跳到主要內容

簡易檢索 / 詳目顯示

回結果列表
研究生: 黃仁志
Huang, Ren-Jr
論文名稱: 適應於NuCypher之代理門檻廣播重加密機制
Development of Proxy Threshold Broadcast ReEncryption for NuCypher
指導教授: 左瑞麟
Tso, Ray-lin
口試委員: 曾一凡
Tseng, Yi-Fan
郭文中
Kuo, Wen-Chung
周兆龍
Chou, Chao-Lung
王智弘
Wang, Chih-Hung
學位類別: 碩士
Master
系所名稱: 理學院 - 資訊科學系碩士在職專班
Excutive Master Program of Computer Science
論文出版年: 2021
畢業學年度: 109
語文別: 中文
論文頁數: 66
中文關鍵詞: NuCypher祕密分享公鑰廣播加密廣播重加密區塊鏈
外文關鍵詞: NuCypher, Secret Sharing, Broadcast Encrytion, Proxy Broadcast ReEncryption, Blockchain
DOI URL: http://doi.org/10.6814/NCCU202101410
相關次數: 點閱:79下載:32
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 近幾年隨著區塊鏈技術的蓬勃發展,誕生了許多基於區塊鏈及智能合約(Smart Contract) 的新型應用,特別是以去中心化為核心價值的DApps(Decentralized Application) 應用。其中於2020 年正式上線的
    NuCypher,旨在公鏈(Main Net) 上提供以密碼學基礎工程打造資料隱私保護(privacy preserving) 的服務,主要籍由智能合約的管控及密碼學中的重加密技術,達到在去中心化的環境中,依然能提供安全的資料
    分享應用。
    然而,在NuCypher 的機制中,對於資料的授權,只能提供一對一的分享服務,無法在同一時間,允許多位使用者存取同一份加密資料,而需個別設定,欠缺實務上的彈性及效率。所以本研究的重點在
    於改善其重加密機制以達成一對多分享的效果,使用代理廣播重加密(Proxy Broadcast ReEncryption PBRE) 演算法及祕密分享(Secret Sharing)技術,提出一個新機制來實現此一目標,除了達成原本NuCypher
    隱私資料分享的特性,也依然保留了適合去中心化架構下的分散式儲存金鑰安全性。

    There are a bunch of applications based on Blockchain and Smart Contractlargely grow in recent years, especially, the development of DApps(DecentralizedApplications) based on the decentralized concept. One of many interestingBlockchain applications is NuCypher that focuses on providing securelyprivacypreservingservices. The NuCypher leverages the ReEncryptionmechanismand Smart Contract to build the datasharingsystem where runs underthe decentralized environment.
    As our observation, unfortunately, the NuCypher can just share the data1on1at the same time, it can not allow the data owner to share 1toN.Inthis case, It needs to set one by one so that it is inefficient and inflexible. So,our research focuses on enhancing the NuCypher cryptographic scheme toachieve 1toNsharing. We make use of the Proxy Broadcast ReEncryption(PBRE) algorithm and Secret Sharing scheme to propose our scheme. It doesnot only preserves the sharing feature as the NuCypher but also suitable fordecentralized environment to keep the distributed secure key management.Keywords: NuCypher, Secret Sharing, Broadcast Encrytion, Proxy BroadcastReEncryption,Blockchain.

    目錄
    誌謝 i
    摘要 ii
    Abstract iii
    目錄 iv
    圖目錄 vi
    表目錄 viii
    第一章 緒論 1
    1.1 研究動機 1
    1.2 研究方法及目標 3
    1.3 論文架構 4
    第二章 背景知識 5
    2.1 KEM/DEM 機制 5
    2.2 代理重加密 6
    2.3 祕密分享 9
    2.4 雙線性映射系統及複雜性假設問題 11
    第三章 相關研究 13
    3.1 NuCypher 13
    3.1.1 NuCypher KMS 14
    3.1.2 Umbral 17
    3.2 公鑰廣播加密 (Public Key Broadcast Encryption) 19
    3.2.1 演算法定義 21
    3.2.2 正確性證明 22
    3.3 代理廣播重加密 (Proxy Broadcast Re­Encryption) 23
    3.3.1 代理廣播重加密演算法 24
    3.3.2 加解密一致性及安全模型 25
    第四章 代理門檻廣播重加密 27
    4.1 設計概要 27
    4.2 方法定義 28
    4.3 演算法定義 32
    第五章 正確性及安全性分析 39
    5.1 正確性證明 39
    5.1.1 Decrypt1 正確性證明 39
    5.1.2 Decrypt2 正確性證明 39
    5.2 安全性分析 41
    5.2.1 機密性 41
    5.2.2 完整性 41
    5.2.3 IND­sSet­CCA 安全性證明 41
    第六章 系統設計及實作 49
    6.1 設計概要 49
    6.2 實作結果 50
    6.3 效能比較 59
    第七章 結論 62
    參考文獻 63

