支持叛逆者追踪的密文策略属性基加密方案

doi:10.3969/j.issn.1671-1122.2019.05.006

信息网络安全 ›› 2019, Vol. 19 ›› Issue (5): 47-53.doi: 10.3969/j.issn.1671-1122.2019.05.006

支持叛逆者追踪的密文策略属性基加密方案

闫玺玺¹(), 张棋超¹, 汤永利¹, 黄勤龙²

1. 河南理工大学计算机科学与技术学院,河南焦作 454003
2. 北京邮电大学网络空间安全学院,北京 100876

收稿日期:2018-05-03 出版日期:2019-05-10 发布日期:2020-05-11
作者简介:
作者简介：闫玺玺（1985—）,女,河南,副教授,博士,主要研究方向为网络与信息安全、数字内容安全;张棋超（1992—）,男,河南,硕士研究生,主要研究方向为密码学、网络与信息安全;汤永利（1972—）,男,河南,教授,博士,主要研究方向为密码学算法检测、网络与信息安全;黄勤龙（1988—）,男,江西,讲师,博士,主要研究方向为数字版权管理、数字内容安全、网络安全。
基金资助:
“十三五”国家密码发展基金[MMJJ20170122];河南省科技厅项目[142300410147];河南省教育厅项目[12A520021, 16A520013];河南理工大学博士基金[B2014-044];河南理工大学青年骨干教师资助项目

Ciphertext Policy Attribute-based Encryption Scheme Supporting Traitor Tracing

Xixi YAN¹(), Qichao ZHANG¹, Yongli TANG¹, Qinlong HUANG²

1. School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo Henan 454003, China
2. School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China

Received:2018-05-03 Online:2019-05-10 Published:2020-05-11

摘要/Abstract

摘要：

属性基加密通过访问结构与属性集之间的匹配关系实现对用户解密权限的控制,高效地解决了“一对多”的秘密数据共享问题,在云计算、大数据、隐私保护等领域有着广泛的应用前景。然而,实际应用中存在叛逆者（或恶意用户）泄露私钥获取非法利益的情况。针对此问题,文章提出一种支持叛逆者追踪的密文策略属性基加密方案。该方案基于IBRAIMI等人提出的ABE方案,在私钥生成算法中融入Boneh-Boyen签名算法,实现对叛逆者的追踪。该方案被证明在DBDH假设下满足选择明文攻击安全。通过性能分析发现,该方案密文长度、私钥长度都得到了缩短,降低了计算开销和通信开销。因此,该方案在文件共享、电子病历等方面具有较大的理论意义和应用价值。

关键词: 属性基加密, 叛逆者追踪, 密文策略, DBDH假设

Abstract:

Attribute-based encryption(ABE) which can realize fine-grained access control by matching the access structure with attribute set meets the demand of secret data sharing in “one-to-many” environment. So it is widely used in the field of cloud computing, big data, privacy protection and so on. However, there are cases in which a traitor(or a malicious user) leaks a private key to obtain an illegal benefit in practical use. To solve this problem, a ciphertext policy attribute-based encryption scheme supporting traitor tracing is proposed in the paper. Based on the ABE scheme proposed by IBRAIMI, the Boneh-Boyen signature algorithm is introduced in the private key generation algorithm to track the traitor. The scheme is proved to be secure against chosen plaintext attack under DBDH assumption. The performance analysis shows that the size of the ciphertext and the private key are reduced, and the cost of computation and communication are optimized. Therefore, the scheme has higher theoretical significance and application values in file sharing, electronic medical records, and so on.

Key words: attribute-based encryption, traitor tracing, ciphertext strategy, DBDH assumption

中图分类号:

TP309

闫玺玺, 张棋超, 汤永利, 黄勤龙. 支持叛逆者追踪的密文策略属性基加密方案[J]. 信息网络安全, 2019, 19(5): 47-53.

Xixi YAN, Qichao ZHANG, Yongli TANG, Qinlong HUANG. Ciphertext Policy Attribute-based Encryption Scheme Supporting Traitor Tracing[J]. Netinfo Security, 2019, 19(5): 47-53.

