一种支持解密外包的KP-ABE方案

doi:10.3969/j.issn.0372-2112.2020.03.020

摘要
图/表
参考文献(0)
相关文章 (15)

全文: PDF (1487 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要针对现有密钥策略基于属性加密KP-ABE（Key-Policy Attribute-Based Encryption）方案在解密时存在用户端计算开销大、解密时间长等问题，一些方案提出将解密外包给云服务器，但这些方案并未给出外包解密的并行化方法，存在解密效率低的问题.本文提出一种支持解密外包的KP-ABE方案.在该方案中，把大部分解密计算外包给Spark平台；并根据KP-ABE的解密特点设计并行化解密算法，完成对叶子节点和根节点的并行化解密.性能分析表明，用户端仅需进行一次指数运算即可解密出共享数据，同时并行化设计能有效提高云端解密速率.

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	晋云霞
	杨贺昆
	冯朝胜
	刘帅南
	李航
	邹莉萍
	万国根

关键词 ：密钥策略属性基加密, 解密外包, 快速解密, 共享访问树, 秘密共享, Spark

Abstract：For most of the existing key-policy attribute-based encryption schemes,there are some problems in the decryption,such as the high cost of the client computing,long decryption time and high resource consumption.Some schemes propose outsourcing decryption to cloud servers.However,these schemes do not give the specific parallelization method of outsourcing decryption in cloud server,and there are problems of low efficiency of cloud decryption.To solve these problems,this paper presents a KP-ABE scheme for decryption outsourcing.In this scheme,most of decryption computation is outsourced to Spark platform;and according to the decryption characteristics of KP-ABE,a decryption parallelization algorithm is designed to complete the parallel decryption of leaf nodes and root nodes.The performance analysis shows that most of decryption computing is done by cloud servers and the client can decrypt the shared data by shared access tree with only once exponential operation,and the parallel design can effectively improve the cloud decryption rate.

Key words： key-policy attribute-based encryption outsourced decryption fast decryption shared access tree secret sharing Spark

收稿日期: 2019-03-26 出版日期: 2019-06-03

ZTFLH:

TP309

基金资助:国家自然科学基金（No.61373163）；国家科技支撑计划课题（No.2014BAH11F02，No.2014BAH11F01）；网络与数据安全四川省重点实验室课题（No.NDS2019-1）；四川省科技成果转化平台项目（No.2018CC0060）；四川省科技计划项目（No.2017GZ0006）

通讯作者: 冯朝胜 E-mail: csfenggy@163.com

作者简介: 晋云霞 女,1993年生于四川成都.四川师范大学在读研究生.研究方向信息安全.E-mail:jinyunnvshi@foxmail.com;杨贺昆 男,1992年生于河南驻马店.四川师范大学在读研究生.研究方向大数据安全.E-mail:yangpotatoes@gmail.com;刘帅南 男,1997年生于安徽宿州,四川师范大学在读研究生.研究方向为云计算与信息安全.E-mail:liushuainan9721@163.com;李航男,1997年出生于四川巴中.四川师范大学在读研究生.研究方向为云计算与信息安全.E-mail:hanghanglh@foxmail.com;邹莉萍 女,1994年生于四川乐山.四川师范大学硕士研究生.研究方向为信息安全.;万国根 男,1963年生,教授、博士.研究方向:网络空间安全.E-mail:wanguogen@cuit.edu.cn

引用本文:

晋云霞, 杨贺昆, 冯朝胜, 刘帅南, 李航, 邹莉萍, 万国根. 一种支持解密外包的KP-ABE方案[J]. 电子学报, 2020, 48(3): 561-567. JIN Yun-xia, YANG He-kun, FENG Chao-sheng, LIU Shuai-nan, LI Hang, ZOU Li-ping, WAN Guo-gen. A KP-ABE Scheme with Outsourced Decryption. Acta Electronica Sinica, 2020, 48(3): 561-567.

链接本文:

http://www.ejournal.org.cn/CN/10.3969/j.issn.0372-2112.2020.03.020 或 http://www.ejournal.org.cn/CN/Y2020/V48/I3/561

[1] 冯朝胜,秦志光,袁丁.云数据安全存储技术[J].计算机学报,2015,38(1):150-163. FENG Chao-sheng,QIN Zhi-guang,et al.Technigues of secure storage for cloud data[J].Chinese Journal of Computers,2015,38(1):150-163.(in Chinese)
[2] 冯朝胜,秦志光,袁丁,等.云计算环境下访问控制关键技术[J].电子学报,2015,43(2):312-319 FENG Chao-sheng,QIN Zhi-guang,et al.Key techniques of access control for cloud computing[J].Acta Electronica Sinica,2015,43(2):312-319.(in Chinese)
[3] Sahai A,Waters B R.Fuzzy identity-based encryption[A].Ronald Cramer.Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques[C].Berlin:Springer,2004.457-473.
[4] Bethencourt J,Sahai A,Waters B.Ciphertext-policy attribute-based encryption[A].IEEE Symposium on Security and Privacy[C].Washington:IEEE Computer Society,2007. 321-334.
[5] Goyal V,Pandey O,Sahai A,et al.Attribute-based encryption for fine-grained access control of encrypted data[A].Computer and Communications Security[C].New York:ACM,2006.89-98.
[6] Green M,Hohenberger S,Waters B,et al.Outsourcing the decryption of ABE ciphertexts[A].Usenix Security Symposium[C].Berkeley:Usenix Association,2011. 34-34.
[7] Yu S,Wang C,Ren K,et al.Achieving secure,scalable,and fine-grained data access control in cloud computing[A]. International Conference on Computer Communications[C].Berlin,Heidelberg:Springer,2010.534-542.
[8] Attrapadung N,Herranz J,Laguillaumie F,et al.Attribute-based encryption schemes with constant-size ciphertexts[J].Theoretical Computer Science,2012,422:15-38.
[9] Hohenberger S,Waters B.Attribute-based Encryption with Fast Decryption[M].Berlin,Heidelberg:Springer,2013.162-173.
[10] Lai J,Deng R H,Li Y,et al.Fully secure key-policy attribute-based encryption with constant-size ciphertexts and fast decryption[A].ACM Symposium on Information[C].New York:ACM,2014.239-248.
[11] Lin S,Zhang R,Ma H,et al.Revisiting attribute-based encryption with verifiable outsourced decryption[J].IEEE Transactions on Information Forensics and Security,2015,10(10):2119-2130.
[12] Rahulamathavan Y,Veluru S,Han J,et al.User collusion avoidance scheme for privacy-preserving decentralized key-policy attribute-based encryption[J].IEEE Transactions on Computers,2016,65(9):2939-2946.
[13] Liu Z,Jiang Z L,Wang X,et al.Offline/online attribute-based encryption with verifiable outsourced decryption[J].Concurrency and Computation:Practice and Experience,2017,29(7):1532-0626