基于区块链的可验证可撤销属性加密方案

doi:10.3969/j.issn.1671-1122.2024.06.005

摘要/Abstract

摘要：

针对电子医疗系统在数据共享中存在的隐私泄露与用户权限管理问题，以及云存储服务器可能返回不完整、不正确的密文结果，文章提出了一种基于区块链的可验证可撤销属性加密方案。该方案利用密文策略属性加密技术，确保了电子病历系统中共享数据的机密性，实现了隐私数据的细粒度访问控制。同时，利用变色龙哈希函数设计了用户撤销算法，使得非授权用户无法继续访问共享数据。此外，利用密码累加器设计了结果验证算法，交由部署在区块链上的智能合约执行，确保了云服务器返回给用户数据的正确性与完整性。在安全性方面，证明了该方案的密文信息在选择明文攻击下是不可区分的。最后，使用JPBC密码库和Hyperledger Fabric区块链平台对文章所提方案与同类方案进行模拟仿真，结果表明该方案在密钥生成、加解密及用户撤销阶段均具有较高的计算效率。

关键词: 区块链, 属性加密, 数据共享, 外包解密, 用户撤销

Abstract:

In view of the issues of privacy leakage and user rights management in data sharing in electronic medical systems, and the fact that cloud storage servers may return incomplete and incorrect ciphertext results, this paper proposed a verifiable and revocable attribute encryption scheme based on blockchain. This solution used ciphertext-policy attribute-based encryption technology to ensure the confidentiality of shared data in the electronic medical record system and achieve fine-grained access control of private data. At the same time, a user revocation algorithm was designed using the chameleon hash function so that unauthorized users cannot continue to access shared data. In addition, a result verification algorithm was designed using a cryptographic accumulator, which was executed by a smart contract deployed on the blockchain to ensure the correctness and integrity of the data returned to the user by the cloud server. In terms of security, it is proved that the ciphertext information of this scheme was indistinguishable under a chosen plaintext attack. Finally, the JPBC cryptographic library and Hyperledger Fabric blockchain platform were used to simulate the scheme proposed in this article and similar schemes. The results show that this scheme has high computational efficiency in the key generation, encryption, decryption and user revocation stages.

Key words: blockchain, attribute-based encryption, data sharing, outsourced decryption, user revocation

中图分类号:

TP309

郭瑞, 杨鑫, 王俊茗. 基于区块链的可验证可撤销属性加密方案[J]. 信息网络安全, 2024, 24(6): 863-878.

GUO Rui, YANG Xin, WANG Junming. Verifiable and Revocable Attribute Encryption Scheme Based on Blockchain[J]. Netinfo Security, 2024, 24(6): 863-878.

