CN101710879B - Novel confidential mail forwarding system based on identity - Google Patents
Novel confidential mail forwarding system based on identityDownload PDFInfo
- Publication number
- CN101710879B CN101710879BCN2009100006967ACN200910000696ACN101710879BCN 101710879 BCN101710879 BCN 101710879BCN 2009100006967 ACN2009100006967 ACN 2009100006967ACN 200910000696 ACN200910000696 ACN 200910000696ACN 101710879 BCN101710879 BCN 101710879B
- Authority
- CN
- China
- Prior art keywords
- user
- private key
- privacy enhanced
- system parameters
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
Description
Translated fromChinese技术领域technical field
本发明一般涉及用于邮件系统的加密、重加密、转发及解密,更具体地说,涉及使用基于身份的代理重加密体制作为密码学工具进而实现保密邮件的转发。The present invention generally relates to encryption, re-encryption, forwarding and decryption for mail systems, and more specifically relates to the use of an identity-based proxy re-encryption system as a cryptographic tool to realize forwarding of confidential mail.
术语解释Terminology Explanation
保密邮件的含义:邮件内容是经过加密的。The meaning of confidential mail: the content of the mail is encrypted.
基于身份的含义:加密密钥就是目标邮件地址本身(正因为如此,该系统不需要公钥基础设施PKI),但是解密密钥则是由一个可信任的私钥生成中心(PKG)为每个注册用户生成的。Identity-based meaning: the encryption key is the target email address itself (and because of this, the system does not require a public key infrastructure, PKI), but the decryption key is created by a trusted private key generator (PKG) for each Generated by registered users.
保密邮件转发的含义:本来是发给用户A(比如经理)的保密邮件,由于某些原因(比如出差等),A顾不上解密并处理此邮件;但是A在此之前开启了自动转发服务,希望将自己的秘密邮件转发给另外一个用户B(比如副经理)进行处理。同时,该系统有以下要求:The meaning of confidential email forwarding: It was originally a confidential email sent to user A (such as a manager). Due to some reasons (such as business trips, etc.), A did not care about decrypting and processing this email; but before that, A opened the automatic forwarding service , hoping to forward his secret email to another user B (such as the deputy manager) for processing. At the same time, the system has the following requirements:
第一,A并不希望将自己的解密密钥直接交给B,也不希望给B生成代理解密密钥;First, A does not want to hand over his decryption key directly to B, nor does he want to generate a proxy decryption key for B;
第二,该邮件必须仍然以某种密文的形式转发;Second, the email must still be forwarded in some sort of ciphertext;
第三,该转发下作可以由一个半可信机构(比如A的秘书或者邮件服务器本身)来完成,该半可信机构称为代理Proxy。Third, the forwarding operation can be done by a semi-trusted organization (such as A's secretary or the mail server itself), and this semi-trusted organization is called a proxy Proxy.
背景技术Background technique
1984年,shamir提出了基于身份的公钥加密(IBE)系统的思想,其核心目的就是去除对公钥基础设置PKI的依赖。In 1984, Shamir proposed the idea of an identity-based public key encryption (IBE) system, whose core purpose is to remove the dependence on the public key infrastructure PKI.
1998年,Barak等人提出了代理重加密(PRE)的设想,其核心目标就是由一个半可信的机构Proxy将用户A的密文转换为用户B的密文,从而用户B可以直接用自己的私钥来解密。代理重加密要求执行这个转换工作的Proxy既不能或者所转换的密文对应的明文信息,也不能获知A或者B的私钥信息。因此,先用A的私钥进行解密再用B的公钥进行加密的途径是无效的实现。In 1998, Barak et al. proposed the idea of proxy re-encryption (PRE). Its core goal is to convert user A's ciphertext into user B's ciphertext by a semi-trusted agency Proxy, so that user B can directly use his own private key to decrypt. Proxy re-encryption requires that the Proxy that performs this conversion work can neither know the plaintext information corresponding to the converted ciphertext nor know the private key information of A or B. Therefore, the method of first decrypting with A's private key and then encrypting with B's public key is an invalid implementation.
2001年,Boneh等人基于双线性配对设计了第一个高效实用的基于身份的加密方案。In 2001, Boneh et al. designed the first efficient and practical identity-based encryption scheme based on bilinear pairing.
2007年,Green等人设计了基于身份的代理重加密方案。In 2007, Green et al. designed an identity-based proxy re-encryption scheme.
正是在这样的背景下,我们提出本发明。旨在提出一种基于身份的保密邮件转发方法和系统。It is against this background that we propose the present invention. The purpose is to propose an identity-based secure mail forwarding method and system.
