English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 118168/149231 (79%)
Visitors : 74111319      Online Users : 9463
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/159380


    Title: 支持叛徒追蹤的抗量子子集謂詞加密
    Quantum-Resistant Subset Predicate Encryption Supporting Traitor Tracing
    Authors: 陳侑謙
    Chen, You-Qian
    Contributors: 曾一凡
    Tseng, Yi-Fan
    陳侑謙
    Chen, You-Qian
    Keywords: 叛徒追蹤

    子集謂詞加密
    後量子安全
    細粒度存取控制
    Traitor Tracing
    Lattices
    Subset-Predicate Encryption
    Post-Quantum Security
    Fine-Grained Access Control
    Date: 2025
    Issue Date: 2025-09-01 16:48:35 (UTC+8)
    Abstract: 隨著雲端運算的普及,資料外包所帶來的安全性與隱私問題受到越來越多的重視。傳統加密機制在多用戶、權限分層的環境中難以實現細緻的存取控制,尤其在使用者身份可能隱藏的情境下更為困難。Subset Predicate Encryption(SPE)提供一種細緻的存取控制方法,允許只有當使用者的predicate集合符合密文中指定的條件時,才能解密資料。這使得SPE非常適合應用於雲端資料共享等需依屬性進行授權的場景中。然而,目前大多數SPE的實作仍基於傳統數論假設,例如RSA或雙線性對映等,這些基礎在量子電腦出現後將不再安全。此外,現有的SPE方案通常無法處理「叛徒追蹤」的問題——即使用者私鑰若被洩漏,系統無法追溯是誰洩漏了金鑰。這使得現有系統容易受到使用者共謀或非法轉售密鑰的威脅。因此,在本研究中,我們提出一個具備叛徒追蹤功能的基於格的後量子安全SPE方案。我們在密鑰產生與加密過程中嵌入指紋編碼(fingerprinting codes),藉此能夠在每把私鑰中植入可辨識的資訊。當發現金鑰被洩漏時,系統可透過該指紋還原並追蹤出實際洩漏者,即便面對多位使用者的共謀,也具備辨識能力。本方案基於LWE(Learning With Errors)問題,具備後量子安全性,可抵抗傳統與量子攻擊。同時,本方案支援集合包含的細緻存取控制模型,非常適合在雲端應用場景下保護資料的私密性與可稽核性。我們在量子安全模型中對本方案進行形式化安全證明,並指出其引入的參數開銷相對有限,卻能有效實現可追蹤性。總結而言,本研究提出一個結合predicate encryption與traitor tracing的後量子加密方案,為雲端環境中的安全資料共享提供一個兼具效率與可追蹤性的實用解法。
    The growing reliance on cloud computing has brought significant attention to the security and privacy of outsourced data. Traditional encryption mechanisms often fall short when it comes to enabling fine-grained access control, especially in scenarios involving a large number of users with varying access privileges. Subset Predicate Encryption (SPE) offers a powerful solution by allowing decryption only when a user’s predicate satisfies a specific condition defined in the ciphertext. This property makes SPE highly suitable for secure data sharing in cloud-based environments, where user identities may be hidden and access decisions are based solely on their attributes. However, most existing SPE constructions are built on number-theoretic assumptions such as RSA or bilinear pairings, which are vulnerable to quantum attacks. Moreover, these schemes generally do not provide any mechanism for traitor tracing, making them susceptible to key leakage and user collusion. In the event that a legitimate user leaks their secret key, existing systems cannot identify the source of the breach, posing a severe threat to data confidentiality. In this work, we propose a lattice-based, post-quantum secure SPE scheme with traitor tracing functionality. Our construction integrates fingerprinting codes into the key generation and encryption processes, enabling the system to embed identifying information within the secret keys. If a leaked key is detected, the embedded fingerprint can be used to trace and identify the specific user responsible for the leak, even in the presence of collusion among multiple users. The proposed scheme achieves post-quantum security by relying on the hardness of the Learning With Errors (LWE) problem, ensuring resistance against both classical and quantum attacks. Furthermore, it supports subset-based access control, making it ideal for privacy-preserving cloud applications. We formally prove the security of our construction in a quantum-secure model and demonstrate that our approach incurs only a modest increase in parameter size while providing strong traceability features. In summary, our work bridges the gap between predicate encryption and traitor tracing in a post-quantum setting, providing a practical and efficient solution for secure and auditable data sharing in the cloud.
