支持访问更新的可验证外包属性加密方案

doi:10.11959/j.issn.2096-109x.2019005

网络与信息安全学报 ›› 2019, Vol. 5 ›› Issue (1): 37-49.doi: 10.11959/j.issn.2096-109x.2019005

• 专栏：密码攻防技术研究及应用探索 • 上一篇下一篇

支持访问更新的可验证外包属性加密方案

林素青()

天津财经大学理工学院，天津 300222

修回日期:2018-12-26 出版日期:2019-02-01 发布日期:2019-04-10
作者简介:林素青（1982- ），女，浙江温州人，博士，天津财经大学讲师，主要研究方向为信息安全、密码学。
基金资助:
天津市教委科研计划项目“支持动态策略更新的可搜索属性加密技术研究”(2017KJ237)

Verifiable outsourced attribute-based encryption with access update

Suqing LIN()

Institute of Science and Technology,Tianjin University of Finance and Economics,Tianjin 300222,China

Revised:2018-12-26 Online:2019-02-01 Published:2019-04-10
Supported by:
Scientific Research Plan Project of Tianjin Municipal Education Commission “Research on Searchable Attribute-Based Encryption Technology with Dynamic Policy Update”(2017KJ237)

摘要/Abstract

摘要：

为满足公共云存储加密数据安全可靠的访问需求，提出支持访问更新的可验证外包属性加密方案。以经典的KP-ABE方案为基础，通过巧妙的算法设计实现方案的外包解密和密文访问权限可更新功能，同时支持外包计算的可验证性，确保第三方服务器诚实可靠地执行算法过程。在标准模型下证明方案关于原始密文和更新密文均具有选择 IND-CPA 安全性，并具备弱主私钥安全性和外包计算的验证可靠性。与同类方案相比，实现了功能、安全性和效率的协同优化。

关键词: 属性加密, 外包解密, 访问更新, 验证可靠性

Abstract:

In order to meet the secure and reliable access requirements for the encrypted data stored in the public cloud,a verifiable outsourced attribute-based encryption scheme with access update was proposed.Based on a standard KP-ABE scheme,verifiable outsourced decryption and verifiable access update for a ciphertext through novel constructions for the scheme were obtained.The verifiability of the outsourced computation ensures that the third-party service may perform algorithms honestly.The scheme has selective IND-CPA security for the original and updated ciphertexts,weak master private key security,and verification soundness in the standard model were proved,respectively.Compared with similar schemes from literatures,the proposed scheme can achieve tradeoff in the optimization of functionality,security and efficiency.

Key words: attribute-based encryption, outsourced decryption, access update, verification soundness

中图分类号:

TP309.7

林素青. 支持访问更新的可验证外包属性加密方案[J]. 网络与信息安全学报, 2019, 5(1): 37-49.

Suqing LIN. Verifiable outsourced attribute-based encryption with access update[J]. Chinese Journal of Network and Information Security, 2019, 5(1): 37-49.