发明内容Contents of the invention
本发明实施例提供了一种基于身份的保密邮件转发方法和系统。所述技术方案如下:The embodiment of the present invention provides an identity-based confidential email forwarding method and system. Described technical scheme is as follows:
(1)根据系统安全性要求选择系统参数,并根据所述系统参数生成PKG所需参数<G1,G2,ê,h,H,p,q,P,P0,s>,包括两个工作群G1(生成元P)和G2,双线性映射ê(定义从G1×G1到G2上的),抗碰撞的Hash函数h,Map-to-point函数H,大素数p和q,PKG的主私钥s及其公钥P0。(1) Select system parameters according to system security requirements, and generate PKG required parameters <G1 , G2 , ê, h, H, p, q, P, P0 , s> according to the system parameters, including two Work groups G1 (generator P) and G2 , bilinear map ê (defined from G1 ×G1 to G2 ), anti-collision Hash function h, Map-to-point function H, large Prime numbers p and q, PKG's master private key s and its public key P0 .
(2)用户在PKG处注册自己邮件地址IDU,通过离线的物理方式确定用户的真实身份,然后生成所对应的解密密钥,再通过离线的安全的方式发送给用户;(2) The user registers his email address IDU at the PKG, determines the user's real identity through offline physical means, then generates the corresponding decryption key, and then sends it to the user in an offline secure manner;
(3)用户x发送邮件给A,首先获得A的邮件地址IDA,计算A的公钥,把邮件内容与生成的随机数字串连后用公钥加密后发送。(3) User x sends an email to A, first obtains A's email address IDA , calculates A's public key, concatenates the email content with the generated random number, encrypts it with the public key, and sends it.
(4)用户A希望发给自己的密码邮件转发给系统内的另外一个用户B去处理,用户A还要根据自己的私钥和用户B的公钥生成重加密密钥,把该密钥发送给一个半可信机构Proxy。(4) User A wants to forward the password email sent to him to another user B in the system for processing. User A also needs to generate a re-encryption key based on his private key and user B's public key, and send the key to Give a semi-trusted agency Proxy.
(5)当系统内某用户A开启邮件转发服务后,凡是发给A的秘密邮件都直接转发给Proxy(例如A的秘书或者邮件服务器)。拥有重加密密钥Proxy在获得用户A的原始秘密邮件后,进行二次加密,然后通过公开信道转发给系统内用户B。(5) When a user A in the system starts the email forwarding service, all secret emails sent to A are directly forwarded to the Proxy (such as A's secretary or mail server). After obtaining the original secret email of user A, Proxy with the re-encryption key performs secondary encryption, and then forwards it to user B in the system through an open channel.
(6)若系统内某用户收到密码邮件是一级加密邮件,用自己的解密密钥进行解密;(6) If a user in the system receives a password email that is a first-level encrypted email, use his own decryption key to decrypt it;
(7)若是二级加密邮件,首先验证是否有效的二级密文,再对其进行解密。(7) If it is a second-level encrypted email, first verify whether it is a valid second-level ciphertext, and then decrypt it.
本发明实施例还提供了一种基于辫群的传递数字签名系统,所述系统包括:The embodiment of the present invention also provides a transfer digital signature system based on braid group, the system includes:
(1)系统参数生成模块,用于根据系统安全性要求选择合适的系统参数,并根据所述系统参数生成PKG所需参数<G1,G2,ê,h,H,p,q,P,P0,s>;(1) System parameter generation module, used to select appropriate system parameters according to system security requirements, and generate PKG required parameters <G1 , G2 , ê, h, H, p, q, P according to the system parameters , P0 , s>;
(2)用户注册模块,注册用户,并获得用户邮件地址相对应的解密密钥;(2) The user registration module registers the user and obtains the decryption key corresponding to the user's email address;
(3)邮件加密模块,计算邮件接收者的公钥,生成邮件和附加信息,加密后发送;(3) mail encryption module, which calculates the public key of the mail receiver, generates mail and additional information, and sends them after encryption;
(4)重加密密钥生成模块,计算进行二次加密时的重加密密钥,并发送给半信任的Proxy;(4) The re-encryption key generation module calculates the re-encryption key when performing secondary encryption, and sends it to the semi-trusted Proxy;
(5)邮件重加密及转发模块,对需要进行转发的秘密邮件进行加密并转发;(5) Mail re-encryption and forwarding module, which encrypts and forwards secret mails that need to be forwarded;
(6)加密邮件解密模块,根据邮件加密的次数,选择不同的解密方法对其解密。(6) The encrypted mail decryption module selects different decryption methods to decrypt the mail according to the number of encrypted mails.
