云计算多授权中心CP-ABE代理重加密方案

doi:10.11959/j.issn.2096-109x.2022033

摘要/Abstract

摘要：

代理重加密技术可使代理在不知道明文的条件下实现密文访问策略转换，这使代理重加密成为用户之间进行数据分享的重要技术。然而，代理重加密方案大多数是在单授权中心下构建的，存在授权机构权限大、易出现性能瓶颈和用户的计算开销大等问题。同时，大多数方案不满足代理重加密应具备的5个基本特性：单向性、可控性、非交互性、可重复性与可验证性。为解决以上问题，提出支持重复可控特性的云计算多授权中心CP-ABE（ciphertext-policy attribute-based encryption）代理重加密方案。在密文策略属性加密方案的基础上，引入代理加密和代理解密服务器从而减小用户客户端的计算开销，设置多个属性授权中心来分散中央机构权限。对代理重加密技术进行改进：在重加密密钥中设置随机因子和密文子项来实现单向性和可控性；设置的重加密密钥由客户端独立生成，不需要其他服务器参与，可实现非交互性，即可在数据拥有者为不在线状态时也可以进行数据分享；在初始密文中设置密文子项，对其多次加密即可实现重复性；在初始密文中设置验证子项，用户可验证外包以及重加密结果正确与否。通过与其他方案对比发现，所提方案的用户客户端计算开销较小，用户只需进行常数次的指数运算即可对原始密文解密，且安全性分析表明，所提方案基于q-parallel BDHE假设，在标准模型下可抵抗选择密文攻击。

关键词: 重复性, 可控性, 云计算, 多授权中心, 代理重加密

Abstract:

Proxy re-encryption allows a proxy to convert a ciphertext related to a certain access policy into another one with a different access policy without uncovering the underlying plaintext, which makes the proxy re-encryption technology to be an important technology for data sharing between users.However, the proxy re-encryption schemes are mostly based on single authority, which have some problems such as single power and performance bottleneck of the authority organization and high computing burden on user’s client.At the same time, most schemes do not have the five basic characteristics of proxy re-encryption: one-way encryption, non-interaction, repeatability, controllability and verifiability.In order to solve these problems, a CP-ABE proxy re-encryption scheme for cloud computing based on multi-authority with repeatability and controllability was proposed.Based on the ciphertext policy attribute encryption scheme, proxy servers of encryption and decryption were introduced to reduce the computing burden on the user’s client, and multi-attribute authorization were set to disperse the authority of the central authority.The proxy re-encryption was improved from multiple aspects.Random factors and ciphertext sub-item set in the re-encryption key can realize one-way encryption and controllability.The re-encryption key was independently generated by the client without the participation of servers, which can support users to share data when the data owner is not online.Encrypting the ciphertext sub-item set in the initial ciphertext many times can achieve repeatability.The verification sub-item set in the initial ciphertext allowed the user to verify whether the outsourcing and re-encryption results were correct.Compared with other schemes, the user’s client computing overhead of the proposed scheme was small, and the user can decrypt the original ciphertext only by performing constant times of exponential operation.Based on q-parallel BDHE assumption, the security analysis showed that the proposed scheme is secure against chosen-ciphertext attack (CCA) under the standard model.

Key words: repeatability, controllability, cloud computing, multi-authority, proxy re-encryption

中图分类号:

TP309

刘尚, 郭银章. 云计算多授权中心CP-ABE代理重加密方案[J]. 网络与信息安全学报, 2022, 8(3): 176-188.

Shang LIU, Yinzhang GUO. Multi-authority based CP-ABE proxy re-encryption scheme for cloud computing[J]. Chinese Journal of Network and Information Security, 2022, 8(3): 176-188.