    [1] S. Nakamoto, Bitcoin: A Peer­to­Peer Electronic Cash System. 2008.
    [2] J. Benet, IPFS­content addressed, versioned, P2P file system arXiv preprint arXiv:1407.3561, 2014.
    [3] Ethereum Name Service. https://ens.domains/.
    [4] V. Buterin, A Next­generation Smart Contract and Decentralized Application Platform. July 2016.
    [5] NuCypher https://www.nucypher.com/.
    [6] M. Egorov, M. Wilkison, and D. Nuñez, Nucypher kms: Decentralized key management system in Blockchain Protocol Analysis and Security Engineering 2018, Jan 2018.
    [7] M. Blaze, G. Bleumer, and M. Strauss, Divertible protocols and atomic proxy cryptography in International Conference on the Theory and Applications of Cryptographic Techniques, pp. 127–144, Springer, 1998.
    [8] A. Shamir, How to share a secret Commun. ACM, vol. 22, p. 612–613, Nov. 1979.
    [9] D. Boneh, C. Gentry, and B. Waters, Collusion resistant broadcast encryption with short ciphertexts and private keys in Advances in Cryptology – CRYPTO 2005 63(V. Shoup, ed.), (Berlin, Heidelberg), pp. 258–275, Springer Berlin Heidelberg, 2005.
    [10] M. Sun, C. Ge, L. Fang, and J. Wang, A proxy broadcast re­encryption for cloud data sharing Multimedia Tools and Applications, vol. 77, no. 9, pp. 10455–10469, 2018.
    [11] M. Abe, R. Gennaro, K. Kurosawa, and V. Shoup, Tag­KEM/DEM: A new framework for hybrid encryption and a new analysis of Kurosawa­Desmedt KEM in Annual international conference on the theory and applications of cryptographic techniques, pp. 128–146, Springer, 2005.
    [12] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, Improved proxy re­encryption schemes with applications to secure distributed storage ACM Transactions on Information and System Security (TISSEC), vol. 9, no. 1, pp. 1–30, 2006.
    [13] D. Boneh and M. Franklin, Identity­based encryption from the weil pairing SIAM journal on computing, vol. 32, no. 3, pp. 586–615, 2003.
    [14] Y. Dodis and A. Yampolskiy, A verifiable random function with short proofs and keys in International Workshop on Public Key Cryptography, pp. 416–431, Springer, 2005.
    [15] D. Nunez, I. Agudo, and J. Lopez, NTRUReEncrypt: An efficient proxy reencryption scheme based on NTRU in Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, pp. 179–189, 2015.
    [16] C.­K. Chu, J. Weng, S. S. Chow, J. Zhou, and R. H. Deng, Conditional proxy broadcast re­encryption in Australasian conference on information security and privacy, pp. 327–342, Springer, 2009.
    [17] C. Wang and S. Su, Secret sharing based on bilinear mapping in 2019 International Conference on Computer, Network, Communication and Information Systems (CNCI 2019), pp. 602–607, Atlantis Press, 2019.
    [18] D. Boneh and M. Franklin, Identity­based encryption from the weil pairing in Advances in Cryptology — CRYPTO 2001 (J. Kilian, ed.), (Berlin, Heidelberg), pp. 213–229, Springer Berlin Heidelberg, 2001.
    [19] A. Joux, A one round protocol for tripartite diffie–hellman in International algorithmic number theory symposium, pp. 385–393, Springer, 2000.
    [20] A. Joux and K. Nguyen, Separating decision diffie­hellman from diffie­hellman in cryptographic groups Manuscript. Available from eprint. iacr. org, 2001.
    [21] Hardware Security Modules. https://en.wikipedia.org/wiki/Hardware_security_module.
    [22] HashiCorp Vault. https://www.vaultproject.io/.
    [23] Amazon CloudHSM. https://aws.amazon.com/cloudhsm/.
    [24] Google CloudHSM. https://cloud.google.com/security-key-management.
    [25] Asure Key Vault. https://azure.microsoft.com/services/key-vault/.
    [26] U. W. Chohan, The decentralized autonomous organization and governance issues Available at SSRN 3082055, 2017.
    [27] D. Nunez, Umbral: a threshold proxy re­encryption scheme NuCypher Inc and NICS Lab, University of Malaga, Spain, 2018.
    [28] X. ANSI, 63: Public key cryptography for the financial services industry, key agreement and key transport using elliptic curve cryptography American National Standards Institute, 1998.
    [29] A. Fiat and M. Naor, Broadcast encryption in Annual International Cryptology Conference, pp. 480–491, Springer, 1993.
    [30] A. De Caro and V. Iovino, jpbc: Java pairing based cryptography in Proceedings of the 16th IEEE Symposium on Computers and Communications, ISCC 2011, pp. 850–855, IEEE, 2011.
    [31] B. Castle, The bouncy castle crypto apis for java 2010.
    [32] Cryptographic primitive implementations for secure cloud storage / computing applications https://github.com/liuweiran900217/CloudCrypto

    QR CODE
    :::