信息网络安全 ›› 2021, Vol. 21 ›› Issue (4): 21-30.doi: 10.3969/j.issn.1671-1122.2021.04.003
收稿日期:
2020-12-08
出版日期:
2021-04-10
发布日期:
2021-05-14
通讯作者:
张乐友
E-mail:lyzhang@mail.xidian.edu.cn
作者简介:
游文婷(1994—),女,山西,博士研究生,主要研究方向为匿名属性基加密|张乐友(1977—),男,山东,教授,博士,主要研究方向为公钥密码、隐私保护及信息安全|叶亚迪(1996—),女,山东,硕士研究生,主要研究方向为匿名加密|李晖(1968—),男,河南,教授,博士,主要研究方向为密码与信息安全、信息论与编码理论
基金资助:
YOU Wenting1, ZHANG Leyou1(), YE Yadi1, LI Hui2
Received:
2020-12-08
Online:
2021-04-10
Published:
2021-05-14
Contact:
ZHANG Leyou
E-mail:lyzhang@mail.xidian.edu.cn
摘要:
云计算和物联网的快速发展使多用户信息共享机制备受关注,然而当用户将个人数据上传到云服务器与不同用户共享时,未经授权的用户和不可信的第三方云服务提供商会窥探这些隐私数据,对数据安全和用户隐私构成严重威胁。此外,多用户共享机制还存在访问控制不灵活、用户撤销和动态管理等问题。为了解决这些问题,文章结合属性基加密与广播加密技术提出一种动态广播加密机制。该方案在保证数据安全的同时,利用不经意传输协议,实现了接收者的匿名,保护了用户隐私。此外,该方案还支持新用户随时动态加入系统,且不影响原用户在系统中的解密能力,并实现了用户撤销和快速解密。性能分析表明,该方案较已有方案在安全性和效率方面有明显优势。
中图分类号:
游文婷, 张乐友, 叶亚迪, 李晖. 多用户通信机制中支持隐私保护的属性基动态广播加密[J]. 信息网络安全, 2021, 21(4): 21-30.
YOU Wenting, ZHANG Leyou, YE Yadi, LI Hui. Privacy-preserving Attribute-based Dynamic Broadcast Encryption Mechanism in Multi-user Communication System[J]. Netinfo Security, 2021, 21(4): 21-30.
表2
其他性能比较
方案 | 公钥长度 | 密钥长度 | 密文长度 | 解密代价 |
---|---|---|---|---|
文献[ | $(2m+n+2)|G|$ | $(2n+5)|G|$ | $4|G|+|{{G}_{T}}|$ | $11p$ |
文献[ | $(2m+8n+3)|G|$ | $(4n+2)|G|$ | $(4n+3)|G|+|{{G}_{T}}|$ | $2p$ |
文献[ | $(m+n+2)|G|+|{{G}_{T}}|$ | $(m+n+1)|{{G}_{{{p}_{3}}}}|$ | $(2l+2)|G|+|{{G}_{T}}|$ | $(2|I|+2)p$ |
本文方案 | $6|G|+|{{G}_{T}}|$ | $(n+3)|G|$ | $(l+2+m)|{{G}_{{{p}_{3}}}}|+|{{G}_{T}}|$ | $4p$ |
[1] | BONEH D, GOH E J, NISSIM K. Evaluating 2-DNF Formulas on Ciphertexts[M]// Springer. Theory of Cryptography. Heidelberg: Springer, 2005: 325-341. |
[2] | OSTROVSKY R, SAHAI A, WATERS B. Attribute-based Encryption with Non-monotonic Access Structures[C]// ACM. The 14th ACM Conference on Computer and Communications Security, October 29-November 2, 2007, Alexandria Virginia, USA. New York: ACM, 2007: 195-203. |
[3] | LAI Junzuo, DENG R H, LI Yingjiu, et al. Fully Secure Key-policy Attribute-based Encryption with Constant-size Ciphertexts and Fast Decryption[C]// ACM. The 9th ACM Symposium on Information, Computer and Communications Security, June 4-6, 2014, Kyoto, Japan. New York: ACM, 2014: 239-248. |
[4] | BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy Attribute-based Encryption[C]// IEEE. IEEE Symposium on Security & Privacy, May 20-23, 2007, Berkeley, CA, USA. NJ: IEEE, 2007: 321-334. |
[5] | CHEUNG L, NEWPORT C. Provably Secure Ciphertext Policy ABE[C]// ACM. The 14th ACM Conference on Computer and Communications Security, October 29-November 2, 2007, Alexandria Virginia, USA. New York: ACM, 2007: 456-465. |
[6] | FIAT A, NAOR M. Broadcast Encryption[M]// Springer. Advances in Cryptology — CRYPTO' 93. Heidelberg: Springer, 1993: 480-491. |
[7] | BONEH D, GENTRY C, WATERS B. Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys[M]// Springer. Advances in Cryptology-CRYPTO 2005. Heidelberg: Springer, 2005: 258-275. |
[8] | CÉCILE Delerablée, PAILLIER P, POINTCHEVAL D. Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys[M]// Springer. Pairing-based Cryptography-Pairing 2007. Heidelberg: Springer, 2007: 39-59. |
[9] | LEWKO A, SAHAI A, WATERS B. Revocation Systems with Very Small Private Keys[C]// IEEE. 2010 IEEE Symposium on Security and Privacy, May 16-19, 2010, Berkeley, Oakland, CA, USA. NJ: IEEE, 2010: 273-285. |
[10] |
CHEN Liqing, LI Jiguo, ZHANG Yichen. Adaptively Secure Efficient Broadcast Encryption with Constant-size Secret key and Ciphertext[J]. Soft Computing, 2019,24(8):4589-4606.
