技术领域Technical Field
本发明属于计算机安全领域,具体涉及一种具有隐私保护的指定报告者的机密报告方法。The invention belongs to the field of computer security, and in particular relates to a confidential reporting method for a designated reporter with privacy protection.
背景技术Background technique
通过机密报告系统,报告者可以秘密地报告组织内存在的重要问题或不法行为,而不会被谴责和报复。由于报告者可以秘密地报告问题,机密报告系统已被广泛地应用于各个领域中获取重要报告和总结失败经验,包括航海、航空、健康、建筑等。Through the confidential reporting system, reporters can confidentially report important problems or illegal behaviors in the organization without being condemned or retaliated. Because reporters can report problems confidentially, the confidential reporting system has been widely used in various fields to obtain important reports and summarize failure experiences, including navigation, aviation, health, construction, etc.
在现有等机密报告系统中,为了保护报告者的隐私,报告者的身份信息在报告被查看之前已被删除。该方法可以有效地保护报告者的隐私,但是没有考虑如何认证报告者的身份。值得注意的是,对报告者身份的认证是非常重要的,否则不法分子可以向系统提交虚假报告信息。另外,在某些情况下,为了获得可信的报告,审查者可能会指定具有良好声誉的权威机构、个人提交报告,如建筑坍塌事故调查报告、医疗事故调查报告、交通事故调查报告等。In existing confidential reporting systems, in order to protect the privacy of the reporter, the reporter's identity information has been deleted before the report is viewed. This method can effectively protect the privacy of the reporter, but it does not consider how to authenticate the reporter's identity. It is worth noting that the authentication of the reporter's identity is very important, otherwise criminals can submit false report information to the system. In addition, in some cases, in order to obtain a credible report, the reviewer may designate an authoritative organization or individual with a good reputation to submit a report, such as a building collapse accident investigation report, a medical accident investigation report, a traffic accident investigation report, etc.
为了保护报告者的隐私和实现对报告者身份的认证,本发明提出了一个具有隐私保护的指定报告者的机密报告方法。该系统具有以下特点:(1)为了获取可信的报告,审查者可以灵活地指定报告者;(2)报告者可以根据报告内容、性质,选择正确的审查者;(3)审查者从不属于他的密文中得不到关于报告者身份和报告内容的任何信息;(4)在特殊情况下,审查者可以将报告查阅权委托给一个受托者,并设置一个委托有效期。该系统的优点在于(1)审查者可以查看报告内容当且仅当审查者和报告者都满足对方的要求;(2)审查者可以将对报告的审查权委托给他人,确保系统能够实时运行,保证报告被及时处理,提高了系统的可靠性和灵活性。In order to protect the privacy of the reporter and to authenticate the identity of the reporter, the present invention proposes a confidential reporting method for a designated reporter with privacy protection. The system has the following features: (1) In order to obtain a credible report, the reviewer can flexibly designate the reporter; (2) The reporter can select the correct reviewer based on the content and nature of the report; (3) The reviewer cannot obtain any information about the identity of the reporter and the content of the report from the ciphertext that does not belong to him; (4) In special circumstances, the reviewer can entrust the right to review the report to a trustee and set a validity period for the entrustment. The advantages of this system are that (1) the reviewer can view the content of the report if and only if both the reviewer and the reporter meet each other's requirements; (2) the reviewer can entrust the right to review the report to others, ensuring that the system can run in real time and that the report is processed in a timely manner, thereby improving the reliability and flexibility of the system.
发明内容Summary of the invention
本发明提出了一种具有隐私保护指定报告者的机密报告方法。该方法仅允许被指定的报告者向审查者秘密地发送消息。对于非指定报告者发送的消息,审查者不能获得关于报告者身份和报告内容的任何信息。特别地,审查者可以将对报告的审阅权委托给一个受托者且可以设置委托有效期。本发明保护了报告者的隐私且提高了机密报告方法的可靠性和灵活性。The present invention proposes a confidential reporting method with a designated reporter with privacy protection. The method only allows the designated reporter to send messages to the reviewer in secret. For messages sent by non-designated reporters, the reviewer cannot obtain any information about the identity of the reporter and the content of the report. In particular, the reviewer can entrust the review right of the report to a trustee and can set the validity period of the entrustment. The present invention protects the privacy of the reporter and improves the reliability and flexibility of the confidential reporting method.
