多属性授权机构下属性可撤销的CP-ABE方案

doi:10.3969/j.issn.1006-2475.2019.11.012

计算机与现代化

多属性授权机构下属性可撤销的CP-ABE方案

(河海大学计算机与信息学院,江苏南京211100)

收稿日期:2019-04-22 出版日期:2019-11-15 发布日期:2019-11-15
作者简介:周李京(1993-),男,安徽淮北人,硕士研究生,研究方向:属性基加密,E-mail: 1095631457@qq.com; 王敏(1991-)，男,硕士研究生,研究方向:属性基加密,E-mail: 18020484062@qq.com; 秦璐璐(1994-),女,硕士研究生,研究方向:属性基加密,E-mail: 542193946@qq.com。
基金资助:
国家自然科学基金资助项目(61772009)
作者简介：

CP-ABE Scheme with Attribute Revocation Under Environment of Multi-attribute Authority

(College of Computer and Information, Hohai University, Nanjing 211100, China)

Received:2019-04-22 Online:2019-11-15 Published:2019-11-15

摘要/Abstract

摘要： 属性基加密（ABE）不仅可以保障数据的安全性，而且能实现数据细粒度的访问控制。现实中，由于用户属性可能被频繁更改，在ABE方案中实现属性撤销是至关重要的。针对现有的方案就如何在计算效率资源受限的设备中实现用户有效的解密以及密钥托管问题，本文提出一个在云环境中多属性授权机构下的可撤销的ABE方案。在本文方案中，用户端使用外包解密技术来减少本地的计算负荷，将组合密钥和密文的更新委托云服务器，实现属性的撤销功能。安全性分析表明，本文方案在选择明文攻击下具有不可区分安全性,性能分析结果表明，本文方案更高效。

关键词: 属性基加密, 属性撤销, 多属性授权机构

Abstract: Attribute-Based Encryption (ABE) can not only guarantee the security of data, but also realize fine-grained access control of data. In reality, due to user attributes may be frequently changed, it is very important to implement attribute revocation in ABE scheme. To solve the problem how to realize effective user decryption and key escrow in the existing schemes in the devices with limited computational efficiency, this paper proposes a revocable ABE scheme under multi-attribute authorization in cloud environment. In the proposed scheme, the client uses the outsourcing decryption technology to reduce the local computing load, and entrusts the updating of the combination key and ciphertext to the cloud server to realize the function of attribute revocation. The security analysis shows that this scheme has indistinguishable security under chosen plaintext attack. The performance analysis shows that the proposed scheme is more efficient.

Key words: attribute-based encryption, attribute revocation, multi-attribute authority

中图分类号:

TP393.08

周李京,王敏,秦璐璐. 多属性授权机构下属性可撤销的CP-ABE方案[J]. 计算机与现代化, doi: 10.3969/j.issn.1006-2475.2019.11.012.

ZHOU Li-jing, WANG Min, QIN Lu-lu . CP-ABE Scheme with Attribute Revocation Under Environment of Multi-attribute Authority[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2019.11.012.

参考文献

［1］ RAHIMI M, REN J, RAHAYU W.Mobile cloud computing: A survey, state of art and future directions［J］. Mobile Networks and Applications, 2014,19(2):133-143.
［2］ YU S C, WANG C, REN K, et al. Achieving secure, scalable, and fine-grained data access control in cloud computing［C］// Proceedings of the 29th Conference on Information communications. 2010:534-542.
［3］ LI M, YU S C, ZHENG Y, et al. Scalable and secure sharing of personal health records in computing using attribute-based encryption［J］. IEEE TPDS, 2013,24(1):131-143.
［4］ SAHAI A, WATERS B. Fuzzy identity-based encryption［C］// Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. 2005:457-473.
［5］ BETHENCOURT J, SAHAI A, WATERS B. Ciphertext policy attribute-based encryption［C］// IEEE Symposium on Security And Privacy. 2007:321-334.
［6］ GOYAL V, JAIN A, PANDEY O, et al. Bounded ciphertext policy attribute based encryption［C］// Proceeding of the 35th International Colloquium on Automata. 2008:579-591.
［7］ GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data［C］// Proceedings of the 13th ACM Conference on Computer And Communications Security. 2006:89-98.
［8］张玉磊,刘文静,马彦丽,等. 多属性授权机构环境下属性可撤销的CP-ABE方案［J］. 计算机工程, 2018,44(8):19-23.
［9］ PIRRETTI M, TRAYNOR P, MCDANIEL P, et al. Secure attribute-based systems［C］// Proceedings of the ACM Conference on Computer and Communications Security. 2006:99-112.
［10］BOLDYREVA A, GOYAL V, KUMAR V. Identity-based encryption with efficient revocation［C］// Proceedings of the 15th ACM Conference on Computer and Communications Security. 2008:417-426.
［11］IBRAIMI L, PETKOVIC M, NIKOVA S, et al. Mediated ciphertext-policy attribute- based encryption and its application［C］// Proceedings of the 10th International Workshop on Information Security Applications. 2009:309-323.
［12］OSTROVSKY R, SAHAI A, WATERS B. Attribute-based encryption with non-monotonic access structures［C］// Proceedings of the ACM Conference on Computer and Communications Security. 2007:195-203.
［13］ATTRAPADUNG N, IMAI H. Conjunctive broadcast and attribute-based encryption［C］// Proceedings of the Pairing-based Cryptography. 2009:248-265.
［14］KANGAVALLI R, VAGDEVI S. A mixed homomorphic encryption scheme for secure data storage in cloud［C］// 2015 IEEE International Advance Computing Conference(IACC). 2015:1062-1066.
［15］CHEN G L, XU Z Q, JIANG H, et al. Generic user revocation systems for attribute-based encryption in cloud storage［J］. Frontiers of Information Technology and Electronic Engineering, 2018,19(11):1362-1384.
［16］XU S M, YANG G M, MU Y. Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation［J］. Information Sciences, 2019,479:116-134.
［17］WANG S P, ZHANG D, ZHANG Y L, et al. Efficiently revocable and searchable attribute-based encryption scheme for mobile cloud storage［J］. IEEE Access, 2018,6:30444-30457.
［18］WANG H, HE D B, SHEN J, et al. Fuzzy matching and direct revocation: A new CP-ABE scheme from multilinear maps［J］. Soft Computing, 2018,22(7):2267-2274.

[1]	刘雪贞, 崔艳, 邓小飞, 彭杰. 支持权限管理的高效属性撤销机制[J]. 计算机与现代化, 2021, 0(07): 95-101.
[2]	陈成，努尔买买提·黑力力. 基于CP-ABE的隐藏属性外包解密访问控制[J]. 计算机与现代化, 2018, 0(05): 74-.
[3]	史庭俊,张颖杰. #br# 云存储中基于属性的密文策略访问控制方法[J]. 计算机与现代化, 2017, 0(7): 111-116.
[4]	王瑶,李非非,王刚. 高效完全可验证外包解密属性基加密方案[J]. 计算机与现代化, 2017, 0(4): 114-117.

多属性授权机构下属性可撤销的CP-ABE方案

CP-ABE Scheme with Attribute Revocation Under Environment of Multi-attribute Authority

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 4

编辑推荐

Metrics

本文评价