电子学报 ›› 2018, Vol. 46 ›› Issue (10): 2391-2399.DOI: 10.3969/j.issn.0372-2112.2018.10.012

• 学术论文 • 上一篇    下一篇

属性可撤销且密文长度恒定的属性基加密方案

赵志远, 朱智强, 王建华, 孙磊   

  1. 信息工程大学, 河南郑州 450001
  • 收稿日期:2017-07-12 修回日期:2018-03-08 出版日期:2018-10-25
    • 作者简介:
    • 赵志远,男,1989年生于吉林磐石.解放军信息工程大学三院博士生.研究方向为云计算安全、公钥密码学.E-mail:zzy_taurus@foxmail.com;朱智强,男,1961年生于吉林长春.武汉大学博士.现为解放军信息工程大学三院教授,硕士生导师.研究方向为云计算、信息安全.
    • 基金资助:
    • 国家973重点基础研究发展计划 (No.2013CB338000); 国家重点研发计划 (No.2016YFB0501900)

Attribute-Based Encryption with Attribute Revocation and Constant-Size Ciphertext

ZHAO Zhi-yuan, ZHU Zhi-qiang, WANG Jian-hua, SUN Lei   

  1. Information Engineering University, Zhengzhou, Henan 450001, China
  • Received:2017-07-12 Revised:2018-03-08 Online:2018-10-25 Published:2018-10-25
    • Supported by:
    • National Program on Key Basic Research Project of China  (973 Program) (No.2013CB338000); National Key Research and Development Program of China (No.2016YFB0501900)

摘要: 密文策略属性基加密(ciphertext-policy attribute-based encryption,CP-ABE)类似于基于角色访问控制,可以为云存储系统提供灵活细粒度的访问控制.但大多数CP-ABE方案中,密文长度与访问策略复杂度成正相关,系统属性同时被多个用户共享而导致属性难以被撤销.针对上述问题,本文提出一种支持属性撤销且密文长度恒定的属性基加密方案.该方案中每个用户的属性群密钥不能通用,可以有效抵抗撤销用户与未撤销用户的合谋攻击.为减少属性授权机构和数据拥有者的计算负担,属性撤销过程所需的计算量外包给数据服务管理者;同时该方案采用支持多值属性和通配符的"AND"门策略,实现了密文长度恒定.所提方案基于决策性q-BDHE(q-bilinear Diffie-Hellman exponent)假设对方案进行了选择明文攻击的安全性证明.最后对方案进行了理论分析与实验验证,分析结果表明本文方案可以有效抵制用户合谋攻击,增加了方案的安全性.同时所提方案在功能和计算效率方面具有一定优势,适用于实际应用情况.

关键词: 属性基加密, 属性撤销, 合谋攻击, 密文长度恒定

Abstract: Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is similar to role-based access control, which provides flexible and fine-grained access control for cloud storage systems. However, in most of existing CP-ABE schemes, the ciphertext length is positively related to the complexity of the access structure. And the attribute level user revocation is an important challenge because the system attributes are shared by multiple users at the same time. To solve this problem, this paper presents an CP-ABE scheme that supports the attribute level user revocation and constant-size ciphertext. The attribute group key for each user in the scheme is different, so this scheme can effectively resist collusion attacks between the revoked users and the existing users. To reduce the computational burden of the attribute authority and the data owner, the amount of computation required for the attribute revocation process is outsourced to the data service manager. At the same time, the scheme adopts the AND-Gate strategy supporting multi-valued attributes and wildcards, and the ciphertext length is constant. The scheme is proved selectively secure based on Decisional q-Bilinear Diffie-Hellman Exponent (q-BDHE) assumption. Finally, the functionality and efficiency of the proposed scheme are analyzed and verified. The experimental results show that the proposed scheme can safely implement attribute level user revocation. At the same time, the proposed scheme has some advantages in terms of function and computational efficiency. It is suitable for practical application.

Key words: attribute-based encryption, attribute revocation, collusion attacks, constant-size ciphertext

中图分类号: