基于区块链且支持数据共享的密文策略隐藏访问控制方案

doi:10.11959/j.issn.1000-436x.2022119

摘要/Abstract

摘要：

目的：传统的属性基加密方案虽然实现了一对多的访问控制，但仍存在单点故障、效率低下、不支持数据共享以及隐私泄露等挑战。为了解决这些问题，提出了一种基于区块链且支持数据共享的密文策略隐藏访问控制方案。

方法：首先使用向量压缩技术提出了一种高效的属性向量和策略向量生成算法，通过属性向量和策略向量的内积运算结果来判断用户属性是否满足访问策略。之后利用素数阶双线性群和属性加密技术，实现细粒度访问控制的同时避免了用户属性值的泄露；利用星际文件系统存储密文并通过智能合约将密文的哈希地址存储在区块链上，实现分布式且可信赖的访问控制的同时降低了区块链的存储开销；通过撤销合约维护撤销列表的方式实现了撤销功能，避免了用户私钥滥用的问题，最后结合代理重加密技术实现了数据共享。

结果：对方案进行了安全性分析和仿真实验结果分析。首先，基于非对称决策双线性假设，证明了方案在访问控制阶段以及数据共享阶段的密文不可区分性，其次将本文方案与近几年一些所用技术相近的访问控制方案分别从群的阶、访问结构、策略隐藏等方面进行了功能特性对比，从对比结果可以看出，本文方案在功能特性上有一定的优势，之后评估了在区块链上部署合约以及执行相关函数的花费，结果表明本文方案的gas花费均在合理范围之内，最后仿真实验结果表明本文方案在访问控制阶段以及数据共享阶段都具有较高的效率。根据现有论文对比实验的设计，我们将属性个数设置为0-20个。在访问控制阶段，分别从初始化时间、密钥生成时间、加密时间、解密时间与其他方案进行对比分析，结果显示，本文方案虽然在初始化阶段的计算开销较大，但是在密钥生成阶段、加密阶段、解密阶段的效率均高于其他三个方案，因此本文方案在访问控制阶段具有较高的效率。在数据共享阶段，分别从重加密时间以及重解密时间与其他方案进行对比分析，结果表明，本文方案在重加密阶段和重解密阶段都具有较高的效率。本文方案在解密阶段和重解密阶段具有恒定的配对次数，因此解密时间和重解密时间较小并且随着属性个数的增加变化不明显。

结论：本文构建的基于区块链且支持数据共享的密文策略隐藏访问控制方案解决了传统属性基加密方案中存在的单点故障、效率低下、不支持数据共享以及隐私泄露等问题。首先本文提出的属性向量和策略向量生成算法不仅支持正负号与门访问结构，而且通过拓展可以支持多属性值与门访问结构。其次利用以太坊和星际文件系统实现了密文的分布式管理，之后使用素数阶双线性群提高了双线性对的配对效率并通过结合代理重加密技术实现了数据共享。

关键词: 属性基加密, 策略隐藏, 区块链, 数据共享, 属性撤销

Abstract:

Objectives: Although the traditional attribute-based encryption scheme achieves one-to-many access control,there are still challenges such as single point of failure,low efficiency,no support for data sharing,and privacy leakage.To solve these problems,a ciphertext policy hidden access control scheme based on blockchain and supporting data sharing is proposed.

Methods:Firstly,an efficient attribute vector and policy vector generation algorithm is proposed using vector compression technology, which judges whether user attributes satisfy the access policy through the inner product operation result of attribute vector and policy vector.Afterwards, the prime order bilinear group and attribute encryption technology were used to achieve fine-grained access control while avoiding the leakage of user attribute values; using the interstellar file system to store the ciphertext and storing the hash address of the ciphertext on the blockchain through a smart contract,it realizes distributed and reliable access control and reduces the storage overhead of the blockchain. The revocation function is realized by maintaining the revocation list in the revocation contract,which avoids the abuse of the user's private key.Finally, data sharing is realized by combining the proxy re-encryption technology.

