Attribute-Based Encryption with Attribute Revocation and Constant-Size Ciphertext

ZHAO Zhi-yuan; ZHU Zhi-qiang; WANG Jian-hua; SUN Lei

doi:10.3969/j.issn.0372-2112.2018.10.012

您当前的位置：

首页 >

文章列表页 >

Attribute-Based Encryption with Attribute Revocation and Constant-Size Ciphertext

更新时间：2025-07-16

- Attribute-Based Encryption with Attribute Revocation and Constant-Size Ciphertext
- Acta Electronica Sinica Vol. 46, Issue 10, Pages: 2391-2399(2018)
- 作者机构：
  
  信息工程大学,河南,郑州,450001
- 作者简介：
- 基金信息：
- DOI：10.3969/j.issn.0372-2112.2018.10.012
  CLC： TP309
- Published：2018
- 稿件说明：
移动端阅览
ZHAO Zhi-yuan, ZHU Zhi-qiang, WANG Jian-hua, et al. Attribute-Based Encryption with Attribute Revocation and Constant-Size Ciphertext[J]. Acta Electronica Sinica, 2018, 46(10): 2391-2399.
DOI：

ZHAO Zhi-yuan, ZHU Zhi-qiang, WANG Jian-hua, et al. Attribute-Based Encryption with Attribute Revocation and Constant-Size Ciphertext[J]. Acta Electronica Sinica, 2018, 46(10): 2391-2399. DOI： 10.3969/j.issn.0372-2112.2018.10.012.

摘要

密文策略属性基加密（ciphertext-policy attribute-based encryption，CP-ABE）类似于基于角色访问控制，可以为云存储系统提供灵活细粒度的访问控制.但大多数CP-ABE方案中，密文长度与访问策略复杂度成正相关，系统属性同时被多个用户共享而导致属性难以被撤销.针对上述问题，本文提出一种支持属性撤销且密文长度恒定的属性基加密方案.该方案中每个用户的属性群密钥不能通用，可以有效抵抗撤销用户与未撤销用户的合谋攻击.为减少属性授权机构和数据拥有者的计算负担，属性撤销过程所需的计算量外包给数据服务管理者；同时该方案采用支持多值属性和通配符的AND门策略，实现了密文长度恒定.所提方案基于决策性q-BDHE（q-bilinear Diffie-Hellman exponent）假设对方案进行了选择明文攻击的安全性证明.最后对方案进行了理论分析与实验验证，分析结果表明本文方案可以有效抵制用户合谋攻击，增加了方案的安全性.同时所提方案在功能和计算效率方面具有一定优势，适用于实际应用情况.

Abstract

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is similar to role-based access control

which provides flexible and fine-grained access control for cloud storage systems. However

in most of existing CP-ABE schemes

the ciphertext length is positively related to the complexity of the access structure. And the attribute level user revocation is an important challenge because the system attributes are shared by multiple users at the same time. To solve this problem

this paper presents an CP-ABE scheme that supports the attribute level user revocation and constant-size ciphertext. The attribute group key for each user in the scheme is different

so this scheme can effectively resist collusion attacks between the revoked users and the existing users. To reduce the computational burden of the attribute authority and the data owner

the amount of computation required for the attribute revocation process is outsourced to the data service manager. At the same time

the scheme adopts the AND-Gate strategy supporting multi-valued attributes and wildcards

and the ciphertext length is constant. The scheme is proved selectively secure based on Decisional q-Bilinear Diffie-Hellman Exponent (q-BDHE) assumption. Finally

the functionality and efficiency of the proposed scheme are analyzed and verified. The experimental results show that the proposed scheme can safely implement attribute level user revocation. At the same time

the proposed scheme has some advantages in terms of function and computational efficiency. It is suitable for practical application.

关键词

Keywords

references

Views

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Collusion-Resistant Multi-Authority Electronic Health Records Sharing Scheme

Group Key Agreement Protocol Based on Dynamic Attribute Permissions for Edge-Cloud Collaboration Scenarios

Related Author

WANG Jing-wei

WU Jing-wen

YIN Xin-chun

HAN Gui-feng

ZHU Liang

ZHANG Qi-kun

LIU Meng-qi

Related Institution

College of Information Engineering， Yangzhou University

Guangling College of Yangzhou University

Guangdong Provincial Key Laboratory of Information Security Technology

School of Computer and Communication Engineering， Zhengzhou University of Light Industry

School of Software Engineering， East China Normal University

⁰