analysis of a Privacy-Preserving Identity-Based Encryption Architecture\",\"authors\":\"C. Adams\",\"doi\":\"10.4236/jis.2022.134018\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Identity-Based Encryption (IBE) has seen limited adoption, largely due to the absolute trust that must be placed in the private key generator (PKG)—an authority that computes the private keys for all the users in the environment. Several constructions have been proposed to reduce the trust required in the PKG (and thus preserve the privacy of users), but these have generally relied on unrealistic assumptions regarding non-collusion between various entities in the system. Unfortunately, these constructions have not significantly improved IBE adoption rates in real-world environments. In this paper, we present a construction that reduces trust in the PKG without unrealistic non-collusion assumptions. We achieve this by incorporating a novel combination of digital credential technology and bilinear maps, and making use of multiple random-ly-chosen entities to complete certain tasks. The main result and primary contri-bution of this paper are a thorough security analysis of this proposed construction, examining the various entity types, attacker models, and collusion oppor-tunities in this environment. We show that this construction can prevent, or at least mitigate, all considered attacks. We conclude that our construction ap-pears to be effective in preserving user privacy and we hope that this construction and its security analysis will encourage greater use of IBE in real-world environments.\",\"PeriodicalId\":57259,\"journal\":{\"name\":\"信息安全(英文)\",\"volume\":\"722 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"信息安全(英文)\",\"FirstCategoryId\":\"1093\",\"ListUrlMain\":\"https://doi.org/10.4236/jis.2022.134018\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"信息安全(英文)","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.4236/jis.2022.134018","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

摘要

基于身份的加密(IBE)的采用有限,这主要是由于必须对私钥生成器(PKG)给予绝对信任——一个为环境中所有用户计算私钥的权威机构。已经提出了几种结构来减少PKG中所需的信任(从而保护用户的隐私),但这些通常依赖于关于系统中各个实体之间不串通的不切实际的假设。不幸的是,这些结构并没有显著提高IBE在实际环境中的采用率。在本文中,我们提出了一种结构,可以在不存在不切实际的非合谋假设的情况下降低PKG中的信任。我们通过结合数字凭证技术和双线性地图的新颖组合来实现这一目标,并利用多个随机选择的实体来完成某些任务。本文的主要成果和主要贡献是对该提议的结构进行了全面的安全分析,检查了该环境中的各种实体类型、攻击者模型和合谋机会。我们展示了这种构造可以防止,或者至少减轻所有被认为的攻击。我们得出的结论是,我们的构造在保护用户隐私方面似乎是有效的,我们希望这种构造及其安全性分析将鼓励在实际环境中更多地使用IBE。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Security Analysis of a Privacy-Preserving Identity-Based Encryption Architecture
Identity-Based Encryption (IBE) has seen limited adoption, largely due to the absolute trust that must be placed in the private key generator (PKG)—an authority that computes the private keys for all the users in the environment. Several constructions have been proposed to reduce the trust required in the PKG (and thus preserve the privacy of users), but these have generally relied on unrealistic assumptions regarding non-collusion between various entities in the system. Unfortunately, these constructions have not significantly improved IBE adoption rates in real-world environments. In this paper, we present a construction that reduces trust in the PKG without unrealistic non-collusion assumptions. We achieve this by incorporating a novel combination of digital credential technology and bilinear maps, and making use of multiple random-ly-chosen entities to complete certain tasks. The main result and primary contri-bution of this paper are a thorough security analysis of this proposed construction, examining the various entity types, attacker models, and collusion oppor-tunities in this environment. We show that this construction can prevent, or at least mitigate, all considered attacks. We conclude that our construction ap-pears to be effective in preserving user privacy and we hope that this construction and its security analysis will encourage greater use of IBE in real-world environments.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
211
期刊最新文献
Secure Web Application Technologies Implementation through Hardening Security Headers Using Automated Threat Modelling Techniques Research and Practice on High Availability Scheme of Unified Identity Authentication System Based on CAS in Colleges and Universities Learning with Errors Public Key Cryptosystem with Its Security User Station Security Protection Method Based on Random Domain Name Detection and Active Defense Towards a New Model for the Production of Civil Status Records Using Blockchain
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1