Please use this identifier to cite or link to this item:

Title: 適應於NuCypher之代理門檻廣播重加密機制
Development of Proxy Threshold Broadcast ReEncryption for NuCypher
Authors: 黃仁志
Huang, Ren-Jr
Contributors: 左瑞麟
Tso, Ray-lin
Huang, Ren-Jr
Keywords: NuCypher
Secret Sharing
Broadcast Encrytion
Proxy Broadcast ReEncryption
Date: 2021
Issue Date: 2021-09-02 18:18:11 (UTC+8)
Abstract: 近幾年隨著區塊鏈技術的蓬勃發展,誕生了許多基於區塊鏈及智能合約(Smart Contract) 的新型應用,特別是以去中心化為核心價值的DApps(Decentralized Application) 應用。其中於2020 年正式上線的
NuCypher,旨在公鏈(Main Net) 上提供以密碼學基礎工程打造資料隱私保護(privacy preserving) 的服務,主要籍由智能合約的管控及密碼學中的重加密技術,達到在去中心化的環境中,依然能提供安全的資料
然而,在NuCypher 的機制中,對於資料的授權,只能提供一對一的分享服務,無法在同一時間,允許多位使用者存取同一份加密資料,而需個別設定,欠缺實務上的彈性及效率。所以本研究的重點在
於改善其重加密機制以達成一對多分享的效果,使用代理廣播重加密(Proxy Broadcast ReEncryption PBRE) 演算法及祕密分享(Secret Sharing)技術,提出一個新機制來實現此一目標,除了達成原本NuCypher
There are a bunch of applications based on Blockchain and Smart Contractlargely grow in recent years, especially, the development of DApps(DecentralizedApplications) based on the decentralized concept. One of many interestingBlockchain applications is NuCypher that focuses on providing securelyprivacypreservingservices. The NuCypher leverages the ReEncryptionmechanismand Smart Contract to build the datasharingsystem where runs underthe decentralized environment.
As our observation, unfortunately, the NuCypher can just share the data1on1at the same time, it can not allow the data owner to share 1toN.Inthis case, It needs to set one by one so that it is inefficient and inflexible. So,our research focuses on enhancing the NuCypher cryptographic scheme toachieve 1toNsharing. We make use of the Proxy Broadcast ReEncryption(PBRE) algorithm and Secret Sharing scheme to propose our scheme. It doesnot only preserves the sharing feature as the NuCypher but also suitable fordecentralized environment to keep the distributed secure key management.Keywords: NuCypher, Secret Sharing, Broadcast Encrytion, Proxy BroadcastReEncryption,Blockchain.
Reference: [1] S. Nakamoto, Bitcoin: A Peer­to­Peer Electronic Cash System. 2008.
[2] J. Benet, IPFS­content addressed, versioned, P2P file system arXiv preprint arXiv:1407.3561, 2014.
[3] Ethereum Name Service.
[4] V. Buterin, A Next­generation Smart Contract and Decentralized Application Platform. July 2016.
[5] NuCypher
[6] M. Egorov, M. Wilkison, and D. Nuñez, Nucypher kms: Decentralized key management system in Blockchain Protocol Analysis and Security Engineering 2018, Jan 2018.
[7] M. Blaze, G. Bleumer, and M. Strauss, Divertible protocols and atomic proxy cryptography in International Conference on the Theory and Applications of Cryptographic Techniques, pp. 127–144, Springer, 1998.
[8] A. Shamir, How to share a secret Commun. ACM, vol. 22, p. 612–613, Nov. 1979.
[9] D. Boneh, C. Gentry, and B. Waters, Collusion resistant broadcast encryption with short ciphertexts and private keys in Advances in Cryptology – CRYPTO 2005 63(V. Shoup, ed.), (Berlin, Heidelberg), pp. 258–275, Springer Berlin Heidelberg, 2005.
[10] M. Sun, C. Ge, L. Fang, and J. Wang, A proxy broadcast re­encryption for cloud data sharing Multimedia Tools and Applications, vol. 77, no. 9, pp. 10455–10469, 2018.
[11] M. Abe, R. Gennaro, K. Kurosawa, and V. Shoup, Tag­KEM/DEM: A new framework for hybrid encryption and a new analysis of Kurosawa­Desmedt KEM in Annual international conference on the theory and applications of cryptographic techniques, pp. 128–146, Springer, 2005.
[12] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, Improved proxy re­encryption schemes with applications to secure distributed storage ACM Transactions on Information and System Security (TISSEC), vol. 9, no. 1, pp. 1–30, 2006.
[13] D. Boneh and M. Franklin, Identity­based encryption from the weil pairing SIAM journal on computing, vol. 32, no. 3, pp. 586–615, 2003.
[14] Y. Dodis and A. Yampolskiy, A verifiable random function with short proofs and keys in International Workshop on Public Key Cryptography, pp. 416–431, Springer, 2005.
[15] D. Nunez, I. Agudo, and J. Lopez, NTRUReEncrypt: An efficient proxy reencryption scheme based on NTRU in Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, pp. 179–189, 2015.
[16] C.­K. Chu, J. Weng, S. S. Chow, J. Zhou, and R. H. Deng, Conditional proxy broadcast re­encryption in Australasian conference on information security and privacy, pp. 327–342, Springer, 2009.
[17] C. Wang and S. Su, Secret sharing based on bilinear mapping in 2019 International Conference on Computer, Network, Communication and Information Systems (CNCI 2019), pp. 602–607, Atlantis Press, 2019.
[18] D. Boneh and M. Franklin, Identity­based encryption from the weil pairing in Advances in Cryptology — CRYPTO 2001 (J. Kilian, ed.), (Berlin, Heidelberg), pp. 213–229, Springer Berlin Heidelberg, 2001.
[19] A. Joux, A one round protocol for tripartite diffie–hellman in International algorithmic number theory symposium, pp. 385–393, Springer, 2000.
[20] A. Joux and K. Nguyen, Separating decision diffie­hellman from diffie­hellman in cryptographic groups Manuscript. Available from eprint. iacr. org, 2001.
[21] Hardware Security Modules.
[22] HashiCorp Vault.
[23] Amazon CloudHSM.
[24] Google CloudHSM.
[25] Asure Key Vault.
[26] U. W. Chohan, The decentralized autonomous organization and governance issues Available at SSRN 3082055, 2017.
[27] D. Nunez, Umbral: a threshold proxy re­encryption scheme NuCypher Inc and NICS Lab, University of Malaga, Spain, 2018.
[28] X. ANSI, 63: Public key cryptography for the financial services industry, key agreement and key transport using elliptic curve cryptography American National Standards Institute, 1998.
[29] A. Fiat and M. Naor, Broadcast encryption in Annual International Cryptology Conference, pp. 480–491, Springer, 1993.
[30] A. De Caro and V. Iovino, jpbc: Java pairing based cryptography in Proceedings of the 16th IEEE Symposium on Computers and Communications, ISCC 2011, pp. 850–855, IEEE, 2011.
[31] B. Castle, The bouncy castle crypto apis for java 2010.
[32] Cryptographic primitive implementations for secure cloud storage / computing applications
Description: 碩士
Source URI:
Data Type: thesis
Appears in Collections:[資訊科學系碩士在職專班] 學位論文

Files in This Item:

File Description SizeFormat
101001.pdf3386KbAdobe PDF48View/Open

All items in 學術集成 are protected by copyright, with all rights reserved.

社群 sharing