可高效撤销的属性基加密方案

李学俊; 张丹; 李晖

doi:10.11959/j.issn.1000-436x.2019150

您当前的位置：

首页 >

文章列表页 >

可高效撤销的属性基加密方案

专题：网络攻防与安全度量 | 更新时间：2024-06-05

- 可高效撤销的属性基加密方案
- Efficient revocable attribute-based encryption scheme
- 通信学报 2019年40卷第6期页码：32-39
- 作者机构：
  
  西安电子科技大学网络与信息安全学院，陕西西安 710071
- 作者简介：
  
  [ "李学俊（1969- ），女，山西浮山人，博士，西安电子科技大学副教授，主要研究方向为物联网数据安全、安全方案及协议设计、无线网络安全。" ]
  [ "张丹（1994- ），女，陕西咸阳人，西安电子科技大学硕士生，主要研究方向为属性基加密、物联网安全。" ]
  [ "李晖（1968- ），男，河南灵宝人，博士，西安电子科技大学教授、博士生导师，主要研究方向为密码学、无线网络安全、云计算安全、信息论与编码理论。" ]
- 基金信息：
  
  国家重点研发计划基金资助项目(2018YFB0804701);国家自然科学基金资助项目(61572460)
- DOI：10.11959/j.issn.1000-436x.2019150
  中图分类号： TN918
- 网络出版日期：2019-06，
  
  纸质出版日期：2019-06-25
- 稿件说明：
移动端阅览
李学俊, 张丹, 李晖. 可高效撤销的属性基加密方案[J]. 通信学报, 2019,40(6):32-39.

Xuejun LI, Dan ZHANG, Hui LI. Efficient revocable attribute-based encryption scheme[J]. Journal on communications, 2019, 40(6): 32-39.
李学俊, 张丹, 李晖. 可高效撤销的属性基加密方案[J]. 通信学报, 2019,40(6):32-39. DOI： 10.11959/j.issn.1000-436x.2019150.

Xuejun LI, Dan ZHANG, Hui LI. Efficient revocable attribute-based encryption scheme[J]. Journal on communications, 2019, 40(6): 32-39. DOI： 10.11959/j.issn.1000-436x.2019150.

摘要

在现有的解决方案中，基于时间的方案难以实现即时撤销，基于第三方的方案往往需要重加密运算，计算量大，不适用于海量密文数据。针对该问题，提出了一种高效的支持用户和属性级别的即时撤销方案，所提方案基于经典的LSSS型访问结构的CP-ABE，引入了RSA密钥管理机制和属性认证思想，借助半可信第三方，在解密之前对用户进行属性认证。与现有的撤销方案对比，所提方案只需半可信第三方更新 RSA 属性认证密钥，不需要用户更新密钥且不需要重加密密文，极大地减少了撤销带来的计算量和通信量，同时保证了抗串谋攻击和前后向安全性。安全性分析和实验仿真证明，所提方案具有更高的撤销效率。

Abstract

In the existing solutions

the time-based scheme is difficult to achieve immediate revocation

and the third-party-based scheme often requires re-encryption

which needs large amount of calculation and doesn’t apply to mas-sive data.To solve the problem

an efficient and immediate CP-ABE scheme was proposed to support user and attribute lev-els revocation.The scheme was based on the classic LSSS access structure

introducing RSA key management mechanism and attribute authentication.By means of a semi-trusted third party

the user could be authenticated before decryption.Com-pared with the existing revocation schemes

The proposed scheme didn’t need the user to update the key or re-encrypt the ciphertext.The semi-trusted third party wasn’t required to update the RSA attribute authentication key.The scheme greatly reduced the amount of computation and traffic caused by revocation

while ensuring anti-collusion attacks and forward and backward security.Finally

the security analysis and experimental simulation show that the scheme has higher revocation ef-ficiency.

关键词

Keywords

references

RIVERA D , GARCÍA M L , MARTÍN-RUÍZ M L , et al Secure communications and protected data for a Internet of things smart toyplatform [J ] . IEEE Internet of Things Journal , 2019 , 6 ( 2 ): 3785 - 3795 .

SAHAIA , WATERS B , . Fuzzy identity-based encryption [C ] // Annual International Conference on Theory and Applications of Cryptographic Tchniques . Springer , 2005 : 457 - 473 .

