基于SM9的属性加密的区块链访问控制方案

doi:10.3969/j.issn.1671-1122.2023.09.004

摘要/Abstract

摘要：

信息化社会中数据的安全共享问题已引起人们的广泛关注。数据安全共享的关键是通过密码技术对数据的访问和使用加以控制，然而传统的访问控制或者公钥加密体制都已经暴露出其在数据共享上的不足，例如访问控制策略的数量易随用户规模的增大而增多，不易管理；传统的公钥加密体制需要获取每个用户的公钥信息，并需要一对一地发送密文，通信成本高；依赖第三方服务商存储数据有单点故障的风险等。为解决上述问题，文章首先引入分布式技术区块链和星际文件系统（IPFS），提出一种基于SM9的属性加密的区块链访问控制方案，实现了安全高效的一对多数据共享和细粒度的访问控制；然后，利用区块链技术使得用户数据不被纂改，实现了数据的安全存储且可审计；最后通过判定性q-PBDHE假设证明了所提方案的安全性。

关键词: SM9算法, 属性加密, 访问控制, 区块链

Abstract:

The issue of secure sharing of data in the information society has attracted a lot of attention. The key to secure data sharing is to control the access or use of data through cryptography. However, traditional access control or public key encryption systems have gradually revealed their shortcomings in data sharing, such as the number of access control policies tends to increase with the size of users, which is not easy to manage; the traditional public key encryption system needs to obtain the public key information of each user and send the cipher text one-to-one, which is costly to communicate; relying on third-party service providers to store data carries the risk of a single point of failure, etc. To solve the above problems, the paper introduced distributed technology blockchain and Interplanetary File System (IPFS), and proposed a blockchain access control scheme with SM9-based attribute encryption, which achieved secure and efficient one-to-many data sharing and fine-grained access control, while the blockchain made user data uncompiled and achieved secure storage and auditable data. Finally, the safety of the proposed scheme is proved by the deterministic q-parallel BDHE assumption.

Key words: SM9 algorithm, attribute-based encryption, access control, blockchain

中图分类号:

TP309

周权, 陈民辉, 卫凯俊, 郑玉龙. 基于SM9的属性加密的区块链访问控制方案[J]. 信息网络安全, 2023, 23(9): 37-46.

ZHOU Quan, CHEN Minhui, WEI Kaijun, ZHENG Yulong. Blockchain Access Control Scheme with SM9-Based Attribute Encryption[J]. Netinfo Security, 2023, 23(9): 37-46.

