全同态加密方案是一类允许第三方在不知晓解密密钥的前提下对密文进行任意运算的加密方案,为云计算场景下数据隐私保护提供了有效的密码学工具,具有重要的应用价值.在复杂的网络环境下,消息的接收者往往不是单一的.如何将一个具备可计算性的密文安全地分享给一个任意选定的接收者集合,是传统的全同态加密方案尚未解决的问题.本文结合全同态加密和身份基广播加密的思想,提出了新的密码学原型——全同态身份基广播加密 (identity based broadcast fully homomorphic encryption, IBBFHE),并基于 LWE 困难问题假设给出了具体的方案.数据通过 IBBFHE 方案加密后允许不具备解密能力的第三方进行同态运算,且仅能被指定集合内的接收者正确解密,从而实现了云计算环境下数据的动态群组分享.本文在LWE假设下,证明了所提方案的抗半适应性选择身份集合选择明文攻击的安全性.由于LWE问题是公认的抗量子攻击难题,本方案也具备抗量子攻击的安全性.%Fully homomorphic encryption (FHE) is an emerging public key encryption paradigm, which enables a third party to execute operations on ciphertexts without knowing the decryption key. It can serve as a powerful cryptographic tool for data privacy protection in cloud computing environment, and has significant applications. However, in a complex network environment, a message may be received by multiple receivers. It has not been well solved by the traditional FHE schemes as how to share a computable ciphertext with an arbitrarily chosen set of receivers. Inspired by identity-based broadcast encryption,we introduce a novel cryptography primitive called identity-based broadcast fully homomorphic encryption(IBBFHE),and present a concrete scheme based on LWE assumption to solve the problem mentioned above. The data encrypted under IBBFHE schemes can still be homomorphic computed by third parties who do not have decryption abilities, and it can only be decrypted by the authorized receivers in a specific group. Thus, data secure sharing can be made possible in cloud computing environment. The IND-smCIS-CPA security of the proposed scheme under LWE assumption is proved. Furthermore, LWE problem is believed to be unsolvable by quantum computers, thus the proposed scheme also possesses this property.
展开▼