图/表 1

参考文献 17

[1]	SAHAI A, WATERS B.Fuzzy Identity-Based Encryption[C]//Springer. 2005 International Conference on Theory and Applications of Cryptographic Techniques, May 22-26, 2005, Aarhus, Denmark. Heidelberg: Springer, 2005: 457-473.
[2]	YAN Xixi, YE Qing, LIU Yu.Attribute-based Encryption Scheme Supporting Privacy Preserving and User Revocation in the Cloud Environment[J]. Netinfo Security, 2017, 17(6): 14-21.
	闫玺玺,叶青,刘宇. 云环境下支持隐私保护和用户撤销的属性基加密方案[J]. 信息网络安全,2017,17(6):14-21.
[3]	HAN Qingde, XIE Hui, YUAN Zhimin, et al.A MA-CP-ABE Scheme of Supporting Access Structure Hiding[J]. Netinfo Security, 2017, 17(1): 48-56.
	韩清德,谢慧,袁志民,等. 一种支持访问结构隐藏的MA-CP-ABE方案[J]. 信息网络安全,2017,17(1):48-56.
[4]	CHOR B, FIAT A, NAOR M, et al.Tracing Traitors[J]. IEEE Transactions on Information Theory, 2000, 46(3): 893-910.
[5]	BONEH D, FRANKLIN M.An Efficient Public Key Traitor Tracingscheme[C]//Springer. 1999 Annual International Cryptology Conference, August 15-19, 1999, Santa Barbara, CA, USA. Heidelberg: Springer, 1999: 338-353.
[6]	GOYAL V.Reducing Trust in the PKG in Identity Based Cryptosystems[C]//Springer. 27th Annual International Cryptology Conference on Advances in Cryptology, August 19-23, 2007, Santa Barbara, CA, USA. Heidelberg: Springer, 2007: 430-447.
[7]	HINEK M J, JIANG Shaoquan, SAFAVI-NAINI R, et al.Attribute-based Encryption with Key Cloning Protection[J]. Bulletin of the Korean Mathematical Society, 2008(4): 803-819.
[8]	YU Shucheng, REN Kui, LOU Wenjing, et al.Defending Against Key Abuse Attacks in KP-ABE Enabled Broadcast Systems[C]//Springer. 2009 International Conference on Security and Privacy in Communication Systems, September 14-18, 2009, Athens, Greece. Heidelberg: Springer, 2009: 311-329.
[9]	LIU Zhen, CAO Zhenfu, WONG D S. Blackbox Traceable CP-ABE: How to Catch People Leaking Their Keys by Selling Decryption Devices on Ebay[EB/OL]. , 2017-11-10.
[10]	LIU Zhen, CAO Zhenfu, WONG D S.White-Box Traceable Ciphertext-policy Attribute-based Encryption Supporting Any Monotone Access Structures[J]. IEEE Transactions on Information Forensics & Security, 2013, 8(1): 76-88.
[11]	NING Jianting, CAO Zhenfu, DONG Xiaolei, et al.Large Universe Ciphertext-policy Attribute-based Encryption with White-box Traceability[C]//Springer. 19th European Symposium on Research in Computer Security, September 7-11, 2014, Wroclaw, Poland. Heidelberg: Springer, 2014: 55-72.
[12]	NING Jianting, DONG Xiaolei, CAO Zhenfu, et al.White-box Traceable Ciphertext-policy Attribute-based Encryption Supporting Flexible Attributes[J]. IEEE Transactions on Information Forensics & Security, 2015, 10(6): 1274-1288.
[13]	NING Jianting, CAO Zhenfu, DONG Xiaolei, et al. Traceable and Revocable CP-ABE with Shorter Ciphertexts[EB/OL]. , 2018-2-11.
[14]	JIANG Yinhao, SUSILO W, MU Y, et al.Ciphertext-policy Attribute-based Encryption Against Key-delegation Abuse in Fog Computing[J]. Future Generation Computer Systems, 2018, 78(P2): 720-729.
[15]	ZHANG K, LI Hui, MA Jianfeng, et al. Efficient Large-universe Multi-authority Ciphertext-policy Attribute-based Encryption with White-box Traceability[EB/OL]. , 2018-2-11.
[16]	IBRAIMI L, TANG Qiang, HARTEL P, et al.Efficient and Provable Secure Ciphertext-policy Attribute-based Encryption Schemes[C]//Springer. 2009 International Conference on Information Security Practice and Experience, April 13-15, 2009, Xi’an, China. Heidelberg: Springer, 2009: 1-12.
[17]	BONEH D, BOYEN X.Short Signatures without Random Oracles[C]//Springer. 2004 International Conference on the Theory and Applications of Cryptographic Techniques, May 2-6, 2004, Interlaken, Switzerland. Heidelberg: Springer, 2004: 56-73.

