高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

定长密文且快速解密的分布式属性基加密方案研究

赵志远 王建华 徐开勇

downloadPDF
文章导航 > 电子与信息学报  > 2017 >  39(11): 2724-2732
赵志远, 王建华, 徐开勇. 定长密文且快速解密的分布式属性基加密方案研究[J]. 电子与信息学报, 2017, 39(11): 2724-2732. doi: 10.11999/JEIT170072
引用本文: 赵志远, 王建华, 徐开勇. 定长密文且快速解密的分布式属性基加密方案研究[J]. 电子与信息学报, 2017, 39(11): 2724-2732. doi: 10.11999/JEIT170072
shu
ZHAO Zhiyuan, WANG Jianhua, XU Kaiyong. Distributed Attribute-based Encryption with Constant-size Ciphertext and Fast Decryption[J]. Journal of Electronics & Information Technology, 2017, 39(11): 2724-2732. doi: 10.11999/JEIT170072
Citation: ZHAO Zhiyuan, WANG Jianhua, XU Kaiyong. Distributed Attribute-based Encryption with Constant-size Ciphertext and Fast Decryption[J]. Journal of Electronics & Information Technology, 2017, 39(11): 2724-2732. doi: 10.11999/JEIT170072
shu

定长密文且快速解密的分布式属性基加密方案研究

doi: 10.11999/JEIT170072
基金项目: 

国家973计划项目(2013CB 338000),国家重点研发计划(2016YFB0501900)

Distributed Attribute-based Encryption with Constant-size Ciphertext and Fast Decryption

Funds: 

The National 973 Program of China (2013CB338000), The National Key Research Program of China (2016YFB0501900)