本发明通过以下技术实现。The present invention is achieved through the following technologies.
一种具有隐私保护指定报告者的机密报告方法,包括以下步骤:A confidential reporting method with a privacy-preserving designated reporter, comprising the steps of:
S1系统初始化阶段:中心机构CA输入一个安全参数1l,输出系统主密钥MSK和公共参数Params,即S1 System initialization phase: The central authority CA inputs a security parameter 1l and outputs the system master key MSK and public parameters Params, namely
Setup(1l)→(MSK,Params);Setup(1l )→(MSK,Params);
S2报告者密钥生成阶段:中心机构CA输入公共参数Params,主密钥MSK和报告者R的身份IDR,输出密钥SKR,即S2 Reporter key generation phase: The central authority CA inputs public parameters Params, master key MSK and identity IDR of reporter R, and outputs key SKR , that is,
RKey_Gen(Params,MSK,IDR)→SKR;RKey_Gen(Params,MSK,IDR )→SKR ;
S3审查者密钥生成阶段:中心机构CA输入公共参数Params,主密钥MSK和审查者I的身份IDI,输出密钥SKI,即S3 Reviewer Key Generation Phase: The central authority CA inputs the public parameters Params, the master key MSK and the identity IDI of the reviewer I, and outputs the key SKI , that is,
RKey_Gen(Params,MSK,IDI)→SKI;RKey_Gen(Params,MSK,IDI )→SKI ;
S4委托密钥生成阶段:审查者I输入公共参数Params,密钥SKI,报告者R的身份IDR,受托者D的身份IDD和委托有效期TD,输出委托密钥SKI→D,即S4 delegation key generation phase: auditor I inputs public parameters Params, key SKI , identity IDR of reporter R , identity IDD of trustee D and delegation validity periodTD , and outputs delegation key SKI→D , that is
DKey-Gen(Params,SKI,IDR,IDD,TD)→SKI→D;DKey-Gen(Params,SKI ,IDR ,IDD ,TD )→SKI→D ;
S5加密阶段:报告者R输入公共参数Params,密钥SKR,审查者身份IDI,数据有效期TE和消息M,输出密文CT,即S5 encryption phase: The reporter R inputs the public parameters Params, the key SKR , the auditor IDI , the data validity periodTE and the message M, and outputs the ciphertext CT, that is,
Encrypt(Params,SKR,IDI,TE,M)→CT;Encrypt(Params,SKR ,IDI ,TE ,M)→CT;
报告者将审查者身份和密文(IDI,CT)上传到系统;The reporter uploads the reviewer identity and ciphertext (IDI , CT) to the system;
S6解密阶段:该阶段由审查者解密和受托者解密组成;S6 decryption stage: This stage consists of reviewer decryption and trustee decryption;
S7审查者解密阶段:审查者I在系统中找到(IDI,CT);审查者I输入公共参数Params,密钥SKI,报告者身份IDR,数据有效期TE和密文CT,输出明文M当且仅当R是指定的报告者;否则输出⊥显示失败,即S7 Reviewer decryption phase: Reviewer I finds (IDI , CT) in the system; Reviewer I inputs public parameters Params, key SKI , reporter identity IDR , data validity periodTE and ciphertext CT, and outputs plaintext M if and only if R is the designated reporter; otherwise, the output ⊥ indicates failure, i.e.
IDecrypt(Params,SKI,IDR,TE,CT)→M/⊥;IDecrypt(Params,SKI ,IDR ,TE ,CT)→M/⊥;
S8受托者解密阶段:受托者D在系统中找到D(IDI,CT);受托者D输入公共参数Params,密钥SKI→D,报告者身份IDR,数据有效期TE和密文CT,输出明文M当且仅当TE=TD,R是指定的报告者;否则输出⊥显示失败,即S8 Trustee decryption phase: Trustee D finds D(IDI , CT) in the system; Trustee D inputs public parameters Params, key SKI→D , reporter identity IDR , data validity periodTE and ciphertext CT, and outputs plaintext M if and only ifTE =TD and R is the designated reporter; otherwise, the output ⊥ indicates failure, i.e.
