定長(zhǎng)密文且快速解密的分布式屬性基加密方案研究

趙志遠(yuǎn); 王建華; 徐開勇

doi:10.11999/JEIT170072

定長(zhǎng)密文且快速解密的分布式屬性基加密方案研究

doi: 10.11999/JEIT170072

基金項(xiàng)目:

國(guó)家973計(jì)劃項(xiàng)目(2013CB 338000)，國(guó)家重點(diǎn)研發(fā)計(jì)劃(2016YFB0501900)

計(jì)量
- 文章訪問數(shù): 1653
- HTML全文瀏覽量: 181
- PDF下載量: 233
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2017-01-19
- 修回日期: 2017-06-02
- 刊出日期: 2017-11-19

Distributed Attribute-based Encryption with Constant-size Ciphertext and Fast Decryption

Funds:

The National 973 Program of China (2013CB338000), The National Key Research Program of China (2016YFB0501900)

摘要

摘要: 屬性基加密因其細(xì)粒度訪問控制在云存儲(chǔ)中得到廣泛應(yīng)用。但原始屬性基加密方案中單授權(quán)機(jī)構(gòu)帶來了分發(fā)私鑰的計(jì)算瓶頸與信任問題。為解決上述問題，該文基于素?cái)?shù)階雙線性群構(gòu)造了一種分布式屬性基加密方案，方案中授權(quán)機(jī)構(gòu)由多個(gè)權(quán)威中心和多個(gè)屬性中心組成。權(quán)威中心負(fù)責(zé)系統(tǒng)建立及用戶身份相關(guān)密鑰生成，且每次用戶私鑰申請(qǐng)過程中只需一個(gè)權(quán)威中心參與工作，采用多權(quán)威中心的目的是提高系統(tǒng)的穩(wěn)定性和降低權(quán)威中心的計(jì)算量；屬性中心負(fù)責(zé)不同的屬性域，相互獨(dú)立甚至不需要知道其它屬性中心的存在。同時(shí)，該方案的密文長(zhǎng)度與屬性數(shù)量無關(guān)，為一個(gè)常值；在解密運(yùn)算過程中需要的對(duì)運(yùn)算與屬性數(shù)量也無關(guān)，為2個(gè)對(duì)運(yùn)算。該文基于q-Bilinear Diffie-Hellman Exponent假設(shè)在隨機(jī)預(yù)言機(jī)模型下對(duì)方案進(jìn)行了選擇明文攻擊的安全性證明。最后從理論和實(shí)驗(yàn)兩方面對(duì)所提方案的功能與效率進(jìn)行了分析與驗(yàn)證。實(shí)驗(yàn)結(jié)果表明所提方案具有固定密文長(zhǎng)度和快速解密的能力，大大減少了存儲(chǔ)負(fù)擔(dān)并提高了系統(tǒng)效率。
- 屬性基加密 /
- 云存儲(chǔ) /
- 多授權(quán)機(jī)構(gòu) /
- 定長(zhǎng)密文 /
- 快速解密
Abstract: Attribute-Based Encryption (ABE) scheme is widely used in the cloud storage due to its fine-grained access control. However, the single authority can lead to the trust issue and the computation bottleneck of distributing private keys in the original ABE schemes. To solve these problems, a distributed ABE scheme that consists of a number of central authorities and multiple attribute authorities, is constructed based on the prime-order bilinear group in this paper. Here, the central authority is responsible for establishing the system and generating the private key for the user, and a single private key is generated by only one central authority. In order to improve the stability of the system and reduce the calculation of the center authority, a plenty of central authorities are adopted. The attribute authority, which is independent of each other, is responsible for managing different attribute domains. At the same time, the ciphertext length of the proposed scheme has nothing to do with the number of attributes, therefore, it is a constant. The most important thing is that the decryption computation needs only two bilinear pair operations. The scheme is proved selectively secure based on q-Bilinear Diffie-Hellman Exponent (q-BDHE) assumption in the random oracle model. Finally, the functionality and efficiency of the proposed scheme are analyzed and verified. The experimental results show that the proposed scheme has both constant-size ciphertext and the ability of fast decryption, which greatly reduces the storage burden and improves the system efficiency.
- Attribute-Based Encryption (ABE) /
- Cloud storage /
- Multi-authority /
- Constant-size ciphertext /
- Fast decryption

HTML全文

參考文獻(xiàn)(22)

ZHANG Yuqing, WANG Xiaofei, LIU Xuefeng, et al. Survey on cloud computing security[J]. Journal of Software, 2016, 27(6): 1328-1348. doi: 10.13328/j.cnki.jos.005004.

張玉清, 王曉菲, 劉雪峰, 等. 云計(jì)算環(huán)境安全綜述[J]. 軟件學(xué)報(bào), 2016, 27(6): 1328-1348. doi: 10.13328/j.cnki.jos.005004.

