Data encryption

摘要

Public key encryption methods and apparatus are provided for encrypting secret data under a public key in a data processing system (1). The secret data is provided as a message (m) comprising at least one element of a pair of base groups G1, G2 satisfying a bilinear map ê: G1×G2→GT where GT is a target group. The message (m) is encrypted using the public key to produce an encrypted message (c). A consistency component (v) is generated using the encrypted message (c) and the bilinear map whereby the consistency component (v) permits validation of the encrypted message without revealing the encrypted message. The output ciphertext (ct) comprises the encrypted message (c) and the consistency component (v).

主权项

1. A public key encryption method for encrypting secret data under a public key in a data processing system including a sender device and a receiver device in communication therewith, the method comprising:
constructing, at the sender device, a message (m) having secret data, the secret data comprising at least one element of a pair of base groups G1, G2 satisfying a bilinear map ê: G1×G2→GT where GT is a target group; encrypting, at the sender device, the message (m) using said public key to produce an encrypted message (c); generating a random component, the random component comprising three elements u1, u2 and u3 generated according to u1=g1r; u2=g2s; and u3=g3r+s where g1, g2 and g3 are random group generators from a same base group G, r and s are random numbers generated from another base group generator; generating, at the sender device, a consistency component (v) using said random component, said generating comprising: applying said bilinear map to the encrypted message (c) to obtain a first element and applying the bilinear map to the at least one element of said random component to obtain at least one second element, said bilinear map being applied to each said u1, u2 and u3 according to: ê(fi,1rfi,2s,ui) where i=0, . . . , 3, where u0=g, fi,1r is a function of random group generators g1 and g3, and fi,2s is a function of random group generators g2 and g3, and computing a product of said first element and at least one second element to obtain a single element in GT comprising said consistency component, whereby the consistency component (v) permits validation of the encrypted message without revealing the encrypted message; outputting a ciphertext (ct) comprising the encrypted message (c), the random component, and the consistency component (v); and transmitting said ciphertext (ct) over a communications network to said receiver device for decryption thereof, said receiver device configured to implement decryption logic for verifying whether said consistency component (v) is correct for the encrypted message (c), and if correct, further configured to decrypt the encrypted message (c) to obtain said secret data.