基于多权威属性基加密的智能电网数据安全共享模型

doi:10.3969/j.issn.1671-1122.2025.01.009

摘要/Abstract

摘要：

智能电网通过共享把数据的潜在价值转化为实际利益，因此保障数据共享的安全至关重要。文章面向智能电网场景中数据的细粒度访问控制，提出一种基于多权威属性基加密（MA-ABE）的数据安全共享模型。文章使用线性整数秘密共享方案（LSSS）构建MA-ABE方案，实现一个属性可被多个权威监控，多个权威可联合生成用户私钥，使得方案可抵抗针对属性权威机构（AA）的合谋攻击。将每个权威与一条区块链关联，并利用中继技术实现多链协同，保障数据跨域共享灵活性。通过安全规约证明了所提MA-ABE方案在基于判定性双线Diffie-Hellman假设的前提下满足选择明文攻击下的不可区分性（IND-CPA）安全性。文章通过理论分析和对比实验说明了MA-ABE方案在存储、计算以及功能性方面均有一定的优势。仿真结果表明，模型的吞吐量和时延满足了智能电网数据共享的需求，能够在保证智能电网数据共享性能的情况下，适用于智能电网的细粒度访问控制。

关键词: 智能电网, 多权威属性基加密, 多链协同, 访问控制, 数据共享

Abstract:

The smart grid transforms the potential value of data into actual benefits through sharing, thus ensuring the security of data sharing is crucial. The article proposed a data security sharing model based on multi authority attribute based encryption (MA-ABE) for fine-grained access control of data in smart grid scenarios. The article used the linear integer secret sharing scheme (LSSS) to construct the MA-ABE scheme, which enabled one attribute to be monitored by multiple authorities, and multiple authorities to jointly generate user private keys, making the scheme resistant to collusion attacks against attribute authorities (AA). Associated each authority with a blockchain and utilized relay technology to achieve multi chain collaboration, ensuring flexibility in cross domain data sharing. It has been proven through security protocols that the proposed MA-ABE scheme satisfies the indistinguishability under chose plaintext attacks based on the discriminative dual line Diffie Hellman assumption. The article demonstrates through theoretical analysis and comparative experiments that the proposed MA-ABE scheme has certain advantages in storage, computation, and functionality. The simulation results show that the throughput and latency of the model meet the requirements of smart grid data sharing, and can be applied to fine-grained access control of smart grid while ensuring the performance of smart grid data sharing.

Key words: smart grid, MA-ABE, multi-chain collaboration, access control, data sharing

中图分类号:

TP309

张新有, 刘庆夫, 冯力, 邢焕来. 基于多权威属性基加密的智能电网数据安全共享模型[J]. 信息网络安全, 2025, 25(1): 98-109.

ZHANG Xinyou, LIU Qingfu, FENG Li, XING Huanlai. Smart Grid Data Security Sharing Model Based on Multi-Authority Attribute-Based Encryption[J]. Netinfo Security, 2025, 25(1): 98-109.

