可驗證外包解密的離線/在線屬性基加密方案

趙志遠(yuǎn); 孫磊; 戶家富; 周時娥

doi:10.11999/JEIT180122

可驗證外包解密的離線/在線屬性基加密方案

doi: 10.11999/JEIT180122

信息工程大學(xué)三院 ??鄭州 ??450001

基金項目: 國家973計劃(2013CB338000)，國家重點研發(fā)計劃項目(2016YFB0501900)

詳細(xì)信息

作者簡介:
趙志遠(yuǎn)：男，1989年生，博士生，研究方向為云安全與屬性加密

孫磊：男，1973年生，教授，研究方向為云計算與信息安全

戶家富：男，1981年生，講師，研究方向為網(wǎng)絡(luò)計算與信息安全

周時娥：女，1978年生，講師，研究方向為科技英語與云計算

通訊作者:
趙志遠(yuǎn)　 zzy_taurus@foxmail.com

中圖分類號: TP309
計量
- 文章訪問數(shù): 2505
- HTML全文瀏覽量: 1114
- PDF下載量: 72
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2018-01-29
- 修回日期: 2018-06-11
- 網(wǎng)絡(luò)出版日期: 2018-08-30
- 刊出日期: 2018-12-01

Efficient Offline/Online Attribute Based Encryption with Verifiable Outsourced Decryption

The Third Institute, Information Engineering University, Zhengzhou 450001, China

Funds: The National 973 Program of China (2013CB338000), The National Key Research Program of China (2016YFB0501900)

摘要

摘要: 屬性基加密可以為霧-云計算中的數(shù)據(jù)提供機(jī)密性保護(hù)和細(xì)粒度訪問控制，但霧-云計算系統(tǒng)中的移動設(shè)備難以承擔(dān)屬性基加密的繁重計算負(fù)擔(dān)。為解決該問題，該文提出一種可驗證外包解密的離線/在線屬性基加密方案。該方案能夠?qū)崿F(xiàn)離線/在線的密鑰生成和數(shù)據(jù)加密，同時支持可驗證外包解密。然后，給出方案的選擇明文攻擊的安全證明和可驗證性的安全證明。之后，該文將轉(zhuǎn)換階段所需雙線性對的計算量降為恒定常數(shù)。最后，從理論和實驗兩方面對所提方案進(jìn)行性能分析，實驗結(jié)果表明該方案是有效且實用的。
- 屬性基加密 /
- 離線/在線 /
- 外包解密 /
- 可驗證性
Abstract: Attribute based encryption can provide data confidentiality protection and fine-grained access control for fog-cloud computing, however mobile devices in fog cloud computing system are difficult to bear the burdensome computing burden of attribute based encryption. In order to address this problem, an offline/online ciphertext-plicy attribute-based encryption scheme is presented with verifiable outsourced decryption based on the bilinear group of prime order. It can realize the offline/online key generation and data encryption. Simultaneously, it supports the verifiable outsourced decryption. Then, the formal security proofs of its selective chosen plaintext attack security and verifiability are provided. After that, the improved offline/online ciphertext-plicy attribute-based encryption scheme with verifiable outsourced decryption is presented, which reduces the number of bilinear pairings from linear to constant in the transformation phase. Finally, the efficiency of the proposed scheme is analyzed and verified through theoretical analysis and experimental simulation. The experimental results show that the proposed scheme is efficient and practical.
- Attributed-based encryption /
- Offline/online /
- Outsourced decryption /
- Verifiability

HTML全文

圖 1 本文方案與文獻(xiàn)[17,18]方案仿真時間對比

下載: 全尺寸圖片幻燈片

表 1 計算效率對比分析

算法		文獻(xiàn)[17]方案	文獻(xiàn)[18]方案	3OVD-CP-ABE	I3OVD-CP-ABE
密鑰生成	離線	$(3s{\rm{ + }}4){E_G} + (s{\rm{ + 1}}){\rm{Mul}}$	$(3s{\rm{ + }}4){E_G} + (s{\rm{ + 1}}){\rm{Mul}}$	$(3s{\rm{ + }}4){E_G} + (s{\rm{ + 1}}){\rm{Mul}}$	$(2s{\rm{ + 5}}){E_G} + (s{\rm{ + 1}}){\rm{Mul}}$
密鑰生成	在線	$s{\rm{Mul}}$	$s{\rm{Mul}}$	$s{\rm{Mul}}$	$s{\rm{Mul}}$
加密	離線	$(5l{\rm{ + 1}}){E_G} + 1{E_{{G_T}}} + 2l{\rm{Mul}}$	$(5l{\rm{ + 1}}){E_G} + 1{E_{{G_T}}} + 2l{\rm{Mul}}$	$(5l{\rm{ + 1}}){E_G} + 1{E_{{G_T}}} + 2l{\rm{Mul}}$	$(4l{\rm{ + 2}}){E_G} + 1{E_{{G_T}}} + 2l{\rm{Mul}}$
加密	在線	0	$2{E_G}{\rm{ + }}{\rm{Mul}}$	$3H$	$3H$
解密	外包	—	$\begin{gathered} (2y{\rm{ + 1}}){E_{{G_T}}} + y{E_{{G_T}}} \\ {\rm{ + }}(3y{\rm{ + 2}})P + 2y{\rm{Mul}} \\ \end{gathered} $	$\begin{gathered} (2y{\rm{ + 1}}){E_{{G_T}}} + y{E_{{G_T}}} \\ {\rm{ + }}(3y{\rm{ + 2}})P + 2y{\rm{Mul}} \\ \end{gathered} $	$(5y{\rm{ + 5}}){E_G}{\rm{ + 10}}P{\rm{ + 4}}y{\rm{Mul}}$
解密	用戶	$\begin{gathered} (2y{\rm{ + 1}}){E_{{G_T}}} + y{E_{{G_T}}} \\ {\rm{ + }}(3y{\rm{ + 2}})P + 2y{\rm{Mul}} \\ \end{gathered} $	$2{E_G} + 1{E_{{G_T}}} + {\rm{Mul}}$	$1{E_{{G_T}}}{\rm{ + }}3H$	$1{E_{{G_T}}}{\rm{ + }}3H$

