基于可聚合PVSS和联盟链的密钥可公开验证MA-CP-ABE方案

景旭; 蒋炎

doi:10.11959/j.issn.1000-436x.2024139

您当前的位置：

首页 >

文章列表页 >

基于可聚合PVSS和联盟链的密钥可公开验证MA-CP-ABE方案

学术通信 | 更新时间：2024-09-10

- 基于可聚合PVSS和联盟链的密钥可公开验证MA-CP-ABE方案
- Key public verifiable MA-CP-ABE scheme based on aggregatable PVSS and consortium blockchain
- 通信学报 2024年45卷第8期页码：258-270
- 作者机构：
  
  1.西北农林科技大学信息工程学院，陕西杨凌 712100
  2.陕西省农业信息智能感知与分析工程技术研究中心，陕西杨凌 712100
- 作者简介：
  
  [ "景旭（1971- ），男，陕西咸阳人，博士，西北农林科技大学副教授、硕士生导师，主要研究方向为区块链技术、隐私保护、访问控制、信息系统安全等。" ]
  [ "蒋炎（1999- ），男，湖南长沙人，西北农林科技大学硕士生，主要研究方向为区块链技术、访问控制等。" ]
- 基金信息：
  
  国家自然科学基金资助项目(72271202);国家重点研发计划基金资助项目(2020YFD1100601);陕西省秦创原“科学家+工程师”队伍建设基金资助项目(2022KXJ-67);西北农林科技大学研究生创新竞赛基金资助项目
- DOI：10.11959/j.issn.1000-436x.2024139
  中图分类号： TP309;TP393
- 收稿日期：2024-02-18，
  
  修回日期：2024-07-01，
  
  纸质出版日期：2024-08-25
- 稿件说明：
移动端阅览
景旭,蒋炎.基于可聚合PVSS和联盟链的密钥可公开验证MA-CP-ABE方案[J].通信学报,2024,45(08):258-270.

JING Xu,JIANG Yan.Key public verifiable MA-CP-ABE scheme based on aggregatable PVSS and consortium blockchain[J].Journal on Communications,2024,45(08):258-270.
景旭,蒋炎.基于可聚合PVSS和联盟链的密钥可公开验证MA-CP-ABE方案[J].通信学报,2024,45(08):258-270. DOI： 10.11959/j.issn.1000-436x.2024139.

JING Xu,JIANG Yan.Key public verifiable MA-CP-ABE scheme based on aggregatable PVSS and consortium blockchain[J].Journal on Communications,2024,45(08):258-270. DOI： 10.11959/j.issn.1000-436x.2024139.

摘要

针对基于门限的多机构密文策略属性基加密（MA-CP-ABE）存在属性颁发机构（AA）不可信、属性私钥正确性无法公开验证等问题，提出了一种基于可聚合PVSS和联盟链的密钥可公开验证MA-CP-ABE方案。基于ElGamal改进可聚合PVSS算法，实现系统主密钥分发的可公开验证；基于双线性映射和ElGamal加密，构造MA-CP-ABE属性私钥可公开验证方法，实现属性私钥及其子份额密文条件下的可公开验证；基于联盟链提出密钥可公开验证MA-CP-ABE方案，通过联盟链保证验证参数可信，通过智能合约实现自动化验证。正确性、机密性、鲁棒性和活性等分析表明，当总AA数量为

n、

门限值为

t、

恶意AA数量不超过

-1时，所提方案能够保证属性私钥的正确分发，且系统主密钥初始化的通信开销复杂度为

(

)。

Abstract

To address challenges associated with threshold-based multi-authority ciphertext-policy attribute-based encryption (MA-CP-ABE)

such as untrusted attribute authorities (AA) and the inability to verify the correctness of attribute private keys publicly

a key public verifiable MA-CP-ABE scheme based on aggregatable publicly verifiable secret sharing (PVSS) and consortium blockchain was proposed. An aggregatable PVSS algorithm was improved based on ElGamal