doi: 10.1007/s00500-019-04219-5 URL |
[11] | ACHARYA K. Secure and Efficient Public Key Multi-channel Broadcast Encryption Schemes[EB/OL]. https://www.sciencedirect.com/science/article/abs/pii/S2214212619301899d, 2020-10-30 |
[12] |
RAO Y S. A Secure and Efficient Ciphertext-policy Attribute-based Signcryption for Personal Health Records Sharing in Cloud Computing[J]. Future Generations Computer Systems, 2017,67(2):133-151.
doi: 10.1016/j.future.2016.07.019 URL |
[13] |
LI Jiguo, YAO Wei, ZHANG Yichen, et al. Flexible and Fine-grained Attribute-based Data Storage in Cloud Computing[J]. IEEE Transactions on Services Computing, 2017,10(5):785-796.
doi: 10.1109/TSC.2016.2520932 URL |
[14] | NISHIDE T, YONEYAMA K, OHTA K. Attribute-based Encryption with Partially Hidden Encryptor-specified Access Structures[M]// Springer. Applied Cryptography and Network Security. Heidelberg: Springer, 2008: 111-129. |
[15] |
ZHANG Leyou, HU Gongcheng, MU Yi, et al. Hidden Ciphertext Policy Attribute-based Encryption with Fast Decryption for Personal Health Record System[J]. IEEE Access, 2019,7(3):33202-33213.
doi: 10.1109/ACCESS.2019.2902040 URL |
[16] | ZHANG Yinghui, CHEN Xiaofeng, LI Jin, et al. Anonymous attribute-based Encryption Supporting Efficient Decryption Test[C]// ACM. The 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, May 8-10, 2013, Hangzhou, China. New York: ACM, 2013: 511-516. |
[17] |
ZHANG Yichen, LI Jiguo, HAO Yan. Constant Size Ciphertext Distributed CP-ABE Scheme with Privacy Protection and Fully Hiding Access Structure[J]. IEEE Access, 2019,7(9):47982-47990.
doi: 10.1109/Access.6287639 URL |
[18] | WANG Zhiwei, HE Mingjun, CP-ABE with Hidden Policy from Waters Efficient Construction[EB/OL]. https://dl.acm.org/doi/abs/10.1155/2016/3257029, 2016-01-28. |
[19] | PHUONG T V X, YANG Guomin, SUSILO W. Hidden Ciphertext Policy Attribute-based Encryption Under Standard Assumptions[J]. IEEE Transactions on Information Forensics & Security, 2016,11(1):35-45. |
[20] | KATZ J, K, SAHAI A, WATERS B. Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products[M]// Springer. Advances in Cryptology-EUROCRYPT. Heidelberg: Springer, 2008: 146-162. |
[21] | SHI E, WATERS B. Delegating Capabilities in Predicate Encryption Systems[M]// Springer. Automata, Languages and Programming. Heidelberg: Springer, 2008: 560-578. |
[22] | LUBICZ D, SIRVENT T. Attribute-based Broadcast Encryption Scheme Made Efficient[M]// Springer. Progress in Cryptology-AFRICACRYPT 2008. Heidelberg: Springer, 2008: 325-342. |
[23] | ATTRAPADUNG N, IMAI H. Conjunctive Broadcast and Attribute-based Encryption[M]// Springer. Pairing-based Cryptography-Pairing 2009. Heidelberg: Springer, 2009: 248-265. |
[24] |
CANARD S, PHAN D H, TRINH V C. Attribute-based Broadcast Encryption Scheme for Lightweight Devices[J]. IET Information Security, 2017,12(1):52-59.