Results: Security analysis and simulation result analysis is carried out for the scheme. Firstly, based on the asymmetric decisional bilinear Diffie-Hellman,the ciphertext indistinguishability of the scheme in the access control phase and the data sharing phase is proved. Secondly, the proposed scheme is compared with some access control schemes with similar technologies in recent years in terms of group order,access structure,policy hiding and so on,it can be seen from the comparison results that the scheme in this paper has certain advantages in terms of functional characteristics.Afterwards,the cost of deploying contracts and executing related functions on the blockchain is evaluated.The results show that the gas cost of the scheme in this paper is within a reasonable range.The final simulation results show that the proposed scheme has high efficiency in both the access control stage and the data sharing stage.According to the design of the existing paper comparative experiments,we set the number of attributes to 0-20.In the access control stage, the initialization time, key generation time, encryption time and decryption time are compared with other schemes.The results show that although the computational overhead of the proposed scheme is relatively large in the initialization stage, the efficiency in the key generation stage, encryption stage and decryption stage is higher than that of the other three schemes, so the proposed scheme has higher efficiency in the access control stage.In the data sharing stage, the re-encryption time and re-decryption time are compared with other schemes, respectively. The results show that the proposed scheme has high efficiency in both the re-encryption stage and the re-decryption stage.The scheme in this paper has a constant number of pairings in the decryption stage and the re-decryption stage,so the decryption time and the re-decryption time are small and the changes are not obvious with the increase of the number of attributes.

Conclusions: The ciphertext policy hiding access control scheme based on blockchain and supporting data sharing constructed in this paper solves the problems of single point of failure, low efficiency, non-support for data sharing and privacy leakage in traditional attribute-based encryption schemes.Firstly,the attribute vector and policy vector generation algorithm proposed in this paper not only supports AND-gates on+/-,but also supports AND-gates on multi-valued attributes by extension. Secondly, the distributed management of ciphertext is realized by using Ethereum and Interstellar file system.Afterwards,the use of prime order bilinear groups improves the pairing efficiency of bilinear pairs and realizes data sharing by combining proxy re-encryption technology.

Key words: attribute-based encryption, policy hidden, blockchain, data sharing, attribute revocation

中图分类号:

TP309

杜瑞忠, 张添赫, 石朋亮. 基于区块链且支持数据共享的密文策略隐藏访问控制方案[J]. 通信学报, 2022, 43(6): 168-178.

Ruizhong DU, Tianhe ZHANG, Pengliang SHI. Ciphertext policy hidden access control scheme based on blockchain and supporting data sharing[J]. Journal on Communications, 2022, 43(6): 168-178.