which enabled the public verifiability of the system master key distribution. A publicly verifiable method for MA-CP-ABE attribute private keys was constructed based on bilinear maps and ElGamal encryption

enabling the public verifiability of attribute private keys and their shares in ciphertext conditions. A key public verifiable MA-CP-ABE scheme was proposed based on a consortium blockchain

ensuring the trustworthiness of verification parameters through the consortium blockchain and achieving automated verification via smart contracts. The analysis of correctness

confidentiality

robustness

and liveness indicates that when the total number of AA is

the threshold value is

and the number of malicious AA is not more than

-1

the scheme can ensure the correct distribution of attribute private keys

and the communication overhead complexity of the system master key initialization is

(

关键词

Keywords

references

YANG K , JIA X H . Expressive, efficient, and revocable data access control for multi-authority cloud storage [J ] . IEEE Transactions on Parallel and Distributed Systems , 2014 , 25 ( 7 ): 1735 - 1744 .

OBERKO P S K , OBENG V H K S , XIONG H . A survey on multi-authority and decentralized attribute-based encryption [J ] . Journal of Ambient Intelligence and Humanized Computing , 2022 , 13 ( 1 ): 515 - 533 .

崔皓宇 , 马利民 , 王佳慧 , 等 . 基于区块链的属性加密多授权机构安全模型研究 [J ] . 信息网络安全 , 2022 ( 5 ): 84 - 93 .

CUI H Y , MA L M , WANG J H , et al . Research on the security model of multi-authority for attribute encryption based on blockchain [J ] . Netinfo Security , 2022 ( 5 ): 84 - 93 .

李学俊 , 吕茂旭 . 移动云环境下的多授权机构属性基加密方案 [J ] . 计算机应用研究 , 2018 , 35 ( 5 ): 1519 - 1525, 1544 .

LI X J , LYU M X . Multi-authority attribute-based encryption scheme in mobile cloud environment [J ] . Application Research of Computers , 2018 , 35 ( 5 ): 1519 - 1525, 1544 .

GUO Z Z , WANG G L , LI Y X , et al . Accountable attribute-based data-sharing scheme based on blockchain for vehicular ad hoc network [J ] . IEEE Internet of Things Journal , 2023 , 10 ( 8 ): 7011 - 7026 .

CHASE M . Multi-authority attribute based encryption [C ] // Theory of Cryptography Conference . Berlin : Springer , 2007 : 515 - 534 .

HUANG X F , TAO Q , QIN B D , et al . Multi-authority attribute based encryption scheme with revocation [C ] // Proceedings of the 2015 24th International Conference on Computer Communication and Networks (ICCCN) . Piscataway : IEEE Press , 2015 : 1 - 5 .

吴光强 . 适合云存储的访问策略可更新多中心CP-ABE方案 [J ] . 计算机研究与发展 , 2016 , 53 ( 10 ): 2392 - 2398 .

WU G Q . Multi-authority CP-ABE with policy update in cloud storage [J ] . Journal of Computer Research and Development , 2016 , 53 ( 10 ): 2392 - 2398 .

XUE K P , XUE Y J , HONG J N , et al . RAAC: robust and auditable access control with multiple attribute authorities for public cloud storage [J ] . IEEE Transactions on Information Forensics and Security , 2017 , 12 ( 4 ): 953 - 967 .

WANG C , JIN H , WEI R L , et al . Revocable, dynamic and decentralized data access control in cloud storage [J ] . The Journal of Supercomputing , 2022 , 78 ( 7 ): 10063 - 10087 .

LEWKO A , WATERS B . Decentralizing attribute-based encryption [C ] // Annual International Conference on the Theory and Applications of Cryptographic Techniques . Berlin : Springer , 2011 : 568 - 588 .

闫玺玺 , 刘媛 , 李子臣 , 等 . 支持隐私保护的多机构属性基加密方案 [J ] . 计算机研究与发展 , 2018 , 55 ( 4 ): 846 - 853 .

