Loading...
|
Please use this identifier to cite or link to this item:
https://nccur.lib.nccu.edu.tw/handle/140.119/131628
|
| Title: | 可驗證外包雙線性配對的改善與安全性分析
Security analysis and improvement of a verifiable outsourcing of bilinear pairing scheme. |
| Authors: | 林哲偉
Lin, Jhe-Wei |
| Contributors: | 左瑞麟
Tso, Ray-Lin
林哲偉
Lin, Jhe-Wei |
| Keywords: | 雙線性配對
可驗證的外包
基於配對的加密
Bilinear pairings
Verifiable outsourcing
Pairing-based cryptography |
| Date: | 2020 |
| Issue Date: | 2020-09-02 12:14:48 (UTC+8) |
| Abstract: | 近年來,隨著手機、智慧手錶等手持裝置的大量增加,再加上雲端運算的發展,將複雜的計算外包的技術,已得到廣泛的關注。
儘管將複雜的計算外包可以帶來許多好處且提升效能,且使用者端只需要接收由雲端伺服器回傳的計算結果即可。但外包的過程與方法,經常牽涉到安全問題與挑戰。例如:計算任務通常涉及個人資訊,是否需要透露給雲端服務器?若雲端伺服器無法完全信任,即產生資訊安全問題;若雲端服務器返回無效或錯誤結果,但外包使用者可能無法檢測到錯誤,即達成攻擊目的。
在密碼學的研究中,一項非常重要的技術是“基於配對的密碼學”(Pairing-based cryptography)。它的作法是根據加法群(additive group)G1中的一個元素的和加法群G2中的一個元素,進行映射(mapping),生成乘法群G中的一个元素。配對(pairing)在密碼學領域中被廣泛使用,配對的計算相當消耗資源。因此外包計算配對的方法廣受關注,Ren等人在2016年提出了一項方案。此方案提出了一種基於兩個不受信任伺服器的雙線性配對的安全可驗證外包演算法,提高了外包配對的可驗證性。但是該方案的缺點是存在針對可驗證性的攻擊方法。 在2017年,Osmanbey Uzunkol等人提出了攻擊方法。所以本文提出了一種改進的解決方案來防止攻擊。
在本文中,我們首先介紹由Ren等人提出的可驗證的雙線性對外包演算法(verifiable outsourcing of bilinear pairings, VBP),然後介紹由Osmanbey Uzunkol等人提出的該算法的攻擊方法。最後,我們提出了改進的演算法,並證明它在保護用戶資訊上是安全的。
In recent years, with the massive increase in handheld devices such as mobile phones and smart watches, coupled with the development of cloud computing, the technology of outsourcing complex computing has received widespread attention.
Although outsourcing complex calculations can bring many benefits and improve performance, the user only needs to receive the calculation results returned by the cloud server. However, outsourcing processes and methods often involve security issues and challenges. For example: computing tasks usually involve personal information, do they need to be disclosed to cloud servers? If the cloud server can’t be fully trusted, information security issues will arise; if the cloud server returns an invalid or erroneous result, but the outsourced user may not be able to detect the error, the attack goal is achieved.
In the research of cryptography, a very important technique is “pairing-based cryptography “. Its method is based on an element in the additive group G1 and an element in the additive group G2 to perform mapping to generate an element in the multiplicative group G. Pairing is widely used in the field of cryptography and pairing operations are resource-consuming. So, the method of outsourcing pairing calculation has attracted much attention, and Ren et al. proposed a scheme in 2016. It proposes a secure verifiable outsourcing algorithm of single bilinear pairing based on two untrusted servers, and improved verifiability of outsourcing. But the disadvantage of this scheme is existing attack method for verifiability. The attack method proposed by Osmanbey Uzunkol et al. in 2017. So, this paper proposes a improved solution to prevent attacks.
In this paper, we first introduce the algorithm for verifiable outsourcing of bilinear pairings proposed by Ren et al., then presents attack methods of this algorithm proposed by Osmanbey Uzunkol et al. Final, we present our method to improve the algorithm and show it is security for protecting user’s information. |
| Reference: | [1] Ren, Y., Ding, N., Wang, T., Lu, H., & Gu, D. (2016). New algorithms for verifiable outsourcing of bilinear pairings. Science China Information Sciences, 59(9), 99103.