对比内容	系统功能		通信代价			计算代价
对比内容	访问策略	可追踪性	公钥长度	私钥长度	密文长度	解密双线性对个数
文献[10]	LSSS	√	n?5	k?4	2t?3	2I?1
文献[12]	LSSS	√	7	2k?4	3t?3	3I?1
文献[14]	与门	√	2(n?l)?4	n	2n-t?1	n
本文方案	访问树	√	n?3	k?2	t?3	I?1

支持叛逆者追踪的密文策略属性基加密方案

Ciphertext Policy Attribute-based Encryption Scheme Supporting Traitor Tracing

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 1

参考文献 17

相关文章 13

编辑推荐

Metrics

本文评价

[1]	刘鹏, 何倩, 刘汪洋, 程序. 支持撤销属性和外包解密的CP-ABE方案[J]. 信息网络安全, 2020, 20(3): 90-97.
[2]	许盛伟, 王飞杰. 多机构授权下可追踪可隐藏的属性基加密方案[J]. 信息网络安全, 2020, 20(1): 33-39.
[3]	秦中元, 韩尹, 张群芳, 朱雪金. 一种改进的多私钥生成中心云存储访问控制方案[J]. 信息网络安全, 2019, 19(6): 11-18.
[4]	董庆贺, 何倩, 江炳城, 刘鹏. 面向云数据库的多租户属性基安全隔离与数据保护方案[J]. 信息网络安全, 2018, 18(7): 60-68.
[5]	夏逸珉, 许春根, 窦本年. 一种标准模型下基于身份的匿名加密方案[J]. 信息网络安全, 2018, 18(4): 72-78.
[6]	闫玺玺, 刘媛, 胡明星, 黄勤龙. 云环境下基于LWE的多机构属性基加密方案[J]. 信息网络安全, 2017, 17(9): 128-133.
[7]	闫玺玺, 刘媛, 李子臣, 黄勤龙. 云环境下理想格上的多机构属性基加密隐私保护方案[J]. 信息网络安全, 2017, 17(8): 19-25.
[8]	闫玺玺, 叶青, 刘宇. 云环境下支持隐私保护和用户撤销的属性基加密方案[J]. 信息网络安全, 2017, 17(6): 14-21.
[9]	韩清德, 谢慧, 袁志民, 聂峰. 一种支持访问结构隐藏的MA-CP-ABE方案[J]. 信息网络安全, 2017, 17(1): 48-56.
[10]	荣星, 江荣. 一种基于混合属性的多授权中心云访问方案[J]. 信息网络安全, 2016, 16(11): 6-6.
[11]	连科, 赵泽茂, 王丽君, 贺玉菊. 一种支持属性重用的DCP-ABE方案研究[J]. 信息网络安全, 2015, 15(6): 41-46.
[12]	. 云计算中基于密文策略属性基加密的数据访问控制协议[J]. , 2014, 14(7): 57-.
[13]	连科, 赵泽茂, 贺玉菊. 属性匹配检测的匿名CP-ABE机制[J]. 信息网络安全, 2014, 14(10): 59-63.