图/表 16

图1

图2

表1

表2

表3

表4

表5

图3

图4

图5

图6

图7

表6

图8

图9

图10

参考文献 34

[1]	SUN Jianfei, XU Guowen, ZHANG Tianwei, et al. Share Your Data Carefree: An Efficient, Scalable and Privacy-Preserving Data Sharing Service in Cloud Computing[J]. IEEE Transactions on Cloud Computing, 2023, 11(1): 822-838.
[2]	LIU Jingwei, FAN Yue, SUN Rong, et al. Blockchain-Aided Privacy-Preserving Medical Data Sharing Scheme for E-Healthcare System[J]. IEEE Internet of Things Journal, 2023, 10(24): 21377-21388.
[3]	DENG Hua, QIN Zheng, WU Qianhong, et al. Achieving Fine-Grained Data Sharing for Hierarchical Organizations in Clouds[J]. IEEE Transactions on Dependable and Secure Computing, 2023, 20(2): 1364-1377.
[4]	SAHAI A, WATERS B. Fuzzy Identity-Based Encryption[C]// Springer. Advances in Cryptology - Eurocrypt 2005. Heidelberg: Springer, 2005: 457-473.
[5]	BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-Policy Attribute-Based Encryption[C]// IEEE. Proceedings of The IEEE Symposium on Security and Privacy. New York: IEEE, 2007: 321-334.
[6]	GOYAL V, PANDEY O, SAHAI A, et al. Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data[C]// ACM. Proceedings of the 13th ACM Conference on Computer and Communications Security. New York: ACM, 2006: 89-98.
[7]	THUSHARA G A, BHANU S M. A Survey on Secured Data Sharing Using Ciphertext-Policy Attribute-Based Encryption in Cloud[C]// IEEE.Proceedings of the 8th International Conference on Smart Computing and Communications (ICSCC). New York: IEEE, 2021: 170-177.
[8]	ZHONG Hong, ZHOU Yiyuan, ZHANG Qinyang, et al. An Efficient and Outsourcing-Supported Attribute-Based Access Control Scheme for Edge-Enabled Smart Healthcare[J]. Future Generation Computer Systems, 2021, 115: 486-496.
[9]	GREEN M, HOHENBERGER S, WATERS B. Outsourcing the Decryption of ABE Ciphertexts[C]// USENIX. Proceedings of the 20th Usenix Conference on Security. Berlin:USENIX, 2011: 1-16.
[10]	LI Li, ZHU Jiangwen, YANG Chunyan. Overview of Research on the Revocable Mechanism of Attribute-Based Encryption[J]. Netinfo Security, 2023, 23(4): 39-50.
	李莉, 朱江文, 杨春艳. 基于属性加密的可撤销机制研究综述[J]. 信息网络安全, 2023, 23(4): 39-50.
[11]	LI Tian, WANG huaqun, HE Debiao, et al. Blockchain-Based Privacy-Preserving and Rewarding Private Data Sharing for IoT[J]. IEEE Internet of Things Journal, 2022, 9(16): 15138-15149.
[12]	OLIVEIRA M T D, REIS L H A, VERGINADIS Y, et al. Smartaccess: Attribute-Based Access Control System for Medical Records Based on Smart Contracts[J]. IEEE Access, 2022(10): 117836-117854.
[13]	KRAWCZYK H, RABIN T. Chameleon Signatures[C]// NDSS. Proceedings of The Network and Distributed Systems Security Symposium (NDSS). New York: NDSS, 2000: 143-154.
[14]	QIN Baodong, DENG R H, LIU Shengli, et al. Attribute-Based Encryption with Efficient Verifiable Outsourced Decryption[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(7): 1384-1393.
[15]	WANG Huaqun, HE Debiao, HAN Jinguang. VOD-ADAC: Anonymous Distributed Fine-Grained Access Control Protocol with Verifiable Outsourced Decryption in Public Cloud[J]. IEEE Transactions on Services Computing, 2020, 13(3): 572-583.
[16]	QIU Tie, CHI Jiancheng, ZHOU Xiaobo, et al. Edge Computing in Industrial Internet of Things: Architecture, Advances and Challenges[J]. IEEE Communications Surveys & Tutorials, 2020, 22(4): 2462-2488.
[17]	ZHONG Hong, ZHOU Yiyuan, ZHANG Qingyang, et al. An Efficient and Outsourcing-Supported Attribute-Based Access Control Scheme for Edge-Enabled Smart Healthcare[J]. Future Generation Computer Systems, 2021, 115: 486-496.
[18]	ZHANG Wenfang, CHEN Zhen, LIU Xudong, et al. CP-ABE Scheme Supporting Fine-Grained Attribute Direct Revocation[J]. Journal of Software, 2019, 30(9): 2760-2771.
	张文芳, 陈桢, 刘旭东, 等. 支持细粒度属性直接撤销的CP-ABE方案[J]. 软件学报, 2019, 30(9):2760-2771.
[19]	SUN Lei, ZHAO Zhiyuan, WANG Jianhua, et al. Attribute-Based Encryption Scheme Supporting Attribute Revocation in Cloud Storage Environment[J]. Journal on Communications, 2019, 40(5): 47-56. doi: 10.11959/j.issn.1000-436x.2019116
	孙磊, 赵志远, 王建华, 等. 云存储环境下支持属性撤销的属性基加密方案[J]. 通信学报, 2019, 40(5):47-56. doi: 10.11959/j.issn.1000-436x.2019116
[20]	RAMU G, REDDY B E, JAYANTHI A, et al. Fine-Grained Access Control of EHRs in Cloud Using CP-ABE with User Revocation[J]. Health and Technology, 2019, 9(4): 487-96.
[21]	WEI Jianghong, CHEN Xiaofeng, HUANG Xinyi, et al. RS-HABE: Revocable-Storage and Hierarchical Attribute-Based Access Scheme for Secure Sharing of E-Health Records in Public Cloud[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(5): 2301-2315.
[22]	GUO Yuyan, LU Zhenhua, GE Hui, et al. Revocable Blockchain-Aided Attribute-Based Encryption with Escrow-Free in Cloud Storage[J]. IEEE Transactions on Computers, 2023, 72(7): 1901-1912.
[23]	LIU Jingwei, LI Xiaolu, YE Lin, et al. BPDS: A Blockchain Based Privacy-Preserving Data Sharing for Electronic Medical Records[C]// IEEE. Global Communications Conference. New York: IEEE, 2018: 1-6.
[24]	FAN Kai, PAN Qiang, ZHANG Kuan, et al. A Secure and Verifiable Data Sharing Scheme Based on Blockchain in Vehicular Social Networks[J]. IEEE Transactions on Vehicular Technology, 2020, 69(6): 5826-5835.
[25]	YAN Guanchen, JIANG Shunrong, LI Shengli, et al. Secure and Efficient Fuzzy Search for EHR Sharing Based on Consortium Blockchain[J]. Journal of Cryptologic Research, 2022, 9(5): 805-819.
[26]	WANG Zhiwei, CHEN Qinging, LIU Lei. Permissioned Blockchain-Based Secure and Privacy-Preserving Data Sharing Protocol[J]. IEEE Internet of Things Journal, 2023, 10(12): 10698-10707.
[27]	BEIMEL A. Secure Schemes for Secret Sharing and Key Distribution[EB/OL]. [2024-01-06]. https://www.researchgate.net/publication/243781866_Secure_Schemes_for_Secret_Sharing_and_Key_Distribution.
[28]	ROUSELAKIS Y, WATERS B. Practical Constructions and New Proof Methods for Large Universe Attribute-Based Encryption[C]// ACM.Proceedings of the 2013 ACM Conference on Computer & Communications Security. New York: ACM, 2013: 463-474.
[29]	BENALOH J, MARE M D. One-Way Accumulators: A Decentralized Alternative to Digital Signatures[C]// Springer. Advances in Cryptology—EUROCRYPT. Heidelberg: Springer, 2001: 274-285.
[30]	DE C A, IOVINO V. JPBC: Java Pairing Based Cryptography[C]// IEEE. 2011 IEEE Symposium on Computers and Communications (ISCC), New York: IEEE, 2011: 850-855.
[31]	DE S J, RUJ S. Efficient Decentralized Attribute-Based Access Control for Mobile Clouds[J]. IEEE Transactions on Cloud Computing, 2017, 8(1): 124-37.
[32]	MA Hui, ZHANG Rui, SUN Shuzhou, et al. Server-Aided Fine-Grained Access Control Mechanism with Robust Revocation in Cloud Computing[J]. IEEE Transactions on Services Computing, 2019, 15(1): 164-73.
[33]	ZHAO Jing, ZENG Peng, CHOO K K R. An Efficient Access Control Scheme with Outsourcing and Attribute Revocation for Fog-Enabled E-health[J]. IEEE Access, 2021, 9: 13789-13799.
[34]	FAN Kai, XU Huiyue, GAO Longxiang, et al. Efficient and Privacy Preserving Access Control Scheme for Fog-Enabled IoT[J]. Future Generation Computer Systems, 2019, 99: 134-142. doi: 10.1016/j.future.2019.04.003

符号	含义
$\left\| {{Z}_{p}}^{*} \right\|/\left\| {{G}_{1}} \right\|/\left\| {{G}_{2}} \right\|$	群${{Z}_{p}}^{*}/{{G}_{1}}/{{G}_{2}}$的大小
$n$	与数据使用者相关的属性数量
$\left\| I \right\|$	满足访问策略的属性数量
$P$	一次双线性映射运算
$E$	一次指数运算
$M$	一次点乘运算
$H$	一次哈希运算
√	该方案支持此功能
×	该方案不支持此功能
—	该方案不适用

方案功能	文献[31]方案	文献[32]方案	文献[33] 方案	文献[34] 方案	本文方案
用户撤销	×	√	√	×	√
外包解密	√	√	√	√	√
外包结果验证	×	×	√	×	√
智能合约	×	×	×	×	√

方案算法开销	文献[31] 方案	文献[32] 方案	文献[33]方案	文献[34] 方案	本文方案
用户密钥大小	$2n\left\| {{G}_{1}} \right\|$	$\begin{matrix} \left( 2n+2 \right)\left\| {{G}_{1}} \right\| \\ +n\left\| {{Z}_{p}}^{*} \right\| \\ \end{matrix}$	$\left( n+3 \right)\left\| {{G}_{1}} \right\|$	$n\left\| {{G}_{1}} \right\|$	$n\left\| {{G}_{1}} \right\|$
转换密钥大小	$\left( n+2 \right)\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$\begin{matrix} \left( 2n+2 \right)\left\| {{G}_{1}} \right\|+ \\ n\left\| {{Z}_{p}}^{*} \right\| \\ \end{matrix}$	$\left( n+3 \right)\left\| {{G}_{1}} \right\|$	$\left( n+3 \right)\left\| {{G}_{1}} \right\|$	$2n\left\| {{G}_{1}} \right\|$
密文大小	$\begin{align} & 3\left\| I \right\|\left\| {{G}_{1}} \right\|+(2\left\| I \right\|+ \\ & 2)\left\| {{G}_{2}} \right\|+2\left\| I \right\|\left\| {{Z}_{p}}^{*} \right\| \\ \end{align}$	$\begin{matrix} \left( 3\left\| I \right\|+1 \right)\left\| {{G}_{1}} \right\| \\ +\left\| {{G}_{2}} \right\| \\ \end{matrix}$	$\begin{matrix} \left( 2\left\| I \right\|+2 \right)\left\| {{G}_{1}} \right\| \\ +\left\| {{G}_{2}} \right\| \\ \end{matrix}$	$\begin{align} & \left( 3\left\| I \right\|+2 \right)\left\| {{G}_{1}} \right\| \\ & +\left\| {{G}_{2}} \right\|+\left\| {{Z}_{p}}^{*} \right\| \\ \end{align}$	$\begin{matrix} 2\left\| I \right\|\left\| {{G}_{1}} \right\|+ \\ \left\| {{G}_{2}} \right\| \\ \end{matrix}$
转换密文大小	$2\left\| {{G}_{2}} \right\|$	$2\left\| {{G}_{2}} \right\|$	$2\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$\left\| {{G}_{2}} \right\|$	$\left\| {{G}_{2}} \right\|$

方案算法	文献[31] 方案	文献[32] 方案	文献[33] 方案	文献[34] 方案	本文方案
用户密钥生成	$2nE$	$\left( 4n+3 \right)E$	$\begin{align} & \left( n+3 \right)E+ \\ & M+nH \\ \end{align}$	$\begin{align} & \left( n+1 \right)E+ \\ & nM+nH \\ \end{align}$	$\begin{align} & P+\left( n+1 \right)E \\ & +nM+nH \\ \end{align}$
转换密钥生成	$\left( 2n+2 \right)E$	$\left( 2n+2 \right)E$	$\left( n+3 \right)E$	$4E+M$	$\left( n+1 \right)E$
加密	$\begin{align} & \left( 3\left\| I \right\|+1 \right)P \\ & +\left( 9\left\| I \right\|+1 \right)E \\ \end{align}$	$\begin{align} & P+(5\left\| I \right\|+ \\ & 2)E \\ \end{align}$	$\begin{align} & P+(2\left\| I \right\|+ \\ & 2)E+(\left\| I \right\|+ \\ & 2)M+\left\| I \right\|H \\ \end{align}$	$\begin{align} & \left\| I \right\|P+\left( 2\left\| I \right\|+4 \right)E \\ & +2\left\| I \right\|M+H \\ \end{align}$	$\begin{align} & P+3\left\| I \right\|E+ \\ & \left\| I \right\|M \\ \end{align}$
外包解密	$3\left\| I \right\|P+5\left\| I \right\|E$	$\begin{align} & \left( 3\left\| I \right\|+1 \right)P \\ & +\left( \left\| I \right\|+1 \right)E \\ \end{align}$	$\begin{align} & \left( 2\left\| I \right\|+2 \right)P+ \\ & 2\left\| I \right\|E+ \\ & \left( 2\left\| I \right\|+1 \right)M \\ \end{align}$	$\begin{align} & \left( \left\| I \right\|+2 \right)P+ \\ & \left\| I \right\|E+\left\| I \right\|M \\ \end{align}$	$2\left\| I \right\|P+2\left\| I \right\|E$
用户解密	$E$	$E$	$P+E$	$E$	$E$
用户撤销	—	$\begin{align} & nP+(2n+ \\ & 2)E \\ \end{align}$	$\begin{align} & \left( n+1 \right)E+ \\ & 2nM+nH \\ \end{align}$	—	$P+\left( n+1 \right)E$

Smart Contract	Gas (×10⁵)
FTC	1.69866
RVC	0.57436
RRC	1.02490