[2] Uzunkol, O., Kalkar, Ö., & Sertkaya, I. (2017). Fully Verifiable Secure Delegation of Pairing Computation: Cryptanalysis and An Efficient Construction. IACR Cryptol. ePrint Arch., 2017, 1173.
[3] Yang, P., Cao, Z., & Dong, X. (2008). Fuzzy Identity Based Signature. IACR Cryptol. ePrint Arch., 2008, 2.
[4] Boneh, D., & Franklin, M. (2001, August). Identity-based encryption from the Weil pairing. In Annual international cryptology conference (pp. 213-229). Springer, Berlin, Heidelberg.
[5] Menezes, A. (2009). An introduction to pairing-based cryptography. Recent trends in cryptography, 477, 47-65.
[6] Atallah, M. J., Pantazopoulos, K. N., Rice, J. R., & Spafford, E. E. (2002). Secure outsourcing of scientific computations. In advances in computers (Vol. 54, pp. 215-272). Elsevier.
[7] Chen, X., Li, J., Ma, J., Tang, Q., & Lou, W. (2013). New algorithms for secure outsourcing of modular exponentiations. IEEE Transactions on Parallel and Distributed Systems, 25(9), 2386-2396.
[8] Wang, C., Ren, K., & Wang, J. (2011, April). Secure and practical outsourcing of linear programming in cloud computing. In 2011 Proceedings Ieee Infocom (pp. 820-828). IEEE.
[9] Hohenberger, S., & Lysyanskaya, A. (2005, February). How to securely outsource cryptographic computations. In Theory of Cryptography Conference (pp. 264-282). Springer, Berlin, Heidelberg.
[10] Gennaro, R., Gentry, C., & Parno, B. (2010, August). Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In Annual Cryptology Conference (pp. 465-482). Springer, Berlin, Heidelberg.
[11] Chung, K. M., Kalai, Y., & Vadhan, S. (2010, August). Improved delegation of computation using fully homomorphic encryption. In Annual Cryptology Conference (pp. 483-501). Springer, Berlin, Heidelberg.
[12] Boneh, D., Lynn, B., & Shacham, H. (2001, December). Short signatures from the Weil pairing. In International conference on the theory and application of cryptology and information security (pp. 514-532). Springer, Berlin, Heidelberg.
[13] Yoon, E. J., Lee, W. S., & Yoo, K. Y. (2007, May). Secure remote user authentication scheme using bilinear pairings. In IFIP International Workshop on Information Security Theory and Practices (pp. 102-114). Springer, Berlin, Heidelberg.
[14] Galbraith, S. D., Paterson, K. G., & Smart, N. P. (2008). Pairings for cryptographers. Discrete Applied Mathematics, 156(16), 3113-3121.
[15] Chen, X., Susilo, W., Li, J., Wong, D. S., Ma, J., Tang, S., & Tang, Q. (2015). Efficient algorithms for secure outsourcing of bilinear pairings. Theoretical Computer Science, 562, 112-121.
[16] Li, J., Au, M. H., Susilo, W., Xie, D., & Ren, K. (2010, April). Attribute-based signature and its applications. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (pp. 60-69).
[17] Dong, M., Ren, Y., & Zhang, X. (2017). Fully Verifiable Algorithm for Secure Outsourcing of Bilinear Pairing in Cloud Computing. KSII Transactions on Internet & Information Systems, 11(7). |
| Description: | 碩士
國立政治大學
資訊科學系
104753027 |
| Source URI: | http://thesis.lib.nccu.edu.tw/record/#G0104753027 |
| Data Type: | thesis |
| DOI: | 10.6814/NCCU202001696 |
| Appears in Collections: | [資訊科學系] 學位論文
|
Files in This Item:
| File |
Description |
Size | Format | |
|---|
| 302701.pdf | | 2171Kb | Adobe PDF2 | 280 | View/Open |
|
All items in 政大典藏 are protected by copyright, with all rights reserved.
|
