快速解密且私钥定长的密文策略属性基加密方案

李龙; 古天龙; 常亮; 徐周波; 钱俊彦

doi:10.11999/JEIT171086

快速解密且私钥定长的密文策略属性基加密方案

doi: 10.11999/JEIT171086

^①(桂林电子科技大学机电工程学院桂林 541004) ^②(广西信息科学实验中心(桂林电子科技大学) 桂林 541004) ^③(广西可信软件重点实验室(桂林电子科技大学) 桂林 541004)

基金项目:

国家自然科学基金(U1501252, 61572146, 61562015, U1711263, 61561016)，广西重点研发计划(AC16380014, AA17202048)，广西自然科学基金(2016GXNSFDA380006, 2017GXNSFAA198283)，桂林电子科技大学创新团队项目

详细信息

作者简介:
李龙：李龙：男，1989年生，博士生，研究方向为密码算法分析与设计. 古天龙：男，1964年生，教授，博士生导师，研究方向为信息安全. 常亮：男，1980年生，教授，研究方向为可信软件设计及测试. 徐周波：女，1976年生，副教授，研究方向为病毒防治和入侵检测. 钱俊彦：男，1973年生，教授，研究方向为形式化验证.

中图分类号: TP309
计量
- 文章访问数: 1534
- HTML全文浏览量: 228
- PDF下载量: 61
- 被引次数: 0
出版历程
- 收稿日期: 2017-11-20
- 修回日期: 2018-04-13
- 刊出日期: 2018-07-19

Expressive Ciphertext-policy Attribute-based Encryption Scheme with Fast Decryption and Constant-size Secret Keys

LI Long^① GU Tianlong^② CHANG Liang^③ XU Zhoubo^③ QIAN Junyan^③

Funds:

The National Natural Science Foundation of China (U1501252, 61572146, 61562015, U1711263, 61561016), The Key Research and Development Program of Guangxi (AC16380014, AA17202048), The Natural Science Foundation of Guangxi (2016GXNSFDA380006, 2017GXNSFAA198283), The Program for Innovative Research Team of Guilin University of Electronic Technology

摘要

摘要: 在保证密文策略属性基加密(CP-ABE)算法安全性的前提下，尽可能地提升其工作效率一直是密码学领域的研究热点。该文从作为CP-ABE效率核心的访问结构着手，首次提出基于简化有序二叉决策图(ROBDD)的访问结构，给出了相应的策略表示方法、用户可满足性判定；基于简化有序二叉决策图(ROBDD)访问结构设计了在算法时间复杂度、存储空间占用量等方面都具有较好表现的CP-ABE方案；在安全性方面，该方案能够抵抗用户间的合谋攻击和选择明文攻击。对比分析表明，ROBDD访问结构具有更强的表达能力和更高的表达效率；新的CP-ABE方案包含时间复杂度为常数阶的密钥生成算法、解密算法，能够为用户生成定长私钥并实现快速解密。
- 密文策略属性基加密 /
- 二叉决策图 /
- 访问结构 /
- 快速解密
Abstract: Under the premise of ensuring the security of Ciphertext-Policy Attribute Based Encryption (CP-ABE), to enhance efficiency as much as possible is always a research hotspot in the field of cryptography. Starting from the access structure, which is the efficiency basis of CP-ABE, a new kind of access structure is proposed based on Reduced Ordered Binary Decision Diagrams (ROBDD) for the first time, and the corresponding strategy representation method and satisfaction determination are given. Furthermore, based on the above access structure, a new CP-ABE with good performance in lots of aspects, such as time complexity of algorithms and storage occupancy of secret keys, is designed; In terms of security, the scheme can resist collusion attack and chosen plaintext attack. Comparative analysis shows that, ROBDD access structure has stronger expression ability and higher expression efficiency; In the new CP-ABE scheme, the time complexity of key generation algorithm and decryption algorithm is O(1), which can generate constant-size secret keys and achieve fast decryption.
- Ciphertext-Policy Attribute-Based Encryption (CP-ABE)、Binary decision diagram、Access structure、Fast decryption /

HTML全文

参考文献(19)

[2] BETHENCOURT J, SAHAI A, and WATERS B. Ciphertext-policy attribute-based encryption[C]. IEEE Symposium on Security and Privacy. Oakland, USA, 2007: 321-334. doi: 10.1109/SP.2007.11.

SAHAI A and WATERS B. Fuzzy identity-based encryption [C]. Proceedings of International Conference on Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2005: 457-473. doi: 10.1007/11426639_27.

[3] GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]. ACM Conference on Computer and Communications Security. New York, 2006: 89-98. doi: 10.1145/1180405.1180418.

CAO Zhenfu, DONG Xiaolei, ZHOU Jun, et al. Research advances on big data security and privacy preserving[J]. Journal of Computer Research and Development, 2016, 53(10): 2137-2151. doi: 10.7544/issn1000-1239.2016.20160684.

[5] WATERS B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization[J]. LNCS, 2011, 6571: 321-334. doi: 10.1007/978-3-642-19379- 8_4.

[6] CHEUNG L and NEWPORT C. Provably secure ciphertext policy ABE[C]. ACM Conference on Computer and Communications Security. New York, 2007: 456-465. doi: 10.1145/1315245.1315302.

[7] BALU A and KUPPUSAMY K. An expressive and provably secure Ciphertext-Policy Attribute-Based Encryption[J]. Information Sciences, 2014, 276(4): 354-362. doi: 10.1016/ j.ins.2013.12.027.

[8] RAO Y S and DUTTA R. Dynamic ciphertext-policy attribute-based encryption for expressive access policy[J]. LNCS, 2014, 8337: 275-286. doi: 10.1007/978-3-319-04483- 5_28.

ZHAO Zhiyuan, WANG Jianhua, and XU Kaiyong. Distributed attribute-based encryption with constant-size ciphertext and fast decryption[J]. Journal of Electronics & Information Technology, 2017, 39(11): 2724-2732. doi: 10.11999/JEIT170072.

[10] ZHANG Kai, MA Jianfeng, LIU Jiajia, et al. Adaptively secure multi-authority attribute-based encryption with verifiable outsourced decryption[J]. Science China Information Sciences, 2016, 59(9): 99105. doi: 10.1007/ s11432-016-0012-9.

[11] ZHOU Z, HUANG D, and WANG Z. Efficient privacy- preserving ciphertext-policy attribute based encryption and broadcast encryption[J]. IEEE Transactions on Computers, 2013, 64(1): 126-138. doi: 10.1109/TC.2013.200.

LI Shuanbao, WANG Xuerui, FU Jianming, et al. User key revocation method for multi-cloud service providers[J]. Journal of Electronics & Information Technology, 2015, 37(9): 2225-2231. doi: 10.11999/JEIT150205.

[13] DENG Hua, WU Qianhong, QIN Bo, et al. Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts[J]. Information Sciences, 2014, 275(11): 370-384. doi: 10.1016/j.ins.2014.01.035.

[14] LI Jiguo, YAO Wei, ZHANG Yichen, et al. Flexible and fine-grained attribute-based data storage in cloud computing

[J]. IEEE Transactions on Services Computing, 2016, (99): 1-1. doi: 10.1109/TSC.2016.2520932.

[15] WANG Shulan, LIANG Kaitai, LIU Joseph K, et al. Attribute-based data sharing scheme revisited in cloud computing[J]. IEEE Transactions on Information Forensics & Security, 2017, 11(8): 1661-1673. doi: 10.1109/TIFS.2016. 2549004.

[16] SMARI W W, CLEMENTE P, and LALANDE J F. An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system[J]. Future Generation Computer Systems, 2014, 31(1): 147-168. doi: 10.1016/j.future.2013.05.010.

[17] AKERS S B. Binary decision diagrams[J]. IEEE Transactions on Computers, 1978, 27(6): 509-516. doi: 10.1109/TC.1978. 1675141.

[18] DRECHSLER R and SIELING D. Binary decision diagrams in theory and practice[J]. International Journal on Software Tools for Technology Transfer, 2001, 3(2): 112-136. doi: 10.1007/s100090100056.

施引文献

资源附件(0)

访问统计