Page 296 - 《软件学报》2020年第12期

P. 296

3962 Journal of Software 软件学报 Vol.31, No.12, December 2020

a a b b
=
=
,
= a 1 L ∧ = a 1 R ∧ gcd(aa ) gcd(a= ,a ) 1,b = 1 L ∧ = b 1 R ∧ gcd(b ,b ) gcd(b= ,b ) 1 .
L R 1 L 2 L 1 R R L R 1 L 2 L 1 R R
a a 2 b b 2
2 L R 2 2 L R 2
,
Step 1:Bob 利用自己的公钥将自己的数对 (bb ),(b ,b ) 加密:
1 L 2 L 1 R R 2
1 L b
C = (1 n+ ) r n mo n 2 (11a)
d
1 L b 1 L b
d
C = (1 n+ ) L b 2 r n mo n 2 (11b)
L b 2 L b 2
C b R 1 = (1 n+ ) b 1 R r b n R 1 mo n 2 (12a)
d
C b R 2 = (1 n+ ) b R 2 r b n R 2 mo n 2 (12b)
d
并将 (C ,C ) 和 (C ,C ) 发送给 Alice;
1 L b L b 2 b 1 R b R 2
Step 2:Alice 收到 (C ,C ) 和 (C ,C ) 后,按照如下方式工作.
1 L b L b 2 b 1 R b R 2
① 对于每一个 a I ∈{a L ,a R },I∈{L,R}随机选择 6 个不等的长度为⎣logn−1⎦的随机数 k 1 I a ,k I a 2 ,k′ 1 I a ,k′ I a 2 ,k′ I a 3 ,k′ I a 4
*
和 4 个随机数 r ,r ,r ,r ∈ Z ,并利用文献[22]中提出的同态加密方案计算 2 个密文对 (C ,
+
1 I a I a 2 3 I a I a 4 n (a 2 I ⋅ 1 L b ) k′ a 1 I
C (a 1 I b ⋅ L 2 ) k′ + a 1 I ),(C (a 2 I ⋅ b 1 R + ) k′ a I 2 ,C (a 1 I b ⋅ R 2 ) k′ + a I 2 ) :
C (a 2 I ⋅ 1 L b ) k′ = + a 1 I ((C 1 L b ) a k 1 I a ⋅ L 2 mod ) (1n × 2 + k k′ 1 I a ) n r n 1 I a mod n 2 (13a)
1 I a
′
C (a 1 I b ⋅ L 2 ) k′ = + a 1 I ((C L b 2 ) a k 1 I a ⋅ 1 L mod ) (1n × 2 + kkn )r n I a 2 mod n 2 (13b)
1 I a
1 I a
C = ((C ) k a I 2 a ⋅ L 2 mod ) (1n × 2 + k k′ ) n r n mod n 2 (14a)
) k′
(a 2 I b ⋅ R + a I 2 1 L b I a 2 I a 2 I a 3
1
C (a 1 I b ⋅ R 2 ) k′ a I 2 = ((C L b 2 ) k a I 2 a ⋅ 1 L mod ) (1n × 2 + k I a 2 k′ I a 2 ) n r n I a 4 mod n 2 (14b)
+
② 对密文对 (C ,C ) 和 (C ,C ) 同时在组内实施一致的元组元素间的随
(a 2 I ⋅ 1 L b ) k′ + a 1 I (a 1 I b⋅ L 2 ) k′ + a 1 I (a 2 I ⋅ b 1 R + ) k′ a I 2 (a 1 I b⋅ R 2 ) k′ + a I 2
