抗密钥持续泄漏的基于身份的加密研究

The leakage resilient encryption has been widely studied in the literature because it can be used to solve the issue of key leakage in the running of algorithms due to side channel attacks. One of the research challenges is to construct a leakage resilient public key encryption scheme in the continual leakage model. This project will explore ID-based encryption schemes resilient to continual key leakage, aiming to achieve concrete and generic schemes. Our study will mainly focus on the theory of ID-based updatable hash proof system. Based on this theory, we intend to achieve the generic construction of CCA-secure ID-based encryption against continual key leakage attacks. On the other hand, with the help of the new techniques about key updating and transformation from composite-order group to prime-order group, we will get efficient ID-based encryption scheme resilient to both master key and user key continual leakage. Based on the existing works on leakage resilient ID-based encryption in the continual leakage model, this project intends to solve two key problems in the continual leakage model. One is the ID-based Hash Proof System supporting both master key and user key updatable; the other is the efficient ID-based encryption resilient to both master key and user key continual leakage. Thereby, it will provide some new theoretical and technologic basis for the further study of the continual leakage resilient cryptography.

抗泄露加密能解决算法运行中的密钥泄露问题，近来受到广泛关注。目前持续泄露模型下的公钥加密研究尚未成熟，这是一个有意义且具有挑战的课题。本课题选择抗密钥持续泄露的基于身份的加密为研究对象，拟从理论基础和实际应用两种角度出发，以构建高效实用的抗密钥持续泄露的基于身份加密方案及其通用构造为目标，重点研究基于身份下的可更新的哈希证明系统理论。借助该理论，给出密钥持续泄露的选择密文安全的基于身份的加密方案通用构造；另一方面，借助各种密钥更新技术和合数阶群往素数阶群转换的技术，给出高效实用的抗主密钥和用户私钥持续泄露的基于身份加密方案。在借鉴已有抗密钥持续泄露的基于身份加密相关研究成果的基础上，本课题拟解决基于身份下的主密钥和用户私钥可更新的哈希证明系统和安全高效的抗主密钥和用户私钥可持续泄露的基于身份加密方案这两个关键问题，从而为研究持续泄露模型下公钥密码体系提供新的理论依据和技术支持。

由于抗泄露加密能解决算法运行中的密钥泄露问题，所以一直是密码学界的热点问题。本项目在构造基于身份可更新的哈希证明系统、构建抗密钥持续泄漏的IBE具体方案方面取得了很多研究进展，发表了相关的研究论文8篇。其中，在构建哈希证明系统方面，我们构建了基于身份和基于证书下的密钥可更新的哈希证明系统；在构建抗密钥持续泄漏的IBE具体方案方面，对于密钥更新技术，我们采用了矩阵分解技术、分布式技术、代数核技术等方法进行密钥更新，构造出了抗密钥持续泄露的IBE具体方案；在安全性方面，我们在保证密钥可更新的基础上，设计了紧致CCA安全的IBE方案。另一方面，本项目在抗辅助输入泄漏的公钥加密方面也有1篇研究成果。