本发明实施例提供的技术方案的有益效果是:The beneficial effects of the technical solution provided by the embodiments of the present invention are:
适合一个高度机密的机构之内的工作邮件系统。PKG可以是该机构的最高指挥官(比如总裁等),Proxy可以有一个(比如邮件服务器),或者多个(比如每个领导的秘书)。Suitable for work email systems within a highly confidential organization. PKG can be the highest commander of the organization (such as the president, etc.), and there can be one Proxy (such as a mail server), or multiple (such as the secretary of each leader).
附图说明Description of drawings
图1是本发明实施例提供的一种基于身份的保密邮件转发方法流程图;FIG. 1 is a flow chart of an identity-based confidential email forwarding method provided by an embodiment of the present invention;
图2是本发明实施例提供的一种基于身份的保密邮件转发系统示意图。Fig. 2 is a schematic diagram of an identity-based confidential mail forwarding system provided by an embodiment of the present invention.
具体实施方式Detailed ways
为使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明实施方式作进一步地详细描述。In order to make the object, technical solution and advantages of the present invention clearer, the implementation manner of the present invention will be further described in detail below in conjunction with the accompanying drawings.
参见图1,本实施例提供了一种基于身份的保密邮件转发方法,该方法包括以下步骤:Referring to Fig. 1, the present embodiment provides a method for forwarding confidential emails based on identity, the method includes the following steps:
步骤101:选择系统参数,具体选择的系统参数如下:Step 101: Select system parameters, the specific selected system parameters are as follows:
首先,由密钥的生成中心,即PKG,按照如下方式选定工作群G1和G2,G1的某个生成元P,以及定义从G1×G1到G2上的双线性映别ê;First, the key generation center, namely PKG, selects the working groups G1 and G2 as follows, a certain generator P of G1 , and defines the bilinear from G1 ×G1 to G2 Ying Bie ê;
(1)选一个大素数p满足p=2 mod 3并且p=6q-1,对某个素数q。令E是由方程y2=x3+1定义在有限域GL(p)上的椭圆曲线,令P是E/GL(p)中的一个q阶元素,令群G1=<P>,即由P生成的椭圆曲线上的加法群。(1) Choose a large prime number p satisfying p=2 mod 3 and p=6q-1, for a certain prime number q. Let E be an elliptic curve defined by the equation y2 =x3 +1 over a finite field GL(p), let P be an element of order q in E/GL(p), let the group G1 =<P>, That is, the additive group on the elliptic curve generated by P.
(2)令1≠ζ∈GL(p2)是方程x3-1=0 mod p的一个解,令映射φ(x,y)=(ζx,y)。记由<P,φ(P)>生成的群为E[q]。再令G2是GL(p2)中所有阶为q的元素组成的集合(可以证明该集合为GL(p2)的乘法子群),e:E[q]×E[q]→G2是定义在E/GL(p2)上的Weil配对,则修正的Weil配对ê定义为:ê(P,Q)=e(P,φ(Q))。易证,如此定义的ê满足双线性性、非退化性和可计算性。(2) Let 1≠ζ∈GL(p2 ) be a solution of the equation x3 −1=0 mod p, let the mapping φ(x, y)=(ζx, y). Record the group generated by <P, φ(P)> as E[q]. Let G2 be the set of all elements of order q in GL(p2 ) (it can be proved that this set is a multiplicative subgroup of GL(p2 ), e: E[q]×E[q]→G2 is the Weil pairing defined on E/GL(p2 ), then the modified Weil pairing ê is defined as: ê(P, Q)=e(P, φ(Q)). It is easy to prove that ê so defined satisfies bilinearity, non-degenerateness and computability.
其次,PKG从Zq*中随机选择主密钥s,并令P0=[s]P。Second, PKG randomly selects the master key s from Zq* , and sets P0 =[s]P.
再次,PKG选定如下两个Hash函数:h和HAgain, PKG selects the following two Hash functions: h and H
(1)h是任意一个抗碰撞的Hash函数。考虑到目前MD5和SHA-1的碰撞均已发现,建议取h为SHA-256。(1) h is any collision-resistant Hash function. Considering that collisions between MD5 and SHA-1 have been found, it is recommended to take h as SHA-256.
(2)H:{0,1}*→G1为Map-to-point函数,它映任意身份ID为G1中的某个元素,其计算过程如下:先计算y=h(ID)mod p,这里ID为表示用户身份的二进制串;如果y=0或1,则在ID后面添加一个比特0,再次进行上述计算,直到出现的y不等于0也不等于1为止。再计算x=(y2-1)(2p-1)/3 mod p。然后令H(ID)=(x,y)为G1中的点。(2) H: {0, 1}* → G1 is a Map-to-point function, which maps any identity ID to an element in G1 , and its calculation process is as follows: first calculate y=h(ID)mod p, where ID is a binary string representing the identity of the user; if y=0 or 1, add a bit 0 after the ID, and perform the above calculation again until y that appears is not equal to 0 or 1. Then calculate x=(y2 -1)(2p-1)/3 mod p. Then let H(ID)=(x,y) be the points inG1 .
