可撤销和可追踪的密钥策略属性基加密方案

齐芳; 李艳梅; 汤哲

doi:10.11959/j.issn.1000-436x.2018231

您当前的位置：

首页 >

文章列表页 >

可撤销和可追踪的密钥策略属性基加密方案

学术论文 | 更新时间：2024-06-05

- 可撤销和可追踪的密钥策略属性基加密方案
- Revocable and traceable key-policy attribute-based encryption scheme
- 通信学报 2018年39卷第11期页码：63-69
- 作者机构：
  
  中南大学信息科学与工程学院，湖南长沙 410083
- 作者简介：
  
  [ "齐芳（1978–），女，湖南长沙人，博士，中南大学副教授、博士生导师，主要研究方向为网络信息安全、通信协议。" ]
  [ "李艳梅（1990–），女，山西吕梁人，中南大学硕士生，主要研究方向为信息安全、现代密码学。" ]
  [ "汤哲（1977–），男，湖南长沙人，博士，中南大学副教授、硕士生导师，主要研究方向为智能技术、机器人、工业控制、电池管理与应用。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61632009);长沙市科技计划基金资助项目(kq1701089);国家重点研发计划基金资助项目(2018YFD0700500)
- DOI：10.11959/j.issn.1000-436x.2018231
  中图分类号： TN918.1
- 网络出版日期：2018-11，
  
  纸质出版日期：2018-11-25
- 稿件说明：
移动端阅览
齐芳, 李艳梅, 汤哲. 可撤销和可追踪的密钥策略属性基加密方案[J]. 通信学报, 2018,39(11):63-69.

Fang QI, Yanmei LI, Zhe TANG. Revocable and traceable key-policy attribute-based encryption scheme[J]. Journal on communications, 2018, 39(11): 63-69.
齐芳, 李艳梅, 汤哲. 可撤销和可追踪的密钥策略属性基加密方案[J]. 通信学报, 2018,39(11):63-69. DOI： 10.11959/j.issn.1000-436x.2018231.

Fang QI, Yanmei LI, Zhe TANG. Revocable and traceable key-policy attribute-based encryption scheme[J]. Journal on communications, 2018, 39(11): 63-69. DOI： 10.11959/j.issn.1000-436x.2018231.

摘要

针对基于密钥策略属性基加密（KP-ABE

key-policy attribute-based encryption）方案不能兼顾属性撤销和用户身份追踪的问题，提出一种支持可撤销和可追踪的KP-ABE方案。首先，该方案能够在不更新系统公钥和用户私钥的情况下实现对用户属性的撤销，更新代价比较小，同时可以根据解密密钥追踪到用户身份，从而有效地防止匿名用户的密钥泄露问题。其次，该方案基于线性访问结构（LSSS

linear secret sharing scheme），与树形访问结构相比，执行效率更高。最后，该方案基于判定性q-BDHE假设，给出了在标准模式下的安全性证明。通过与已有的KP-ABE方案进行对比分析得出，该方案的公钥长度更短、加解密的计算开销更低，且在实现属性可撤销的基础上实现了用户身份的可追踪功能，具有较为明显的优势。

Abstract

The existing key-policy attribute-based encryption (KP-ABE) scheme can not balance the problem of attribute revocation and user identity tracking.Hence

a KP-ABE scheme which supported revocable and traceable was proposed.The scheme could revoke the user attributes without updating the system public key and user private key with a less update cost.Meanwhile

it could trace the user identity based on decryption key which could effectively prevent anonymous user key leakage problem.The proposed scheme was based on linear secret sharing scheme (LSSS)

which was more efficient than tree-based access structure.Based on the deterministic q-BDHE hypothesis

the proposed scheme gave security proof until standard mode.Finally

compared with the existing KP-ABE scheme

the scheme has a shorter public key length

lower computational overhead and realizes the traceability function of user identity based on the revocable attribute

which has obvious advantages.

关键词

Keywords

references

BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryp-tion [C ] // IEEE Symposium on Security and Privacy . 2007 : 321 - 334 .

GOVALl V , PANDEY O , SAHAI A , et al . Attribute-based encryption for fine-grained access control of encrypted data [C ] // ACM Conference on Computer and Communications Security . 2006 : 89 - 98 .

ATTRAPADUNG N , LIBERT B , PANAFIEU E . Expressive key-policy attribute-based encryption with constant-size cipher-texts [C ] // International Conference on Practice and Theory in Public Key Cryptography . 2011 : 90 - 108 .

ATTRAPADUNG N , IMAI H . Conjunctive broadcast and attribute-based encryp-tion [C ] // Pairing-Based Cryptography-Pairing 2009 . 2009 : 248 - 265 .

ROY S , CHUAH M . Secure data retrieval based on ciphertext policy attribute-based encryption CP-ABE system for the DTNs [R ] . Lehigh CSETech . 2009 .