DDecrypt(Params,SKI→D,IDR,TE,CT)→M/⊥。DDecrypt(Params,SKI→D ,IDR ,TE ,CT)→M/⊥.
作为本发明的进一步改进,所述步骤S4中,审查者可以将对来自指定报告者的秘密报告的审阅权委托给一个受托者且可以设置灵活的委托有效期。As a further improvement of the present invention, in step S4, the examiner may delegate the right to review the secret report from the designated reporter to a trustee and may set a flexible delegation validity period.
作为本发明的进一步改进,所述步骤S5中,报告者在加密时可以用其密钥向审查者证明其为指定的报告者且可以设置灵活的数据有效期。As a further improvement of the present invention, in step S5, the reporter can use his key to prove to the examiner that he is the designated reporter when encrypting and can set a flexible data validity period.
作为本发明的进一步改进,所述步骤S6中:1)如果报告发送者是指定的报告者,则审查者可以解密密文,获得明文;否则,审查者不能得到报告发送者的身份和明文消息的任何信息。2)受托者可以在委托期内代替审查者审查来自指定报告者的报告。As a further improvement of the present invention, in step S6: 1) if the report sender is a designated reporter, the reviewer can decrypt the ciphertext and obtain the plaintext; otherwise, the reviewer cannot obtain the identity of the report sender and any information about the plaintext message. 2) The trustee can review the report from the designated reporter on behalf of the reviewer during the entrustment period.
与现有技术相比,本发明具有以下优点。Compared with the prior art, the present invention has the following advantages.
(1)实现了对报告者身份的认证,审查者可以灵活地指定报告者,提高了报告对可信度;(1) The reporter's identity is authenticated, and the reviewer can flexibly designate the reporter, which improves the credibility of the report;
(2)报告者可以根据报告内容、性质,选择正确的审查者;(2) The reporter can choose the correct reviewer based on the content and nature of the report;
(3)审查者只能查看将其设定为接收者的报告。然而,对于没有将其设定为接收者的报告,审查者得不到报告者的身份和报告内容的任何信息;(3) Reviewers can only view reports for which they are set as recipients. However, for reports for which they are not set as recipients, reviewers cannot obtain any information about the identity of the reporter or the content of the report.
(4)审查者可以将审阅权委托给其他人,并且设置灵活对委托有效期,提高了系统的可靠性和灵活性。(4) Reviewers can delegate review rights to others and set flexible validity periods for delegations, which improves the reliability and flexibility of the system.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
通过结合附图对本发明示例性实施方式进行更详细的描述,本发明的上述以及其它目的、特征和优势将变得更加明显,其中,在本发明示例性实施方式中,相同的参考标号通常代表相同部件。The above and other objects, features and advantages of the present invention will become more apparent through a more detailed description of exemplary embodiments of the present invention in conjunction with the accompanying drawings, wherein like reference numerals generally represent like parts throughout the exemplary embodiments of the present invention.
图1为本发明的流程框架图。FIG. 1 is a flow chart of the present invention.
具体实施方式Detailed ways
根据附图说明,本发明的具体实施方式如下。According to the accompanying drawings, the specific embodiments of the present invention are as follows.