图/表 4

图1

图2

表1

各阶段用户客户端计算开销Table 1 Comparison of computing overhead on user’s client"

方案	加密	原始密文解密	重加密密钥	重加密密文解密
Liang^[5]	$(3 + 4 N_{p}) E_{G} + 2 E_{T}$	$\begin{array}{l} (2 + 3 N_{p}) E_{G} + (1 + N_{p}) E_{T} + \\ (7 + 3 N_{p}) B \end{array}$	$(6 + 4 N_{p} + N_{s}) E_{G} + 2 E_{T}$	$\begin{array}{l} 4 E_{G} + (3 + N_{p}) E_{T} + \\ (3 + 2 N_{p}) B \end{array}$
Liang^[15]	$(5 + 3 N_{p}) E_{G} + E_{T} + sig$	$\begin{array}{l} (1 + 2 N_{p}) E_{G} + N_{p} E_{T} + \\ (10 + 3 N_{p}) B + sig \end{array}$	$\begin{array}{l} (14 + 3 N_{p} + 2 N_{s}) E_{G} + \\ E_{T} + sig \end{array}$	$\begin{array}{l} (2 + 6 N_{p}) E_{G} + E_{T} + \\ (16 + 6 N_{p}) B + 2 sig \end{array}$
Luo^[23]	$(2 + 2 N_{p}) E_{G} + E_{T}$	$N_{p} E_{T} + (1 + 2 N_{p}) B$	$(4 + 2 N_{p}) E_{G} + E_{T}$	$(1 + N_{p}) E_{T} + (1 + 2 N_{p}) B$
Yang^[22]	$(2 + 2 N_{p}) E_{G} + E_{T}$	—	$(4 + 2 N_{p}) E_{G} + E_{T}$	$E_{T}$
Feng^[4]	$(7 + N_{p}) E_{G} + E_{T}$	$3 E_{T}$	$(10 + N_{P}) E_{G} + E_{T}$	$4 E_{T} + B$
Ge^[24]	$(4 + 2 N_{p}) E_{G} + E_{T}$	$(1 + 2 N) B$	$(5 + 3 N_{p}) E_{G} + E_{T}$	$(1 + 2 N) B + E_{G}$
本文方案	$(5 + 2 N_{p}) E_{G} + E_{T}$	$E_{G} + E_{T}$	$(8 + 2 N_{p}) E_{G} + E_{T}$	$2 E_{T} + E_{G} + B$

表1

表2

私钥与密文存储开销对比Table 2 Comparison of storage efficiency of private key and ciphertext"

方案	私钥	原始密文	重加密密文
Liang^[5]	$(2 + N_{S}) \| G \|$	$(3 + 2 N_{p}) \| G \| + 2 k$	$(6 + 4 N_{p}) \| G \| + 4 k$
Liang^[15]	$(3 + N_{S}) \| G \|$	$(4 + 2 N_{p}) \| G \| + \| G_{T} \|+\|sig\|$	$(3 + 2 N_{p}) \| G \| + \| G_{T} \| + \| sig \| + \| sym\|$
Luo^[23]	$(2 + 3 N_{S}) \| G \|$	$(2 +2 N_{p}) \| G \| +\| G_{T} \|$	$(1 +2 N_{p}) \| G \| +2\| G_{T} \|+ N_{s} \| G \|$
Yang^[22]	$(2 +2 N_{s}) \| G \|$	$4 \| G \| +\| G_{T} \|$	$(1 + 2 N_{p}) \| G \| {+2\|G}_{T} \|$
Feng^[4]	$(4 +2 N_{s}) \| G \|$	$(5 +2 N_{p}) \| G \| + \| G_{T} \|$	$(7 +2 N_{p}) \| G \| + 3 \| G_{T} \|$
Ge^[24]	$(2 + N_{s}) \| G \|$	$(3 +2 N_{p}) \| G \|$	$(2 +2 N_{p}) \| G \| + 3 \| G_{T} \|$
本文方案	$(1 + N_{s}) \| G \|$	$(4 +2 N_{p}) \| G \|$	$(5 +2 N_{p}) \| G \| + \| G_{T} \|$

