软件学报 ISSN 1000-9825, CODEN RUXUEW                                       E-mail: jos@iscas.ac.cn
                 Journal of Software,2021,32(10):32363253 [doi: 10.13328/j.cnki.jos.006013]   http://www.jos.org.cn
                 ©中国科学院软件研究所版权所有.                                                         Tel: +86-10-62562563


                                                                          
                 安全随机数部分重用及在多接收方签密的应用 

                 刘   镇,   韩益亮,   杨晓元,   柳曙光


                 (武警工程大学  密码工程学院,陕西  西安  710086)
                 通讯作者:  韩益亮, E-mail:hanyil@163.com

                 摘   要:  为了在构造多接收方签密方案时,既不牺牲安全性又可以节约通信和计算开销,首先将随机数重用的安
                 全理论丰富到另一种常见情况,提出了随机数部分重用的概念,并以签密体制为研究对象,定义了随机数部分重用的
                 多接收方签密方案、随机数部分重用可再生的签密方案及安全模型;然后给出并证明了可再生性定理——随机数部
                 分重用的安全条件为方案是可再生的;最后证明了 LWWD16 的格基签密方案是一个随机数部分重用可再生的签密
                 方案,并基于 LWWD16 首次构造了一个基于格的随机数部分重用的多消息多接收方签密方案,证明了方案满足抗
                 自适应选择密文攻击不可区分(IND-CCA2)和抗自适应选择消息攻击不可伪造(euf-CMA)安全性.效率分析表明,基
                 于随机数部分重用构造的多消息多接收方签密方案可以有效地节约系统计算和通信开销.为多消息多接收方签密
                 的构造提供了一种通用方法.
                 关键词:  签密;多接收方;随机数部分重用;可证明安全性;抗量子攻击
                 中图法分类号: TP309

                 中文引用格式:  刘镇,韩益亮,杨晓元,柳曙光.安全随机数部分重用及在多接收方签密的应用.软件学报,2021,32(10):
                 32363253. http://www.jos.org.cn/1000-9825/6013.htm
                 英文引用格式: Liu Z, Han YL, Yang XY, Liu  SG. Secure re-use  of  partial randomness and  its application in  multi-receiver
                 signcryption scheme. Ruan Jian Xue Bao/Journal of Software, 2021,32(10):32363253 (in Chinese). http://www.jos.org.cn/1000-
                 9825/6013.htm

                 Secure  Re-use of Partial Randomness and its  Application in Multi-receiver  Signcryption
                 Scheme

                 LIU Zhen,   HAN Yi-Liang,  YANG Xiao-Yuan,   LIU Shu-Guang

                 (College of Cryptography Engineering, Engineering University of PAP, Xi’an 710086, China)
                 Abstract:    To save bandwidth and computation without sacrificing security while constructing a multi-receiver signcryption scheme, this
                 study extended the paradigm namely the re-use of all randomness to another common scenario, proposed the re-use of partial randomness,
                 and redefined the  multi-receiver signcryption scheme,  reproducible signcryption scheme,  and security  model to the re-use of partial
                 randomness. It then given and proved the reproducibility theorem that the security condition of the re-use of partial randomness is that the
                 scheme is reproducible. Finally, it proved that the LWWD16 signcryption scheme based on lattice is a reproducible signcryption scheme
                 with the re-use of partial randomness, and firstly constructed a multi-message to multi-receiver signcryption scheme with the re-use of
                 partial random numbers based on  lattice,  which satisfied the security of  adaptively  indistinguishable  against  chosen  ciphertext attacks
                 (IND- CCA2) and existentially unforgeable against chosen message attacks (euf-CMA). Efficiency analysis shows that the multi-message



                     基金项目:  国家自然科学基金(61572521, U1636114,  61772550);  国家重点研发计划(2017YFB0802000);  陕西省自然科学基金
                 (2018JM6078);  武警工程大学科研创新团队基金(KYTD201805)
                      Foundation item: National Natural  Science  Foundation  of China  (61572521,  U1636114,  61772550); National Key Research and
                 Development Project of China (2017YFB0802000); Natural Science Foundation of Shanxi Province of China (2018JM6078); Research
                 and Innovation Team Fund of Armed Police Force Engineering University (KYTD201805)
                     收稿时间: 2019-09-29;  修改时间: 2019-12-11;  采用时间: 2020-01-19