doi: 10.1049/ise2.v12.1 URL |
[25] | PHUONG T V X, YANG Guomin, SUSILO W, et al. Attribute-based Broadcast Encryption with Short Ciphertext and Decryption Key[M]// Springer. Computer Security-ESORICS 2015. Cham: Springer, 2015: 252-269. |
[26] | CANARD S, TRINH V C. Constant-size Ciphertext Attribute-based Encryption from Multi-channel Broadcast Encryption[M]// Springer. Information Systems Security. Cham: Springer, 2016: 193-211. |
[27] | ZHOU Zhibin, HUANG Dijiang. On Efficient Ciphertext-policy Attribute-based Encryption and Broadcast Encryption[J]. IEEE Transactions on Computers, 2010,2010(1):753-755. |
[28] |
ZHOU Zhibin, HUANG Dijiang, WANG Z. Efficient Privacy-preserving Ciphertext-policy Attribute-based Encryption and Broadcast Encryption[J]. IEEE Transactions on Computers, 2015,64(1):126-138.
doi: 10.1109/TC.2013.200 URL |
[29] |
XIONG Hu, ZHANG Hao, SUN Jianfei. Attribute-based Privacy-preserving Data Sharing for Dynamic Groups in Cloud Computing[J]. IEEE systems journal, 2019,13(3):2739-2750.
doi: 10.1109/JSYST.4267003 URL |
[30] | KUMAR G S, KRISHNA A S. Privacy Sustaining Constant Length Ciphertext-policy Attribute-based Broadcast Encryption: Methods and Protocols[EB/OL]. https://www.researchgate.net/publication/330434647_Privacy_Sustaining_Constant_Length_Ciphertext-Policy_Attribute-Based_Broadcast_Encryption_Methods_and_Protocols, 2020-10-29. |
[31] | LEWKO A, OKAMOTO T, SAHAI A, et al. Fully Secure Functional Encryption: Attribute-based Encryption and (Hierarchical) Inner Product Encryption[M]// Springer. Advances in Cryptology-EUROCRYPT 2010. Heidelberg: Springer, 2010: 62-91. |
[32] | LI Qingyi, ZHANG Fengli. A Fully Secure Attribute-based Broadcast Encryption Scheme[J]. International Journal of Network Security, 2015,17(3):263-271. |
[1] | 王湘懿, 张健. 基于图像和机器学习的虚拟化平台异常检测[J]. 信息网络安全, 2020, 20(9): 92-96. |
[2] | 边曼琳, 王利明. 云环境下Docker容器隔离脆弱性分析与研究[J]. 信息网络安全, 2020, 20(7): 85-95. |
[3] | 刘渊, 乔巍. 云环境下基于Kubernetes集群系统的容器网络研究与优化[J]. 信息网络安全, 2020, 20(3): 36-44. |
[4] | 白嘉萌, 寇英帅, 刘泽艺, 查达仁. 云计算平台基于角色的权限管理系统设计与实现[J]. 信息网络安全, 2020, 20(1): 75-82. |
[5] | 任良钦, 王伟, 王琼霄, 鲁琳俪. 一种新型云密码计算平台架构及实现[J]. 信息网络安全, 2019, 19(9): 91-95. |
[6] | 余奕, 吕良双, 李肖坚, 王天博. 面向移动云计算场景的动态网络拓扑描述语言[J]. 信息网络安全, 2019, 19(9): 120-124. |
[7] | 王紫璇, 吕良双, 李肖坚, 王天博. 基于共享存储的OpenStack虚拟机应用分发策略[J]. 信息网络安全, 2019, 19(9): 125-129. |
[8] | 崔艳鹏, 冯璐铭, 闫峥, 蔺华庆. 基于程序切片技术的云计算软件安全模型研究[J]. 信息网络安全, 2019, 19(7): 31-41. |
[9] | 葛新瑞, 崔巍, 郝蓉, 于佳. 加密云数据上支持可验证的关键词排序搜索方案[J]. 信息网络安全, 2019, 19(7): 82-89. |
[10] | 田春岐, 李静, 王伟, 张礼庆. 一种基于机器学习的Spark容器集群性能提升方法[J]. 信息网络安全, 2019, 19(4): 11-19. |
[11] | 赵谱, 崔巍, 郝蓉, 于佳. 一种针对El-Gamal数字签名生成的安全外包计算方案[J]. 信息网络安全, 2019, 19(3): 81-86. |
[12] | 张振峰, 张志文, 王睿超. 网络安全等级保护2.0云计算安全合规能力模型[J]. 信息网络安全, 2019, 19(11): 1-7. |
[13] | 冯新扬, 沈建京. 一种基于Yarn云计算平台与NMF的大数据聚类算法[J]. 信息网络安全, 2018, 18(8): 43-49. |
[14] | 陶源, 黄涛, 张墨涵, 黎水林. 网络安全态势感知关键技术研究及发展趋势分析[J]. 信息网络安全, 2018, 18(8): 79-85. |
[15] | 张琦, 林喜军, 曲海鹏. 云计算中支持授权相等测试的基于身份加密方案[J]. 信息网络安全, 2018, 18(6): 52-60. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||