表2

参考文献 26

[1]	张玉清, 王晓菲, 刘雪峰 ,等. 云计算环境安全综述[J]. 软件学报, 2016,27(6): 1328-1348.
	ZHANG Y Q , WANG X F , LIU X F ,et al. Survey on cloud computing security[J]. Journal of Software, 2016,27(6): 1328-1348.
[2]	SUN P J . Privacy protection and data security in cloud computing:a survey,challenges and solutions[J]. IEEE Access, 2019,(99): 1.
[3]	BLAZE M . Divertible protocols and atomic proxy cryptography[J]. EUROCRYPT, 1998: 127-144.
[4]	王悦, 樊凯 . 隐藏访问策略的高效CP-ABE方案[J]. 计算机研究与发展, 2019,56(10): 2151-2159.
	WANG Y , FAN K . Effective CP-ABE with hidden access policy[J]. Journal of Computer Research and Development, 2019,56(10): 2151-2159.
[5]	冯朝胜, 罗王平, 秦志光 ,等. 支持多种特性的基于属性代理重加密方案[J]. 通信学报, 2019,40(6): 177-189.
	FENG CS , LUO W P , QIN Z G ,et al. Attribute-based proxy re-encryption scheme with multiple features[J]. Journal on Communications, 2019,40(6): 177-189.
[6]	LIANG K , FANG L , SUSILO W ,et al. A ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security[C]// Proceedings of the 2013 5th International Conference on Intelligent Networking and Collaborative Systems, 2013.
[7]	沈剑, 周天祺, 曹珍富 . 云数据安全保护方法综述[J]. 计算机研究与发展, 2021,58(10): 2079-2098.
	SHEN J , ZHOU T Q , CAO Z F . Protection methods for cloud data security[J]. Journal of Computer Research and Development, 2021,58(10): 2079-2098.
[8]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// Proceedings of the 2007 IEEE Symposium on Security and Privacy (SP '07). 2007.
[9]	苏铓, 吴槟, 付安民 ,等. 基于代理重加密的云数据访问授权确定性更新方案[J]. 软件学报, 2020,31(5): 1563-1572.
	SU M , WU B , FU A M ,et al. Assured update scheme of authorization for could data access based on proxy re-encryption[J]. Journal of Software, 2020,31(5): 1563-1572.
[10]	牛淑芬, 陈俐霞, 刘文科 ,等. 电子邮件系统中支持关键字搜索的代理重加密方案[J]. 计算机工程, 2020,46(6): 136-143.
	NIU S F , CHEN L X , LIU W K ,et al. Proxy re-encryption scheme supporting keyword search in email system[J]. Computer Engineering, 2020,46(6): 136-143.
[11]	牛淑芬, 刘文科, 陈俐霞 ,等. 基于联盟链的可搜索加密电子病历数据共享方案[J]. 通信学报, 2020,41(8): 204-214.
	NIU S F , LIU W K , CHEN L X ,et al. Electronic medical record data sharing scheme based on searchable encryption via consortium blockchain[J]. Journal on Communications, 2020,41(8): 204-214.
[12]	FUGKEAW S . A lightweight policy update scheme for outsourced personal health records sharing[J]. IEEE Access, 2021,9: 54862-54871.
[13]	LUO F , AL-KUWARI S , WANG F ,et al. Attribute-based proxy re-encryption from standard lattices[J]. Theoretical Computer Science, 2021,865: 52-62.
[14]	江明明, 郭宇燕, 余磊 ,等. 有效的标准模型下格上基于身份的代理重加密[J]. 电子与信息学报, 2019,41(1): 61-66.
	JIANG M M , GUO Y Y , YU L ,et al. Efficient identity-based proxy re-encryption on lattice in the standard model[J]. Journal of Electronics ＆ Information Technology, 2019,41(1): 61-66.
[15]	LIANG X H C Z F , LIN H , ET AL . Attribute based proxy re-encryption with delegating capabilities[C]// Proceedings of the ACM Symposium on Information,Computer and Communications Security. 2009.
[16]	LIANG K , AU M H , LIU J K ,et al. A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing[J]. Future Generation Computer Systems, 2015,52: 95-108.
[17]	KAWAI Y , . Outsourcing the re-encryption key generation:flexible ciphertext-policy attribute-based proxy re-encryption[C]// Information Security Practice and Experience. 2015: 301-315.
[18]	GE C , SUSILO W , FANG L ,et al. A CCA-secure key-policy attribute-based proxy re-encryption in the adaptive corruption model for dropbox data sharing system[J]. Designs Codes ＆ Cryptography, 2018.
[19]	CHASE M , . Multi-authority attribute based encryption[C]// Proceedings of the Lecture Notes in Computer Science. 2007.
[20]	CHEN D , WAN L , WANG C ,et al. A Multi-authority attributebased encryption scheme with pre-decryption[Z]. Seventh International Symposium on Parallel Architectures,Algorithms and Programming (PAAP). 2015: 223-228.
[21]	关志涛, 杨亭亭, 徐茹枝 ,等. 面向云存储的基于属性加密的多授权中心访问控制方案[J]. 通信学报, 2015,36(6): 120-130.
	GUAN Z T , YANG T T , XU R Z ,et al. Multi-authority attribute-based encryption access control model for cloud storage[J]. Journal on Communications, 2015,36(6): 120-130.
[22]	仲红, 崔杰, 朱文龙 ,等. 高效且可验证的多授权机构属性基加密方案[J]. 软件学报, 2018,29(7): 2006-2017.
	ZHONG H , CUI J , ZHU W L ,et al. Efficient and verifiable multi-authority attribute based encryption scheme[J]. Journal of Software, 2018,29(7): 2006-2017.
[23]	杨小东, 杨苗苗, 刘婷婷 ,等. 基于多授权中心属性基加密的多域云访问控制方案[J]. 计算机工程与科学, 2018,40(7): 1192-1198.
	YANG X D , YANG M M , LIU T T ,et al. A multi-domain access control scheme based on multi-authority attribute encryption for cloud storage[J]. Computer Engineering ＆Science, 2018,40(7): 1192-1198.
[24]	罗恩韬, 王国军, 陈淑红 ,等. 移动社交网络中跨域代理重加密朋友发现隐私保护方案研究[J]. 通信学报, 2017,38(10): 81-93.
	LUO E T , WANG G J ,, CHEN S H , et al . Privacy preserving friend discovery cross domain scheme using re-encryption in mobile social networks[J]. Journal on Communications, 2017,38(10): 81-93.
[25]	GE C , SUSILO W , BAEK J ,et al. A verifiable and fair attribute-based proxy re-encryption scheme for data sharing in clouds[J]. IEEE Transactions on Dependable and Secure Computing, 2021:1.
[26]	GUO H , ZHANG Z , XU J ,et al. Accountable proxy re-encryption for secure data sharing[J]. IEEE Transactions on Dependable and Secure Computing, 2021,18(1): 145-159.

方案	私钥	原始密文	重加密密文
Liang^[5]	$(2 + N_{S}) \| G \|$	$(3 + 2 N_{p}) \| G \| + 2 k$	$(6 + 4 N_{p}) \| G \| + 4 k$
Liang^[15]	$(3 + N_{S}) \| G \|$	$(4 + 2 N_{p}) \| G \| + \| G_{T} \|+\|sig\|$	$(3 + 2 N_{p}) \| G \| + \| G_{T} \| + \| sig \| + \| sym\|$
Luo^[23]	$(2 + 3 N_{S}) \| G \|$	$(2 +2 N_{p}) \| G \| +\| G_{T} \|$	$(1 +2 N_{p}) \| G \| +2\| G_{T} \|+ N_{s} \| G \|$
Yang^[22]	$(2 +2 N_{s}) \| G \|$	$4 \| G \| +\| G_{T} \|$	$(1 + 2 N_{p}) \| G \| {+2\|G}_{T} \|$
Feng^[4]	$(4 +2 N_{s}) \| G \|$	$(5 +2 N_{p}) \| G \| + \| G_{T} \|$	$(7 +2 N_{p}) \| G \| + 3 \| G_{T} \|$
Ge^[24]	$(2 + N_{s}) \| G \|$	$(3 +2 N_{p}) \| G \|$	$(2 +2 N_{p}) \| G \| + 3 \| G_{T} \|$
本文方案	$(1 + N_{s}) \| G \|$	$(4 +2 N_{p}) \| G \|$	$(5 +2 N_{p}) \| G \| + \| G_{T} \|$