图/表 9

图1

表1

表2

表3

表4

表5

图2

图3

图4

参考文献 30

[1]	POWELL J, MCCAFFERTY-LEROUX A, HILAL W, et al. Smart Grids: A Comprehensive Survey of Challenges, Industry Applications, and Future Trends[J]. Energy Reports, 2024, 11: 5760-5785.
[2]	QIN Sihang, DAI Weiqi, ZENG Haiyan, et al. Secure Sharing of Power Application Data Based on Blockchain[J]. Netinfo Security, 2023, 23(8): 52-65.
	覃思航, 代炜琦, 曾海燕, 等. 基于区块链的电力应用数据安全共享研究[J]. 信息网络安全, 2023, 23(8): 52-65.
[3]	ZHANG Ming, LIU Yutong, CHENG Qian, et al. Smart Grid Security Based on Blockchain and Smart Contract[J]. Peer-to-Peer Networking and Applications, 2024, 17(4): 2167-2184.
[4]	MOLLAH M B, ZHAO Jun, NIYATO D, et al. Blockchain for Future Smart Grid: A Comprehensive Survey[J]. IEEE Internet of Things Journal, 2021, 8(1): 18-43.
[5]	CHEN Ningyu, LI Jiguo, ZHANG Yichen, et al. Efficient CP-ABE Scheme with Shared Decryption in Cloud Storage[J]. IEEE Transactions on Computers, 2022, 71(1): 175-184.
[6]	MU Tianshi, LAI Yuyang, FENG Guocong, et al. A User-Friendly Attribute-Based Data Access Control Scheme for Smart Grids[J]. Alexandria Engineering Journal, 2023, 67: 209-217.
[7]	YANG Wenti, GUAN Zhitao, WU Longfei, et al. Secure Data Access Control with Fair Accountability in Smart Grid Data Sharing: An Edge Blockchain Approach[J]. IEEE Internet of Things Journal, 2021, 8(10): 8632-8643. doi: 10.1109/JIOT.2020.3047640
[8]	XIA Zhe, LUO Bin, XU Guibin, et al. Privacy-Preserving Data Aggregation with Fine Grained Access Control for Smart Grid[J]. Netinfo Security, 2021, 21(11): 28-39.
	夏喆, 罗宾, 徐桂彬, 等. 智能电网中支持细粒度访问控制的隐私保护数据聚合方案[J]. 信息网络安全, 2021, 21(11): 28-39.
[9]	SAHAI A, WATERS B. Fuzzy Identity-Based Encryption[C]// Springer. Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. Heidelberg: Springer, 2005: 457-473.
[10]	ZHOU Zhibin, HUANG Dijiang, WANG Zhijie. Efficient Privacy-Preserving Ciphertext-Policy Attribute Based-Encryption and Broadcast Encryption[J]. IEEE Transactions on Computers, 2015, 64(1): 126-138.
[11]	YANG Dan, WAGN Baocang, BAN Xuehua. Fully Secure Non-Monotonic Access Structure CP-ABE Scheme[J]. KSII Transactions on Internet and Information Systems, 2018, 12(3): 1315-1329.
[12]	DING Sheng, CAO Jin, LI Hui. Efficient Pairing-Free CP-ABE Based on Ordered Binary Decision Diagram[J]. Journal on Communications, 2019, 40(12): 1-8. doi: 10.11959/j.issn.1000-436x.2019234
	丁晟, 曹进, 李晖. 基于OBDD访问结构的无配对CP-ABE方案[J]. 通信学报, 2019, 40(12): 1-8. doi: 10.11959/j.issn.1000-436x.2019234
[13]	LEWKO A, WATERS B. Decentralizing Attribute-Based Encryption[C]// Springer. Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques. Heidelberg: Springer, 2011: 568-588.
[14]	DATTA P, KOMARGODSKI I, WATERS B. Decentralized Multi-Authority ABE for NC^1 from BDH[J]. Journal of Cryptology, 2023, 36(2): 1432-1378.
[15]	SUN Keshuo, GAO Haiying, SONG Yang. Multi-Authority Attribute-Based Encryption Scheme for Private Blockchain over Public Blockchain[EB/OL]. (2024-03-04)[2024-05-08]. http://kns.cnki.net/kcms/detail/51.1307.TP.20240229.1614.006.html.
	孙科硕, 高海英, 宋杨. 面向公有区块链上的私有区块链的多权威属性加密方案[EB/OL]. (2024-03-04)[2024-05-08]. http://kns.cnki.net/kcms/detail/51.1307.TP.20240229.1614.006.html.
[16]	CHRISTIDIS K, DEVETSIKIOTIS M. Blockchains and Smart Contracts for the Internet of Things[J]. IEEE Access, 2016, 4: 2292-2303.
[17]	ZHENG Hui, SHAO Jun, WEI Guiyi. Attribute-Based Encryption with Outsourced Decryption in Blockchain[J]. Peer-to-Peer Networking and Applications, 2020, 13(5): 1643-1655.
[18]	LI Jian, QI Yong. Blockchain Data Access Control Method with Revocable Attribute Encryption[J]. Computer Engineering and Design, 2024, 45(2): 348-355.
	李健, 戚湧. 可撤销属性加密的区块链数据访问控制方法[J]. 计算机工程与设计, 2024, 45(2): 348-355.
[19]	MENG Bo, WANG Yibing, ZHAO Can, et al. Survey on Crosschain Protocols of Blockchain[J]. Journal of Frontiers of Computer Science and Technology, 2022, 16(10): 2177-2192.
[20]	BEIMEL A. Secure Schemes for Secret Sharing and Key Distribution[D]. Haifa: Technion-Israel Institute of Technology, 1996.
[21]	GENCER A E, BASU S, EYAL I, et al. Decentralization in Bitcoin and Ethereum Networks[EB/OL]. (2018-01-11)[2024-05-08]. https://arxiv.org/abs/1801.03998v2.
[22]	YU Keping, TAN Liang, ALOQAILY M, et al. Blockchain-Enhanced Data Sharing with Traceable and Direct Revocation in IIoT[J]. IEEE Transactions on Industrial Informatics, 2021, 17(11): 7669-7678.
[23]	WATERS B. Ciphertext-Policy Attribute-Based Encryption:An Expressive, and Provably Secure Realization[C]// Springer. Lecture Notes in Computer Science. Heidelberg: Springer, 2011: 53-70.
[24]	ZHENG Zibin, XIE Shaoan, DAI Hongning, et al. An Overview on Smart Contracts: Challenges, Advances and Platforms[J]. Future Generation Computer Systems, 2020, 105: 475-491.
[25]	LING Zhi, YANG Ming, YU Jiangyin,. Research on Power Security Trading Platform Based on IPFS and Blockchain Technology[J]. Netinfo Security, 2024, 24(6): 968-976.
	凌治, 杨明, 余江银. 基于IPFS和区块链技术的电力安全交易平台研究[J]. 信息网络安全, 2024, 24(6): 968-976.
[26]	MING Yang, HE Baokang, WANG Chenhao. Efficient Revocable Multi-Authority Attribute-Based Encryption for Cloud Storage[J]. IEEE Access, 2021, 9: 42593-42603.
[27]	MING Yang, HE Baokang. Attribute Revocation and Verifiable Outsourcing Supported Multi-Authority Attribute-Based Encryption Scheme[J]. Journal of Computer Applications, 2019, 39(12): 3556-3562. doi: 10.11772/j.issn.1001-9081.2019061019
	明洋, 何宝康. 支持属性撤销的可验证外包的多授权属性加密方案[J]. 计算机应用, 2019, 39(12): 3556-3562. doi: 10.11772/j.issn.1001-9081.2019061019
[28]	BUTERIN V. Ethereum: A Next-Generation Smart Contract and Decentralized Application Platform[EB/OL]. [2024-05-08]. https://blockchainlab.com/pdf/Ethereum_white_paper-a_next_generation_smart_contract_and_decentralized_application_platform-vitalik-buterin.pdf.
[29]	CHOI W, HONG J W K. Performance Evaluation of Ethereum Private and Testnet Networks Using Hyperledger Caliper[C]// IEEE. 2021 the 22nd Asia-Pacific Network Operations and Management Symposium (APNOMS). New York: IEEE, 2021: 325-329.
[30]	GUO Zhenzhen, WANG Gaoli, DUNKELMAN O, et al. Tweakable SM4: How to Tweak SM4 into Tweakable Block Ciphers?[EB/OL]. (2022-10-20)[2024-05-08]. https://doi.org/10.1016/j.jisa.2022.103406.