最后,PKG公布<G1,G2,ê,h,H,p,q,P,P0>,系统参数设定结束。Finally, PKG announces <G1 , G2 , ê, h, H, p, q, P, P0 >, and the system parameter setting ends.
步骤102:用户注册,具体过程为:Step 102: user registration, the specific process is:
首先,需要注册的用户U,选择自己喜欢的邮件地址IDU。然后通过公开信道发送IDU给PKG,请求注册,并请求PKG为其颁发解密密钥。First of all, the user U who needs to register chooses his favorite email address IDU. Then send IDU to PKG through an open channel, request registration, and request PKG to issue a decryption key for it.
其次,PKG在收到用户U的IDU之后,先通过离线的物理的方式确认用户U的真实身份。然后,PKG现计算QU=H(IDU),再计算SU=[s]QU,最后又以离线的并且是安全的方式将SU发送给用户U。Secondly, after receiving the IDU of the user U, the PKG first confirms the real identity of the user U through offline physical means. Then, PKG now calculates QU =H(IDU ), then calculates SU =[s]QU , and finally sends SU to user U in an off-line and secure manner.
步骤103:邮件加密,具体过程为:Step 103: email encryption, the specific process is:
假设系统内或者系统外的某个用户X想发送一封秘密邮件M给系统内某个用户A,则X首先要获得A的邮件地址IDA。然后,X按照如下方式生成秘密邮件C:Assuming that a certain user X in the system or outside the system wants to send a secret email M to a certain user A in the system, X must first obtain A's email address IDA . Then, X generates secret email C as follows:
(1)X计算用户A的公钥QA=H(IDA);(1) X calculates the public key Q A of userA = H(IDA );
(2)X选择一个随即数D,这里要求D的二进制长度L固定,且不能太小,要求1/(2^L)为一个可忽略的量,比如取L=80;(2) X selects a random number D, where the binary length L of D is required to be fixed, and cannot be too small, and 1/(2^L) is required to be a negligible amount, such as L=80;
(3)X将邮件M和d串接起来,即E=M‖D;(3) X concatenates mails M and d, that is, E=M∥D;
(4)X计算r=h(E)mod q;(4) X calculates r=h(E)mod q;
(5)X计算C1=[r]P,Q=[r]QA;(5) X calculation C1 =[r]P, Q=[r]QA ;
(6)X计算f=ê(P0,Q) mod q;(6) X calculates f=ê(P0 , Q) mod q;
(7)X计算C2=Ef mod p;(7) X calculation C2 =Ef mod p;
(8)X令C=(C1,C2),并把C通过公开信道发送给用户A。(8) X sets C=(C1 , C2 ), and sends C to user A through an open channel.
步骤104:重加密密钥生成,具体过程为:Step 104: re-encryption key generation, the specific process is:
假设系统内的某个用户A希望发给自己的秘密邮件转发给系统内的另外一个用户B去处理。用户A按照如下方式生成重加密密钥:Assume that a certain user A in the system wants to forward the secret email sent to him to another user B in the system for processing. User A generates a re-encryption key as follows:
(1)A计算B的公钥QB=H(1DB);(1) A calculates B's public key QB =H(1DB );
(2)A选择一个随机数X;(2) A chooses a random number X;
(3)A计算r=h(X)mod q;(3) A calculates r=h(X) mod q;
(4)A计算R1=[r]P,Q=[r]QB;(4) A calculates R1 =[r]P, Q=[r]QB ;
(5)A计算f=ê(P0,Q) mod q;(5) A calculates f=ê(P0 , Q) mod q;
(6)A计算R2=Xf mod p;(6) A calculates R2 =Xf mod p;
(7)A计算rx=h(X)mod q;(7) A calculates rx = h(X) mod q;
(8)A计算R3=[rx]P-SA;(8) A calculates R3=[rx ]P-SA;
(9)A令重加密密钥RKA2B=(R1,R2,R3),并将RKA2B通过安全信道发送给半可信机构Proxy(例如A的秘书或者邮件服务器)。(9) A makes the re-encryption key RKA2B = (R1 , R2 , R3 ), and sends RKA2B to the semi-trusted organization Proxy (such as A's secretary or mail server) through a secure channel.