机置换,然后再对两个密文对实施对间随机置换,得到密文对序列 (c ,c ),(c ,c ) ,即随机选择一个:
1 I L 1 I R I L 2 I R 2
((c ,c ),(c ,c )) {((∈ C ,C ),(C ,C )),
⋅
1 I L 1 I R I L 2 2 (a 2 I ⋅ I R 1 L )+ ′ 1 I (a 1 I b ⋅b L 2 )+ a k ′ 1 I (a 2 I b ⋅ 1 R )+ a k k ′ 2 (a 1 I b R 2 )+ a I k a I ′ 2
((C (a ⋅ )+ ′ ,C (a ⋅b k ′ k ),(C (a ⋅ ′ ,C ( I a ⋅ L b )+ a k ′ )),
2 I 1 R 2 1 I b R 2 )+ a I 2 2 I b 1 L )+ a I a k 1 I 1 2 1 I
((C ,C ),(C ,C )),
(a 1 I b ⋅ 2 )+ ′ 1 I (a 2 I b ⋅ L 1 L )+ a k ′ 1 I (a 1 I b ⋅ 2 )+ a k k ′ 2 (a 2 I b ⋅ R R 1 )+ a I k a I ′ 2
((C (a 1 I b ⋅ 2 )+ ′ k 2 ,C (a 2 I b ⋅ R 1 R )+ a I k ′ a I 2 ),(C (a 1 I b L 2 )+ ′ 1 I ,C (a 2 I b )+ a k 1 L ′ a k 1 I ))}
并发给 Bob.
Step 3:Bob 收到 (c ,c ),(c ,c ) 后计算:
1 I L 1 I R I L 2 I R 2
⎛ ( Lc λ ) ⎞ ⎛ ( L c λ ) ⎞ ⎛ ⎞ ⎧ − 1, X ≤ 1
⎜ P 1 I L ⎟ ,P⎜ I L 2 ⎟ , ⎟ ⎜ 其中 ,I ∈ { , }, ( )L R P X = ⎨ (15)
⎜ ⎜ ( Lc λ ) ⎟ ⎜ ( Lc λ ) ⎟ ⎟ 1, X > 1
⎝ ⎝ 1 I R ⎠ ⎝ I R 2 ⎠ ⎠ ⎩
⎛ ( Lc λ ) ⎞ ⎛ ( Lc λ ) ⎞ ⎛ ⎞
然后,将 P⎜ ⎜ 1 I L ⎟ ,P⎜ I L 2 ⎟ ⎟ 发送给 Alice.
⎜ ⎜ ( Lc λ ) ⎟ ⎜ ( Lc λ ) ⎟ ⎟
⎝ ⎝ 1 I R ⎠ ⎝ I R 2 ⎠ ⎠
⎛ ( Lc λ ) ⎞ ⎛ ( L c λ ) ⎞ ⎛ ⎞ ⎛ ( Lc λ ) ⎞ ⎛ ( Lc λ ) ⎞ ⎛ ⎞ ⎞⎛
Step 4:Bob 和 Alice 根据元组 ⎜ P⎜ L L 1 ⎟ ,P⎜ L L 2 ⎟ ⎟ , P⎜ ⎜ L R 1 ⎟ ,P⎜ L R 2 ⎟ ⎟ ⎟⎜ 可以得出两数域相交与
⎜ ⎜ ( Lc λ ) ⎟ ⎜ ( Lc λ ) ⎟ ⎟ ⎜ ⎜ ⎜ ( L c λ ) ⎟ ⎜ ( Lc λ ) ⎟ ⎟ ⎟
⎝ ⎝ R L 1 ⎠ ⎝ R L 2 ⎠ ⎠ ⎝ ⎝ ⎝ R R 1 ⎠ ⎝ R R 2 ⎠ ⎠ ⎠
否(如果元组为((−1,1),(−1,1)),((−1,1),(1,−1)),((1,−1),(−1,1)),((1,−1),(1,−1))中之一,则二者相交).
2. 数理计算的正确性.
a a a a ⎧ − 1, X ≤ 1
(1) 如果 b L ∈dom A ,即 a L <b L <a R ,则有 L ≤ 1, R ≥ 1,所以 L , R 经函数 ()PX = ⎨ 作用后的乘积:
b L b L b L b L ⎩ 1, X > 1
⎛ ⎞ a ⎛ ⎞ a
∂ = P ⎜ L ⋅ P ⎜ R ⎟ = ⎟ − 1 ;
⎝ b L ⎠ ⎝ b L ⎠

291 292 293 294 295 296 297 298 299 300 301