國
立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
62
7. 結論
本研究提出了一個在雙方架構下比較雙方私密資訊是否相等的協定,同時允許協定中的 雙方驗證結果的正確性。有別於之前學者所提出的方案,協定所用的加密演算法為常見 的 ElGamal 演算法,對加密演算法的選取不需做額外條件的限制,唯一的限制就是所選 取的加密演算法須符合語意安全以及乘法同態。換句話說,只要符合語意安全以及乘法 同態的加密演算法,都可以利用此協定達到雙方相等性的比較。因為如此,此協定較容 易實作,應用的可能性也相對的提高。除此之外,利用本研究提出的協定搭配有效率的 模糊傳輸,可以在保護雙方的隱私下,達到正確的資料傳輸。同時也將雙方相等性驗證 搭配模糊傳輸之協定應用於數位商品的購買,保障了買賣雙方所需要的隱私,也保障了 買賣的正確性以及公平性。
在實作方面,本研究實作了一個簡單的模擬,讓使用者輸入關鍵字搜尋,並回傳相 對應的資料。除了理論證明外,更以模擬證實了本研究提出協定的正確性。雖然 163 筆 資料量平均仍須 15.524 秒的執行時間,但相信能夠藉由比對演算法的改善或是程式的最 佳化來減少執行時間,達到優化的效果。
未來希望能夠進一步的研究如何將此協定延伸,發展出適用於如 RSA 等具備同態 性質但非語意安全的加密演算法的方案。此外,也希望將程式改為利用網路溝通互動的 模式,計算通訊所需耗費的時間,使其更為貼近生活中所應用的實際情況,以便針對使 用者的需求加強及改良。若能將協定的運算時間在降低,相信會有更多的應用能夠發展,
使更多層面的資料安全及隱私能夠被充分保護。
‧
Areas of Cryptography, pp. 120–128, 1994.[2] D. Boneh, EJ. Goh, and K. Nissim, “Evaluating 2-DNF formulas on ciphertexts”, Proceedings of Thepry of Cryptography (TCC), pp. 325–341, 2005.
[3] I. F. Blake and V. Kolesnikov, “Strong conditional oblivious transfer and computing on intervals”, Proceedings of Advances in Cryptology (Asiacrypt'04), LNCS vol.3329, pp.515-529, 2004.
[4] G. Brassard, C. Cre'peau, and J. M. Robert, “Oblivious transfer and privacy amplification”, Proceedings of Advances in Cryptology (Eurocrypt'97), LNCS vol.1233, pp. 334-346, 1997.
[5] M. Bellare, and S. Micali, “Non-interactive oblivious transfer”, Proceedings of Advances in Cryptology (Crypto'89), LNCS vol.435, pp. 547-557, 1990.
[6] S. F. Ciou, “Two-party equality test with privacy protection”, Master's Thesis, 2011. (in Chinese)
[7] S. F. Ciou, R. Tso: “A privacy preserved two-party equality testing protocol”, Proceedings of ICGEC 2011, pp. 220-223, 2011.
[8] C. K. Chu and W. G. Tzeng, “Efficient k-out-of-n oblivious transfer schemes with adaptive and non-adaptive queries”, Proceedings of the Public Key Cryptography(PKC '05), LNCS vol.3386, pp.200-212, 2005.
[9] C. K. Chu and W. G. Tzeng, “Conditional oblivious cast”, Proceedings of the Public Key Cryptography (PKC '06), LNCS vol.3958, pp. 443-457, 2006.
[10] G. D. Crescenzo, R. Ostrovsky, and S. Rajagopalan, “Conditional oblivious transfer and time-released encryption”, Proceedings of Advances in Cryptology (Eurocrypt'99), LNCS
‧
vol.1592, pp. 74-89, 1999.
[11] T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms”, IEEE Trans. Inform. Theory, vol. 31, pp. 469-472, 1985.
[12] C. Gentry, “Fully homomorphic encryption using ideal lattices”, Proceedings of STOC ’09, ACM, pages 169–178, 2009.
[13] C. Gentry and Z. Ramzan, “Single-database private information retrieval with constant communication rate”, Proceedings of ICALP 2005, pp.803-815, 2005.
[14] S. Goldwasser and S. Micali, “Probabilistic encryption & how to play mental poker keeping secret all partial information”, Proceedings of Annual ACM Symposium on Theory of Computing, pp.365-377, 1982.
[15] B. Hemenway and R. Ostrovsky, “Lossy trapdoor functions from smooth homomorphic hash proof systems”, In Electronic Colloquium on Computational Complex-ity, Report TR09-127, 2009.
[16] M. Hirt and K. Sako, “Efficient receipt-Free voting based on homomorphic encryption”, Proceedings of (Eurocrypt'00), LNCS vol.1807, pp.539–556, 2000.
[17] K. Kurosawa and Q. Duong, “How to design efficient multiple-use 1-out-n oblivious transfer”, IEICE Trans. Fundamentals, vol.E87-A, No.1, pp. 141-146, 2004.
[18] R. Li and C.K. Wu, “Co-operative private equality test”, International Journal of Network Security, vol.1, No.3, PP.149–153, 2005.
[19] N.Y. Lee and C.C. Wang, “Verifiable oblivious transfer protocol”, IEICE Trans.
Information and Systems, vol.E88-D, No.12, pp. 2890-2892, 2005.
[20] M. Naor and B. Pinkas, “Efficient Oblivious Transfer Protocols”, Proceedings of ACM-SIAM symposium on Discrete algorithms, pp.448-457, 2000.
[21] P. Paillier, “Public-key cryptosystems based on composite degree residuocity classes”,
‧ 國
立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
65
Proceedings of Advances in Cryptology (Eurocrypt'99), LNCS vol.1592, pp. 223–238, 1999.
[22] R. Rivest, A. Shamir and L. Adleman,” A method for obtaining digital signatures and public-key cryptosystems”, Comm. ACM vol.21, pp. 120-126, 1977.
[23] M. Rabin, “How to exchange secrets by oblivious transfer”, Technical Report TR-81, Aiken Computation Laboratory, Harvard University, 1981
[24] A. Yao, “Protocols for secure computations”, Proceedings of 21st Annual IEEE Symposium on Foundations of Computer Science, 1982.