YAN X X , LIU Y , LI Z C , et al . Multi-authority attribute-based encryption scheme with privacy protection [J ] . Journal of Computer Research and Development , 2018 , 55 ( 4 ): 846 - 853 .

DATTA P , KOMARGODSKI I , WATERS B . Fully adaptive decentralized multi-authority ABE [C ] // Annual International Conference on the Theory and Applications of Cryptographic Techniques . Berlin : Springer , 2023 : 447 - 478 .

LIN H , CAO Z F , LIANG X H , et al . Secure threshold multi authority attribute based encryption without a central authority [J ] . Information Sciences , 2010 , 180 ( 13 ): 2618 - 2632 .

LI W , XUE K P , XUE Y J , et al . TMACS: a robust and verifiable threshold multi-authority access control system in public cloud storage [J ] . IEEE Transactions on Parallel and Distributed Systems , 2016 , 27 ( 5 ): 1484 - 1496 .

GU J , SHEN J Q , WANG B Y . A robust and secure multi-authority access control system for cloud storage [J ] . Peer-to-Peer Networking and Applications , 2021 , 14 ( 3 ): 1488 - 1499 .

RAMESH D , MISHRA R , TRIVEDI M C . PCS-ABE (t, n): a secure threshold multi authority CP-ABE scheme based efficient access control systems for cloud environment [J ] . Journal of Ambient Intelligence and Humanized Computing , 2021 , 12 ( 10 ): 9303 - 9322 .

唐飞 , 包佳立 , 黄永洪 , 等 . 基于属性的多授权中心身份认证方案 [J ] . 通信学报 , 2021 , 42 ( 3 ): 220 - 228 .

TANG F , BAO J L , HUANG Y H , et al . Multi-authority attribute-based identification scheme [J ] . Journal on Communications , 2021 , 42 ( 3 ): 220 - 228 .

GURKAN K , JOVANOVIC P , MALLER M , et al . Aggregatable distributed key generation [C ] // Annual International Conference on the Theory and Applications of Cryptographic Techniques . Berlin : Springer , 2021 : 147 - 176 .

WATERS B . Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization [C ] // International Workshop on Public Key Cryptography . Berlin : Springer , 2011 : 53 - 70 .

ELGAMAL T . A public key cryptosystem and a signature scheme based on discrete logarithms [J ] . IEEE Transactions on Information Theory , 1985 , 31 ( 4 ): 469 - 472 .

刘明达 , 陈左宁 , 拾以娟 , 等 . 区块链在数据安全领域的研究进展 [J ] . 计算机学报 , 2021 , 44 ( 1 ): 1 - 27 .

LIU M D , CHEN Z N , SHI Y J , et al . Research progress of blockchain in data security [J ] . Chinese Journal of Computers , 2021 , 44 ( 1 ): 1 - 27 .

CASCUDO I , DAVID B . SCRAPE: scalable randomness attested by public entities [C ] // International Conference on Applied Cryptography and Network Security . Berlin : Springer , 2017 : 537 - 556 .

FELDMAN P . A practical scheme for non-interactive verifiable secret sharing [C ] // Proceedings of the 28th Annual Symposium on Foundations of Computer Science (sfcs 1987) . Piscataway : IEEE Press , 1987 : 427 - 438 .

柯唯阳 , 石润华 . 基于测量设备无关的可认证身份量子投票方案 [J ] . 软件学报 , 2023 , 34 ( 11 ): 5376 - 5391 .

KE W Y , SHI R H . Measurement-device-independent quantum voting scheme with identity authentication [J ] . Journal of Software , 2023 , 34 ( 11 ): 5376 - 5391 .

ZHANG L , QIU F Y , HAO F , et al . 1-round distributed key generation with efficient reconstruction using decentralized CP-ABE [J ] . IEEE Transactions on Information Forensics and Security , 2022 , 17 : 894 - 907 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

支持多功能的V2G网络隐私保护数据聚合方案

基于公平盲签名和分级加密的联盟链隐私保护方案

RBFT：基于Raft集群的拜占庭容错共识机制