學術產出-學位論文
文章檢視/開啟
書目匯出
-
題名 可驗證外包雙線性配對的改善與安全性分析
Security analysis and improvement of a verifiable outsourcing of bilinear pairing scheme.作者 林哲偉
Lin, Jhe-Wei貢獻者 左瑞麟
Tso, Ray-Lin
林哲偉
Lin, Jhe-Wei關鍵詞 雙線性配對
可驗證的外包
基於配對的加密
Bilinear pairings
Verifiable outsourcing
Pairing-based cryptography日期 2020 上傳時間 2-九月-2020 12:14:48 (UTC+8) 摘要 近年來,隨著手機、智慧手錶等手持裝置的大量增加,再加上雲端運算的發展,將複雜的計算外包的技術,已得到廣泛的關注。儘管將複雜的計算外包可以帶來許多好處且提升效能,且使用者端只需要接收由雲端伺服器回傳的計算結果即可。但外包的過程與方法,經常牽涉到安全問題與挑戰。例如:計算任務通常涉及個人資訊,是否需要透露給雲端服務器?若雲端伺服器無法完全信任,即產生資訊安全問題;若雲端服務器返回無效或錯誤結果,但外包使用者可能無法檢測到錯誤,即達成攻擊目的。在密碼學的研究中,一項非常重要的技術是“基於配對的密碼學”(Pairing-based cryptography)。它的作法是根據加法群(additive group)G1中的一個元素的和加法群G2中的一個元素,進行映射(mapping),生成乘法群G中的一个元素。配對(pairing)在密碼學領域中被廣泛使用,配對的計算相當消耗資源。因此外包計算配對的方法廣受關注,Ren等人在2016年提出了一項方案。此方案提出了一種基於兩個不受信任伺服器的雙線性配對的安全可驗證外包演算法,提高了外包配對的可驗證性。但是該方案的缺點是存在針對可驗證性的攻擊方法。 在2017年,Osmanbey Uzunkol等人提出了攻擊方法。所以本文提出了一種改進的解決方案來防止攻擊。在本文中,我們首先介紹由Ren等人提出的可驗證的雙線性對外包演算法(verifiable outsourcing of bilinear pairings, VBP),然後介紹由Osmanbey Uzunkol等人提出的該算法的攻擊方法。最後,我們提出了改進的演算法,並證明它在保護用戶資訊上是安全的。
In recent years, with the massive increase in handheld devices such as mobile phones and smart watches, coupled with the development of cloud computing, the technology of outsourcing complex computing has received widespread attention.Although outsourcing complex calculations can bring many benefits and improve performance, the user only needs to receive the calculation results returned by the cloud server. However, outsourcing processes and methods often involve security issues and challenges. For example: computing tasks usually involve personal information, do they need to be disclosed to cloud servers? If the cloud server can’t be fully trusted, information security issues will arise; if the cloud server returns an invalid or erroneous result, but the outsourced user may not be able to detect the error, the attack goal is achieved.In the research of cryptography, a very important technique is “pairing-based cryptography “. Its method is based on an element in the additive group G1 and an element in the additive group G2 to perform mapping to generate an element in the multiplicative group G. Pairing is widely used in the field of cryptography and pairing operations are resource-consuming. So, the method of outsourcing pairing calculation has attracted much attention, and Ren et al. proposed a scheme in 2016. It proposes a secure verifiable outsourcing algorithm of single bilinear pairing based on two untrusted servers, and improved verifiability of outsourcing. But the disadvantage of this scheme is existing attack method for verifiability. The attack method proposed by Osmanbey Uzunkol et al. in 2017. So, this paper proposes a improved solution to prevent attacks.In this paper, we first introduce the algorithm for verifiable outsourcing of bilinear pairings proposed by Ren et al., then presents attack methods of this algorithm proposed by Osmanbey Uzunkol et al. Final, we present our method to improve the algorithm and show it is security for protecting user’s information.參考文獻 [1] Ren, Y., Ding, N., Wang, T., Lu, H., & Gu, D. (2016). New algorithms for verifiable outsourcing of bilinear pairings. Science China Information Sciences, 59(9), 99103.[2] Uzunkol, O., Kalkar, Ö., & Sertkaya, I. (2017). Fully Verifiable Secure Delegation of Pairing Computation: Cryptanalysis and An Efficient Construction. IACR Cryptol. ePrint Arch., 2017, 1173.