Research On Cryptographic Techniques Toward Data Privacy Protection And Their Applications

In an era of informatization and digitization,promoting digital economy becomes a significant economic strategy of China.However,when digital economy produces huge social utility and economic boost,it also brings privacy leakage risks.Therefore,data privacy should be protected in the whole process of data input,computation,transmission and output.The cornerstone of data privacy protection technologies are cryptographic techniques,which mainly include secure multiparty computation,zero knowledge proof(ZKP),homomorphic encryption,signcryption,secret sharing and so on.Among them,ZKP can build trust among parties in multiparty protocols,and signcryption can ensure data confidentiality,data integrity and authenticity of sender simultaneously.This thesis focuses on sanitizable signcryption,non-interactive zero knowledge(NIZK)proof from trusted execution environment(TEE)technologies,and the application of sanitizable signcryption and NIZK proof in knowledge sharing scenarios.The main results of this thesis are as following:1.To solve the difficult problem of constructing public verifiable sanitizable signcryption schemes,a new composition paradigm based on classic signcryption is proposed in this thesis,which is called "encrypt-thencommit-then-sign(EtCtS)".Using the EtCtS paradigm,this thesis gives the first construction of efficient and public verifiable sanitizable signcryption scheme,called "PVSSC".The PVSSC scheme converts the sanitzation operation over signcryptext into finding collisions for the chameleon hash function with a trapdoor key;besides,the validity of signcryptext,either sanitized or not,could be publicly verified.Compared to existing ciphertext sanitization schemes,PVSSC achieves public verifiability and higher efficiency.2.Existing NIZK proofs rarely realize universal composable(UC)security,adaptive security and high efficiency simultaneously.To deal with this problem,a NIZK proof system based on a global TEE setup is proposed.In the NIZK proof system,only the prover is equipped with a global TEE,which allows reuse of the underlying hardware.Compared to existing proof systems,this NIZK proof system achieves stronger adaptive security under the UC security model,and it has low computational cost and communicational cost.3.Designated verifier non-interactive zero knowledge(DVNIZK)proof system is an important type of NIZK proof system,however,existing DVNIZK proofs rarely realize generalized UC security.To solve the problem,this thesis formalizes the ideal functionality of DVNIZK proof system in the UC security model for the first time.Besides,two constructions of DVNIZK proofs based on global TEE setups are proposed.The first construction requires only the prover to have a TEE,and the second construction requires that both the prover and the verifier have TEEs.The two DVNIZK proof systems both achieve generalized UC security and prover deniability,and they are both computationally and communicationally efficient.4.To deal with the privacy protection problems in knowledge sharing,this thesis propose a new privacy preserving knowledge sharing scheme,called PrivKS.The main cryptographic components of the PrivKS scheme are NIZK proofs and sanitizable signcryptions.The PrivKS scheme uses sanitizable signcryptions to protect data privacy and perform access control,and it utilize NIZK proofs to realize a knowledge evaluation functionality,ensuring the reliability of knowledge.Besides,the PrivKS scheme uses privacy preserving smart contracts to execute the algorithms in knowledge sharing procedures,guaranteeing privacy and fairness of the procedures.Compared with existing knowledge sharing schemes,the PrivKS scheme realizes knowledge evaluation mechanism for the first time and achieves more fine-grained access control;in addition,the PrivKS scheme significantly improves the computational efficiency of data encryption and data decryption.