一种支持树形访问结构的属性基可净化签名方案

doi:10.3969/j.issn.0372-2112.2017.11.019

电子学报 ›› 2017, Vol. 45 ›› Issue (11): 2715-2720.DOI: 10.3969/j.issn.0372-2112.2017.11.019

一种支持树形访问结构的属性基可净化签名方案

莫若¹, 马建峰^1,3, 刘西蒙², 张涛³

1. 西安电子科技大学网络与信息安全学院, 陕西西安 710071;
2. 新加坡管理大学信息系统学院, 新加坡 178902;
3. 西安电子科技大学计算机学院, 陕西西安 710071

收稿日期:2016-07-25 修回日期:2017-01-09 出版日期:2017-11-25
- 通讯作者:
- 马建峰
- 作者简介:
- 莫若,男,1990年生于陕西渭南.西安电子科技大学网络与信息安全学院博士研究生.研究方向为数字签名.E-mail:593430655@qq.com
- 基金资助:
- 国家自然基金 (No.U1135002，No.U1405255）; 国家863高技术研究发展计划 (No.2015AA016007，No.2015AA017203）

An Attribute-Based Sanitizable Signature Supporting Dendritic Access Structure

MO Ruo¹, MA Jian-feng^1,3, LIU Xi-meng², ZHANG Tao³

1. School of Cyber Engineering, Xidian University, Xi'an, Shaanxi 710071, China;
2. School of Information systems, Singapore Management University, Singapore 178902, Singapore;
3. School of Computer Science and Technology, Xidian University, Xi'an, Shaanxi 710071, China

Received:2016-07-25 Revised:2017-01-09 Online:2017-11-25 Published:2017-11-25
- Supported by:
- National Natural Science Foundation of China (No.U1135002, No.U1405255); National High-tech R&D Program of China (863 Program) (No.2015AA016007, No.2015AA017203)

摘要/Abstract

摘要： 在电子医疗档案系统中，用户会频繁更新自己的健康数据.若直接使用现有签名方案保证这些数据的可认证性，在泄露用户身份隐私的同时，也需要大量的计算开销.为了解决上述问题，我们利用属性集合来模糊用户的身份信息，并引入可授权第三方-净化者，提出了一个属性基的可净化签名方案.安全性分析证明，本方案保护了用户的匿名性，同时在标准模型下针对给定策略选择消息攻击具有不可伪造性.通过方案对比分析表明，本方案在有效降低用户签名计算开销的同时，还支持树形访问结构，能在大规模属性集下提供灵活的细粒度访问控制.

关键词: 基于属性的签名, 可净化签名, 电子医疗档案, 标准模型, 不可伪造性, 匿名性

Abstract: In the Electronic Health Record system,users update their health data frequently.If users keep the authentication of these data with the signature scheme in existence,it will lead to the leakage of their identity privacy and huge computation cost.Aiming at tackling the problems above,we propose a novel scheme called attribute-based sanitizable signature supporting dendritic access structure which obfuscates the user identity with attribute sets and introduces an authorized semi-trust third-party-sanitizer.The security analysis demonstrates that our scheme achieves the anonymity of users and is unforgeable under selective-predicate chosen-message attack in the standard model.Through comparison,our scheme not only reduces the signing computation overhead of users,but also supports the dendritic access structure which can provide flexibly fine-grained access control under large-scale attribute sets.

Key words: attribute-based signature, sanitizable signature, electronic health records, standard model, unforgeable, anonymity

中图分类号:

TP309

莫若, 马建峰, 刘西蒙, 等. 一种支持树形访问结构的属性基可净化签名方案[J]. 电子学报, 2017, 45(11): 2715-2720.

MO Ruo, MA Jian-feng, LIU Xi-meng, et al. An Attribute-Based Sanitizable Signature Supporting Dendritic Access Structure[J]. Acta Electronica Sinica, 2017, 45(11): 2715-2720.

参考文献

[1] Hoerbst A,Ammenwerth E.Electronic health records[J].Methods Inf Med,2010,49(4):320-336.
[2] Sinsky C A,Beasley J W,Simmons G E,et al.Electronic health records:design,implementation,and policy for higher-value primary care[J].Annals of Internal Medicine,2014,160(10):727-728.
[3] Blumenthal D,Tavenner M.The "meaningful use" regulation for electronic health records[J].New England Journal of Medicine,2010,363(6):501-504.
[4] Gellert G A,Ramirez R,Webster S L.The rise of the medical scribe industry:implications for the advancement of electronic health records[J].JAMA,2015,313(13):1315-1316.
[5] Ateniese G,Chou D H,De Medeiros B,et al.Sanitizable signatures[A].ESORICS 2005[C].Berlin:Springer Heidelberg,2005.159-177.
[6] Krawczyk H,Rabin T.Chameleon hashing and signatures[EB/OL].http://eprint.iacr.org/1998/010,1998-03-17/2017-01-09.
[7] Canard S,Jambert A,Lescuyer R.Sanitizable signatures with several signers and sanitizers[A].AFRICACRYPT 2012[C].Berlin:Springer Heidelberg,2012.35-52.
[8] Brzuska C,Fischlin M,Lehmann A,et al.Unlinkability of sanitizable signatures[A].PKC 2010[C].Berlin:Springer Heidelberg.2010.444-461.
[9] Brzuska C,Pøhls H C,Samelin K.Non-interactive public accountability for sanitizable signatures[A].EuroPKI 2012[C].Berlin:Springer Heidelberg,2013.178-193.
[10] Brzuska C,P?hls H C,Samelin K.Efficient and perfectly unlinkable sanitizable signatures without group signatures[A].EuroPKI 2013[C].Berlin:Springer Heidelberg,2014.12-30.
[11] Agrawal S,Kumar S,Shareef A,et al.Sanitizable signatures with strong transparency in the standard model[A].Inscrypt 2009[C].Berlin:Springer Heidelberg,2010.93-107.
[12] 王小明,付红,张立臣.基于属性的访问控制研究进展[J].电子学报,2010,38(7):1660-1667. Wang Xiaoming,Fu Hong,Zhang Lichen.Research progress on attribute based access control[J].Acta Electronica Sinica,2010,38(7):1660-1667.(in Chinese)
[13] Yang P,Cao Z,Dong X.Fuzzy identity based signature[EB/OL].http://eprint.iacr.org/2008/002,2007-12-31/2017-01-09.
[14] Shahandashti S F,Safavi-Naini R.Threshold attribute-based signatures and their application to anonymous credential systems[A].AFRICACRYPT 2009[C].Berlin:Springer Heidelberg,2009.198-216.
[15] Maji H K,Prabhakaran M,Rosulek M.Attribute-based signatures:achieving attribute-privacy and collusion-resistance[EB/OL].http://eprint.iacr.org/2008/328,2008-07-29/2017-01-09.
[16] Su J,Cao D,Zhao B,et al.ePASS:An expressive attribute-based signature scheme with privacy and an unforgeability guarantee for the internet of things[J].Future Generation Computer Systems,2014,33:11-18.
[17] 李琦,马建峰,熊金波,等.一种素数阶群上构造的自适应安全的多授权机构CP-ABE方案[J].电子学报,2013,42(4):696-702. Li Qi,Ma Jianfeng,Xiong Jinbo,et al.An adaptively secure multi-authority ciphertext-policy ABE scheme on prime order groups[J].Acta Electronica Sinica,2013,42(4):696-702.(in Chinese)

一种支持树形访问结构的属性基可净化签名方案

An Attribute-Based Sanitizable Signature Supporting Dendritic Access Structure

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	张文芳, 雷丽婷, 王小敏, 王宇. 面向云服务的安全高效无证书聚合签名车联网认证密钥协商协议[J]. 电子学报, 2020, 48(9): 1814-1823.
[2]	戚珉, 陈明. 标准模型下基于身份的混淆乐观公平交换方案[J]. 电子学报, 2020, 48(8): 1516-1527.
[3]	杨启良, 周彦伟, 杨坤伟, 王涛. 标准模型下可公开验证的匿名IBE方案的安全性分析[J]. 电子学报, 2020, 48(2): 291-295.
[4]	丁勇, 王冰尧, 袁方, 王玉珏, 张昆, 田磊. 支持第三方仲裁的智能电网数据安全聚合方案[J]. 电子学报, 2020, 48(2): 350-358.
[5]	巩林明, 李顺东, 窦家维, 王道顺. 标准模型下抗CPA与抗CCA2的RSA型加密方案[J]. 电子学报, 2018, 46(8): 1938-1946.
[6]	尹鑫, 田有亮, 王海龙. 面向大数据定价的委托拍卖方案[J]. 电子学报, 2018, 46(5): 1113-1120.
[7]	赵艳琦, 来齐齐, 禹勇, 杨波, 赵一. 标准模型下基于身份的环签名方案[J]. 电子学报, 2018, 46(4): 1019-1024.
[8]	周彦伟, 杨波, 张文政. 匿名的无证书多接收者签密机制[J]. 电子学报, 2016, 44(8): 1784-1790.
[9]	李慧贤, 巨龙飞. 对一个匿名多接收者签密方案的安全性分析与改进[J]. 电子学报, 2015, 43(11): 2187-2193.
[10]	陈明. 标准模型下可托管的基于身份认证密钥协商[J]. 电子学报, 2015, 43(10): 1954-1962.
[11]	李琦, 马建峰, 熊金波, 刘西蒙, 马骏. 一种素数阶群上构造的自适应安全的多授权机构CP-ABE方案[J]. 电子学报, 2014, 42(4): 696-702.
[12]	马春光, 石岚, 周长利, 汪定. 属性基门限签名方案及其安全性研究[J]. 电子学报, 2013, 41(5): 1012-1015.
[13]	明洋, 王育民. 标准模型下可证安全的通配符基于身份加密方案[J]. 电子学报, 2013, 41(10): 2082-2086.
[14]	葛爱军, 马传贵, 程庆丰. 标准模型下CCA2安全且固定密文长度的模糊基于身份加密方案[J]. 电子学报, 2013, 41(10): 1948-1952.
[15]	李继国, 杨海珊, 张亦辰. 标准模型下安全的基于证书密钥封装方案[J]. 电子学报, 2012, 40(8): 1577-1583.