WATERS B , . Ciphertext-policy attribute-based encryption:an expressive,efficient,and provably secure realization [C ] // International Workshop on Public Key Cryptography . Springer , 2008 : 321 - 334 .

BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption [C ] // IEEE symposium on Security and Privacy . IEEE , 2007 : 321 - 334 .

LUAN I , PETKOVIC M , NIKOVA S , et al . Mediated ciphertext-policy attribute-based encryption and its application [C ] // Information Security Applications,10th International Workshop . 2009 : 309 - 323 .

YU S , WANG C , REN K , et al . Attribute based data sharing with attribute revocation [C ] // TheInternational Symposium on ACM Symposium on Information,Computer and communications security . ACM , 2010 : 261 - 270 .

WU X , JIANG R , BHARGAVA B . On the security of data access control for multiauthority cloud storage systems [J ] . IEEE Transactions on Services Computing , 2015 , 10 ( 2 ): 285 - 272 .

FAN K , WANG J , WANG X , et al . Secure,efficient and revocable data sharing scheme for vehicular fogs [J ] . Peer-to-Peer Networking and Applications , 2018 , 11 ( 4 ): 766 - 777 .

LI J , YAO W , ZHANG Y , et al . Flexible and fine-grained attribute-based data storage in cloud computing [J ] . IEEE Transactions on Services Computing , 2016 , 10 ( 5 ): 785 - 796 .

FAN K , WANG J , WANG X , et al . Proxy-assisted access control scheme of cloud data for smart cities [J ] . Personal ＆ Ubiquitous Computing , 2017 , 21 ( 5 ): 937 - 947 .

HUR J , NOH D K . Attribute-based access control with efficient revocation in data outsourcing systems [J ] . IEEE Transactions on Parallel and Distributed Systems , 2011 , 22 ( 7 ): 1214 - 1221 .

LI J , YAO W , HAN J , et al . User collusion avoidance CP-ABE with efficient attribute revocation for cloud storage [J ] . IEEE Systems Journal , 2017 , 12 ( 2 ): 1767 - 1777 .

强衡畅 , 王晓明 . 一种高效细粒度云存储访问控制方案 [J ] . 计算机与数字工程 , 2014 , 42 ( 9 ): 1673 - 1677 .

QIANG H C , WANG X M . Fine-grained access control with efficient revocation in cloud storage [J ] . Computer and Digital .Engineering , 2014 , 42 ( 19 ): 1673 - 1677 .

林娟 . 可撤销的属性基加密技术的研究 [D ] . 上海:上海交通大学 , 2014 .

LIN J . Research on revocable attribute based encryption technology [D ] . Shanghai:Shanghai Jiaotong University , 2014 .

IMINE Y , LOUNIS A , BOUABDALLAH A . Revocable attribute-based access control in mutli-autority systems [J ] . Journal of Network and Computer Applications , 2018 , 122 : 61 - 76 .

BEIMEL A . Secure schemes for secret sharing and key distribution [J ] . International Journal of Pure ＆ Applied Mathematics , 1996 .

ODELU V , DAS A K , KHURRAM KHAN M , et al . Expressive CP-ABE scheme for mobile devices in IOT satisfying constant-size keys and ciphertexts [J ] . IEEE Access , 2017 ( 5 ): 3273 - 3283 .

王一兵 . 物联网技术在营运车辆安全监管中的应用 [J ] . 计算机时代 , 2018 ( 3 ): 35 - 37 .

WANG Y B . Application of Internet of things technology in safety supervision of operation vehicles [J ] . Journal of Computer , 2018 ( 3 ): 35 - 37 .

YANG Y , ZHONG M , YAO H , et al . Internet of things for smart ports:technologies and challenges [J ] . IEEE Instrumentation and Measurement Magazine , 2018 , 21 ( 1 ): 34 - 43 .

VAANCHIG N , CHEN W , QIN Z . Ciphertext-policy attribute-based access control with effective user revocation for cloud data sharing system [C ] // International Conference on Advanced Cloud ＆ Big Data . IEEE , 2017 : 186 - 193 .

浏览量

1266

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于区块链且支持数据共享的密文策略隐藏访问控制方案

云存储环境下支持属性撤销的属性基加密方案

mHealth中可追踪多授权机构基于属性的访问控制方案

支持策略动态更新的多机构属性基加密方案

支持安全外包计算的无线体域网数据共享方案