图/表 3

参考文献 13

[1]	SAHAI A , WATERS B . Fuzzy identity-based encryption[C]// Advances in Cryptology-Eurocrypt 2005,Springer. 2005: 457-473.
[2]	GOYAL V , PANDEY O , SAHAI A , WATERS B . Attribute-based encryption for fine-grained access control of encrypted data[C]// The 13th ACM Conference on Computer and Communications Security. 2006: 89-98.
[3]	HOHENBERGER S , WATERS B . Attribute-based encryption with fast decryption[C]// Public-Key Cryptography-PKC 2013. 2013: 162-179.
[4]	WATERS B , . Ciphertext-policy attribute-based encryption:an expressive,efficient,and provably secure realization[C]// Public Key Cryptography-PKC 2011. 2011: 53-70.
[5]	GREEN M , HOHENBERGER S , WATERS B . Outsourcing the decryption of ABE ciphertexts[C]// USENIX Security Symposium. 2011.
[6]	LAI J , DENG R H , GUAN C , WENG J . Attribute-based encryption with verifiable outsourced decryption[J]. IEEE Transactions on Information Forensics and Security, 2013,8(8): 1343-1354.
[7]	LIN S , ZHANG R , MA H , WANG M . Revisiting attribute-based encryption with verifiable outsourced decryption[J]. IEEE Transactions on Information Forensics and Security, 2015,10(10): 2119-2130.
[8]	MAO X , LAI J , MEI Q , CHEN K ,et al. Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption[J]. IEEE Transactions on Dependable and Secure Computing, 2016(1).
[9]	MA H , ZHANG R , WAN Z ,et al. Verifiable and exculpable outsourced attribute-based encryption for access control in cloud computing[J]. IEEE Transactions on Dependable and Secure Computing, 2017,14(6): 679-692.
[10]	LIANG X , CAO Z , LIN H ,et al. Attribute based proxy re-encryption with delegating capabilities[C]// The 4th International Symposium on Information,Computer,and Communications Security. 2009: 276-286.
[11]	LUO S , HU J , CHEN Z . Ciphertext policy attribute-based proxy re-encryption[C]// The 12th Information and Communications Security(ICICS 2010). 2010: 401-415.
[12]	LIANG K , SUSILO W . Searchable attribute-based mechanism with efficient data sharing for secure cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2015,10(9): 1981-1992.
[13]	SHAO J , LU R , LIN X . Fine-grained data sharing in cloud computing for mobile devices[C]// 2015 IEEE Conference on Computer Communications (INFOCOM). 2015: 2677-2685.

方案	数据安全性	是否支持访问更新	是否支持外包解密	外包计算是否可验证
文献[5]方案	选择IND-CPA(RO)	×	√	×
文献[7]方案	选择IND-CPA	×	√	×
文献[10]方案	选择IND-CPA	√	×	×
文献[12]方案	选择IND-CCA(RO)	√	×	×
本文方案	选择IND-CPA	√	√	√

方案	Enc（用户）	UP.KGen（用户）	UP.Dec（服务器）	OT.KGen（服务器）	OT.Dec（服务器）	VF.Dec（用户）
文献[5]方案	(n′+2)E	—	—	2m E	2m′E+(m′+1)P	E
文献[7]方案	(n′+4)E	—	—	(σ+2)mE	2m′E+2 P	3E
文献[10]方案	(n+3)E	(3n+4)E	(n+1)P	—	—	(n+2)P
文献[12]方案	(n′+7)E	(σ+1)m E+(n′+8)E	(2m′+n′)E+6E+9P	—	—	(4m′+14)E+8 P
本文方案	(n′+5)E	(σ+4)m E+(n′+2)E	3m′E+3 P	(σ+2)mE	2m′E+2 P	4E

支持访问更新的可验证外包属性加密方案

Verifiable outsourced attribute-based encryption with access update

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 3

参考文献 13

相关文章 7

Metrics

推荐阅读 0

[1]	金琳, 田有亮. 基于区块链的多权限属性隐藏电子病历共享方案[J]. 网络与信息安全学报, 2022, 8(4): 66-76.
[2]	张兴兰,崔遥. 基于群签名的属性加密方案[J]. 网络与信息安全学报, 2019, 5(1): 15-21.
[3]	李洋,刘江华,伍玮. 支持丰富访问控制策略的群组协作密文策略属性基加密[J]. 网络与信息安全学报, 2017, 3(5): 54-61.
[4]	王佳慧,刘川意,方滨兴. 基于细粒度授权的物联网搜索数据隐私保护方案[J]. 网络与信息安全学报, 2017, 3(1): 13-22.
[5]	冯涛,殷潇雨. 基于属性加密的云存储隐私保护机制研究[J]. 网络与信息安全学报, 2016, 2(7): 8-17.
[6]	林素青. 支持策略更新的外包属性加密[J]. 网络与信息安全学报, 2016, 2(5): 39-49.
[7]	张亮轩,李晖. 云计算中支持有效用户撤销的多授权方基于属性加密方案[J]. 网络与信息安全学报, 2016, 2(2): 62-74.