    Reference: [ABB10] S. Agrawal, D. Boneh, and X. Boyen, “Efficient lattice (h)ibe in the standard model,” in Advances in Cryptology – EUROCRYPT 2010, H. Gilbert, Ed., Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 553–572 (cit. pp. 8, 16, 19).
    [ADM+07] M. Abdalla, A. W. Dent, J. Malone-Lee, et al., “Identity-based traitor tracing,” in Public Key Cryptography – PKC 2007, T. Okamoto and X. Wang, Eds., Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, pp. 361–376 (cit. pp. 3, 26).
    [AFV11] S. Agrawal, D. M. Freeman, and V. Vaikuntanathan, “Functional encryption for inner product predicates from learning with errors,” in Advances in Cryptology – ASIACRYPT 2011, D. H. Lee and X. Wang, Eds., Berlin, Heidelberg: Springer Berlin Heidelberg, 2011, pp. 21–40 (cit. p. 11).
    [BN08] D. Boneh and M. Naor, “Traitor tracing with constant size ciphertext,” in Proceedings of the 15th ACM Conference on Computer and Communications Security, ser. CCS ’08, Alexandria, Virginia, USA: Association for Computing Machinery, 2008, pp. 501–510 (cit. p. 9).
    [BS98] D. Boneh and J. Shaw, “Collusion-secure fingerprinting for digital data,” IEEE Transactions on Information Theory, vol. 44, no. 5, pp. 1897–1905, 1998 (cit. pp. 9, 13).
    [CM19] S. Chatterjee and S. Mukherjee, “Large universe subset predicate encryption based on static assumption (without random oracle),” in Topics in Cryptology – CT-RSA 2019, M. Matsui, Ed., Cham: Springer International Publishing, 2019, pp. 62–82 (cit. p. 10).
    [FLB+24] K. Fan, W. Li, Y. Bai, et al., “Eiv-bt-abe: Efficient attribute-based encryption with black-box traceability based on encrypted identity vector,” IEEE Internet of Things Journal, vol. 11, no. 9, pp. 15 229–15 240, 2024 (cit. p. 26).
    [GMS12] F. Guo, Y. Mu, and W. Susilo, “Identity-based traitor tracing with short private key and short ciphertext,” in Computer Security – ESORICS 2012, S. Foresti, M. Yung, and F. Martinelli, Eds., Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 609–626 (cit. pp. 3, 26).
    [HPL22] D. Han, N. Pan, and K.-C. Li, “A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection,” IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 1, pp. 316–327, 2022 (cit. p. 3).
    [KMM+18] J. Katz, M. Maffei, G. Malavolta, and D. Schröder, “Subset predicate encryption and its applications,” in Cryptology and Network Security, S. Capkun and S. S. M. Chow, Eds., Cham: Springer International Publishing, 2018, pp. 115– 134 (cit. p. 10).
    [KSW08] J. Katz, A. Sahai, and B. Waters, “Predicate encryption supporting disjunctions, polynomial equations, and inner products,” in Advances in Cryptology – EUROCRYPT 2008, N. Smart, Ed., Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, pp. 146–162 (cit. p. 11).
    [LCW13] Z. Liu, Z. Cao, and D. S. Wong, “Blackbox traceable cp-abe: How to catch people leaking their keys by selling decryption devices on ebay,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, ser. CCS ’13, Berlin, Germany: Association for Computing Machinery, 2013, pp. 475–486 (cit. p. 26).
    [LCW15] Z. Liu, Z. Cao, and D. S. Wong, “Traceable CP-ABE: How to trace decryption devices found in the wild,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 1, pp. 55–68, 2015 (cit. p. 26).