ATTRAPADUNG N , HERRANZ J , LIBERT B , et al . Attribute-based encryption schemes with constant size ciphertexts [J ] . Theoretical Computer Science , 2012 , 422 ( 3 ): 15 - 38 .

SAHAI A , WATERS B . Fuzzy identity-based encryption [M ] . Advances in Cryptology EURO-CRYPT . 2005 : 457 - 473 .

GOYAL V , JAIN A , PANDEY O , et al . Bounded ciphertext policy attribute based encryption [M ] . Automata,Languages and Programming . 2008 : 579 - 591 .

BEIMEL A . Secure schemes for secret sharing and key distribution [J ] . International Journal of Pure ＆ Applied Mathematics , 1996 .

ATTRAPADUNG N , IMAI H . Attribute-based encryption supporting direct/indirect revoca-tion modes [C ] // Ima International Conference on Cryptography and Coding . 2009 : 278 - 300 .

PIRRETTI M , TRAYNOR P , MCDANIEL P , et al . Secure attribute-based systems [C ] // ACM Conference on Computer and Communications Security . 2006 : 799 - 837 .

BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption [C ] // IEEE Symposium on Security and Privacy . 2007 : 321 - 334 .

BOLDYREVA A , GOYAL V , KUNMAR V . Identity-based encryption with efficient re-vocation modes [C ] // The ACM Conference on Computer and Communications Security . 2008 : 417 - 426 .

OSTROVSKY R , SAHAI A , WATERS B . Attribute-based encryption with non-monotonic access structures [C ] // CCS 07 ACM Conference on Computer ＆ Commu-nications Security . 2007 : 195 - 203 .

STADDON J , GOLLE P , RASMUSSEN P . A content-driven access control sys-tem [C ] // Symposium on Identity and Trust on the Internet . 2008 : 26 - 35 .

WANG P , FENG D , ZHANG L . Towards attribute revocation in key-policy attribute based encryption [C ] // International Conference on Cryptology and Network Security . 2011 : 272 - 291 .

苏金树 , 曹丹 , 王小峰 , 等 . 属性基加密机制 [J ] . 软件学报 , 2011 , 22 ( 6 ): 1299 - 1315 .

SU J S , CAO D , WANG X F , et al . Attribute-based encryption schemes [J ] . Journal of Software , 2011 , 22 ( 6 ): 1299 - 1315

闫玺玺 , 孟慧 . 支持直接撤销的密文策略属性基加密方案 [J ] . 通信学报 , 2016 , 37 ( 5 ): 44 - 50 .

YAN X X , MENG H . Ciphertext policy attribute-based encryption scheme supporting direct revocation [J ] . Journal on Communications , 2016 , 37 ( 5 ): 44 - 50 .

胡海英 , 商威 . 一种可撤销的 KP-ABE 方案 [J ] . 计算机系统应用 , 2013 , 22 ( 9 ): 123 - 128 .

HU H Y , SHANG W . A revocable KP-ABE scheme [J ] . Computer Systems and Application , 2013 , 22 ( 9 ): 123 - 128 .

SHI Y , ZHENG Q , LIU J , et al . Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation [J ] . Information Sciences , 2015 , 295 : 221 - 231 .

王鹏翩 , 冯登国 , 张立武 . 一个基于访问树的支持用户撤销的KP-ABE方案 [C ] //. 中国计算机网络与信息安全学术会议 . 2011 .

WANG P P , FENG D G , ZHANG L W . A KP-ABE scheme supporting user revocation based on access tree [C ] // China Computer Networks and Information Security Conference . 2011 .

林娟 , 薛庆水 , 曹珍富 . 基于代理的即时属性撤销KP-ABE方案 [J ] . 计算机工程 , 2014 , 40 ( 10 ): 20 - 24 .

LING J , XUE Q X , CAO Z F . Proxy-based immediate attribute revocation KP-ABE Scheme [J ] . Computer Engineering , 2014 , 40 ( 10 ): 20 - 24 .

马海英 , 曾国荪 . 可追踪并撤销叛徒的属性基加密方案 [J ] . 计算机学报 , 2012 , 35 ( 9 ): 1845 - 1855 .

MA H Y , ZENG G S . An attribute-based en-cryption scheme for traitor tracing and revo-cation together [J ] . Chinese Journal of Computers , 2012 , 35 ( 9 ): 1845 - 1855 .

马海英 , 曾国荪 , 陈建平 , 等 . 适应性安全的可追踪叛徒的基于属性加密方案 [J ] . 通信学报 , 2016 , 37 ( 1 ): 76 - 87 .

MA H Y , ZENG G S , CHEN J P , et al . Adaptively secure attribute-based encryption for traitor tracing [J ] . Journal on Communications , 2016 , 37 ( 1 ): 76 - 87 .

浏览量

1334

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

mHealth中可追踪多授权机构基于属性的访问控制方案