步骤105:邮件重加密及转发,具体过程为:Step 105: Email re-encryption and forwarding, the specific process is:
当系统内某用户A开启邮件转发服务后,凡是发给A的秘密邮件都直接转发给Proxy(例如A的秘书或者邮件服务器)。拥有重加密密钥RKA2B的Proxy在获得用户A的原始秘密邮件(称为一级加密邮件)C=(C1,C2)后,执行下列操作:When a user A in the system activates the email forwarding service, all secret emails sent to A are directly forwarded to the Proxy (such as A's secretary or mail server). Proxy with re-encryption key RKA2B performs the following operations after obtaining user A's original secret email (called first-level encrypted email) C=(C1 , C2 ):
(1)计算f=ê(C1,R3) mod q;(1) Calculate f=ê(C1 , R3 ) mod q;
(2)计算C2’=(C2)f mod p;(2) Calculate C2 '=(C2 )f mod p;
(3)令C’=(C1,C2’,R1,R2)为二级加密邮件,并将其通过公开信道转发给系统内用户B。(3) Let C'=(C1 , C2 ', R1 , R2 ) be the second-level encrypted email, and forward it to user B in the system through an open channel.
步骤106:一级加密邮件解密,具体过程为:Step 106: decrypt the first-level encrypted email, the specific process is:
如果系统内某用户U收到的秘密邮件是一级加密邮件,即未经过重加密的邮件C=(C1,C2),则执行如下解密步骤:If the secret email received by a certain user U in the system is a first-level encrypted email, that is, the email C=(C1 , C2 ) that has not been re-encrypted, then the following decryption steps are performed:
(1)U计算f=ê(C1,SU) mod q,其中SU是用户U自己的解密密钥;(1) U calculates f=ê(C1 , SU ) mod q, where SU is user U's own decryption key;
(2)U计算E=(C2)-f mod q mod p;(2) U calculates E=(C2 )-f mod q mod p;
(3)U从E中先取出后面L位,记为D,其余记为M;(3) U first takes out the last L bit from E, which is recorded as D, and the rest are recorded as M;
(4)U计算r=h(E)mod q;(4) U calculates r=h(E)mod q;
(5)U计算并验证等式[r]P=C1是否成立:如果不成立,则说明C是一个无效的一级密文(可能发送途中被篡改或者有传输错误发生);否则,说明C是有效的一级密文,而对应计算出的M就是有效的解密后的原始邮件。(5) U calculates and verifies whether the equation [r]P=C1 is true: if it is not true, it means that C is an invalid first-level ciphertext (it may be tampered with during transmission or a transmission error occurs); otherwise, it means that C is an effective first-level ciphertext, and the corresponding calculated M is an effective decrypted original email.
步骤107:二级加密邮件解密,具体过程为:Step 107: decrypt the second-level encrypted email, the specific process is:
如果系统内某用户U收到的秘密邮件是二级加密邮件,即经过重加密的邮件C=(C1,C2’,R1,R2),则执行如下加密步骤:If the secret email received by a user U in the system is a second-level encrypted email, that is, the re-encrypted email C=(C1 , C2 ', R1 , R2 ), the following encryption steps are performed:
(1)计算f=ê(R1,SU) mod q;(1) Calculate f=ê(R1 , SU ) mod q;
(2)计算X=(R2)1/f mod q mod p;(2) Calculate X=(R2 )1/f mod q mod p;
(3)计算rx=h(X)mod q;(3) Calculate rx = h(X) mod q;
(4)计算P’=[-rx]P;(4) Calculate P'=[-rx ]P;
(5)计算g=ê(C1,P′) mod q;(5) Calculate g=ê(C1 , P′) mod q;
(6)计算E=(C2’)g mod p;(6) Calculate E=(C2 ')g mod p;
(7)从E中先取出后面L位,记为D,其余记为M;(7) First take out the back L bit from E, record it as D, and record the rest as M;
(8)计算r=h(E)mod q;(8) calculate r=h(E) mod q;
(9)计算并验证等式[r]P=C1是否成立:如果不成立,则说明C是一个无效的二级密文(可能发送途中被篡改或者有传输错误发生或者重加密不正确);否则,说明C是有效的二级密文,而对应计算出的M就是有效的解密后的原始邮件。(9) Calculate and verify whether the equation [r]P=C1 is established: if it is not established, it means that C is an invalid secondary ciphertext (it may be tampered with during transmission or a transmission error occurs or the re-encryption is incorrect); otherwise , indicating that C is a valid secondary ciphertext, and the corresponding calculated M is a valid decrypted original email.