图/表 9

表1

图1

表2

表3

表5

表4

图2

表6

图3

参考文献 20

[1]	BERTRAND Y , BOUDAOUD K , RIVEILL M . What do you think about your company’s leaks? A survey on end-users perception toward data leakage mechanisms[J]. Frontiers in Big Data, 2020,8: 568257.
[2]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// Proceedings of 2007 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2007: 321-334.
[3]	BUTUN I , ?STERBERG P , . A review of distributed access control for blockchain systems towards securing the Internet of things[J]. IEEE Access, 2021,9: 5428-5441.
[4]	XU G W , LI H W , DAI Y S ,et al. Enabling efficient and geometric range query with access control over encrypted spatial data[J]. IEEE Transactions on Information Forensics and Security, 2019,14(4): 870-885.
[5]	BOURAS M A , XIA B M , ABUASSBA A O ,et al. IoT-CCAC:a blockchain-based consortium capability access control approach for IoT[J]. PeerJ Computer Science, 2021,7:e455.
[6]	SHAFEEQ S , ALAM M , KHAN A . Privacy aware decentralized access control system[J]. Future Generation Computer Systems, 2019,101: 420-433.
[7]	ZHANG Y C , LI J G , YAN H . Constant size ciphertext distributed CP-ABE scheme with privacy protection and fully hiding access structure[J]. IEEE Access, 2019,7: 47982-47990.
[8]	YU J X , HE G H , YAN X X ,et al. Outsourced ciphertext-policy attribute-based encryption with partial policy hidden[C]// Information Security and Cryptology. Berlin:Springer, 2019: 448-467.
[9]	SAINI A , ZHU Q Y , SINGH N ,et al. A smart-contract-based access control framework for cloud smart healthcare system[J]. IEEE Internet of Things Journal, 2021,8(7): 5914-5925.
[10]	ZHANG Y Y , YUTAKA M , SASABE M ,et al. Attribute-based access control for smart cities:a smart-contract-driven framework[J]. IEEE Internet of Things Journal, 2021,8(8): 6372-6384.
[11]	PHUONG T V X , YANG G M , SUSILO W . Hidden ciphertext policy attribute-based encryption under standard assumptions[J]. IEEE Transactions on Information Forensics and Security, 2016,11(1): 35-45.
[12]	王悦, 樊凯 . 隐藏访问策略的高效CP-ABE方案[J]. 计算机研究与发展, 2019,56(10): 2151-2159.
	WANG Y , FAN K . Effective CP-ABE with hidden access policy[J]. Journal of Computer Research and Development, 2019,56(10): 2151-2159.
[13]	GAN T Y , LIAO Y J , LIANG Y K ,et al. Partial policy hiding attribute-based encryption in vehicular fog computing[J]. Soft Computing, 2021,25(16): 10543-10559.
[14]	ZHANG W , ZHANG Z S , XIONG H ,et al. PHAS-HEKR-CP-ABE:partially policy-hidden CP-ABE with highly efficient key revocation in cloud data sharing system[J]. Journal of Ambient Intelligence and Humanized Computing, 2022,13(1): 613-627.
[15]	HAO J L , HUANG C , NI J B ,et al. Fine-grained data access control with attribute-hiding policy for cloud-based IoT[J]. Computer Networks, 2019,153: 1-10.
[16]	ARKIN G , HELIL N . Ciphertext-policy attribute based encryption with selectively-hidden access policy[J]. Computing and Informatics, 2021,40(5): 1136-1159.
[17]	ZENG P , ZHANG Z T , LU R X ,et al. Efficient policy-hiding and large universe attribute-based encryption with public traceability for Internet of medical things[J]. IEEE Internet of Things Journal, 2021,8(13): 10963-10972.
[18]	GAO J T , YU H Y , ZHU X Q ,et al. Blockchain-based digital rights management scheme via multiauthority ciphertext-policy attributebased encryption and proxy re-encryption[J]. IEEE Systems Journal, 2021,15(4): 5233-5244.
[19]	张小红, 孙岚岚 . 属性代理重加密的区块链密文云存储共享研究[J]. 系统仿真学报, 2020,32(6): 1009-1020.
	ZHANG X H , SUN L L . Attribute proxy re-encryption for ciphertext storage sharing scheme on blockchain[J]. Journal of System Simulation, 2020,32(6): 1009-1020.
[20]	PAUL A , SELVI S S D , RANGAN C P . Efficient attribute-based proxy re-encryption with constant size ciphertexts[C]// Progress in Cryptology - INDOCRYPT 2020. Berlin:Springer, 2020: 644-665.

用户属性	描述	用户			访问策略
用户属性	描述	Alice	Bob	carol	P₁	P₂
U₁	CS	+	-	+	-	+
U₂	CE	-	+	+	+	-
U₃	Faculty	+	-	+	-	*
U₄	Student	-	+	+	+	*

向量元素	取值
a₀	12
a₁	-7
a₂	1
Π	(1-3)(1-4)+(2-3)(2-4)

向量元素	+	-	u_j
u₀	1⁰+3⁰	2⁰+4⁰	4
u₁	1¹+3¹	2¹+4¹	10
u₂	1²+3²	2²+4²	30

区块链操作	gas消耗量
部署授权合约	286 352
部署撤销合约	288 549
撤销离职用户	29 394
存储密文信息	25 984

方案	群的阶	访问结构	策略隐藏	非对称配对	访问撤销	区块链	数据共享
文献[13]方案	素数	线性秘密共享	部分隐藏	×	×	×	×
文献[14]方案	素数	线性秘密共享	部分隐藏	×	√	×	×
文献[16]方案	素数	线性秘密共享	部分隐藏	×	×	×	×
本文方案	素数	正负号与门	完全隐藏	√	√	√	√