[3] Yang, P., Cao, Z., & Dong, X. (2008). Fuzzy Identity Based Signature. IACR Cryptol. ePrint Arch., 2008, 2.[4] Boneh, D., & Franklin, M. (2001, August). Identity-based encryption from the Weil pairing. In Annual international cryptology conference (pp. 213-229). Springer, Berlin, Heidelberg.[5] Menezes, A. (2009). An introduction to pairing-based cryptography. Recent trends in cryptography, 477, 47-65.[6] Atallah, M. J., Pantazopoulos, K. N., Rice, J. R., & Spafford, E. E. (2002). Secure outsourcing of scientific computations. In advances in computers (Vol. 54, pp. 215-272). Elsevier.[7] Chen, X., Li, J., Ma, J., Tang, Q., & Lou, W. (2013). New algorithms for secure outsourcing of modular exponentiations. IEEE Transactions on Parallel and Distributed Systems, 25(9), 2386-2396.[8] Wang, C., Ren, K., & Wang, J. (2011, April). Secure and practical outsourcing of linear programming in cloud computing. In 2011 Proceedings Ieee Infocom (pp. 820-828). IEEE.[9] Hohenberger, S., & Lysyanskaya, A. (2005, February). How to securely outsource cryptographic computations. In Theory of Cryptography Conference (pp. 264-282). Springer, Berlin, Heidelberg.[10] Gennaro, R., Gentry, C., & Parno, B. (2010, August). Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In Annual Cryptology Conference (pp. 465-482). Springer, Berlin, Heidelberg.[11] Chung, K. M., Kalai, Y., & Vadhan, S. (2010, August). Improved delegation of computation using fully homomorphic encryption. In Annual Cryptology Conference (pp. 483-501). Springer, Berlin, Heidelberg.[12] Boneh, D., Lynn, B., & Shacham, H. (2001, December). Short signatures from the Weil pairing. In International conference on the theory and application of cryptology and information security (pp. 514-532). Springer, Berlin, Heidelberg.[13] Yoon, E. J., Lee, W. S., & Yoo, K. Y. (2007, May). Secure remote user authentication scheme using bilinear pairings. In IFIP International Workshop on Information Security Theory and Practices (pp. 102-114). Springer, Berlin, Heidelberg.[14] Galbraith, S. D., Paterson, K. G., & Smart, N. P. (2008). Pairings for cryptographers. Discrete Applied Mathematics, 156(16), 3113-3121.[15] Chen, X., Susilo, W., Li, J., Wong, D. S., Ma, J., Tang, S., & Tang, Q. (2015). Efficient algorithms for secure outsourcing of bilinear pairings. Theoretical Computer Science, 562, 112-121.[16] Li, J., Au, M. H., Susilo, W., Xie, D., & Ren, K. (2010, April). Attribute-based signature and its applications. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (pp. 60-69).[17] Dong, M., Ren, Y., & Zhang, X. (2017). Fully Verifiable Algorithm for Secure Outsourcing of Bilinear Pairing in Cloud Computing. KSII Transactions on Internet & Information Systems, 11(7). 描述 碩士
國立政治大學
資訊科學系
104753027資料來源 http://thesis.lib.nccu.edu.tw/record/#G0104753027 資料類型 thesis dc.contributor.advisor 左瑞麟 zh_TW dc.contributor.advisor Tso, Ray-Lin en_US dc.contributor.author (作者) 林哲偉 zh_TW dc.contributor.author (作者) Lin, Jhe-Wei en_US dc.creator (作者) 林哲偉 zh_TW dc.creator (作者) Lin, Jhe-Wei en_US dc.date (日期) 2020 en_US dc.date.accessioned 2-九月-2020 12:14:48 (UTC+8) - dc.date.available 2-九月-2020 12:14:48 (UTC+8) - dc.date.issued (上傳時間) 2-九月-2020 12:14:48 (UTC+8) - dc.identifier (其他 識別碼) G0104753027 en_US dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/131628 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 資訊科學系 zh_TW dc.description (描述) 104753027 zh_TW dc.description.abstract (摘要) 近年來,隨著手機、智慧手錶等手持裝置的大量增加,再加上雲端運算的發展,將複雜的計算外包的技術,已得到廣泛的關注。