下載: 導(dǎo)出CSV

參考文獻(xiàn)(18)

KHAN S, PARKINSON S, and QIN Yongrui. Fog computing security: A review of current applications and security solutions[J]. Journal of Cloud Computing, 2017, 6(1): 19–41 doi: 10.1186/s13677-017-0090-3

SAHAI A and WATERS B. Fuzzy identity-based encryption[C]. Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, 2005: 457–473. doi: 10.1007/11426639_27.

GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]. Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, USA, 2006: 89–98. doi: 10.1145/1180405.1180418.

BETHENCOURT J, SAHAI A, and WATERS B. Ciphertext-policy attribute-based encryption[C]. Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, USA, 2007: 321–334. doi: 10.1109/SP.2007.11.

GREEN M, HOHENBERGER S, and WATERS B. Outsourcing the decryption of ABE ciphertexts[C]. Proceedings of the 20th USENIX Conference on Security, San Francisco, USA, 2011: 34.

LAI Junzuo, DENG R H, GUAN Chaowen, et al. Attribute-based encryption with verifiable outsourced decryption[J]. IEEE Transactions on Information Forensics and Security, 2013, 8(8): 1343–1354 doi: 10.1109/TIFS.2013.2271848

ZHAO Zhiyuan and WANG Jianhua. Verifiable outsourced ciphertext-policy attribute-based encryption for mobile cloud computing[J].KSII Transactions on Internet and Information Systems, 2017, 11(6): 3254–3272 doi: 10.3837/tiis.2017.06.024

FAN Kai, WANG Junxiong, WANG Xin, et al. A secure and verifiable outsourced access control scheme in fog-cloud computing[J]. Sensors, 2017, 17(7): 1695–1710 doi: 10.3390/s17071695

LI Jiguo, SHA Fengjie, ZHANG Yichen, et al. Verifiable outsourced decryption of attribute-based encryption with constant ciphertext length[J]. Security and Communication Networks, 2017, 2017: 1–11 doi: 10.1155/2017/3596205

ZHANG Rui, MA Hui, and LU Yao. Fine-grained access control system based on fully outsourced attribute-based encryption[J]. Journal of Systems and Software, 2017, 125(3): 344–353 doi: 10.1016/j.jss.2016.12.018

EVEN S, GOLDREICH O, and MICALI S. On-line/off-line digital signatures[C]. Proceedings of the Conference on the Theory and Application of Cryptology, Santa Barbara, USA, 1989: 263–275. doi: 10.1007/0-387-34805-0_24.

LIU J K, BAEK J, ZHOU Jianying, et al. Efficient online/offline identity-based signature for wireless sensor network[J]. International Journal of Information Security, 2010, 9(4): 287–296 doi: 10.1007/s10207-010-0109-y

GUO Fuchun, MU Yi, and CHEN Zhide. Identity-based online/offline encryption[C]. Proceedings of the International Conference on Financial Cryptography and Data Security, Cozumel, Mexico, 2008: 247–261. doi: 10.1007/978-3-540-85230-8_22.

LIU J K and ZHOU Jianying. An efficient identity-based online/offline encryption scheme[C]. Proceedings of the International Conference on Applied Cryptography and Network Security, Paris-Rocquencourt, France, 2009: 156–167. doi: 10.1007/978-3-642-01957-9_10.

CHOW S S M, LIU J K, and ZHOU Jianying. Identity-based online/offline key encapsulation and encryption[C]. Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, Hong Kong, China, 2011: 52–60. doi: 10.1145/1966913.1966922.

ROUSELAKIS Y and WATERS B. Practical constructions and new proof methods for large universe attribute-based encryption[C]. Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, Berlin, Germany, 2013: 463–474. doi: 10.1145/2508859.2516672.

HOHENBERGER S and WATERS B. Online/offline attribute-based encryption[C]. Proceedings of the International Workshop on Public Key Cryptography, Buenos Aires, Argentina, 2014: 293–310. doi: 10.1007/978-3-642-54631-0_17.

LIU Zechao, JIANG Z L, WANG Xuan, et al. Offline/online attribute-based encryption with verifiable outsourced decryption[J]. Concurrency and Computation:Practice and Experience, 2017, 29(7): 1–17 doi: 10.1002/cpe.3915

相關(guān)文章

施引文獻(xiàn)

資源附件(0)

訪問統(tǒng)計