密文长度固定的策略部分隐藏多授权机构CP-ABE方案

刘怡龙; 许盛伟; 岳梓岩

doi:10.11959/j.issn.1000-436x.2024142

您当前的位置：

首页 >

文章列表页 >

密文长度固定的策略部分隐藏多授权机构CP-ABE方案

学术论文 | 更新时间：2024-09-10

- 密文长度固定的策略部分隐藏多授权机构CP-ABE方案
- Partially hidden policy multi-authority CP-ABE scheme with constant length ciphertext
- 通信学报 2024年45卷第8期页码：20-36
- 作者机构：
  
  1.北京邮电大学网络空间安全学院,北京 100876
  2.北京电子科技学院网络空间安全系,北京 100070
  3.北京电子科技学院信息安全研究所,北京 100070
- 作者简介：
  
  [ "刘怡龙（1997- ），男，山东济宁人，北京邮电大学博士生，主要研究方向为数据安全、访问控制、属性加密等。" ]
  [ "许盛伟（1976- ），男，江西吉安人，博士，北京电子科技学院教授、博士生导师，主要研究方向为大数据安全、人工智能与密码应用等。" ]
  [ "岳梓岩（1998- ），男，新疆哈密人，北京邮电大学博士生，主要研究方向为车联网密码应用、属性加密等。" ]
- 基金信息：
  
  国家重点研发计划基金资助项目(2022YFB3104402)
- DOI：10.11959/j.issn.1000-436x.2024142
  中图分类号： TP393
- 收稿日期：2024-04-08，
  
  修回日期：2024-07-08，
  
  纸质出版日期：2024-08-25
- 稿件说明：
移动端阅览
刘怡龙,许盛伟,岳梓岩.密文长度固定的策略部分隐藏多授权机构CP-ABE方案[J].通信学报,2024,45(08):20-36.

LIU Yilong,XU Shengwei,YUE Ziyan.Partially hidden policy multi-authority CP-ABE scheme with constant length ciphertext[J].Journal on Communications,2024,45(08):20-36.
刘怡龙,许盛伟,岳梓岩.密文长度固定的策略部分隐藏多授权机构CP-ABE方案[J].通信学报,2024,45(08):20-36. DOI： 10.11959/j.issn.1000-436x.2024142.

LIU Yilong,XU Shengwei,YUE Ziyan.Partially hidden policy multi-authority CP-ABE scheme with constant length ciphertext[J].Journal on Communications,2024,45(08):20-36. DOI： 10.11959/j.issn.1000-436x.2024142.

摘要

针对现有访问策略隐藏的密文策略属性加密（CP-ABE）方案存在的安全性低、资源开销大的问题，提出了一种密文长度固定的策略部分隐藏多授权机构CP-ABE方案。首先，通过隐藏访问策略中的属性值，降低隐私数据泄露的风险；其次，通过固定密文长度和使用外包解密技术，减少用户的资源开销；最后，采用多授权机构管理机制，避免部署单一授权机构易产生的密钥托管问题。通过安全分析证明了方案在标准模型中满足选择明文攻击下的密文不可区分性，以及方案隐藏的访问策略和产生的外包密钥能够抵抗属性值猜测攻击。通过与已有方案的性能对比，证明了所提方案的总体资源开销更小。

Abstract

To solve the problems of low security and high resource overhead of existing hidden policy ciphertext policy attribute-based encryption (CP-ABE) schemes

a partially hidden policy multi-authority CP-ABE scheme with constant length ciphertext was proposed. Firstly

the values of the attributes in the access policy were hidden

enabling the proposed scheme to reduce the risk of private data leakage. Secondly

by fixing the ciphertext length and using outsourcing decryption techniques

the resource overhead for the user was reduced in the proposed scheme. Finally

the multi-authority management mechanism was used so that the proposed scheme avoided the key escrow problem that can easily arise when using a single authoritative authority. The security analysis proves that the proposed scheme satisfies the indistinguishability under chosen plaintext attack in the standard model

as well as the scheme’s hidden access policy and the generated outsourcing key can resist attribute value guessing attack. The overall resource overhead of the proposed scheme is proven to be lower by comparing its performance with the existing schemes.

关键词

Keywords

references

SANDHU A K . Big data with cloud computing: discussions and challenges [J ] . Big Data Mining and Analytics , 2022 , 5 ( 1 ): 32 - 40 .

CAO K Y , LIU Y F , MENG G J , et al . An overview on edge computing research [J ] . IEEE Access , 2020 , 8 : 85714 - 85728 .

邓桦 , 宋甫元 , 付玲 , 等 . 云计算环境下数据安全与隐私保护研究综述 [J ] . 湖南大学学报(自然科学版) , 2022 , 49 ( 4 ): 1 - 10 .

DENG H , SONG F Y , FU L , et al . A review of data security and privacy preserving in cloud computing environment [J ] . Journal of Hunan University (Natural Sciences) , 2022 , 49 ( 4 ): 1 - 10 .

SHI W S , CAO J , ZHANG Q , et al . Edge computing: vision and challenges [J ] . IEEE Internet of Things Journal , 2016 , 3 ( 5 ): 637 - 646 .

张晓东 , 张朝昆 , 赵继军 . 边缘智能研究进展 [J ] . 计算机研究与发展 , 2023 , 60 ( 12 ): 2749 - 2769 .

ZHANG X D , ZHANG C K , ZHAO J J . State-of-the-art survey on edge intelligence [J ] . Journal of Computer Research and Development , 2023 , 60 ( 12 ): 2749 - 2769 .

SAMIE F , BAUER L , HENKEL J . Edge computing for smart grid: an overview on architectures and solutions [C ] // IoT for Smart Grids . Berlin : Springer , 2019 : 21 - 42 .

ARTHURS P , GILLAM L , KRAUSE P , et al . A taxonomy and survey of edge cloud computing for intelligent transportation systems and connected vehicles [J ] . IEEE Transactions on Intelligent Transportation Systems , 2022 , 23 ( 7 ): 6206 - 6221 .

HARTMANN M , HASHMI U S , IMRAN A . Edge computing in smart health care systems: review, challenges, and research directions [J ] . Transactions on Emerging Telecommunications Technologies , 2022 , 33 ( 3 ): e3710 .

FERRAIOLO D F , CUGINI J , KUHN D R . Role-based access control (RBAC): Features and motivations [C ] // Proceedings of 11th Annual Computer Security Application Conference . New Orleans : NIST , 1995 : 241 - 248 .

SAXENA N , TSUDIK G , YI J H . Identity-based access control for ad hoc groups [C ] // Information Security and Cryptology–ICISC 2004 . Berlin : Springer , 2005 : 362 - 379 .

BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption [C ] // Proceedings of the 2007 IEEE Symposium on Security and Privacy . Piscataway : IEEE Press , 2007 : 321 - 334 .

刘帅南 , 刘彬 , 郭真 , 等 . 一种支持分级用户访问的文件分层CP-ABE方案 [J ] . 软件学报 , 2023 , 34 ( 7 ): 3329 - 3342 .

LIU S N , LIU B , GUO Z , et al . File hierarchy CP-ABE scheme supporting graded user access [J ] . Journal of Software , 2023 , 34 ( 7 ): 3329 - 3342 .

赵开强 , 康萍 , 刘彬 , 等 . 支持云代理重加密的CP-ABE方案 [J ] . 电子学报 , 2023 , 51 ( 3 ): 728 - 735 .

ZHAO K Q , KANG P , LIU B , et al . A CP-ABE scheme with cloud proxy re-encryption [J ] . Acta Electronica Sinica , 2023 , 51 ( 3 ): 728 - 735 .

SUN J F , XIONG H , LIU X M , et al . Lightweight and privacy-aware fine-grained access control for IoT-oriented smart health [J ] . IEEE Internet of Things Journal , 2020 , 7 ( 7 ): 6566 - 6575 .

CHEN Y , LI W M , GAO F , et al . Efficient attribute-based data sharing scheme with hidden access structures [J ] . The Computer Journal , 2019 , 62 ( 12 ): 1748 - 1760 .

张学旺 , 姚亚宁 , 付佳丽 , 等 . 策略隐藏的高效多授权机构CP-ABE物联网数据共享方案 [J ] . 计算机研究与发展 , 2023 , 60 ( 10 ): 2193 - 2202 .

ZHANG X W , YAO Y N , FU J L , et al . Efficient multi-authority CP-ABE IoT data sharing scheme with hidden policies [J ] . Journal of Computer Research and Development , 2023 , 60 ( 10 ): 2193 - 2202 .

NISHIDE T , YONEYAMA K , OHTA K . Attribute-based encryption with partially hidden encryptor-specified access structures [C ] // Proceedings of the 6th Applied Cryptography and Network Security International Conference . New York : ACM Pressr , 2008 : 111 - 129 .

ZHANG Y H , CHEN X F , LI J , et al . Anonymous attribute-based encryption supporting efficient decryption test [C ] // Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security . New York : ACM Press , 2013 : 511 - 516 .

LI J , WANG H , ZHANG Y , et al . Ciphertext-policy attribute-based encryption with hidden access policy and testing [J ] . KSII Transactions on Internet and Information Systems , 2016 , 10 ( 7 ): 3339 - 3352 .

QIU S , LIU J Q , SHI Y F , et al . Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack [J ] . Science China Information Sciences , 2016 , 60 ( 5 ): 052105 .

HAN D Z , PAN N N , LI K C . A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection [J ] . IEEE Transactions on Dependable and Secure Computing , 2022 , 19 ( 1 ): 316 - 327 .

KIM I , SUSILO W , BAEK J , et al . Harnessing policy authenticity for hidden ciphertext policy attribute-based encryption [J ] . IEEE Transactions on Dependable and Secure Computing , 2022 , 19 ( 3 ): 1856 - 1870 .

TIAN H , LI X , QUAN H Y , et al . A lightweight attribute-based access control scheme for intelligent transportation system with full privacy protection [J ] . IEEE Sensors Journal , 2021 , 21 ( 14 ): 15793 - 15806 .

XUE L L , LI J N , ZHANG K J , et al . Decentralized multi-authority ciphertext-policy attribute-based encryption with hidden policy for cloud data sharing [C ] // Proceedings of the 2023 4th International Conference on Computer Engineering and Intelligent Control . Piscataway : IEEE Press , 2023 : 180 - 185 .

ZHANG L , CUI Y , MU Y . Improving privacy-preserving CP-ABE with hidden access policy [C ] // Proceedings of the 4th International Conference Cloud Computing and Security . Berlin : Springer , 2018 : 596 - 605 ..

XIONG H , ZHAO Y N , PENG L , et al . Partially policy-hidden attribute-based broadcast encryption with secure delegation in edge computing [J ] . Future Generation Computer Systems , 2019 , 97 : 453 - 461 .

张嘉伟 , 马建峰 , 马卓 , 等 . 云计算中基于时间和隐私保护的可撤销可追踪的数据共享方案 [J ] . 通信学报 , 2021 , 42 ( 10 ): 81 - 94 .

ZHANG J W , MA J F , MA Z , et al . Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing [J ] . Journal on Communications , 2021 , 42 ( 10 ): 81 - 94 .

HU G C , ZHANG L Y , MU Y , et al . An expressive “test-decrypt-verify” attribute-based encryption scheme with hidden policy for smart medical cloud [J ] . IEEE Systems Journal , 2021 , 15 ( 1 ): 365 - 376 .

ZHANG Z S , ZHANG W , QIN Z G . A partially hidden policy CP-ABE scheme against attribute values guessing attacks with online privacy-protective decryption testing in IoT assisted cloud computing [J ] . Future Generation Computer Systems , 2021 , 123 : 181 - 195 .

YANG W T , WANG R M , GUAN Z T , et al . A lightweight attribute based encryption scheme with constant size ciphertext for Internet of things [C ] // Proceedings of the ICC 2020 IEEE International Conference on Communications . Piscataway : IEEE Press , 2020 : 1 - 6 .

丁晟 , 曹进 , 李晖 . 基于OBDD访问结构的无配对CP-ABE方案 [J ] . 通信学报 , 2019 , 40 ( 12 ): 1 - 8 .

DING S , CAO J , LI H . Efficient pairing-free CP-ABE based on ordered binary decision diagram [J ] . Journal on Communications , 2019 , 40 ( 12 ): 1 - 8 .

ZHANG Z S , ZHANG W , QIN Z G . Fully constant-size CP-ABE with privacy-preserving outsourced decryption for lightweight devices in cloud-assisted IoT [J ] . Security and Communication Networks , 2021 , 2021 : 6676862 .

DOSHI N . An enhanced constant length traceable CP-ABE in IoT paradigm [J ] . International Journal of Electronic Security and Digital Forensics , 2023 , 15 ( 3 ): 315 .

LI X , LIU T , CHEN C Y , et al . A lightweight and verifiable access control scheme with constant size ciphertext in edge-computing-assisted IoT [J ] . IEEE Internet of Things Journal , 2022 , 9 ( 19 ): 19227 - 19237 .

CHAUDHARY C K , SARMA R , BARBHUIYA F A . RMA-CPABE: a multi-authority CPABE scheme with reduced ciphertext size for IoT devices [J ] . Future Generation Computer Systems , 2023 , 138 : 226 - 242 .

ZHANG Y C , LI J G , YAN H . Constant size ciphertext distributed CP-ABE scheme with privacy protection and fully hiding access structure [J ] . IEEE Access , 2019 , 7 : 47982 - 47990 .

CHASE M . Multi-authority attribute based encryption [C ] // Proceedings of the 4th Theory of Cryptography Conference . Berlin : Springer , 2007 : 515 - 534 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

支持多种特性的基于属性代理重加密方案