参见图2,本实施例提供了一种基于身份的保密邮件转发系统,包括:Referring to Fig. 2, the present embodiment provides an identity-based confidential mail forwarding system, including:
系统参数生成模块201,用于根据系统安全性要求选择合适的系统参数,并根据所述系统参数生成PKG(即私钥生成中心)所需的参数;The system parameter generating module 201 is used to select appropriate system parameters according to the system security requirements, and generate the required parameters of PKG (ie, the private key generation center) according to the system parameters;
用户注册模块202,注册用户,并获得用户邮件地址相对应的解密密钥;The
邮件加密模块203,计算邮件接收者的公钥,生成邮件和附加信息,加密后发送;Mail encryption module 203 calculates the public key of the mail receiver, generates mail and additional information, and sends them after encryption;
重加密密钥生成模块204,计算进行二次加密时的重加密密钥,并发送给半信任的Proxy;The re-encryption key generation module 204 calculates the re-encryption key when performing secondary encryption, and sends it to the semi-trusted Proxy;
邮件重加密及转发模块205,对需要进行转发的秘密邮件进行加密并转发;The mail re-encryption and forwarding module 205 encrypts and forwards the secret mails that need to be forwarded;
一级加密邮件解密模块206,对未经过重加密转发的加密邮件进行解密;The first-level encrypted email decryption module 206 is used to decrypt encrypted emails that have not been re-encrypted and forwarded;
二级加密邮件解密模块207,对经过重加密转发的加密邮件进行解密。The second-level encrypted email decryption module 207 decrypts the encrypted emails that have been re-encrypted and forwarded.
其中,系统参数生成模块201包括:Wherein, the system parameter generating module 201 includes:
系统参数选择单元,用于根据系统安全性要求选择合适的系统参数。这些参数均是需要公开的,主要包括两个工作群G1(生成元P)和G2,双线性映射ê(定义从G1×G1到G2上的),抗碰撞的Hash函数h,Map-to-point函数H,大素数p和q,以及PKG的公钥P0(由下面的主私钥选择单元生成);The system parameter selection unit is used for selecting appropriate system parameters according to system security requirements. These parameters need to be disclosed, mainly including two working groups G1 (generator P) and G2 , bilinear map ê (defined from G1 ×G1 to G2 ), anti-collision Hash function h, Map-to-point function H, large prime numbers p and q, and PKG's public key P0 (generated by the following master-private key selection unit);
主私钥选择单元,用于根据所述系统参数,选择主私钥(即私钥生成中心PKG的私钥)s,并根据主私钥计算PKG的公钥P0。主私钥s要保密,而PKG的公钥P0则作为系统参数之一而公开。The master private key selection unit is configured to select the master private key (ie, the private key of the private key generation center PKG) s according to the system parameters, and calculate the PKG public key P0 according to the master private key. The master private key s is to be kept secret, and the public key P0 of PKG is made public as one of the system parameters.
用户注册模块202包括:
注册申请单元,用于让需要注册的用户随意选择自己喜欢的邮件地址,并通过公开信道发生给PKG,请求注册;The registration application unit is used to allow users who need to register to choose their favorite email address at will, and send it to PKG through an open channel to request registration;
用户身份鉴别单元,用于让PKG在收到用户的注册申请之后,通过离线的物理的方式确认用户的真实身份;The user identity authentication unit is used to allow PKG to confirm the real identity of the user through offline physical means after receiving the user's registration application;
解密密钥生成单元,用户让PKG在确认用户的注册申请和相应的身份后,根据用户选择的邮件地址为用户生成解密密钥;Decryption key generation unit, the user asks PKG to generate a decryption key for the user according to the email address selected by the user after confirming the user's registration application and corresponding identity;
解密密钥颁发单元,用于让PKG将解密密钥生成单元所生产的解密密钥通过离线的安全的方式发送给用户。The decryption key issuing unit is configured to allow the PKG to send the decryption key produced by the decryption key generating unit to the user in an off-line secure manner.
邮件加密模块203包括:Mail encryption module 203 includes:
公钥生成单元,用于让欲发送加密邮件的用户(简称发送者,下同)根据邮件接收者(坚持接收者,下同)的邮件地址生成相应的加密公钥;The public key generation unit is used to allow the user who wants to send encrypted mail (abbreviated as the sender, the same below) to generate a corresponding encrypted public key according to the mail address of the mail receiver (the persistent receiver, the same below);
填充因子选择单元,用于让发送者根据所述系统参数,随机选择一个固定长度的二进制串做为本次邮件加密的填充因子;Fill factor selection unit, used to allow the sender to randomly select a fixed-length binary string as the fill factor for this email encryption according to the system parameters;
邮件封装单元,用于让发送者将欲加密的邮件跟所述填充因子封装起来;The mail encapsulation unit is used for allowing the sender to encapsulate the mail to be encrypted with the filling factor;
密文生成单元,用于让发送者根据所述系统参数、所述公钥、所述封装起来的邮件,生成相应密文;A ciphertext generation unit, configured to allow the sender to generate corresponding ciphertexts according to the system parameters, the public key, and the encapsulated mail;
密文发送单元,用户让发送者将所述,密文通过公开信道发生给接收者。In the ciphertext sending unit, the user asks the sender to send the ciphertext to the receiver through an open channel.
