通信学报 ›› 2015, Vol. 36 ›› Issue (12): 1-221.doi: 10.11959/j.issn.1000-436x.2015327

• 数据安全 •    下一篇

支持动态策略更新的半策略隐藏属性加密方案

应作斌,马建峰,崔江涛   

  1. 西安电子科技大学 计算机学院,陕西 西安 710071
  • 出版日期:2015-12-25 发布日期:2017-07-17
  • 基金资助:
    国家自然科学基金资助项目;国家自然科学基金资助项目;国家自然科学基金资助项目;国家自然科学基金资助项目;国家高技术研究发展计划(“863”计划)基金资助项目;教育部留学回国人员科研启动计划基金资助项目

Partially policy hidden CP-ABE supporting dynamic policy updating

Zuo-bin YING,Jian-feng MA,Jiang-tao CUI   

  1. School of Computer Science and Technology,Xidian University,Xi’an 710071,China
  • Online:2015-12-25 Published:2017-07-17
  • Supported by:
    The National Natural Science Foundation of China;The National Natural Science Foundation of China;The National Natural Science Foundation of China;The National Natural Science Foundation of China;The National High Technology Research and Development Program (863 Program);SRF for ROCS,SEM and the Fundamental Research Funds for the Central Universities

摘要:

基于密文策略的属性加密被认为适用于云存储的环境,但当数据拥有者需要更新访问策略时,现有的更新方式因受数据的规模和属性集的大小的限制,会使数据拥有者增加相应的计算开销和通信开销。同时,以明文形式存放在云端的访问策略也会造成用户数据的隐私泄露。针对以上2个问题,提出了一种支持动态策略更新的半策略隐藏属性加密方案,使用所提方案进行策略更新时,用户的计算开销减少,大量的计算由云服务器承担。由于使用了半策略隐藏,用户的具体属性值不会泄露给其他任何第三方,有效保护了用户的隐私。此外,所提方案可以支持任何形式的策略更新,在标准模型下证明了方案是自适应选择明文攻击(CPA)安全的。

关键词: 密文策略属性加密, 动态策略更新, 半策略隐藏, 标准模型, 自适应选择明文攻击安全

Abstract:

Ciphertext-policy attribute-based encryption (CP-ABE) was considered to be appropriate for cloud storage.However,under traditional CP-ABE scheme which was limited in terms of the scale of the data and the quantities of the attributes,computation and communication costs would be introduced correspondingly whenever the data owner wants to update the policy.Moreover,the policy which was stored in the form of plaintext would also result in privacy leakage.Aiming at tackling the above two problems,a novel scheme called partially policy hidden CP-ABE supporting dynamic policy updating (DPUPH-CP-ABE) was proposed.Through utilizing proposed scheme,the computation cost will be reduced,especially on user side,leaving the most computational work to the cloud server.Meanwhile,the value of the user’s attributes will never be revealed to any third parties,and the users’ privacy will be effectively preserved.Besides,the scheme is proved to be adaptively chosen plaintext attack (CPA) secure in the standard model and can support any types of policy updating.

Key words: ciphertext-policy ABE, dynamic policy updating, partially policy hidden, standard model, adaptive chosen plaintext attack secure