高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

云存储环境下无密钥托管可撤销属性基加密方案研究

赵志远 朱智强 王建华 孙磊

赵志远, 朱智强, 王建华, 孙磊. 云存储环境下无密钥托管可撤销属性基加密方案研究[J]. 电子与信息学报, 2018, 40(1): 1-10. doi: 10.11999/JEIT170317
引用本文: 赵志远, 朱智强, 王建华, 孙磊. 云存储环境下无密钥托管可撤销属性基加密方案研究[J]. 电子与信息学报, 2018, 40(1): 1-10. doi: 10.11999/JEIT170317
ZHAO Zhiyuan, ZHU Zhiqiang, WANG Jianhua, SUN Lei. Revocable Attribute-based Encryption with Escrow-free in Cloud Storage[J]. Journal of Electronics & Information Technology, 2018, 40(1): 1-10. doi: 10.11999/JEIT170317
Citation: ZHAO Zhiyuan, ZHU Zhiqiang, WANG Jianhua, SUN Lei. Revocable Attribute-based Encryption with Escrow-free in Cloud Storage[J]. Journal of Electronics & Information Technology, 2018, 40(1): 1-10. doi: 10.11999/JEIT170317

云存储环境下无密钥托管可撤销属性基加密方案研究

doi: 10.11999/JEIT170317
基金项目: 

国家重点研发计划(2016YFB0501900),国家973计划项目(2013CB338000)

Revocable Attribute-based Encryption with Escrow-free in Cloud Storage

Funds: 

The National Key Research Program of China (2016YFB0501900), The National 973 Program of China (2013CB338000)

  • 摘要: 属性基加密因其细粒度访问控制在云存储中得到广泛应用。但原始属性基加密方案存在密钥托管和属性撤销问题。为解决上述问题,该文提出一种密文策略的属性基加密方案。该方案中属性权威与中央控制通过安全两方计算技术构建无密钥托管密钥分发协议解决密钥托管问题。通过更新属性版本密钥的方式达到属性级用户撤销,同时通过中央控制可以实现系统级用户撤销。为减少用户解密过程的计算负担,将解密运算过程中复杂对运算外包给云服务商,提高解密效率。该文基于q-Parallel BDHE假设在随机预言机模型下对方案进行了选择访问结构明文攻击的安全性证明。最后从理论和实验两方面对所提方案的效率与功能性进行了分析。实验结果表明所提方案无密钥托管问题,且具有较高系统效率。
  • ZHANG Yuqing, WANG Xiaofei, LIU Xuefeng, et al. Survey on cloud computing security[J]. Journal of Software, 2016, 27(6): 1328-1348. doi: 10.13328/j.cnki.jos.005004.
    张玉清, 王晓菲, 刘雪峰, 等. 云计算环境安全综述[J]. 软件学报, 2016, 27(6): 1328-1348. doi: 10.13328/j.cnki.jos.005004.
    MOROVATI K, KADAM S, and GHORBANI A. A network based document management model to prevent data extrusion[J]. Computers Security, 2016, 59(c): 71-91. doi: 10.1016/j.cose.2016.02.003.
    BETHENCOURT J, SAHAI A, and WATERS B. Ciphertext-policy attribute-based encryption[C]. 2007 IEEE Symposium on Security and Privacy (SP'07), Berkeley, CA, USA, 2007: 321-334. doi: 10.1109/SP.2007.11.
    LIU C W, HSIEN W F, YANG C C, et al. A survey of attribute-based access control with user revocation in cloud data storage[J]. International Journal of Network Security, 2016, 18(5): 900-916.
    PIRRETTI M, TRAYNOR P, MCDANIEL P, et al. Secure attribute-based systems[C]. Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, 2006: 99-112. doi: 10.1145/ 1180405.1180419.
    BOLDYREVA A, GOYAL V, and KUMAR V. Identity- based encryption with efficient revocation[C]. Proceedings of the 15th ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, 2008: 417-426. doi: 10.1145/1455770.1455823.
    HUANG Q, MA Z, YANG Y, et al. EABDS: Attribute-based secure data sharing with efficient revocation in cloud computing[J]. Chinese Journal of Electronics, 2015, 24(4): 862-868. doi: 10.1049/cje.2015.10.033.
    IBRAIMI L, PETKOVIC M, NIKOVA S, et al. Mediated ciphertext-policy attribute-based encryption and its application[C]. Information Security Applications: 10th International Workshop, Busan, Korea, 2009: 309-323. doi: 10.1007/978-3-642-10838-9_23.
    YU S, WANG C, REN K, et al. Attribute based data sharing with attribute revocation[C]. Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, Beijing, China, 2010: 261-270. doi: 10.1145/1755688. 1755720.
    HUR J and NOH D K. Attribute-based access control with efficient revocation in data outsourcing systems[J]. IEEE Transactions on Parallel and Distributed Systems, 2011, 22(7): 1214-1221. doi: 10.1109/TPDS.2010.203.
    YANG K, JIA X, and REN K. Attribute-based fine-grained access control with efficient revocation in cloud storage systems[C]. Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, Hangzhou, China, 2013: 523-528. doi: 10.1145/ 2484313.2484383.
    ZU L, LIU Z, and LI J. New ciphertext-policy attribute-based encryption with efficient revocation[C]. IEEE International Conference on Computer and Information Technology, Xi,an, China, 2014: 281-287. doi: 10.1109/CIT.2014.97.
    QIAN H, LI J, ZHANG Y, et al. Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation[J]. International Journal of Information Security, 2015, 14(6): 487-497. doi: 10.1007/ s10207-014-0270-9.
    王尚平, 余小娟, 张亚玲. 具有两个可撤销属性列表的密钥策略的属性加密方案[J]. 电子与信息学报, 2016, 38(6): 1406-1411. doi: 10.11999/JEIT150845.
    WANG Shangping, YU Xiaojuan, and ZHANG Yaling. Revocable key-policy attribute-based encryption scheme with two revocation lists[J]. Journal of Electronics Information Technology, 2016, 38(6): 1406-1411. doi: 10.11999/ JEIT150845.
    VAANCHIG N, CHEN W, and QIN Z. Fine-grained access control for cloud data sharing by secure and efficient attribute-revocable ciphertext-policy attribute-based encryption[J]. International Journal of Security and Its Applications, 2016, 10(10): 303-320. doi: 10.14257/ijsia. 2016.10.10.27.
    HUR J. Improving security and efficiency in attribute-based data sharing[J]. IEEE Transactions on Knowledge and Data Engineering, 2013, 25(10): 2271-2282. doi: 10.1109/TKDE. 2011.78.
  • 加载中
计量
  • 文章访问数:  1749
  • HTML全文浏览量:  218
  • PDF下载量:  388
  • 被引次数: 0
出版历程
  • 收稿日期:  2017-04-11
  • 修回日期:  2017-07-07
  • 刊出日期:  2018-01-19

目录

    /

    返回文章
    返回