本发明提供了一种具有隐私保护指定报告者的机密报告方法,包括以下步骤:The present invention provides a confidential reporting method with a designated reporter having privacy protection, comprising the following steps:
S1系统初始化阶段:假设BG(1l)→(e,p,G1,G2,GT)为一个双线性群生算法。该算法输入一个安全参数1l,输出素数阶乘法循环群G1,G2,GT和双线性映射e:G1×G2→GT。中心机构CA首先运行BG(1l)→(e,p,G1,G2,GT),然后选取生成元g1,g2∈G1,h∈G2和两个哈希函数H1,H2:{0,1}*→Zp。进一步,中心机构CA随机地选取x1,x2,x3∈Zp,计算系统的主密钥为MSK=(x1,x2,x3),公参数为Params=(e,p,G1,G2,GT,g1,g2,h,Y1,Y2,H1,H2)。S1 System initialization phase: Assume that BG(1l )→(e, p, G1 , G2 ,GT ) is a bilinear group generation algorithm. The algorithm inputs a security parameter 1l and outputs a prime factorial multiplication cyclic group G1 , G2 ,GT and a bilinear map e: G1 ×G2 →GT . The central agency CA first runs BG(1l )→(e, p, G1 , G2 ,GT ) and then selects generators g1 , g2 ∈G1 , h∈G2 and two hash functions H1 , H2 : {0, 1}* →Zp . Further, the central agency CA randomly selects x1 , x2 , x3 ∈Zp and calculates The master key of the system is MSK = (x1 , x2 , x3 ), and the public parameters are Params = (e, p, G1 , G2 ,GT , g1 , g2 , h, Y1 , Y2 , H1 , H2 ).
S2报告者密钥生成阶段:假设报告者R的身份为IDR∈{0,1}*。中心机构CA利用主密钥MSK=(x1,x2,x3),计算报告者R的密钥为SKR。S2 Reporter key generation phase: Assume that the identity of the reporter R is IDR ∈ {0, 1}* . The central authority CA uses the master key MSK = (x1 , x2 , x3 ) to calculate The key of reporter R is SKR .
S3审查者密钥生成阶段:假设审查者I的身份为IDI∈{0,1}*。中心机构首先随机地选取rI∈Zp,然后计算和审查者的密钥为SKI=(rI,KI,1,KI,2)。审查者I指定报告者为R。S3 Reviewer key generation phase: Assume that the identity of reviewer I is IDI ∈ {0, 1}* . The central agency first randomly selects rI ∈ Zp and then calculates and The auditor's key is SKI =(rI , KI,1 , KI,2 ). The auditor I designates the reporter as R.
S4委托密钥生成阶段:假设受托者D的身份为IDD∈{0,1}*。审查者I首先随机地选取wD∈Zp,设置委托有效期TD∈{0,1}*,然后利用密钥SKI=(rI,KI,1,KI,2)计算S4 Delegation key generation phase: Assume that the identity of the trustee D is IDD ∈ {0, 1}* . The reviewer I first randomly selects wD ∈ Zp , sets the delegation validity period TD ∈ {0, 1}* , and then uses the key SKI = (rI , KI,1 , KI,2 ) to calculate
受托者D的密钥为SKD=(KI,1,KI,2,rD,WD,TD)。The key of the trustee D is SKD =(KI,1 , KI,2 , rD , WD ,TD ).
S5加密阶段:假设明文消息为M∈GT,数据有效期为TE∈Zp。报告者R首先随机地选取t,s∈Zp,然后计算S5 encryption phase: Assume that the plaintext message isM∈GT and the data validity period isTE∈Zp . The reporter R first randomly selects t,s∈Zp ,and then calculates
密文为CT=(C0,C1,C2,C3,C4,C5)。报告者报告者R将(IDI,CT)提交到系统。The ciphertext is CT = (C0 , C1 , C2 , C3 , C4 , C5 ). Reporter R submits (IDI , CT) to the system.
S6解密阶段:该阶段由审查者解密阶段和受托者解密阶段组成。S6 decryption phase: This phase consists of the reviewer decryption phase and the trustee decryption phase.
S7审查者解密阶段:审查者I首先计算C0=H1(TE||IDI),然后通过C0在系统中找到对应的密文CT=(C0,C1,C2,C3,C4,C5)。审查者I利用密钥SKI=(rI,KI,1,KI,2)计算S7 Auditor decryption phase: Auditor I first calculates C0 = H1 (TE || IDI ), and then uses C0 to find the corresponding ciphertext CT = (C0 , C1 , C2 , C3 , C4 , C5 ) in the system. Auditor I uses the key SKI = (rI , KI,1 , KI,2 ) to calculate
S8受托者解密阶段:受托者D首先计算C0=H1(TE||IDI),然后通过C0在系统中找到对应的密文CT=(C0,C1,C2,C3,C4,C5)。受托者D利用密钥SKD=(KI,1,KI,2,rD,WD,TD)计算S8 Trustee decryption phase: Trustee D first calculates C0 = H1 (TE || IDI ), and then finds the corresponding ciphertext CT = (C0 , C1 , C2 , C3 , C4 , C5 ) in the system through C0. Trustee D uses the key SKD = (KI, 1 , KI, 2 , rD , WD ,TD ) to calculate
(当且仅当TD=TE)。 (If and only ifTD =TE ).
