支持可验证加解密外包的CP-ABE方案

doi:10.3969/j.issn.0372-2112.2020.08.012

电子学报 ›› 2020, Vol. 48 ›› Issue (8): 1545-1551.DOI: 10.3969/j.issn.0372-2112.2020.08.012

支持可验证加解密外包的CP-ABE方案

杨贺昆¹, 冯朝胜^1,3, 晋云霞¹, 王蔺¹, 罗王平¹, 邓红辉²

1. 四川师范大学计算机科学学院, 四川成都 610101;
2. 广安职业技术学院, 四川广安 638500;
3. 网络与数据安全四川省重点实验室, 电子科技大学, 四川成都 610054

收稿日期:2019-05-30 修回日期:2020-04-23 出版日期:2020-08-25
- 通讯作者:
- 冯朝胜
- 作者简介:
- 杨贺昆 男,1993年出生,河南驻马店人,四川师范大学研究生,主要研究方向为信息安全. E-mail:Yangpotatoes@gmail.com
- 基金资助:
- 国家自然科学基金 (No.61373163）; 国家科技支撑计划课题 (No.2014BAH11F02）; 四川省科技支撑计划 (No.2015GZ079）; 网络与数据安全四川省重点实验室课题 (No.NDS2019-1）; 国防科技重点实验室项目 (No.6142103010709）

ACP-ABE Scheme with Verifiable Outsourced Encryption and Decryption

YANG He-kun¹, FENG Chao-sheng^1,3, JIN Yun-xia¹, WANG Lin¹, LUO Wang-ping¹, DENG Hong-hui²

1. College of Computer Science, Sichuan Normal University, Chengdu, Sichuan 610101, China;
2. School of Electronics and Information Engineering, Guang'an Vocational and Technical College, Guangan, Sichuan 638500, China;
3. Network and Data Security Key Laboratory of Sichuan Province, University of Electronic Science and Technology of China, Chengdu, Sichuan 610054, China

Received:2019-05-30 Revised:2020-04-23 Online:2020-08-25 Published:2020-08-25
- Corresponding author:
- FENG Chao-sheng
- Supported by:
- National Natural Science Foundation of China (No.61373163); Subject of National Key Technology R&D Program (No.2014BAH11F02); Science and Technology Support Program of Sichuan Province (No.2015GZ079); Key Laboratory of Network and Data Security of Sichuan Province (No.NDS2019-1); Program of Key Laboratory of national defense science and Technology (No.6142103010709)

摘要/Abstract

摘要： 针对现有的应用于基于属性加密方案的安全模指数外包算法存在会降低安全性、验证概率低、外包计算结果可能出错等问题，利用改进的安全模指数外包算法，提出一种支持可验证加解密外包的CP-ABE（Ciphertext-Policy Attribute-Based Encryption）方案.将属性相关密钥子项外包，将共享密文子项的一半计算任务外包，并对所有的外包结果进行验证.理论分析和实验结果都表明，和现有相关方案相比，无论在密钥生成时，还是在加密时，所提出方案的授权机构和用户客户端的计算量都有明显减少.安全性分析表明，所提出的方案达到CPA（Chosen Plaintext Attack）安全.

关键词: 密文共享, 加密外包, 解密外包, 基于属性加密

Abstract: The existing outsourcing algorithms for modular exponentiations has some problems such as low security, low probability of validation and wrong calculation results. a CP-ABE (Ciphertext-Policy Attribute-Based Encryption) scheme with verifiable outsourced encryption and decryption is proposed with the help of the improved algorithm for secure outsourcing of modular exponentiations. The scheme outsources attribute-related key subitems, outsources half of the computing tasks of shared ciphertext subitems, and verifies all the outsourced results. Theoretical and experimental analysis show that compared with the existing related schemes, both in key generation and encryption, the computing overhead of both authority centers and user clients of the proposed scheme has been significantly reduced. Security analysis shows that the proposed scheme can defend against chosen plaintext attacks.

Key words: ciphertext sharing, outsourced encryption, outsourced decryption, attribute-based encryption

中图分类号:

TP309

杨贺昆, 冯朝胜, 晋云霞, 等. 支持可验证加解密外包的CP-ABE方案[J]. 电子学报, 2020, 48(8): 1545-1551.

YANG He-kun, FENG Chao-sheng, JIN Yun-xia, et al. ACP-ABE Scheme with Verifiable Outsourced Encryption and Decryption[J]. Acta Electronica Sinica, 2020, 48(8): 1545-1551.

参考文献

[1] Sahai A,Waters B.Fuzzy identity-based encryption[A].Annual International Conference on the Theory and Applications of Cryptographic Techniques[C].Berlin,Heidelberg:Springer,2005.457-473.
[2] 冯朝胜,秦志光,袁丁,等.云计算环境下访问控制关键技术[J].电子学报,2015,43(2):312-319. Feng C S,Qin Z G,Yuan D,et al.Key techniques of access control for cloud computing[J].Acta Electronica Sinica,2015,43(2):312-319.(in Chinese)
[3] Goyal V,Pandey O,Sahai A,et al.Attribute-based encryption for fine-grained access control of encrypted data[A].ACM Conference on Computer and Communications Security[C].New York:ACM,2006.89-98.
[4] Bethencourt J,Sahai A,Waters B.Ciphertext-policy attribute-based encryption[A].IEEE Symposium on Security and Privacy[C].Washington:IEEE Computer Society,2007.321-334.
[5] Karchmer M,Wigderson A.On span programs[A].Proceedings of the Eigth Annual Structure in Complexity Theory Conference[C].San Diego:IEEE,1993.102-111.
[6] Waters B.Ciphertext-policy attribute-based encryption:An expressive,efficient,and provably secure realization[A].International Conference on Practice and Theory in Public Key Cryptography[C].Berlin Heidelberg:Springer,2011.53-70.
[7] Balu A,Kuppusamy K.An expressive and provably secure ciphertext-policy attribute-based encryption[J].Information Sciences,2014,276:354-362.
[8] Thorbek R.Linear integer secret sharing and distributed exponentiation[A].International Workshop on Public Key Cryptography[C].Berlin Heidelberg:Springer,2006.75-90.
[9] Green M,Hohenberger S,Waters B.Outsourcing the decryption of ABE ciphertexts[A].Usenix Conference on Security[C].Berkely:USENIX Association,2011.34-34.
[10] Zhou Z,Huang D.Efficient and secure data storage operations for mobile cloud computing[A].Network and Service Management[C].Las Vegas:IEEE,2012.37-45.
[11] Li J,Jia C,Li J,et al.Outsourcing encryption of attribute-based encryption with mapreduce[A].International Conference on Information and Communications Security[C].Berlin,Heidelberg:Springer,2012.191-201.
[12] Lai J,Deng R H,Guan C,et al.Attribute-based encryption with verifiable outsourced decryption[J].IEEE Transactions on Information Forensics and Security,2013,8(8):1343-1354.
[13] Qin B,Deng R,Liu S,et al.Attribute-based encryption with efficient verifiable outsourced decryption[J].IEEE Transactions on Information Forensics and Security,2015,10(7):1384-1393.
[14] Lin S,Zhang R,Ma H,et al.Revisiting attribute-based encryption with verifiable outsourced decryption[J].IEEE Transactions on Information Forensics & Security,2015,10(10):2119-2130.
[15] Huang Q,Yang Y,Wang L.Secure data access control with ciphertext update and computation outsourcing in fog computing for internet of things[J].IEEE Access,2017,5:12941-12950.
[16] Jiguo L,Fengjie S,Yichen Z,et al.Verifiable outsourced decryption of attribute-based encryption with constant ciphertext length[J].Security and Communication Networks,2017,2017:1-11.
[17] Kai F,Junxiong W,Xin W,et al.A secure and verifiable outsourced access control scheme in fog-cloud computing[J].Sensors,2017,17(7):1695-1710.
[18] 赵志远,王建华,徐开勇,等.面向云存储的支持完全外包属性基加密方案[J].计算机研究与发展,2019,56(2):442-452. Zhao Z Y,Wang J H,Xu K Y,et al.Fully outsourced attribute-based encryption with verifiability for cloud storage[J].Journal of Computer Research and Development,2019,56(2):442-452.(in Chinese)
[19] Rui Z,Hui M,Yao L.Fine-grained access control system based on fully outsourced attribute-based encryption[J].Journal of Systems & Software,2017,125:344-353.
[20] Li Z,Li W,Jin Z,et al.An efficient ABC scheme with verifiable outsourced encryption and decryption[J].IEEE Access,2019,7:29023-29037.
[21] 李帅,付安民,苏铓,等.基于单服务器的群上幂指数安全外包计算方案[J].计算机研究与发展,2018,55(11):142-149. Li S,Fu A,Su M,et al.Secure and verifiable protocol for outsourcing group power exponent to a single server[J].Journal of Computer Research and Development,2018,55(11):2482-2489.(in Chinese)
[22] 冯朝胜,罗王平,秦志光,等.支持多种特性的基于属性代理重加密方案 [J].通信学报,2019,40(6):177-189. Feng,C S.Luo W P.Qin Z G,et al.Attribute-based proxy re-encryption scheme with multiple features[J].Journal on Communications,2019,40(6):177-189.(in Chinese)

支持可验证加解密外包的CP-ABE方案

ACP-ABE Scheme with Verifiable Outsourced Encryption and Decryption

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 2

编辑推荐

Metrics

[1]	赵开强, 康萍, 刘彬, 郭真, 冯朝胜, 卿昱. 支持云代理重加密的CP-ABE方案[J]. 电子学报, 2023, 51(3): 728-735.
[2]	晋云霞, 杨贺昆, 冯朝胜, 刘帅南, 李航, 邹莉萍, 万国根. 一种支持解密外包的KP-ABE方案[J]. 电子学报, 2020, 48(3): 561-567.