属性匹配检测的匿名CP-ABE机制

doi:10.3969/j.issn.1671-1122.2014.10.011

信息网络安全 ›› 2014, Vol. 14 ›› Issue (10): 59-63.doi: 10.3969/j.issn.1671-1122.2014.10.011

属性匹配检测的匿名CP-ABE机制

连科, 赵泽茂, 贺玉菊

杭州电子科技大学通信工程学院,浙江杭州 310018

收稿日期:2014-08-25 出版日期:2014-10-01 发布日期:2015-08-17
作者简介:
连科（1986-）,男,河北,硕士研究生,主要研究方向：通信网络与信息安全;赵泽茂（1965-）,男,四川,教授,博士,主要研究方向：信息安全与密码学;贺玉菊（1989-）,女,河南,硕士研究生,主要研究方向：信息安全与密码学。
基金资助:
浙江省自然科学基金杰青团队项目[R109000138]、浙江省钱江人才计划项目[2013R10071]

Anonymous Attribute-based Encryption Supporting Attribute Matching-Test

LIAN Ke, ZHAO Ze-mao, HE Yu-ju

College of Communication Engineering, Hangzhou Dianzi University, Hangzhou Zhejiang 310018, China

Received:2014-08-25 Online:2014-10-01 Published:2015-08-17

摘要/Abstract

摘要：

属性基加密（简称ABE）机制以属性为公钥,将密文和用户私钥与属性关联,能够灵活地表示访问控制策略,从而极大地降低数据共享细粒度访问控制带来的网络带宽和发送节点的处理开销。作为和ABE相关的概念,匿名ABE机制进一步隐藏了密文中的属性信息,因为这些属性是敏感的,并且代表了用户身份。匿名ABE 方案中,用户因不确定是否满足访问策略而需进行重复解密尝试,造成巨大且不必要的计算开销。文章提出一种支持属性匹配检测的匿名属性基加密机制,用户通过运行属性匹配检测算法判断用户属性集合是否满足密文的访问策略而无需进行解密尝试,且属性匹配检测的计算开销远低于一次解密尝试。结果分析表明,该解决方案能够显著提高匿名属性基加密机制中的解密效率。同时,可证明方案在双线性判定性假设下的安全性。

关键词: 属性基加密, 隐藏访问策略, 隐私, 匿名

Abstract:

Attribute-based encryption (ABE) scheme takes attributes as the public key and associates the ciphertext and user’s secret key with attributes, so that it can support expressive access control policies. This dramatically reduces the cost of network bandwidth and sending node operation in fine-grained access control of data sharing. Anonymous ABE, which is a relevant notion to ABE, further hides the receivers’ attribute information in ciphertexts because many attributes are sensitive and related to the identity of eligible users. In the anonymous ABE scheme, a user repeats decryption attempts as he doesn’t know whether the attributes match the policy, the computation overhead of each decryption is high and unnecessary.This paper proposes a new anonymous attribute-based encryption scheme which supports attribute matching-test, users can run the attribute matching-test algorithm to judge whether the set of attributes meet the ciphertext access policy without decrypting ciphertext.In this construction, the computation cost of such a test is much less than one decryption attempt.The proposed construction is proven to be secure on decisional bilinear Diffie-Hellman assumption.In addition,the result indicates that the proposed construction can significantly improve the efficiency of decryption.

Key words: attribute-based encryption, hidden access policy, privacy, anonymous

中图分类号:

TP309

连科, 赵泽茂, 贺玉菊. 属性匹配检测的匿名CP-ABE机制[J]. 信息网络安全, 2014, 14(10): 59-63.

LIAN Ke, ZHAO Ze-mao, HE Yu-ju. Anonymous Attribute-based Encryption Supporting Attribute Matching-Test[J]. Netinfo Security, 2014, 14(10): 59-63.