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210878146.0ACN115250202B (en) | 2022-07-25 | 2022-07-25 | Secret reporting method for appointed reporter with privacy protection |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210878146.0ACN115250202B (en) | 2022-07-25 | 2022-07-25 | Secret reporting method for appointed reporter with privacy protection |
| Publication Number | Publication Date |
|---|---|
| CN115250202A CN115250202A (en) | 2022-10-28 |
| CN115250202Btrue CN115250202B (en) | 2024-08-06 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210878146.0AActiveCN115250202B (en) | 2022-07-25 | 2022-07-25 | Secret reporting method for appointed reporter with privacy protection |
| Country | Link |
|---|---|
| CN (1) | CN115250202B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111211903A (en)* | 2019-12-02 | 2020-05-29 | 中国矿业大学 | Mobile group perception data report duplication removing method based on fog calculation and privacy protection |
| CN114785500A (en)* | 2022-05-10 | 2022-07-22 | 东南大学 | Entrustable inner product function encryption method |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8694771B2 (en)* | 2012-02-10 | 2014-04-08 | Connect In Private Panama Corp. | Method and system for a certificate-less authenticated encryption scheme using identity-based encryption |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111211903A (en)* | 2019-12-02 | 2020-05-29 | 中国矿业大学 | Mobile group perception data report duplication removing method based on fog calculation and privacy protection |
| CN114785500A (en)* | 2022-05-10 | 2022-07-22 | 东南大学 | Entrustable inner product function encryption method |
| Publication number | Publication date |
|---|---|
| CN115250202A (en) | 2022-10-28 |
| Publication | Publication Date | Title |
|---|---|---|
| Ruj et al. | Decentralized access control with anonymous authentication of data stored in clouds | |
| Ruj et al. | Privacy preserving access control with authentication for securing data in clouds | |
| CN112836225B (en) | A blockchain-based electronic medical record sharing method | |
| US8108678B1 (en) | Identity-based signcryption system | |
| US8171563B2 (en) | Secure message system with remote decryption service | |
| US8683209B2 (en) | Method and apparatus for pseudonym generation and authentication | |
| US7634085B1 (en) | Identity-based-encryption system with partial attribute matching | |
| US20030081774A1 (en) | Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure | |
| Ma et al. | Be-trdss: Blockchain-enabled secure and efficient traceable-revocable data-sharing scheme in industrial internet of things | |
| Wang et al. | A pre-authentication approach to proxy re-encryption in big data context | |
| Pussewalage et al. | A delegatable attribute based encryption scheme for a collaborative e-health cloud | |
| CN119172054B (en) | A data sharing method and system based on blockchain | |
| Noh et al. | Blockchain-based user-centric records management system | |
| Hahn et al. | Trustworthy delegation toward securing mobile healthcare cyber-physical systems | |
| CN113411323A (en) | Medical record data access control system and method based on attribute encryption | |
| Zhao et al. | A sanitizable access control with policy-protection for vehicular social networks | |
| CN114095171A (en) | An identity-based pierceable proxy re-encryption method | |
| CN105553979A (en) | Encryption publishing method for privacy information in smart power grid | |
| CN103281180A (en) | Method of generating bill for protecting user access privacy in network service | |
| CN116132105A (en) | Internet of vehicles large attribute data sharing system and method based on attribute encryption | |
| Maheswaran et al. | Crypto-book: an architecture for privacy preserving online identities | |
| Fan et al. | Secure and private key management scheme in big data networking | |
| CN115250202B (en) | Secret reporting method for appointed reporter with privacy protection | |
| Aljahdali et al. | Efficient and Secure Access Control for IoT-based Environmental Monitoring | |
| JP2008288837A (en) | Key management method, key generation method, cipher processing method, decipher processing method, access management method, and communication network system |
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |