机构可验证的密文策略属性基加密方案

doi:10.19665/j.issn1001-2400.2019.04.008

摘要/Abstract

摘要：

针对现实生活中存在的机构合法性的可验证问题,提出一种支持机构可验证的密文策略属性基加密方案。通过引入环签名技术,将多个机构组织成为一个合法的机构群体,并将机构用于证明自身合法性的环签名合理地嵌入用户私钥当中,从而使用户获得对机构合法性进行验证的能力。该方案采用线性秘密分享方案,支持任意的单调访问结构,并在标准模型下基于合数阶群上的困难假设证明了方案的完全安全。经与相关属性基加密方案的对比分析,表明该方案在密文大小、用户私钥大小和双线性对计算量等方面具有一定的性能优势,更加适用于云环境中移动终端等计算能力有限的设备对机构的合法性进行验证。

关键词: 属性基加密, 机构可验证, 环签名, 云环境

Abstract:

To address the problem of how to authenticate a valid authority in the real life, a new ciphertext-policy attribute-based encryption scheme with verifiability on authority is proposed. By employing ring signature technology, multiple authorities are organized into a valid organization, and the value of ring signature which can be used to prove the legitimacy of each authority is reasonably embedded in the user's private key, so that users are able to verify the validity of the authority. In addition, the linear secret sharing scheme is adopted to support any monotone access structures in our scheme, and it is proved to be full security based on the difficult assumptions on the composite order group under the standard model. Finally, compared with some related attribute-based encryption schemes, the proposed scheme has certain performance advantages in terms of ciphertext size, user's private key size, bilinear pairing calculation and so on. Therefore, it is more suitable for cloud environment and resource-limited mobile devices.

Key words: attribute-based encryption, verifiability on authority, ring signature, cloud environment

中图分类号:

TP309

于金霞,何旭,闫玺玺. 机构可验证的密文策略属性基加密方案[J]. 西安电子科技大学学报, 2019, 46(4): 49-57.

YU Jinxia,HE Xu,YAN Xixi. Ciphertext-policy attribute-based encryption scheme with verifiability on authority[J]. Journal of Xidian University, 2019, 46(4): 49-57.

图/表 2

图1

表1

参考文献 21

[1]	SAHAI A, WATERS B. Fuzzy Identity-based Encryption [C]//Lecture Notes in Computer Science: 3494. Heidelberg: Springer Verlag, 2005: 457-473.
[2]	JIANG Y, SUSILO W, MU Y , et al. Ciphertext-policy Attribute-based Encryption against Key-delegation Abuse in Fog Computing[J]. Future Generation Computer Systems, 2018,78:720-729.
[3]	QIAO H, REN J, WANG Z , et al. Compulsory Traceable Ciphertext-policy Attribute-based Encryption against Privilege Abuse in Fog Computing[J]. Future Generation Computer Systems, 2018,88:107-116.
[4]	CHASE M. Multi-authority Attribute Based Encryption [C]//Lecture Notes in Computer Science: 4392. Heidelberg: Springer Verlag, 2007: 515-534.
[5]	LEWKO A, WATERS B. Decentralizing Attribute-based Encryption [C]//Lecture Notes in Computer Science: 6632. Heidelberg: Springer Verlag, 2011: 568-588.
[6]	仲红, 崔杰, 朱文龙 , 等. 高效且可验证的多授权机构属性基加密方案[J]. 软件学报, 2018,29(7):2006-2017.
	ZHONG Hong, CUI Ji, ZHU Wenlong , et al. Efficient and Verifiable Multi-authority Attribute Based Encryption Scheme[J]. Journal of Software, 2018,29(7):2006-2017.
[7]	XU Q, TAN C, FAN Z , et al. Secure Data Access Control for Fog Computing Based on Multi-authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation[J]. Sensors, 2018,18(5):A1609.
[8]	闫玺玺, 刘媛, 胡明星 , 等. 云环境下基于LWE的多机构属性基加密方案[J]. 信息网络安全, 2017(9):128-133.
	YAN Xixi, LIU Yuan, HU Mingxing , et al. LWE-based Multi-authority Attribute-based Encryption Scheme in Cloud Environment[J]. Netinfo Security, 2017(9):128-133.
[9]	闫玺玺, 刘媛, 李子臣 , 等. 策略半隐藏且支持更新的多机构属性加密方案[J]. 西安电子科技大学学报, 2018,45(2):122-128.
	YAN Xixi, LIU Yuan, LI Zichen , et al. Multi-authority Attribute-based Encryption Scheme with Policy Semi-hidden and Dynamic Updating[J]. Journal of Xidian University, 2018,45(2):122-128.
[10]	ZHANG K, LI H, MA J , et al. Efficient Large-Universe Multi-authority Ciphertext-policy Attribute-based Encryption with White-box Traceability[J]. Science China Information Sciences, 2018,61(3):032102.
[11]	LI J, REN K, KIM K. A2BE: Accountable Attribute-based Encryption for Abuse Free Access Control[L/OL]. IACR Cryptology ePrint Archive, 2009, 2009/118. [2018-12-20]. https://eprint.iacr.org/2009/118.pdf.
[12]	NING J, DONG X, CAO Z. et al. Accountable Authority Ciphertext-policy Attribute-based Encryption with White-box Traceability and Public Auditing in the Cloud [C]//Lecture Notes in Computer Science: 9327. Heidelberg: Springer Verlag, 2015: 270-289.
[13]	ZHANG Y, LI J, ZHENG D. et al. Accountable Large-universe Attribute-based Encryption Supporting Any Monotone Access Structures [C]//Lecture Notes in Computer Science: 9722. Heidelberg: Springer Verlag, 2016: 509-524.
[14]	ZHANG Y, LI J , ZHENG, D, et al. Towards Privacy Protection and Malicious Behavior Traceability in Smart Health[J]. Personal and Ubiquitous Computing, 2017,21(5):815-830.
[15]	LAI J, TANG Q. Making Any Attribute-based Encryption Accountable, Efficiently [C]//Lecture Notes in Computer Science: 11099. Heidelberg: Springer Verlag, 2018: 527-547.
[16]	LIU Z, CAO Z, WONG D S . White-box Traceable Ciphertext-policy Attribute-based Encryption Supporting Any Monotone Access Structures[J]. IEEE Transactions on Information Forensics and Security, 2013,8(1):76-88.
[17]	GUAN Z, LI J, ZHANG Y , et al. An Efficient Traceable Access Control Schemewith Reliable Key Delegation in Mobile Cloud Computing[J]. EURASIP Journal on Wireless Communications and Networking, 2016,2016(1):208.
[18]	WANG G, LIU Q, WU J , et al. Hierarchical Attribute-based Encryption and Scalable User Revocation for Sharing Data in Cloud Servers[J]. Computers and Security, 2011,30(5):320-331.
[19]	RIVEST R, SHAMIR A, TAUMAN Y. How to Leak a Secret [C]//Lecture Notes in Computer Science: 2248. Heidelberg: Springer Verlag, 2001: 552-565.
[20]	LIU J K, WEI V K, WONG D S. Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups [C]//Lecture Notes in Computer Science: 3108. Heidelberg: Springer Verlag, 2004: 325-335.
[21]	LEWKO A, OKAMOTO T, SAHAI A. et al. Fully Secure Functional Encryption: Attribute-based Encryption and (Hierarchical) Inner Product Encryption [C]//Lecture Notes in Computer Science: 6110. Heidelberg: Springer Verlag, 2010: 62-91.

方案	公开参数大小	密文大小	用户私钥大小	解密过程中的双线性对计算	双线性群	安全模型
文献[5]	2 $U$ +2	3l+1	$S$	2 $I$	合数阶	RO模型
文献[10]	4 $U θ$ +2	6l+1	4 $S$ +1	3 $I$	素数阶	RO模型
文献[16]	$U$ +5	2l+3	$S$ +4	2 $I$ +1	合数阶	标准模型
笔者提出的方案	$U$ +5+ $U θ$	2l+3	$S$ +5+ $U θ$	2 $I$ +2	合数阶	标准模型