一种具有身份锁的门限多秘密共享方案

计算机工程与科学 ›› 2022, Vol. 44 ›› Issue (08): 1382-1391.

• 计算机网络与信息安全 • 上一篇下一篇

一种具有身份锁的门限多秘密共享方案

崔晨雨1，张丽娜1,2

(1.西安科技大学计算机科学与技术学院,陕西西安 710600;2.陕西师范大学计算机科学学院,陕西西安 710119)

收稿日期:2021-10-09 修回日期:2021-11-22 接受日期:2022-08-25 出版日期:2022-08-25 发布日期:2022-08-25
基金资助:
国家自然科学基金（62102309）；陕西省科技厅青年项目（2021JQ-575,2021JQ-576）；陕西省教育厅项目（19JK0526）；榆林市科技局项目（2016-24-4,2019-173）

A threshold multi-secret sharing scheme with identity lock

CUI Chen-yu1,ZHANG Li-na1,2

(1.College of Computer Science and Technology,Xi’an University of Science and Technology,Xi’an 710600;
2.College of Computer Science，Shaanxi Normal University,Xi’an 710119,China)

Received:2021-10-09 Revised:2021-11-22 Accepted:2022-08-25 Online:2022-08-25 Published:2022-08-25

摘要/Abstract

摘要： 为了避免现有秘密共享方案中不同秘密的访问控制结构可能相同的问题，提出一种基于身份锁的门限多秘密共享方案，身份锁决定秘密的授权子集，只有授权子集中的用户可以恢复秘密，对不同的秘密存在不同的身份锁。在保持子秘密可重复使用及可检测欺骗行为的前提下，不增加任何参与者的信息交互，有效地解决了不同秘密的访问控制结构难以更改的问题。同时，基于会话密钥协商算法，该方案不需要预设系统存在安全通道来传输秘密份额，因此具有较好的安全性和实用性。该方案非常适用于视频会议、文件分发等基于身份权限访问控制的门限多秘密共享场景。

关键词: 访问控制, 身份锁, 欺骗检测, 密钥协商, 多秘密共享

Abstract: In order to avoid the disadvantage that different secrets has the same access control structure in the existing secret sharing schemes, a threshold multi-secret sharing scheme based on identity lock is proposed, which determines the authorized subset of the secret. Only the user in the authorized subset can recover the secret. There are different identity locks for different secrets.H3： preset that the system has a secure channel to transmit secret shares,Under the premise of keeping the sub-secrets reusable and detectable for deception, it does not increase the information interaction of any participants, and effectively solves the problem that the access control structure of different secrets is difficult to change. At the same time, based on the session key negotiation algorithm, the scheme does not need to use a secure channel to transmit the secret share in advance, so it has better security and practicability. The scheme is suitable for the scenarios of multi-secret threshold sharing based on identity access control, such as video conference and file distribution.

Key words: access control, identity lock, deception detection, key negotiation, multi-secret sharing ,

崔晨雨, 张丽娜, . 一种具有身份锁的门限多秘密共享方案[J]. 计算机工程与科学, 2022, 44(08): 1382-1391.

CUI Chen-yu, ZHANG Li-na, . A threshold multi-secret sharing scheme with identity lock[J]. Computer Engineering & Science, 2022, 44(08): 1382-1391.