图/表 2

参考文献 16

[1]	Ostrovsky R, Sahai A, Waters B.Attribute-Based encryption with non-monotonic access structures[C]// Proc. of the ACM Conf. on Computer and Communications Security, 2007:195-203.
[2]	Pirretti M, Traynor P, McDaniel P, et al. Secure attribute-based systems[J]. Journal of Computer Security, 2010, 18(5): 799-837.
[3]	Traynor P, Butler K, Enck W, etal. Realizing massive-scale conditional access systems through attribute-based cryptosystems[C]// Proc. of the 15th Annual Network and Distributed System Security Symp. (NDSS 2008), 2008: 1-13.
[4]	Stinson D.R.著.密码学原理与实践(第二版)[M]. 冯登国译. 北京: 电子工业出版社,2003 .
[5]	Cheung L, Cooley JA, Khazan R, et al. Collusion-Resistant group key management using attribute-based encryption[EB/OL]..
[6]	Lai J Z,Deng R H, Li Y J.Expressive CP-ABE with partially hidden access structures[C]// Proceedings of the 7th ACM Symposium on Information Computer and Communications Security, 2012: 18-19.
[7]	Baden R, Bender A, Spring N, et al.Persona: An online social network with user-defined privacy[C]//SIGCOMM '09 Proceedings of the ACM SIGCOMM 2009 conference on Data communication, 2009: 135-146.
[8]	Sahai A, Waters B.Fuzzy identity-based encryption[C]// Cramer R, ed. Advances in Cryptology-EUROCRYPT 2005, 2005: 457-473.
[9]	Goyal V, Pandey O, Sahai A, et al.Attribute-Based encryption for fine-grained access control of encrypted data[C]//CCS’06 Proceedings of the 13th ACM conference on Computer and communications security, 2006:89-98.
[10]	Bethencourt J, Sahai A, Waters B.Ciphertext-Policy attribute-based encryption[C]//Proc. of the 2007 IEEE Symp. on Security and Privacy, 2007:321-334.
[11]	Kapadia A, Tsang P P, Smith S W.Attribute-Based publishing with hidden credentials and hidden policies[C]// Proc. of the 14th Annual Network and Distributed System Security Symp. (NDSS 2007), 2007:179-192.
[12]	Cheung L, Newport C.Provably secure ciphertext policy ABE[C]//Proc. of the ACM Conf. on Computer and Communications Security, 2007: 456-465.
[13]	Yu S C, Ren K, Lou W J.Attribute-Based content distribution with hidden policy[C]//Proc. of the 4th Workshop on Secure Network Protocols (NPSec), 2008: 39-44.
[14]	Yu S C, Ren K, Lou W J.Attribute-Based on-demand multicast group setup with membership anonymity[J]. Computer Networks, 2010, 54(3): 377-386.
[15]	Nishide T, Yoneyama K, Ohta K.Attribute-Based encryption with partially hidden encryptor-specified access structures[C]//Proc. of the Applied Cryptography and Network Security, 2008:111-129.
[16]	Lai J, Deng R H, Li Y.Fully secure cipertext-policy hiding CP-ABE[C]//Information Security Practice and Experience, 2011:24-39.

属性匹配检测的匿名CP-ABE机制

Anonymous Attribute-based Encryption Supporting Attribute Matching-Test

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 2

参考文献 16

相关文章 15

编辑推荐

Metrics

本文评价

[1]	问闻, 刘钦菊, 邝琳, 任雪静. 隐私保护体系下网络威胁情报共享的研究现状和方案设计[J]. 信息网络安全, 2024, 24(7): 1129-1137.
[2]	刘一丹, 马永柳, 杜宜宾, 程庆丰. 一种车联网中的无证书匿名认证密钥协商协议[J]. 信息网络安全, 2024, 24(7): 983-992.
[3]	罗铭, 詹骐榜, 邱敏蓉. 面向V2I通信的异构跨域条件隐私保护环签密方案[J]. 信息网络安全, 2024, 24(7): 993-1005.
[4]	李增鹏, 王思旸, 王梅. 隐私保护近邻检测研究[J]. 信息网络安全, 2024, 24(6): 817-830.
[5]	尹春勇, 贾续康. 基于策略图的三维位置隐私发布算法研究[J]. 信息网络安全, 2024, 24(4): 602-613.
[6]	傅彦铭, 陆盛林, 陈嘉元, 覃华. 基于深度强化学习和隐私保护的群智感知动态任务分配策略[J]. 信息网络安全, 2024, 24(3): 449-461.
[7]	何业锋, 权家辉, 刘妍. 基于混合区块链的位置隐私保护方案[J]. 信息网络安全, 2024, 24(2): 229-238.
[8]	宋玉涵, 祝跃飞, 魏福山. 一种基于AdaBoost模型的区块链异常交易检测方案[J]. 信息网络安全, 2024, 24(1): 24-35.
[9]	许可, 李嘉怡, 蒋兴浩, 孙锬锋. 一种基于轮廓稀疏对抗的视频步态隐私保护算法[J]. 信息网络安全, 2024, 24(1): 48-59.
[10]	赵佳, 杨博凯, 饶欣宇, 郭雅婷. 基于联邦学习的Tor流量检测算法设计与实现[J]. 信息网络安全, 2024, 24(1): 60-68.
[11]	徐茹枝, 戴理朋, 夏迪娅, 杨鑫. 基于联邦学习的中心化差分隐私保护算法研究[J]. 信息网络安全, 2024, 24(1): 69-79.
[12]	尹春勇, 蒋奕阳. 基于个性化时空聚类的差分隐私轨迹保护模型[J]. 信息网络安全, 2024, 24(1): 80-92.
[13]	赖成喆, 赵益宁, 郑东. 基于同态加密的隐私保护与可验证联邦学习方案[J]. 信息网络安全, 2024, 24(1): 93-105.
[14]	刘芹, 王卓冰, 余纯武, 王张宜. 面向云安全的基于格的高效属性基加密方案[J]. 信息网络安全, 2023, 23(9): 25-36.
[15]	丁江, 张国艳, 魏子重, 王梅. 面向多源异构数据融合的隐私集合求交研究[J]. 信息网络安全, 2023, 23(8): 86-98.