软件环境	操作系统	Ubuntu 22.04
	密码学库	PBC 0.5.14
	区块链环境	Hyperledger Fabric 2.5
硬件环境	内存	32 GB
硬件环境	CPU	Intel i7-8750H

符号	含义
$AU$	权威机构的数量
$GU$	用户的属性数量
$U$	属性总数量
${{S}_{\text{max}}}$	LSSS矩阵的最大列数
$Exp$	幂运算计算开销
$Mul$	乘法运算计算开销
$Map$	双线性映射计算开销
$Hash$	哈希运算计算机开销

方案	AA公钥规模	AA私钥规模	用户私钥规模	密文规模
本文方案	$2U$	$2U$	$GU$	$2GU+2$
文献[14]方案	${{S}_{\text{max}}}U$	${{S}_{\text{max}}}U$	$GU$	$\left( {{S}_{\text{max}}}+1 \right)GU+1$
文献[26]方案	$2AU+U$	$2AU$	$AU+GU$	$3GU+1$
文献[27]方案	$3AU+U$	$3AU+U$	$2AU+2GU$	$3GU+3$

方案	针对AA的抗合谋	策略隐藏	属性撤销	用户追踪	外包解密	区块链
本文方案	√	√	√	√	×	√
文献[14]方案	×	×	×	×	×	×
文献[26]方案	×	×	√	×	×	×
文献[27]方案	×	√	√	×	√	×

方案	AA密钥生成开销	用户密钥生成开销	DO加密开销	DU解密开销
本文方案	UExp+UMap	2GUExp+ GUMul+ UHash	(1+2GU)+(2Exp+ Mul)+Map	GU(2Map+Exp)+ (1+2GU)Mul
文献[14] 方案	S_maxUExp+ AUMap	GUS_max(Exp+ Mul)-GUMul	GUS_maxMul+(1+ GU(2S_max+ 3))Exp+Map	(2GU+1)Mul+GuExp+ GuS_maxMap
文献[26] 方案	(2AU+U)Exp+ UHash	—	(GU+AU)Mul+ (4GU+1)Exp	(AU+GU+1)Exp+ (2GU+1)Mul)
文献[27] 方案	UMul+(2U+ 3AU)Exp+ Map+UHash	(AU+GU)Mul+ (3AU+3GU)Exp+ GUHash	(AU+GU)Mul+ (AU+4GU+3)Exp+ GUMap+GUHash	(2GU+AU+1)Mul+ (GU+1)Exp+(AU+ 4GU)Map