BETHENCOURT J, SAHAI A, and WATERS B. Ciphertext-policy attribute-based encryption[C]. IEEE Symposium on Security and Privacy, Los Alamitos, CA, USA, 2007: 321-334. doi: 10.1109/SP.2007.11.

JUNG T, Li X Y, WAN Z, et al. Control cloud data access privilege and anonymity with fully anonymous attribute- based encryption[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(1): 190-199. doi: 10.1109/ TIFS.2014.2368352.

唐強(qiáng), 姬東耀. 多授權(quán)中心可驗(yàn)證的基于屬性的加密方案[J]. 武漢大學(xué)學(xué)報(bào)(理學(xué)版), 2008, 54(5): 607-610. doi: 10.14188/j. 1671-8836.2008.05.029.

TANG Qiang and JI Dongyao. Multi-authority verifiable attribute-based encryption[J]. Journal of Wuhan University (Natural Science Edition), 2008, 54(5): 607-610. doi: 10.14188 /j.1671-8836.2008.05.029.

CHASE M. Multi-authority attribute based encryption[C]. Theory of Cryptography Conference, Amsterdam, The Netherlands, 2007: 515-534. doi: 10.1007/978-3-540-70936 -7_28.

肖思煜, 葛愛軍, 馬傳貴. 去中心化且固定密文長(zhǎng)度的基于屬性加密方案[J]. 計(jì)算機(jī)研究與發(fā)展, 2016, 53(10): 2207-2215. doi: 10.7544/issn1000-1239.2016.20160459.

XIAO Siyu, GE Aijun, and MA Chuangui. Decentralized attribute-based encryption scheme with constant-size ciphertexts[J]. Journal of Computer Research and Development, 2016, 53(10): 2207-2215. doi: 10.7544/issn1000 -1239.2016.20160459.

CHASE M and CHOW S S M. Improving privacy and security in multi-authority attribute-based encryption[C]. Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, Illinois, USA, 2009: 121-130. doi: 10.1145/1653662.1653678.

LEWKO A and WATERS B. Decentralizing attribute-based encryption[C]. Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, 2011: 568-588. doi: 10.1007/978-3-642- 20465-4_31.

LIU Z, CAO Z, HUANG Q, et al. Fully secure multi-authority ciphertext-policy attribute-based encryption without random oracles[C]. European Symposium on Research in Computer Security, Leuven, Belgium, 2011: 278-297. doi: 10.1007/978- 3-642-23822-2_16.

ROUSELAKIS Y and WATERS B. Efficient statically-secure large-universe multi-authority attribute-based encryption[C]. International Conference on Financial Cryptography and Data Security, San Juan, Puerto Rico, 2015: 315-332. doi: 10.1007/978-3-662-47854-7_19.

ZHONG H, ZHU W, XU Y, et al. Multi-authority attribute- based encryption access control scheme with policy hidden for cloud storage[J]. Soft Computing, 2016: 1-9. doi: 10.1007 /s00500-016-2330-8.

SCOTT-HAYWARD S, NATARAJAN S, and SEZER S. A survey of security in software defined networks[J]. IEEE Communications Surveys Tutorials, 2016, 18(1): 623-654. doi: 10.1109/COMST.2015.2453114.

BLENK A, BASTA A, REISSLEIN M, et al. Survey on network virtualization hypervisors for software defined networking[J]. IEEE Communications Surveys Tutorials, 2016, 18(1): 655-685. doi: 10.1109/COMST.2015.2489183.

CHOW S S M. A framework of multi-authority attribute- based encryption with outsourcing and revocation[C]. Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, Shanghai, China, 2016: 215-226. doi: 10.1145/2914642.2914659.

LUO E, LIU Q, and WANG G. Hierarchical multi-authority and attribute-based encryption friend discovery scheme in mobile social networks[J]. IEEE Communications Letters, 2016, 20(9): 1772-1775. doi: 10.1109/LCOMM.2016.2584614.

魏江宏, 胡學(xué)先, 劉文芬. 多屬性機(jī)構(gòu)環(huán)境下的屬性基認(rèn)證密鑰交換協(xié)議[J]. 電子與信息學(xué)報(bào), 2012, 34(2): 451-456. doi: 10.3724/SP.J.1146.2011.00701.

WEI Jianghong, HU Xuexian, and LIU Wenfen. Attribute- based authenticated key exchange protocol in multiple attribute authorities environment[J]. Journal of Electronics Information Technology, 2012, 34(2): 451-456. doi: 10.3724 /SP.J.1146.2011.00701.

馮登國(guó), 陳成. 屬性密碼學(xué)研究[J]. 密碼學(xué)報(bào), 2014, 1(1): 1-12. doi: 10.13868/j.cnki.jcr.000001.

FENG Dengguo and CHEN Cheng. Research on attribute- based cryptography[J]. Journal of Cryptologic Research, 2014, 1(1): 1-12. doi: 10.13868/j.cnki.jcr.000001.

相關(guān)文章

施引文獻(xiàn)

資源附件(0)

訪問統(tǒng)計(jì)