参考文献［13］

［1］	Shamir A.How to share a secret［J］.Communications of the ACM,1979,22(11):612-613.
［2］	Blakley G R.Safeguarding cryptographic keys［C］∥Proc of 1979 International Workshop on Managing Requirements Knowledge,1979:313-318.
［3］	Asmuth C,Bloom J.A modular approach to key safeguarding［J］.IEEE Transactions on Information Theory,1983,29(2):208-210.
［4］	Karnin E D,Greene J,Hellman M E.On secret sharing systems［J］.IEEE Transactions on Information Theory,1983,29(1):35-41.
［5］	Li X P, Chang C C,Liu Y J.A generalized Chinese remainder theorem-based proactive multi-secret sharing scheme for global wide area network［J］.Telecommunication Systems,2021,78(1):49-56.
［6］	Meghrajani Y K,Desai L S,Mazumdar H S.Secure and efficient arithmetic-based multi-secret image sharing scheme using universal share［J］.Journal of Information Security and Applications,2019,47:267-274.
［7］	Zhang Yan-shuo,Li Wen-jing,Chen Lei,et al.Verifiable special threshold secret sharing scheme based on eigenvalue［J］.Journal on Communications,2018,39(8):169-175.(in Chinese)
［8］	Gu Ting,Jian Xiao-ming,Peng Xiao-liang,et al.Public verifiable and renewable multi-secret sharing without trusted centers［J］.Application Research of Computers,2020,37(S1):293-297.(in Chinese)
［9］	Pang Liao-jun,Pei Qing-qi,Jiao Li-cheng,et al. An identity (ID)-based threshold multi-secret sharing scheme ［J］.Journal of Software,2008,19(10):2739-2745.(in Chinese)
［10］	Zhang Jian, Lin Chang-lu,Ding Jian,et al. Secure multi-use threshold multi-secret sharing scheme［J］.Computer Systems & Applications,2021,30(5):276-281.(in Chinese)
［11］	Li Li,Yang Hong-fei,Dong Xiu-ze. Hierarchical file access control scheme with identity-based multi-conditional proxy re-encryption ［J］.Journal of Computer Applications,2021,41(11):3251-3256.(in Chinese)
［12］	Li Jing. Research on data encryption and secret sharing schemes based on access structures［D］.Beijing:Beijing University of Posts and Telecommunications,2017.(in Chinese)
［13］	Song Yi-xuan.Research on secret sharing schemes for two typical access structures ［D］.Lanzhou:Lanzhou University,2021.(in Chinese)
［14］	Chiou G H, Chen W T.Secure broadcasting using the secure lock［J］.IEEE Transactions on Software Engineering,1989,15(8):929-934.
［15］	Boneh D, Franklin M.Identity-based encryption from the Weil pairing［C］∥Proc of the 21st Annual International Cryptology Conference on Advances in Cryptology,2001:213-229.
［16］	Pang L J,Wang Y M.A new (t,n)multi-secret sharing scheme based on Shamir’s secret sharing［J］.Applied Mathematics and Computation,2005,167(2):840-848.
	附中文参考文献：
［7］	张艳硕,李文敬,陈雷,等.基于特征值的可验证特殊门限秘密共享方案［J］.通信学报,2018,39(8):169-175.
［8］	谷婷,简小明,彭晓良,等.无可信中心可公开验证可更新的多秘密共享［J］.计算机应用研究,2020,37(S1):293-297.
［9］	庞辽军,裴庆祺,焦李成,等.基于ID的门限多重秘密共享方案［J］.软件学报,2008,19(10):2739-2945.
［10］	张剑,林昌露,丁健,等.一种安全的多使用门限多秘密共享方案［J］.计算机系统应用,2021,30(5):276-281.
［11］	李莉,杨鸿飞,董秀则.基于身份多条件代理重加密的文件分级访问控制方案［J］.计算机应用,2021,41(11):3251-3256.
［12］	李婧.基于访问结构的数据加密与共享协议的研究［D］.北京:北京邮电大学,2017.
［13］	宋祎璇.两种典型访问结构的秘密共享方案研究［D］.兰州:兰州大学,2021.

[1]	林洁和, 张绍华, 李超, 戴炳荣. 基于ECC的区块链数据共享系统设计[J]. 计算机工程与科学, 2022, 44(05): 810-818.
[2]	王彩芬，陈丽，刘超，乔慧，王欢. 基于混沌映射的用户匿名三方口令认证密钥协商协议[J]. 计算机工程与科学, 2018, 40(03): 445-455.
[3]	贾宗璞，田肖，李贺. 一种基于三方密钥协商的移动IP注册协议[J]. J4, 2015, 37(03): 492-497.
[4]	李芳1,2，陈明3. 强安全的和无双线性对的基于身份密钥协商[J]. J4, 2013, 35(6): 65-71.
[5]	顾小卓. 提供分级接入控制机制的聚合组密钥协商算法[J]. J4, 2012, 34(7): 1-5.
[6]	路守克,史国川. 对一个认证密钥协商协议的分析与改进[J]. J4, 2011, 33(11): 32-35.
[7]	皮建勇刘心松吴艾符青云刘丹. 区域网络化制造系统安全体制研究[J]. J4, 2007, 29(5): 26-29.
[8]	崔国华[1] 涂昭[1] 梅林[2] 张伟[1]. 一种基于身份的会议密钥协商方案[J]. J4, 2007, 29(12): 7-10.
[9]	陈卓骆婷邢光林. 因特网密钥交换协议认证机制的研究[J]. J4, 2004, 26(8): 7-10.
[10]	赵春晖孟波. 密钥协商的Kerberos化（KINK）及实现[J]. J4, 2002, 24(4): 7-9.

一种具有身份锁的门限多秘密共享方案

A threshold multi-secret sharing scheme with identity lock

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献［13］

相关文章 10

编辑推荐

Metrics

本文评价

一种具有身份锁的门限多秘密共享方案

A threshold multi-secret sharing scheme with identity lock

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献 ［13］

相关文章 10

编辑推荐

Metrics

本文评价

参考文献［13］