儘管將複雜的計算外包可以帶來許多好處且提升效能,且使用者端只需要接收由雲端伺服器回傳的計算結果即可。但外包的過程與方法,經常牽涉到安全問題與挑戰。例如:計算任務通常涉及個人資訊,是否需要透露給雲端服務器?若雲端伺服器無法完全信任,即產生資訊安全問題;若雲端服務器返回無效或錯誤結果,但外包使用者可能無法檢測到錯誤,即達成攻擊目的。在密碼學的研究中,一項非常重要的技術是“基於配對的密碼學”(Pairing-based cryptography)。它的作法是根據加法群(additive group)G1中的一個元素的和加法群G2中的一個元素,進行映射(mapping),生成乘法群G中的一个元素。配對(pairing)在密碼學領域中被廣泛使用,配對的計算相當消耗資源。因此外包計算配對的方法廣受關注,Ren等人在2016年提出了一項方案。此方案提出了一種基於兩個不受信任伺服器的雙線性配對的安全可驗證外包演算法,提高了外包配對的可驗證性。但是該方案的缺點是存在針對可驗證性的攻擊方法。 在2017年,Osmanbey Uzunkol等人提出了攻擊方法。所以本文提出了一種改進的解決方案來防止攻擊。在本文中,我們首先介紹由Ren等人提出的可驗證的雙線性對外包演算法(verifiable outsourcing of bilinear pairings, VBP),然後介紹由Osmanbey Uzunkol等人提出的該算法的攻擊方法。最後,我們提出了改進的演算法,並證明它在保護用戶資訊上是安全的。 zh_TW dc.description.abstract (摘要) In recent years, with the massive increase in handheld devices such as mobile phones and smart watches, coupled with the development of cloud computing, the technology of outsourcing complex computing has received widespread attention.Although outsourcing complex calculations can bring many benefits and improve performance, the user only needs to receive the calculation results returned by the cloud server. However, outsourcing processes and methods often involve security issues and challenges. For example: computing tasks usually involve personal information, do they need to be disclosed to cloud servers? If the cloud server can’t be fully trusted, information security issues will arise; if the cloud server returns an invalid or erroneous result, but the outsourced user may not be able to detect the error, the attack goal is achieved.In the research of cryptography, a very important technique is “pairing-based cryptography “. Its method is based on an element in the additive group G1 and an element in the additive group G2 to perform mapping to generate an element in the multiplicative group G. Pairing is widely used in the field of cryptography and pairing operations are resource-consuming. So, the method of outsourcing pairing calculation has attracted much attention, and Ren et al. proposed a scheme in 2016. It proposes a secure verifiable outsourcing algorithm of single bilinear pairing based on two untrusted servers, and improved verifiability of outsourcing. But the disadvantage of this scheme is existing attack method for verifiability. The attack method proposed by Osmanbey Uzunkol et al. in 2017. So, this paper proposes a improved solution to prevent attacks.In this paper, we first introduce the algorithm for verifiable outsourcing of bilinear pairings proposed by Ren et al., then presents attack methods of this algorithm proposed by Osmanbey Uzunkol et al. Final, we present our method to improve the algorithm and show it is security for protecting user’s information. en_US dc.description.tableofcontents 摘要 iAbstract ii第一章 介紹 1第二章 相關背景與定義 32.1 基於配對的密碼學 32.2 雙線性配對 32.3 外包計算 42.4 外包演算法的正式安全定義 52.5 系統模型 10第三章 VBP演算法 12第四章 VBP演算法的攻擊 15第五章 VBP改進演算法 19第六章 分析與證明 246.1 單一惡意模型(One-malicious model) 246.2 效能比較 246.3 安全性證明 256.4 正確性證明 266.5 驗證流程 27第七章 實作結果 31第八章 結論 32參考文獻 33 zh_TW dc.format.extent 2223442 bytes - dc.format.mimetype application/pdf - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0104753027 en_US dc.subject (關鍵詞) 雙線性配對 zh_TW dc.subject (關鍵詞) 可驗證的外包 zh_TW dc.subject (關鍵詞) 基於配對的加密 zh_TW dc.subject (關鍵詞) Bilinear pairings en_US dc.subject (關鍵詞) Verifiable outsourcing en_US dc.subject (關鍵詞) Pairing-based cryptography en_US dc.title (題名) 可驗證外包雙線性配對的改善與安全性分析 zh_TW dc.title (題名) Security analysis and improvement of a verifiable outsourcing of bilinear pairing scheme. en_US dc.type (資料類型) thesis en_US dc.relation.reference (參考文獻) [1] Ren, Y., Ding, N., Wang, T., Lu, H., & Gu, D. (2016). New algorithms for verifiable outsourcing of bilinear pairings. Science China Information Sciences, 59(9), 99103.