An identity or attribute encryption calculation method and system based on an Intel SGX mechanism
A technology of attribute encryption and calculation method, which is applied in the fields of computer technology and information security, and can solve the problems of high performance overhead and so on.
Active Publication Date: 2019-05-24
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF3 Cites 8 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, they only improved the generation method and distribution process of the public key, and the cryptographic calculation still uses the public key cryptographic algorithm based on mathematically intractable problems, such as factorization of large integers, discrete logarithm problems and discrete logarithm problems on elliptic curves, etc.
Therefore, due to the computational complexity of difficult mathematical problems, the existing public-key cryptosystems based on identity or attribute encryption are still computationally intensive, and have the disadvantages of time-consuming computation and high performance overhead.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0074] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail through examples below.
[0075] This example uses the AES-256-GCM algorithm to encrypt and decrypt.
[0076] Initialize PKG, input security parameter l to PKG, PKG generates master key mk, and outputs system public parameter params.
[0077] After that, PKG can generate private key sk for system users. Private key generation process: input the user ID to PKG, and PKG calculates the private key according to params, mk and KDF, for example, sk=KDF(mk||ID,l).
[0078] The Private enclave starts for the first time, and executes SGX remote authentication to request the user's private key sk from PKG. Privateenclave generates a temporary key pair (sk tmp ,pk tmp ), issue SGX assertion proof Q=Quote(pk tmp ).
[0079] After PKG receives Q, it calls the enclave authentication API provided by Intel for verification. If ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses an identity or attribute encryption calculation method and system based on an Intel SGX mechanism. The method comprises the following steps: 1) deploying Public Enclave at a message sender terminal, deploying Private Enclave at a message receiver terminal, and respectively providing an application program running environment for isolated execution based on an Intel SGX mechanism; 2) requesting a private key from the PKG when the Private Enclave is started for the first time; when the Public Enclave is started for the first time, requesting system parameters and a main key from the PKG to generate a public key of the user; and (3) the Public license derives a corresponding public key according to the input ID or attribute and then encrypts the message by using the public key, and a decryption interface of the Private license of the message receiver terminal decrypts the message by using a private key. According to the public key password calculation method disclosed by the invention, the public key password calculation is safely and efficiently realized.
Description
technical field [0001] The invention belongs to the field of computer technology and information security technology, and in particular relates to an identity or attribute encryption calculation method and system based on the Intel SGX mechanism. Background technique [0002] The public key cryptosystem based on identity encryption allows users to use arbitrary identifiers, such as user names or email addresses, to expand the user's public key. Attribute-based encryption is considered obfuscated identity-based encryption. In the public key cryptosystem based on attribute encryption, users are given a series of attribute sets, and only when the attribute set meets the requirements of access control, the ciphertext data can be decrypted, and its public key is related to its attributes. In this way, public key cryptosystems based on identity or attribute encryption greatly reduce the work of traditional public key cryptosystems in distributing public keys. However, they only ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/60H04L9/06H04L9/30
CPCH04L9/0631H04L9/0643H04L9/0819H04L9/0861H04L9/0894H04L9/30H04L9/3247
Inventor 林璟锵黎火荣蔡权伟欧阳文宜荆继武王伟
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI