高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

TTRC-ABE:可追踪可撤销的基于循环代数带误差学习问题的格基属性加密方案

刘媛 王励成 周永彬

刘媛, 王励成, 周永彬. TTRC-ABE:可追踪可撤销的基于循环代数带误差学习问题的格基属性加密方案[J]. 电子与信息学报, 2025, 47(6): 1911-1926. doi: 10.11999/JEIT240997
引用本文: 刘媛, 王励成, 周永彬. TTRC-ABE:可追踪可撤销的基于循环代数带误差学习问题的格基属性加密方案[J]. 电子与信息学报, 2025, 47(6): 1911-1926. doi: 10.11999/JEIT240997
LIU Yuan, WANG Licheng, ZHOU Yongbin. TTRC-ABE: Traitor Traceable and Revocable CLWE-based ABE Scheme from Lattices[J]. Journal of Electronics & Information Technology, 2025, 47(6): 1911-1926. doi: 10.11999/JEIT240997
Citation: LIU Yuan, WANG Licheng, ZHOU Yongbin. TTRC-ABE: Traitor Traceable and Revocable CLWE-based ABE Scheme from Lattices[J]. Journal of Electronics & Information Technology, 2025, 47(6): 1911-1926. doi: 10.11999/JEIT240997

TTRC-ABE:可追踪可撤销的基于循环代数带误差学习问题的格基属性加密方案

doi: 10.11999/JEIT240997 cstr: 32379.14.JEIT240997
基金项目: 国防基础科研计划(JCKY2021606B013),国家自然科学基金(62302224, 62302226),云南省重大科技专项计划(202302AD080002)
详细信息
    作者简介:

    刘媛:女,讲师,研究方向为后量子密码学

    王励成:男,教授,研究方向为后量子密码学, 区块链技术

    周永彬:男,教授,研究方向为密码学与密码工程,后量子密码学,硬件(系统)安全

    通讯作者:

    王励成 lcwang@bit.edu.cn

  • 中图分类号: TN918.4

TTRC-ABE: Traitor Traceable and Revocable CLWE-based ABE Scheme from Lattices

Funds: The Defense Industrial Technology Development Program (JCKY2021606B013), The National Natural Science Foundation of China (62302224, 62302226), Yunnan Province Science and Technology Major Project (202302AD080002)
  • 摘要: 格基属性加密方案兼具了格密码抵抗量子计算攻击的优势和属性基加密细粒度访问控制灵活授权的优势,是格密码研究的热点。已有的基于带误差学习问题/环上带误差学习问题(LWE/RLWE)的格基属性加密方案存在不支持叛逆者追踪与撤销的问题,即当解密密钥泄露时,无法准确确认用户的身份并及时撤销该叛逆用户,此外,访问策略中的属性可能会暴露敏感信息,需要对用户属性隐私进行保护。针对上述问题,该文基于2022 年国际密码学顶刊(JoC)上提出的循环代数LWE(CLWE)问题,提出一种支持叛逆用户追踪与撤销,并同时保护属性隐私的格基属性加密方案。该方案通过将用户唯一身份信息全局标识(GID)与完全二叉树的叶子节点值绑定,并根据解密密钥中的GID跟踪恶意用户,进而通过更新撤销列表和密文,实现叛逆者的追踪和撤销;另外,通过利用2维(属性标签,属性值)属性结构代替传统的1维(属性值)属性结构,并结合半访问策略结构和循环代数上的扩展型Shamir门限秘密共享方案,对用户的属性值进行隐藏,进而防止用户属性隐私泄露;最后,该方案在标准模型中被证明是安全的。性能分析表明,与其他相关格基属性加密方案相比,该方案的系统公钥尺寸、密文尺寸、平均意义下的密文膨胀率较小,且支持叛逆者的追踪撤销和属性隐私保护。
  • 图  1  传统访问策略与本文的半访问策略

    图  2  循环除法代数的阶上的Shamir(t,n)门限秘密共享

    图  3  TTRC-ABE系统架构

    图  4  包含一个撤销用户的二叉树示例图

    图  5  访问树$\tau = ({a_1} \wedge {a_2}) \vee 2{\text{ of }}({a_3},{a_4},{a_5})$中每个叶子节点分配共享秘密的示例

    图  6  包含两个撤销用户的二叉树示例图(假设$ {u_8} $是叛逆者)

    图  7  TTRC-ABE和其他相关方案的相关尺寸对比图

    表  1  符号说明

    符号 描述
    $K = \mathbb{Q}({\zeta _m})$ 分圆域
    $L/K$ K的伽罗瓦扩张
    $\mathcal{C} = (L/K,\theta ,\gamma ) = \oplus _{i = 0}^{d - 1}{u^i}L$ 循环代数
    ${(\zeta _m^i)_{i \in \{ 0,\varphi (m) - 1\} }}$ K的$\mathbb{Q}$基
    ${({b_j})_{j \in \{ 0,d - 1\} }}$ LK
    ${\mathcal{O}_K} = \mathbb{Z}({\zeta _m})$ K的整数环
    ${\mathcal{O}_L} = \mathbb{Z}({b_j},{\zeta _m})$ L的整数环
    ${\mathcal{O}_{L,q}} = {\mathcal{O}_L}/q{\mathcal{O}_L} = \mathbb{Z}({b_j},{\zeta _m})/q\mathbb{Z}({b_j},{\zeta _m})$ ${\mathcal{O}_L}$的商环
    $\varLambda : = \oplus _{i = 0}^{d - 1}{u^i}{\mathcal{O}_L}$ 循环代数的整数阶
    ${\varLambda _q}: = \oplus _{i = 0}^{d - 1}{u^i}{\mathcal{O}_{L,q}}$ $\varLambda $的商环
    $ a \in \mathcal{C} $, ${\boldsymbol{v}}(a)$ a的向量表示
    $ a \in \mathcal{C} $, $ {\boldsymbol{F}}(a) $ a的矩阵表示
    下载: 导出CSV

    表  2  TTRC-ABE方案与相关ABE方案的功能对比

    方案 叛逆者追踪 用户/
    属性撤销
    属性隐私保护 抗量子计算攻击
    [4] a
    [5]
    [6] a
    [7] a
    [8]
    [9]
    [31]
    [36] a
    [37] a
    [39] b
    TTRC-ABE
    a:用户撤销;b:属性撤销
    下载: 导出CSV

    表  3  TTRC-ABE方案与相关格基ABE方案的存储开销对比

    方案 系统公钥尺寸 用户私钥尺寸 密文尺寸 明文 密文膨胀率 困难
    问题
    [24] $ \text{(}\ell + 1)nm{\mathrm{log}}_{2}q + n{\mathrm{log}}_{2}q $ $ 2mn $ $ \ell mn{\log _2}q + n{\log _2}q $ n $ \ell m{\log _2}q + {\log _2}q $ RLWE
    [31] $(\hbar + 2)nm{\log _2}q + n{\log _2}q$ $2m|{A_u}|$ $2|{A_c}|m{\log _2}q + {\log _2}q$ 1 $2|{A_c}|m{\log _2}q + {\log _2}q$ LWE
    [36] $ (\ell + 2|U| - 1)nm{\log _2}q $ $4mk,(k = \omega (\log \lambda ))$ $(\ell + |U| + 1)m{\log _2}q + k{\log _2}q$ 1 $(\ell + |U| + 1)m{\log _2}q + k{\log _2}q$ LWE
    [37] $(\ell + 3|{N_{\rm{AA}}}|)nm{\log _2}q$ $ (|{A_u}| + \log |U| + 3|{N_{\rm{AA}}}|)nm{\log _2}q $ $ (2\ell + 2|{N_{\rm{AA}}}|)mn{\log _2}q $ n $ (2\ell + 2|{N_{\rm{AA}}}|)m{\log _2}q $ RLWE
    TTRC-ABE $(\hbar + 2)nd{\log _2}q$ $|{A_u}|nd{\log _2}q + nd$ $2|{A_c}|nd{\log _2}q + nd{\log _2}q$ nd $2|{A_c}|{\log _2}q + {\log _2}q$ CLWE
    $\ell $:系统属性总数;$\hbar $:本方案和文献[31]中系统属性标签的最大数目;d:伽罗瓦扩张的次数,根据文献[40],d=2,3,4即可。
    $ |{A_u}| $:用户属性个数;$ |{A_c}| $:密文中属性个数;$ |{A_u}| \le \hbar \lt \ell $, $ |{A_c}| \le \hbar \lt \ell $。
    密文膨胀率:密文尺寸/明文尺寸。
    $|U|$:系统中用户总数,$|{N_{\rm{AA}}}|$:系统属性机构总数,文献[37]是支持多属性机构的,对比时可将机构数设为1。
    下载: 导出CSV
  • [1] SAHAI A and WATERS B. Fuzzy identity-based encryption[C]. The 24th Annual International Conference on Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, 2005: 457–473. doi: 10.1007/11426639_27.
    [2] REGEV O. On lattices, learning with errors, random linear codes, and cryptography[C]. The 37th Annual ACM Symposium on Theory of Computing, Baltimore, USA, 2005: 84–93. doi: 10.1145/1060590.1060603.
    [3] LYUBASHEVSKY V, PEIKERT C, and REGEV O. On ideal lattices and learning with errors over rings[C]. 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French, Riviera, 2010: 1–23. doi: 10.1007/978-3-642-13190-5_1.
    [4] ZHANG Ruoqing, HUI L, YU S, et al. A traceable outsourcing CP-ABE scheme with attribute revocation[C]. The 2017 IEEE Trustcom/BigDataSE/ICESS, Sydney, Australia, 2017: 363–370. doi: 10.1109/Trustcom/BigDataSE/ICESS.2017.259.
    [5] NING Jianting, CAO Zhenfu, DONG Xiaolei, et al. White-box traceable CP-ABE for cloud storage service: How to catch people leaking their access credentials effectively[J]. IEEE Transactions on Dependable and Secure Computing, 2018, 15(5): 883–897. doi: 10.1109/TDSC.2016.2608343.
    [6] HAN Dezhi, PAN Nannan, and LI K C. A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(1): 316–327. doi: 10.1109/TDSC.2020.2977646.
    [7] ZHAO Yang, LIU Zhaozhong, AN Jingmin, et al. A traceable and revocable attribute-based encryption scheme based on policy hiding in smart healthcare scenarios[C]. The 17th International Conference on Information Security Practice and Experience, Taipei, China, 2022: 624–639. doi: 10.1007/978-3-031-21280-2_35.
    [8] HE Xu, LI Lixiang, and PENG Haipeng. An enhanced traceable CP-ABE scheme against various types of privilege leakage in cloud storage[J]. Journal of Systems Architecture, 2023, 136: 102833. doi: 10.1016/j.sysarc.2023.102833.
    [9] LIU Xiao, WEI Zhenyang, LI Gaoxiang, et al. An enhanced traceable access control scheme based on multi-authority CP-ABE for cloud-assisted e-health system[J]. Computer Networks, 2024, 254: 110766. doi: 10.1016/j.comnet.2024.110766.
    [10] ZHANG Jiang and ZHANG Zhenfeng. A ciphertext policy attribute-based encryption scheme without pairings[C]. The 7th International Conference on Information Security and Cryptology, Beijing, China, 2011: 324–340. doi: 10.1007/978-3-642-34704-7_23.
    [11] ZHANG Jiang, ZHANG Zhenfeng, and GE Aijun. Ciphertext policy attribute-based encryption from lattices[C]. The 7th ACM Symposium on Information, Computer and Communications Security, Seoul, Korea, 2012: 16–17. doi: 10.1145/2414456.2414464.
    [12] AGRAWAL S, BOYEN X, VAIKUNTANATHAN V, et al. Functional encryption for threshold functions (or fuzzy IBE) from lattices[C]. The 15th International Conference on Practice and Theory in Public Key Cryptography, Darmstadt, Germany, 2012: 280–297. doi: 10.1007/978-3-642-30057-8_17.
    [13] BOYEN X. Attribute-based functional encryption on lattices[C]. The 10th Theory of Cryptography Conference on Theory of Cryptography, Tokyo, Japan, 2013: 122–142. doi: 10.1007/978-3-642-36594-2_8.
    [14] LIU Ximeng, MA Jiangeng, XIONG Jinbo, et al. Threshold attribute-based encryption with attribute hierarchy for lattices in the standard model[J]. IET Information Security, 2014, 8(4): 217–223. doi: 10.1049/iet-ifs.2013.0111.
    [15] GORBUNOV S, VAIKUNTANATHAN V, and WEE H. Attribute-based encryption for circuits[C]. The 45th Annual ACM symposium on Theory of Computing, Palo Alto, USA, 2013: 545–554. doi: 10.1145/2488608.2488677.
    [16] ZHAO Jian, GAO Haiying, and ZHANG Junqi. Attribute-based encryption for circuits on lattices[J]. Tsinghua Science and Technology, 2014, 19(5): 463–469. doi: 10.3969/j.issn.1007-0214.2014.05.005.
    [17] BONEH D, GENTRY C, GORBUNOV S, et al. Fully key-homomorphic encryption, arithmetic circuit ABE and compact garbled circuit[C]. The 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Copenhagen, Denmark, 2014: 533–556. doi: 10.1007/978-3-642-55220-5_30.
    [18] ZHU Weiling, YU Jianping, WANG Ting, et al. Efficient attribute-based encryption from R-LWE[J]. Chinese Journal of Electronics, 2014, 23(4): 778–782. doi: 10.23919/CJE.2014.10851999.
    [19] GORBUNOV S and VINAYAGAMURTHY D. Riding on asymmetry: Efficient ABE for branching programs[C]. The 21st International Conference on Advances in Cryptology, Auckland, New Zealand, 2015: 550–574. doi: 10.1007/978-3-662-48797-6_23.
    [20] 吴立强, 杨晓元, 韩益亮. 基于理想格的高效模糊身份加密方案[J]. 计算机学报, 2015, 38(4): 775–782. doi: 10.3724/SP.J.1016.2015.00775.

    WU Liqiang, YANG Xiaoyuan, and HAN Yiliang. An efficient FIBE scheme based on ideal lattices[J]. Chinese Journal of Computers, 2015, 38(4): 775–782. doi: 10.3724/SP.J.1016.2015.00775.
    [21] ZHANG Guoyan, QIN Jing, and QAZI S. Multi-authority attribute-based encryption scheme from lattices[J]. Journal of Universal Computer Science, 2015, 21(3): 483–501. doi: 10.3217/jucs-021-03-0483.
    [22] BRAKERSKI Z and VAIKUNTANATHAN V. Circuit-ABE from LWE: Unbounded attributes and semi-adaptive security[C]. The 36th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, USA, 2016: 363–384. doi: 10.1007/978-3-662-53015-3_13.
    [23] 孙泽栋, 祝跃飞, 顾纯祥, 等. 基于RLWE的密钥策略属性加密体制[J]. 通信学报, 2016, 37(S1): 125–131. doi: 10.11959/j.issn.1000-436x.2016258.

    SUN Zedong, ZHU Yuefei, GU Chunxiang, et al. RLWE-based key-policy ABE scheme[J]. Journal on Communications, 2016, 37(S1): 125–131. doi: 10.11959/j.issn.1000-436x.2016258.
    [24] DAI Wei, DORÖZ Y, POLYAKOV Y, et al. Implementation and evaluation of a lattice-based key-policy ABE scheme[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(5): 1169–1184. doi: 10.1109/TIFS.2017.2779427.
    [25] 闫玺玺, 刘媛, 李子臣, 等. 新的格上多机构属性基加密方案[J]. 电子与信息学报, 2018, 40(4): 811–817. doi: 10.11999/JEIT170628.

    YAN Xixi, LIU Yuan, LI Zichen, et al. New multi-authority attribute-based encryption scheme on lattices[J]. Journal of Electronics & Information Technology, 2018, 40(4): 811–817. doi: 10.11999/JEIT170628.
    [26] GÜR K D, POLYAKOV Y, ROHLOFF K, et al. Practical applications of improved Gaussian sampling for trapdoor lattices[J]. IEEE Transactions on Computers, 2019, 68(4): 570–584. doi: 10.1109/TC.2018.2874479.
    [27] TSABARY R. Fully secure attribute-based encryption for t-CNF from LWE[C]. The 39th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, USA, 2019: 62–85. doi: 10.1007/978-3-030-26948-7_3.
    [28] WANG Geng, LIU Zhen, and GU Dawu. Ciphertext policy attribute-based encryption for circuits from LWE assumption[C]. The 21st International Conference on Information and Communications Security, Beijing, China, 2019: 278–396. doi: 10.1007/978-3-030-41579-2_22.
    [29] LIU Yuan, WANG Licheng, LI Lixiang, et al. Secure and efficient multi-authority attribute-based encryption scheme from lattices[J]. IEEE Access, 2019, 7: 3665–3674. doi: 10.1109/ACCESS.2018.2888850.
    [30] ARRAWAL S and YAMADA S. Optimal broadcast encryption from pairings and LWE[C]. The 39th Annual International Conference on Advances in Cryptology, Zagreb, Croatia, 2020: 13–43. doi: 10.1007/978-3-030-45721-1_2.
    [31] LIU Yuan, WANG Licheng, SHEN Xiaoying, et al. Space-efficient key-policy attribute-based encryption from lattices and two-dimensional attributes[J]. Security and Communication Networks, 2020, 2020: 2345369. doi: 10.1155/2020/2345369.
    [32] ZHAO Siyu, JIANG Rui, and BHARGAVA B. RL-ABE: A revocable lattice attribute based encryption scheme based on R-LWE problem in cloud storage[J]. IEEE Transactions on Services Computing, 2022, 15(2): 1026–1035. doi: 10.1109/TSC.2020.2973256.
    [33] DATTA P, KOMARGODSKI I, and WATERS B. Decentralized multi-authority ABE for DNFs from LWE[C]. The 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, 2021: 177–209. doi: 10.1007/978-3-030-77870-5_7.
    [34] WATERS B, WEE H, and WU D J. Multi-authority ABE from lattices without random oracles[C]. The 20th International Conference on Theory of Cryptography, Chicago, USA, 2022: 651–679. doi: 10.1007/978-3-031-22318-1_23.
    [35] WEE H. Optimal broadcast encryption and CP-ABE from evasive lattice assumptions[C]. The 4lst Annual international Conference on the Theory and Applications of Cryptographic Techniques, Trondheim, Norway, 2022: 217–241. doi: 10.1007/978-3-031-07085-3_8.
    [36] LUO Fucai, AL-KUWARI S, WANG Haiyan, et al. Revocable attribute-based encryption from standard lattices[J]. Computer Standards & Interfaces, 2023, 84: 103698. doi: 10.1016/j.csi.2022.103698.
    [37] HUANG Boxue, GAO Juntao, and LI Xuelian. Efficient lattice-based revocable attribute-based encryption against decryption key exposure for cloud file sharing[J]. Journal of Cloud Computing, 2023, 12(1): 37. doi: 10.1186/s13677-023-00414-w.
    [38] AGRAWAL S, KUMARI S, and YAMADA S. Attribute based encryption for Turing machines from lattices[C]. The 44th Annual International Cryptology Conference, Santa Barbara, CA, USA, 2024: 352–386. doi: 10.1007/978-3-031-68382-4_11.
    [39] XIE Shuwei, ZHANG Leyou, WU Qing, et al. Flexibly expressive and revocable multi-authority KP-ABE scheme from RLWE for internet of medical things[J]. Journal of Systems Architecture, 2024, 152: 103179. doi: 10.1016/j.sysarc.2024.103179.
    [40] GROVER C, MENDELSOHN A, LING C, et al. Non-commutative ring learning with errors from cyclic algebras[J]. Journal of Cryptology, 2022, 35(3): 22. doi: 10.1007/s00145-022-09430-6.
    [41] MENDELSOHN A and LING Cong. Fractional non-norm elements for division algebras, and an application to cyclic learning with errors[J]. Advances in Mathematics of Communications, 2024, 18(2): 410–424. doi: 10.3934/amc.2023043.
    [42] LANGLOIS A and STEHLÉ D. Worst-case to average-case reductions for module lattices[J]. Designs, Codes and Cryptography, 2015, 75(3): 565–599. doi: 10.1007/s10623-014-9938-4.
    [43] ZHAO Puning and LAI Lifeng. Minimax optimal Q learning with nearest neighbors[J]. IEEE Transactions on Information Theory, 2025, 71(2): 1300–1322. doi: 10.1109/TIT.2024.3522347.
    [44] ZHANG Pengfei, CHENG Xiang, SU Sen, et al. Effective truth discovery under local differential privacy by leveraging noise-aware probabilistic estimation and fusion[J]. Knowledge-Based Systems, 2023, 261: 110213. doi: 10.1016/j.knosys.2022.110213.
    [45] FENG Jun, WU Yefan, SUN Hong, et al. Panther: Practical secure two-party neural network inference[J]. IEEE Transactions on Information Forensics and Security, 2025, 20: 1149–1162. doi: 10.1109/TIFS.2025.3526063.
  • 加载中
图(7) / 表(3)
计量
  • 文章访问数:  215
  • HTML全文浏览量:  155
  • PDF下载量:  38
  • 被引次数: 0
出版历程
  • 收稿日期:  2024-11-07
  • 修回日期:  2025-04-02
  • 网络出版日期:  2025-04-23
  • 刊出日期:  2025-06-30

目录

    /

    返回文章
    返回