[2] Uzunkol, O., Kalkar, Ö., & Sertkaya, I. (2017). Fully Verifiable Secure Delegation of Pairing Computation: Cryptanalysis and An Efficient Construction. IACR Cryptol. ePrint Arch., 2017, 1173.[3] Yang, P., Cao, Z., & Dong, X. (2008). Fuzzy Identity Based Signature. IACR Cryptol. ePrint Arch., 2008, 2.[4] Boneh, D., & Franklin, M. (2001, August). Identity-based encryption from the Weil pairing. In Annual international cryptology conference (pp. 213-229). Springer, Berlin, Heidelberg.[5] Menezes, A. (2009). An introduction to pairing-based cryptography. Recent trends in cryptography, 477, 47-65.[6] Atallah, M. J., Pantazopoulos, K. N., Rice, J. R., & Spafford, E. E. (2002). Secure outsourcing of scientific computations. In advances in computers (Vol. 54, pp. 215-272). Elsevier.[7] Chen, X., Li, J., Ma, J., Tang, Q., & Lou, W. (2013). New algorithms for secure outsourcing of modular exponentiations. IEEE Transactions on Parallel and Distributed Systems, 25(9), 2386-2396.[8] Wang, C., Ren, K., & Wang, J. (2011, April). Secure and practical outsourcing of linear programming in cloud computing. In 2011 Proceedings Ieee Infocom (pp. 820-828). IEEE.[9] Hohenberger, S., & Lysyanskaya, A. (2005, February). How to securely outsource cryptographic computations. In Theory of Cryptography Conference (pp. 264-282). Springer, Berlin, Heidelberg.[10] Gennaro, R., Gentry, C., & Parno, B. (2010, August). Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In Annual Cryptology Conference (pp. 465-482). Springer, Berlin, Heidelberg.[11] Chung, K. M., Kalai, Y., & Vadhan, S. (2010, August). Improved delegation of computation using fully homomorphic encryption. In Annual Cryptology Conference (pp. 483-501). Springer, Berlin, Heidelberg.[12] Boneh, D., Lynn, B., & Shacham, H. (2001, December). Short signatures from the Weil pairing. In International conference on the theory and application of cryptology and information security (pp. 514-532). Springer, Berlin, Heidelberg.[13] Yoon, E. J., Lee, W. S., & Yoo, K. Y. (2007, May). Secure remote user authentication scheme using bilinear pairings. In IFIP International Workshop on Information Security Theory and Practices (pp. 102-114). Springer, Berlin, Heidelberg.[14] Galbraith, S. D., Paterson, K. G., & Smart, N. P. (2008). Pairings for cryptographers. Discrete Applied Mathematics, 156(16), 3113-3121.[15] Chen, X., Susilo, W., Li, J., Wong, D. S., Ma, J., Tang, S., & Tang, Q. (2015). Efficient algorithms for secure outsourcing of bilinear pairings. Theoretical Computer Science, 562, 112-121.[16] Li, J., Au, M. H., Susilo, W., Xie, D., & Ren, K. (2010, April). Attribute-based signature and its applications. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (pp. 60-69).[17] Dong, M., Ren, Y., & Zhang, X. (2017). Fully Verifiable Algorithm for Secure Outsourcing of Bilinear Pairing in Cloud Computing. KSII Transactions on Internet & Information Systems, 11(7). zh_TW dc.identifier.doi (DOI) 10.6814/NCCU202001696 en_US