重加密密钥生成模块204包括:The re-encryption key generation module 204 includes:
代理公钥计算单元,用于让欲授权用户(即一级加密邮件的解密者)根据所述系统参数计算其所选中的被授权用户(即二级加密邮件的解密者)的公钥;The proxy public key calculation unit is used to allow the authorized user (i.e. the decryptor of the first-level encrypted email) to calculate the public key of the selected authorized user (i.e. the decryptor of the second-level encrypted email) according to the system parameters;
重加密密钥生成单元,用于让欲授权用户计算邮件重加密密钥;The re-encryption key generation unit is used to allow the authorized user to calculate the mail re-encryption key;
重加密密钥发生单元,用于让欲授权用户将所述重加密密钥通过安全信道发送给其所选中的一个半可信代理(例如欲授权用户的秘书或者邮件服务器等)。The re-encryption key generation unit is used to allow the user to be authorized to send the re-encryption key to a semi-trusted agent selected by him through a secure channel (such as the secretary of the user to be authorized or a mail server, etc.).
邮件重加密及转发模块205包括:The mail re-encryption and forwarding module 205 includes:
邮件重加密单元,用于让半可信代理将接收到的加密邮件进行重加密;The mail re-encryption unit is used to allow the semi-trusted agent to re-encrypt the received encrypted mail;
重加密邮件转发单元,用于让所述半可信代理将所述重加密后的邮件通过公开信道转发给被授权的用户(即二级加密邮件解密者)。The re-encrypted email forwarding unit is configured to allow the semi-trusted agent to forward the re-encrypted email to an authorized user (ie, a second-level encrypted email decryptor) through an open channel.
一级加密邮件解密模块206包括:Level 1 encrypted email decryption module 206 includes:
一级密文解密单元,用于让用户根据自己的私钥,对所接收到的一级加密邮件进行试解密,得到带填充的邮件明文;The first-level ciphertext decryption unit is used to allow the user to try to decrypt the received first-level encrypted email according to his own private key, and obtain the plaintext of the email with padding;
验证单元,用于让用户根据所述系统参数和所述带填充的邮件明文,验证原加密邮件的完整性;The verification unit is used to allow the user to verify the integrity of the original encrypted mail according to the system parameters and the plaintext of the filled mail;
邮件解封单元,用于让用户根据所述带有填充的邮件明文和所述填充方式,分离出填充因子和不带填充的邮件明文。The mail unpacking unit is configured to allow the user to separate the padding factor and the plain text of the mail without padding according to the plain text of the mail with padding and the filling method.
二级加密邮件解密模块207包括:The secondary encrypted email decryption module 207 includes:
二级密文解密单元,用于让用户根据自己的私钥,对所接收到的二级加密邮件进行试解密,得到带填充的邮件明文;The second-level ciphertext decryption unit is used to allow the user to try to decrypt the received second-level encrypted email according to his own private key, so as to obtain the plaintext of the email with padding;
验证单元,用于让用户根据所述系统参数和所述带填充的邮件明文,验证二级加密邮件的完整性;The verification unit is used to allow the user to verify the integrity of the secondary encrypted mail according to the system parameters and the plaintext of the filled mail;
邮件解封单元,用于让用户根据所述带有填充的邮件明文和所述填充方式,分离出填充因子和不带填充的邮件明文。The mail unpacking unit is configured to allow the user to separate the padding factor and the plain text of the mail without padding according to the plain text of the mail with padding and the filling method.
上述方案中的全部或部分步骤可以通过指令控制相应的硬件完成,该指令可以存储于存储介质中,存储介质,如计算机或服务器的硬盘和内存中。All or part of the steps in the above solutions can be completed by controlling corresponding hardware through instructions, and the instructions can be stored in a storage medium, such as a hard disk and memory of a computer or server.
以上所述仅为本发明的较佳实施例,并不用以限制本发明,凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included in the protection of the present invention. within range.