图/表 9

表1

图1

表2

表3

表4

图2

图3

图4

图5

参考文献 24

[1]	WATERS B. Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization[C]// Springer. International Conference on Practice and Theory in Public Key Cryptography. Heidelberg: Springer, 2011: 53-70.
[2]	GM/T 0044-2016 Information Security Technology-Identity-Based Cryptographic Algorithms SM9[S]. Beijing: Standards Press of China, 2016.
	GM/T 0044-2016 SM9标识密码算法[S]. 北京: 中国标准出版社, 2016.
[3]	NAKAMOTO S. Bitcoin: A Peer-to-Peer Electronic Cash System[EB/OL]. (2008-10-31)[2023-01-11]. https://bitcoin.org/bitcoin.pdf.
[4]	ZHU Liehuang, GAO Feng, SHEN Meng, et al. Survey on Privacy Preserving Techniques for Blockchain Technology[J]. Journal of Computer Research and Development, 2017, 54(10): 2170-2186.
	祝烈煌, 高峰, 沈蒙, 等. 区块链隐私保护研究综述[J]. 计算机研究与发展, 2017, 54(10): 2170-2186.
[5]	ZHANG Yunru, HE Debiao, CHOO K. BaDS: Blockchain-Based Architecture for Data Sharing with ABS and CP-ABE in IoT[J]. Wireless Communications and Mobile Computing, 2018(7): 1-9.
[6]	PINNO O, GREGIO A, BONA L. ControlChain: Blockchain As A Central Enabler for Access Control Authorizations in the IoT[C]// IEEE. Globecom IEEE Global Communications Conference. New York: IEEE, 2017: 1-6.
[7]	WANG Qiange, HE Pu, NIE Tiezheng, et al. Survey of Data Storage and Query Techniques in Blockchain Systems[J]. Computer Science, 2018, 45(12): 12-18. doi: 10.11896／j.issn.1002-137X.2018.12.002
	王千阁, 何蒲, 聂铁铮, 等. 区块链系统的数据存储与查询技术综述[J]. 计算机科学, 2018, 45(12): 12-18.
[8]	JI Honghan, ZHANG Hongjie, SHAO Lisong, et al. An Efficient Attribute-Based Encryption Scheme Based on SM9 Encryption Algorithm for Dispatching and Control Cloud[J]. Connection Science, 2021, 33(4): 1094-1115. doi: 10.1080/09540091.2020.1858757 URL
[9]	WANG Hao, SONG Yujiao. Secure Cloud-Based EHR System Using Attribute-Based Cryptosystem and Blockchain[J]. Journal of Medical Systems, 2018, 42(8): 1-9. doi: 10.1007/s10916-017-0844-y URL
[10]	POURNAGHI S M, BAYAT M, FARJAMI Y. MedSBA: A Novel and Secure Scheme to Share Medical Data Based on Blockchain Technology and Attribute-Based Encryption[J]. Journal of Ambient Intelligence and Humanized Computing, 2020, 11(11): 4613-4641. doi: 10.1007/s12652-020-01710-y
[11]	TIAN Youliang, YANG Kedi, WANG Zuan, et al. Algorithm of Blockchain Data Provenance Based on ABE[J]. Journal on Communications, 2019, 40(11): 101-111. doi: 10.11959/j.issn.1000-436x.2019222
	田有亮, 杨科迪, 王缵, 等. 基于属性加密的区块链数据溯源算法[J]. 通信学报, 2019, 40(11): 101-111. doi: 10.11959/j.issn.1000-436x.2019222
[12]	CHENG Lichen, LIU Jiqiang, XU Guangquan, et al. SCTSC: A Semicentralized Traffic Signal Control Mode with Attribute-Based Blockchain in IoVs[J]. IEEE Transactions on Computational Social Systems, 2019, 6(6): 1373-1385. doi: 10.1109/TCSS.6570650 URL
[13]	ZOU Yipeng, PENG Tao, ZHONG Wentao, et al. Reliable and Controllable Data Sharing Based on Blockchain[C]// Springer. Inernational Conference on Ubiquitous Security. Heidelberg: Springer, 2021: 229-240.
[14]	WANG Tong, MA Wenping, LUO Wei. Information Sharing and Secure Multi-Party Computing Model Based on Block-Chain[J]. Computer Science, 2019, 46(9): 162-168.
	王童, 马文平, 罗维. 基于区块链的信息共享及安全多方计算模型[J]. 计算机科学, 2019, 46(9): 162-168.
[15]	ZHANG Guochao, WANG Ruijin. Blockchain Sharding Storage Model Based on Threshold Secret Sharing[J]. Computer Applications, 2019, 39(9): 2617-2622.
	张国潮, 王瑞锦. 基于门限秘密共享的区块链分片存储模型[J]. 计算机应用, 2019, 39(9): 2617-2622.
[16]	PENG Yanqing, DU Min, LI Feifei, et al. FalconDB: Blockchain-Based Collaborative Database[C]// ACM. ACM SIGMOD International Conference on Management of Data. New York: ACM, 2020: 637-652.
[17]	GUO Yu, XIE Hongcheng, MIAO Yinbin, et al. Fedcrowd: A Federated and Privacy-Preserving Crowdsourcing Platform on Blockchain[J]. IEEE Transactions on Services Computing, 2020, 15(4): 2060-2073. doi: 10.1109/TSC.2020.3031061 URL
[18]	WANG Mingyue, GUO Yu, ZHANG Chen, et al. MedShare: A Privacy-Preserving Medical Data Sharing System by Using Blockchain[J]. IEEE Transactions on Services Computing, 2021, 9: 438-451.
[19]	GUO Yu, ZHANG Chen, WANG Cong, et al. Towards Public Verifiable and Forward-Privacy Encrypted Search by Using Blockchain[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 5: 1-16. doi: 10.1109/TDSC.2008.9 URL
[20]	SHI Yang, MA Zhiyuan, QIN Rufu, et al. Implementation of an Attribute-Based Encryption Scheme Based on SM9[J]. Applied Sciences, 2019, 9(15): 3074-3088. doi: 10.3390/app9153074 URL
[21]	SAHAI A, WATERS B. Fuzzy Identity-Based Encryption[C]// Springer. Annual International Conference on Theory and Applications of Cryptographic Techniques. Heidelberg: Springer, 2005: 457-473.
[22]	GOYAL V, PANDEY O, SAHAI A, et al. Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data[C]// ACM. ACM Conference on Computer and Communications Security. New York: ACM, 2006: 89-98.
[23]	BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-Policy Attribute-Based Encryption[C]// IEEE. IEEE Symposium on Security and Privacy. New York: IEEE, 2007: 321-334.
[24]	LIU Zhen, CAO Zhenfu. On Efficiently Transferring the Linear Secret-Sharing Scheme Matrix in Ciphertext-Policy Attribute-Based Encryption[EB/OL]. [2023-01-11]. https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=8f0502461693d016c6a46b73ad20f4fc23f45c54.