    摘要
  • 摘要: 属性基加密因其细粒度访问控制在云存储中得到广泛应用。但原始属性基加密方案中单授权机构带来了分发私钥的计算瓶颈与信任问题。为解决上述问题,该文基于素数阶双线性群构造了一种分布式属性基加密方案,方案中授权机构由多个权威中心和多个属性中心组成。权威中心负责系统建立及用户身份相关密钥生成,且每次用户私钥申请过程中只需一个权威中心参与工作,采用多权威中心的目的是提高系统的稳定性和降低权威中心的计算量;属性中心负责不同的属性域,相互独立甚至不需要知道其它属性中心的存在。同时,该方案的密文长度与属性数量无关,为一个常值;在解密运算过程中需要的对运算与属性数量也无关,为2个对运算。该文基于q-Bilinear Diffie-Hellman Exponent假设在随机预言机模型下对方案进行了选择明文攻击的安全性证明。最后从理论和实验两方面对所提方案的功能与效率进行了分析与验证。实验结果表明所提方案具有固定密文长度和快速解密的能力,大大减少了存储负担并提高了系统效率。
    Abstract: Attribute-Based Encryption (ABE) scheme is widely used in the cloud storage due to its fine-grained access control. However, the single authority can lead to the trust issue and the computation bottleneck of distributing private keys in the original ABE schemes. To solve these problems, a distributed ABE scheme that consists of a number of central authorities and multiple attribute authorities, is constructed based on the prime-order bilinear group in this paper. Here, the central authority is responsible for establishing the system and generating the private key for the user, and a single private key is generated by only one central authority. In order to improve the stability of the system and reduce the calculation of the center authority, a plenty of central authorities are adopted. The attribute authority, which is independent of each other, is responsible for managing different attribute domains. At the same time, the ciphertext length of the proposed scheme has nothing to do with the number of attributes, therefore, it is a constant. The most important thing is that the decryption computation needs only two bilinear pair operations. The scheme is proved selectively secure based on q-Bilinear Diffie-Hellman Exponent (q-BDHE) assumption in the random oracle model. Finally, the functionality and efficiency of the proposed scheme are analyzed and verified. The experimental results show that the proposed scheme has both constant-size ciphertext and the ability of fast decryption, which greatly reduces the storage burden and improves the system efficiency.
    • HTML全文
    • 参考文献(22)
  • ZHANG Yuqing, WANG Xiaofei, LIU Xuefeng, et al. Survey on cloud computing security[J]. Journal of Software, 2016, 27(6): 1328-1348. doi: 10.13328/j.cnki.jos.005004.
    张玉清, 王晓菲, 刘雪峰, 等. 云计算环境安全综述[J]. 软件学报, 2016, 27(6): 1328-1348. doi: 10.13328/j.cnki.jos.005004.
    BETHENCOURT J, SAHAI A, and WATERS B. Ciphertext-policy attribute-based encryption[C]. IEEE Symposium on Security and Privacy, Los Alamitos, CA, USA, 2007: 321-334. doi: 10.1109/SP.2007.11.
    JUNG T, Li X Y, WAN Z, et al. Control cloud data access privilege and anonymity with fully anonymous attribute- based encryption[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(1): 190-199. doi: 10.1109/ TIFS.2014.2368352.
    唐强, 姬东耀. 多授权中心可验证的基于属性的加密方案[J]. 武汉大学学报(理学版), 2008, 54(5): 607-610. doi: 10.14188/j. 1671-8836.2008.05.029.
    TANG Qiang and JI Dongyao. Multi-authority verifiable attribute-based encryption[J]. Journal of Wuhan University (Natural Science Edition), 2008, 54(5): 607-610. doi: 10.14188 /j.1671-8836.2008.05.029.
    CHASE M. Multi-authority attribute based encryption[C]. Theory of Cryptography Conference, Amsterdam, The Netherlands, 2007: 515-534. doi: 10.1007/978-3-540-70936 -7_28.
    肖思煜, 葛爱军, 马传贵. 去中心化且固定密文长度的基于属性加密方案[J]. 计算机研究与发展, 2016, 53(10): 2207-2215. doi: 10.7544/issn1000-1239.2016.20160459.
    XIAO Siyu, GE Aijun, and MA Chuangui. Decentralized attribute-based encryption scheme with constant-size ciphertexts[J]. Journal of Computer Research and Development, 2016, 53(10): 2207-2215. doi: 10.7544/issn1000 -1239.2016.20160459.
    CHASE M and CHOW S S M. Improving privacy and security in multi-authority attribute-based encryption[C]. Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, Illinois, USA, 2009: 121-130. doi: 10.1145/1653662.1653678.
    LEWKO A and WATERS B. Decentralizing attribute-based encryption[C]. Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, 2011: 568-588. doi: 10.1007/978-3-642- 20465-4_31.
    LIU Z, CAO Z, HUANG Q, et al. Fully secure multi-authority ciphertext-policy attribute-based encryption without random oracles[C]. European Symposium on Research in Computer Security, Leuven, Belgium, 2011: 278-297. doi: 10.1007/978- 3-642-23822-2_16.
    ROUSELAKIS Y and WATERS B. Efficient statically-secure large-universe multi-authority attribute-based encryption[C]. International Conference on Financial Cryptography and Data Security, San Juan, Puerto Rico, 2015: 315-332. doi: 10.1007/978-3-662-47854-7_19.
    ZHONG H, ZHU W, XU Y, et al. Multi-authority attribute- based encryption access control scheme with policy hidden for cloud storage[J]. Soft Computing, 2016: 1-9. doi: 10.1007 /s00500-016-2330-8.
    SCOTT-HAYWARD S, NATARAJAN S, and SEZER S. A survey of security in software defined networks[J]. IEEE Communications Surveys Tutorials, 2016, 18(1): 623-654. doi: 10.1109/COMST.2015.2453114.
    BLENK A, BASTA A, REISSLEIN M, et al. Survey on network virtualization hypervisors for software defined networking[J]. IEEE Communications Surveys Tutorials, 2016, 18(1): 655-685. doi: 10.1109/COMST.2015.2489183.
    CHOW S S M. A framework of multi-authority attribute- based encryption with outsourcing and revocation[C]. Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, Shanghai, China, 2016: 215-226. doi: 10.1145/2914642.2914659.
    LUO E, LIU Q, and WANG G. Hierarchical multi-authority and attribute-based encryption friend discovery scheme in mobile social networks[J]. IEEE Communications Letters, 2016, 20(9): 1772-1775. doi: 10.1109/LCOMM.2016.2584614.
    魏江宏, 胡学先, 刘文芬. 多属性机构环境下的属性基认证密钥交换协议[J]. 电子与信息学报, 2012, 34(2): 451-456. doi: 10.3724/SP.J.1146.2011.00701.
    WEI Jianghong, HU Xuexian, and LIU Wenfen. Attribute- based authenticated key exchange protocol in multiple attribute authorities environment[J]. Journal of Electronics Information Technology, 2012, 34(2): 451-456. doi: 10.3724 /SP.J.1146.2011.00701.
    冯登国, 陈成. 属性密码学研究[J]. 密码学报, 2014, 1(1): 1-12. doi: 10.13868/j.cnki.jcr.000001.
    FENG Dengguo and CHEN Cheng. Research on attribute- based cryptography[J]. Journal of Cryptologic Research, 2014, 1(1): 1-12. doi: 10.13868/j.cnki.jcr.000001.
    • 相关文章
    • 施引文献
  • 资源附件(0)
  • 加载中
计量
  • 文章访问数:  1524
  • HTML全文浏览量:  151
  • PDF下载量:  226
  • 被引次数: 0
出版历程
  • 收稿日期:  2017-01-19
  • 修回日期:  2017-06-02
  • 刊出日期:  2017-11-19

目录

    /

    返回文章
    返回

    Copyright © 2018《电子与信息学报》编辑部 京ICP备20021838号-8

    中国科学院电子学研究所,北京市2702信箱,邮编:100190

    电话:010-58887066传真:021-64253812Email:jeit@mail.ie.ac.cn

    本系统由 北京仁和汇智信息技术有限公司 开发    百度统计