Claims (2)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009100006967ACN101710879B (en) | 2009-01-14 | 2009-01-14 | Novel confidential mail forwarding system based on identity |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009100006967ACN101710879B (en) | 2009-01-14 | 2009-01-14 | Novel confidential mail forwarding system based on identity |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101710879A CN101710879A (en) | 2010-05-19 |
| CN101710879Btrue CN101710879B (en) | 2012-05-02 |
Family
ID=42403640
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009100006967AExpired - Fee RelatedCN101710879B (en) | 2009-01-14 | 2009-01-14 | Novel confidential mail forwarding system based on identity |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101710879B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102404121B (en)* | 2011-11-30 | 2014-03-12 | 华为技术有限公司 | Ciphertext processing method, device and system |
| CN103384233B (en) | 2012-05-02 | 2017-06-20 | 华为技术有限公司 | Method, device and system for proxy conversion |
| CN103095462B (en)* | 2013-01-24 | 2015-10-28 | 中国科学院软件研究所 | Based on the data broadcast distribution guard method acting on behalf of re-encryption and safety chip |
| CN104639319B (en)* | 2013-11-10 | 2019-04-23 | 航天信息股份有限公司 | The proxy re-encryption method and system of identity-based |
| CN105187303B (en)* | 2015-10-27 | 2018-06-29 | 湖北工业大学 | The safety of electronic mail repeater system and method for a kind of anti-reverse-engineering |
| CN107360181A (en)* | 2017-08-02 | 2017-11-17 | 成都蓝码科技发展有限公司 | A kind of data encryption system and method based on id password |
| CN109450631A (en)* | 2018-12-27 | 2019-03-08 | 石更箭数据科技(上海)有限公司 | Key generation device and management system, data processing equipment, data transacting system |
| CN111368317B (en)* | 2020-03-04 | 2021-03-19 | 江苏经贸职业技术学院 | A computer data encryption system and method |
| CN113824702B (en)* | 2021-09-02 | 2024-02-02 | 积至(海南)信息技术有限公司 | Mail system based on IBE identity authentication technology |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101083524A (en)* | 2007-06-14 | 2007-12-05 | 腾讯科技(深圳)有限公司 | Method and system for encrypting and deciphering E-mail |
- 2009
- 2009-01-14CNCN2009100006967Apatent/CN101710879B/ennot_activeExpired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101083524A (en)* | 2007-06-14 | 2007-12-05 | 腾讯科技(深圳)有限公司 | Method and system for encrypting and deciphering E-mail |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101710879A (en) | 2010-05-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101710879B (en) | Novel confidential mail forwarding system based on identity | |
| CN105743646B (en) | A kind of Identity based encryption method and system | |
| US7657037B2 (en) | Apparatus and method for identity-based encryption within a conventional public-key infrastructure | |
| CN103647642B (en) | A kind of based on certification agency re-encryption method and system | |
| CN104270249B (en) | It is a kind of from the label decryption method without certificate environment to identity-based environment | |
| JP4897645B2 (en) | Encrypted message transmission / reception method, sender apparatus, receiver apparatus, encrypted message transmission / reception system, and program | |
| JP5138775B2 (en) | Method and system for generating implicit credentials and applications for ID-based encryption (IBE) | |
| CN107086911B (en) | CCA (clear channel assessment) safe proxy re-encryption method capable of delegating verification | |
| JP2003298568A (en) | Authenticated identification-based cryptosystem with no key escrow | |
| CN107086912B (en) | Ciphertext conversion method, decryption method and system in heterogeneous storage system | |
| CN104363218A (en) | Proxy re-encryption method and system on basis of certificate conditions | |
| CN102170419A (en) | A secure mail client system and a method thereof | |
| CN104735070A (en) | Universal data sharing method for heterogeneous encryption clouds | |
| JP5298394B2 (en) | Dual-function ID-based encryption method and encryption system | |
| CN106713349B (en) | Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text | |
| CN110519226B (en) | Quantum communication server secret communication method and system based on asymmetric key pool and implicit certificate | |
| CN106790259A (en) | A kind of asymmetric across cryptographic system re-encryption, decryption method and system | |
| CN102195782A (en) | Two-way identity authentication method with integration of identity and password for mailing system | |
| JPH04347949A (en) | E-mail communication method and sending device | |
| CN105721140A (en) | K out of n oblivious transfer method and system | |
| JP4781896B2 (en) | Encrypted message transmission / reception method, sender apparatus, receiver apparatus, key server, and encrypted message transmission / reception system | |
| CN101882996A (en) | A Method of Information Encryption and Decryption in Identity-Based Distributed System | |
| CN112350820B (en) | Multi-receiver signcryption method, sender, receiver, system and storage medium | |
| CN114070549A (en) | Key generation method, device, equipment and storage medium | |
| JP5097102B2 (en) | Hierarchical ID-based encryption device and decryption device, method thereof, program, and recording medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee | Granted publication date:20120502 Termination date:20140114 |