访问结构(L)	访问矩阵(M)
((a, b, 2),(c, d, 1), e, 2)	(1)
$\left( \begin{matrix} (a,b,2) \\ (c,d,1) \\ e \\ \end{matrix} \right)$	$\left( \begin{matrix} 1 & 1 \\ 1 & 2 \\ 1 & 3 \\ \end{matrix} \right)$
$\left( \begin{matrix} a \\ b \\ (c,d,1) \\ e \\ \end{matrix} \right)$	$\left( \begin{matrix} 1 & 1 & 1 \\ 1 & 1 & 2 \\ 1 & 2 & 0 \\ 1 & 3 & 0 \\ \end{matrix} \right)$
$\left( \begin{matrix} a \\ b \\ c \\ d \\ e \\ \end{matrix} \right)$	$\left( \begin{matrix} 1 & 1 & 1 \\ 1 & 1 & 2 \\ 1 & 2 & 0 \\ 1 & 2 & 0 \\ 1 & 3 & 0 \\ \end{matrix} \right)$

参数符号	含义
k	系统属性集
S	用户属性集
M_i	l×n型访问矩阵M的第i行
$\rho (i)$	将矩阵M的第i行映射到属性
GID	用户组标识
H₁()	密码函数：{0, 1}^→$Z_{p}^{}$
KDF()	密钥派生函数
Enc()	分组函数，使用国密SM4
MAC()	消息认证码函数，使用国密SM3

方案	访问结构	安全存储程度	细粒度的访问控制	区块链	数据共享
文献[20]方案	AND门	弱	弱	×	√
文献[8]方案	访问树	弱	强	×	√
本文方案	LSSS矩阵	强	强	√	√

方案	设置阶段	密钥生成阶段	加密阶段	解密阶段
文献[8]方案	2T_m	nT_h + 2T_inv + (3n+1)T_m+T_H₁	T_H₁ + (2l+2)T_m + T_p + T_e + T_M + T_E	(2l+1)T_p + (l+1)T_inv + 2lT_m + 2lT_e + T_M + T_E
本文方案	2T_m	nT_h + 2T_inv + (n+2)T_m+T_H₁	T_H₁ + (3l+2)T_m + T_p + T_e + T_M + T_E	(2l+1)T_p + T_inv + 2lT_m + lT_e + T_M + T_E