    [LW16] Z. Liu and D. S. Wong, “Practical attribute-based encryption: Traitor tracing, revocation and large universe,” The Computer Journal, vol. 59, no. 7, pp. 983– 1004, 2016 (cit. pp. 3, 26).
    [LZN+22] J. Li, Y. Zhang, J. Ning, et al., “Attribute based encryption with privacy protection and accountability for cloudIoT,” IEEE Transactions on Cloud Computing, vol. 10, no. 2, pp. 762–773, 2022 (cit. p. 3).
    [MR07] D. Micciancio and O. Regev, “Worst-case to average-case reductions based on gaussian measures,” SIAM Journal on Computing, vol. 37, no. 1, pp. 267– 302, 2007. eprint: https://doi.org/10.1137/S0097539705447360 (cit. p. 8).
    [NAL22] H. Nasiraee, M. Ashouri-Talouki, and X. Liu, “Optimal black-box traceability in decentralized attribute-based encryption,” IEEE Transactions on Cloud Computing, pp. 1–14, 2022 (cit. pp. 3, 26).
    [NCD+16] J. Ning, Z. Cao, X. Dong, J. Gong, and J. Chen, “Traceable cp-abe with short ciphertexts: How to catch people selling decryption devices on ebay efficiently,” in Computer Security – ESORICS 2016, I. Askoxylakis, S. Ioannidis, S. Katsikas, and C. Meadows, Eds., Cham: Springer International Publishing, 2016, pp. 551–569 (cit. p. 26).
    [NDC+15] J. Ning, X. Dong, Z. Cao, L. Wei, and X. Lin, “White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 6, pp. 1274–1288, 2015 (cit. p. 3).
    [QBZ+18] H. Qiao, H. Ba, H. Zhou, et al., “Practical, provably secure, and black-box traceable cp-abe for cryptographic cloud storage,” Symmetry, vol. 10, no. 10, 2018 (cit. p. 26).
    [QRW+18] H. Qiao, J. Ren, Z. Wang, H. Ba, and H. Zhou, “Compulsory traceable ciphertext-policy attribute-based encryption against privilege abuse in fog computing,” Future Generation Computer Systems, vol. 88, pp. 107–116, 2018 (cit. p. 26).
    [Ram16] S. C. Ramanna, “More efficient constructions for inner-product encryption,” in Applied Cryptography and Network Security, M. Manulis, A.-R. Sadeghi, and S. Schneider, Eds., Cham: Springer International Publishing, 2016, pp. 231– 248 (cit. p. 11).
    [TG21] Y.-F. Tseng and S.-J. Gao, “Efficient subset predicate encryption for internet of things,” in 2021 IEEE Conference on Dependable and Secure Computing (DSC), 2021, pp. 1–2 (cit. p. 10).
    [Tse24] Y.-F. Tseng, “Attribute hiding subset predicate encryption: Quantum-resistant construction with efficient decryption,” Computer Standards & Interfaces, vol. 88, p. 103 796, 2024 (cit. pp. 3, 10).
    [XYM+18] S. Xu, G. Yang, Y. Mu, and X. Liu, “Efficient attribute-based encryption with blackbox traceability,” in Provable Security, J. Baek, W. Susilo, and J. Kim, Eds., Cham: Springer International Publishing, 2018, pp. 182–200 (cit. p. 3).
    [XYX+20] S. Xu, J. Yuan, G. Xu, et al., “Efficient ciphertext-policy attribute-based encryption with blackbox traceability,” Information Sciences, vol. 538, pp. 19– 38, 2020 (cit. p. 3).
    [YHC+24] Z. Yang, D. He, R. Chen, S. Wang, and J. Xu, “Post-quantum identity-based traitor tracing,” Journal of Information Security and Applications, vol. 85, p. 103 870, 2024 (cit. pp. 3, 26).
    Description: 碩士
    國立政治大學
    資訊安全碩士學位學程
    112791012
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0112791012
    Data Type: thesis
    Appears in Collections:[資訊安全碩士學位學程] 學位論文

    Files in This Item:

    File Description SizeFormat
    101201.pdf1268KbAdobe PDF0View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback