前向安全的密文策略基于属性加密方案

doi:10.3969/j.issn.1000-436x.2014.07.005

通信学报 ›› 2014, Vol. 35 ›› Issue (7): 38-45.doi: 10.3969/j.issn.1000-436x.2014.07.005

• 论文Ⅰ：密码算法与安全协议 • 上一篇下一篇

前向安全的密文策略基于属性加密方案

魏江宏,刘文芬,胡学先

解放军信息工程大学数学工程与先进计算国家重点实验室，河南郑州 450001

出版日期:2014-07-25 发布日期:2017-06-24
基金资助:
国家重点基础研究发展计划（“973”计划）基金资助项目;国家重点基础研究发展计划（“973”计划）基金资助项目;中国博士后基金资助项目

Forward-secure ciphertext-policy attribute-based encryption scheme

EIJiang-hong W,IUWen-fen L,UXue-xian H

State Key Laboratory of Mathematical Engineering and Advanced Computing, PLA Information Engineering University, Zhengzhou 450001, China

Online:2014-07-25 Published:2017-06-24
Supported by:
The National Basic Research Program of China (973 Program);The National Basic Research Program of China (973 Program);China Post-doctoral Science Foundation

摘要/Abstract

摘要：

为降低密文策略基于属性加密（CP-ABE, ciphertext-policy attribute-based encryption）体制中私钥泄漏带来的损害，首先给出了前向安全CP-ABE体制的形式化定义和安全模型，然后构造了一个前向安全的CP-ABE方案。基于判定性l-BDHE假设，给出了所提方案在标准模型下的安全性证明。从效率和安全性2个方面讨论了所提方案的性能，表明所提方案在增强CP-ABE体制安全性的同时，并没有过多地增加计算开销和存储开销，更适合在实际中应用。

关键词: 前向安全, 私钥泄漏, 基于属性加密, 可证明安全

Abstract:

To mitigate the damage of key exposure in the context of ciphertext-policy attribute-based encryption (CP-ABE). The syntax and security model of forward-secure CP-ABE was presented. Then, a concreted forward-secure CP-ABE scheme was constructed. Under the l-BDHE assumption, the proposed scheme was proved secure in the stan-dard model. Furthermore, the performance of the proposed scheme was discussed in terms of security and efficiency. The results demonstrate that the proposed scheme strengthens the security of CP-ABE, without getting overmuch cost of computation and storage, and thus is more feasible for practical applications.

Key words: forward-secure, key exposure, attribute-based encryption, provable security

魏江宏,刘文芬,胡学先. 前向安全的密文策略基于属性加密方案[J]. 通信学报, 2014, 35(7): 38-45.

EIJiang-hong W,IUWen-fen L,UXue-xian H. Forward-secure ciphertext-policy attribute-based encryption scheme[J]. Journal on Communications, 2014, 35(7): 38-45.

图/表 1

表1

算法性能比较分析"

方案		计算效率			存储/通信效率		前向安全性
方案	加密	解密	私钥更新	系统参数	用户私钥	密文	前向安全性
Waters方案	$(2 l + 2) e$	$(2 l + 1) p + l e$	0	(U+2)G₁+G₂	(\|S\|+2)G₁	$(l + 1) G_{1} + G_{2}$	×
本文方案	$(2 l + 3) e$	$(2 l + 2) p + l e$	O((logT)²) e	(U+l+3)G₁+G₂	(\|S\|+O((logT)²))G₁	$(l + 2) G_{1} + G_{2}$	√

表1

参考文献 21

[1]	SAHAIA , WATERS B . Fuzzy identity based encryption[A]. Proc of the Eurocrypt 2005[C]. Heidelberg: Springer-Verlag, 2005. 457-473.
[2]	GOYAL V , PANDEY O , et al. Attribute-based encryption for fine-grained access control of encrypted data[A]. Proc of the 13th ACM CCS[C]. New York, 2006. 89-98.
[3]	WATERS B . Ciphertext-policy attribute based encryption: an expres-sive, efficient and provably secure realization[A]. Proc of the PKC 2011[C]. Heidelberg: Springer-Verlag, 2011. 53-70.
[4]	CHASE M . Multi-authority attribute based encryption[A]. Proc of the TCC 2007[C]. Heidelberg: Springer-Verlag, 2007. 515-534.
[5]	CHASE M , CHOW S . Improving privacy and security in multi-authority attribute-based encryption[A]. Proc of the 16th ACMCCS[C]. New York, 2009. 121-130.
[6]	LEWKO A , WATERS B . Decentralizing attribute-based encryption[A]. Proc of the Eurocrypt 2011[C]. Heidelberg: Springer-Verlag, 2011. 568-588.
[7]	LEWKO A , WATERS B . DNew proof methods for attribute-based en-cryption: achieving full security through selective techniques[A]. Proc of the Crypto 2012[C]. Heidelberg: Springer-Verlag, 2012. 180-198.
[8]	HOHENBERGER S , et al. Attribute based encryption: with fast de-cryption[A]. Proc of the PKC 2013[C]. Heidelberg: Springer-Verlag, 2013. 162-179.
[9]	ANDERSON M . Two Remarks on Public Key Cryptology[R]. Invited Lecture at the 4th ACM Conference on Computer and Communica-tions Security 1997.
[10]	BELLARE M , MINER S K . A forward-secure digital signature scheme[A]. Proc of the Crypto 1999[C]. Heidelberg: Springer-Verlag, 1999. 431-448.
[11]	ABDALLA M , REYZIN L . A new forward-secure digital signature scheme[A]. Proc of the Asiacrypt 2000[C]. Heidelberg: Springer-Verlag, 2000. 116-129.
[12]	KOZLOV A , REYZIN L . Forward-secure signatures with fast key update[A]. Proc of the SCN 2002[C]. Heidelberg: Springer-Verlag, 2002. 247-262.
[13]	BOYEN X , SHACHAM H , SHEN E , et al. Forward-secure signatures with untrusted update[A]. Proc of 13th ACM CCS[C]. New York, USA 2006. 191-200.
[14]	LIBERT B , QUISQUATER J , YUNG M . Forward-secure signatures in untrusted update environments[A]. Proc of the 14th ACM Conference on Computer and Communications Security[C]. New York, USA 2007. 266-275.
[15]	GENTRY C , SILVERBERG A . Hierarchical ID-based cryptogra-phy[A]. Proc of the Asiacrypt 2002[C]. Heidelberg:Springer-Verlag, 2002. 548-566.
[16]	CANETTI R , HALEVI S , KATZ J . A forward-secure public-key encryption scheme[A]. Proc of the Eurocrypt 2003[C]. Heidelberg:Springer-Verlag, 2003. 255-271.
[17]	CANETTI R , HALEVI S , KATZ J . A forward-secure public-key encryption scheme[J]. Journal of Cryptology, 2007,20:265-294.
[18]	YAO D , FAZIO N , DODIS Y , et al. ID-based encryption for complex hierarchies with applications to forward security and broadcast en-cryption[A]. Proc of the 11th ACM CCS[C]. New York, USA 2004. 354-363.
[19]	YU J , KONG F Y , CHENG X G , et al. Forward-secure iden-tity-basedpublic-key encryption without random oracles[J]. Funda-menta Informaticae, 2011,111(2):241-256.
[20]	LU Y , LI J G . Forward-secure certificate-based encryption and its-generic construction[J]. Journal of Networks, 2010,5(5):527-534.
[21]	BEIMEL A . Secure schemes for secret sharing and key distribution[D]. Israel Institute of Technology, Technion 1996.

前向安全的密文策略基于属性加密方案

Forward-secure ciphertext-policy attribute-based encryption scheme

在线阅读

PDF下载

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 1

参考文献 21

相关文章 15

Metrics

推荐阅读 0

[1]	杜瑞忠, 张玉晴, 李明月. 基于双向索引的高效连接关键字查询动态可搜索加密方案[J]. 通信学报, 2022, 43(5): 123-132.
[2]	廉欢欢, 侯慧莹, 赵运磊. 后量子基于验证元的三方口令认证密钥交换协议[J]. 通信学报, 2022, 43(4): 95-106.
[3]	尹安琪, 郭渊博, 汪定, 曲彤洲, 陈琳. 可证明安全的抗量子两服务器口令认证密钥交换协议[J]. 通信学报, 2022, 43(3): 14-29.
[4]	郭渊博, 尹安琪. 基于格的口令认证密钥交换协议综述[J]. 通信学报, 2022, 43(12): 172-187.
[5]	刘镇,韩益亮,杨晓元,柳曙光. 基于RLWE的可证明安全无陷门签密方案[J]. 通信学报, 2020, 41(6): 14-25.
[6]	彭长根, 张小玉, 丁红发, 杨善慧. 基于Cocks身份密码体制的高效签密方案[J]. 通信学报, 2020, 41(12): 128-138.
[7]	田有亮,李秋贤,张铎,王琳杰. 可证明安全的理性委托计算协议[J]. 通信学报, 2019, 40(7): 135-143.
[8]	冯朝胜,罗王平,秦志光,袁丁,邹莉萍. 支持多种特性的基于属性代理重加密方案[J]. 通信学报, 2019, 40(6): 177-189.
[9]	丁晟,曹进,李晖. 基于OBDD访问结构的无配对CP-ABE方案[J]. 通信学报, 2019, 40(12): 1-8.
[10]	王彩芬,陈丽. 基于格的用户匿名三方口令认证密钥协商协议[J]. 通信学报, 2018, 39(2): 21-30.
[11]	郑永辉,康元基,顾纯祥,董辉. 环上基于属性的全同态加密体制设计[J]. 通信学报, 2017, 38(4): 55-63.
[12]	孙泽栋,祝跃飞,顾纯祥,郑永辉. 基于RLWE的密钥策略属性加密体制[J]. 通信学报, 2016, 37(Z1): 125-131.
[13]	梁艳,张筱,郑志明. 基于无证书群签名方案的电子现金系统[J]. 通信学报, 2016, 37(5): 184-190.
[14]	李昊星,李凤华,宋承根,阎亚龙. 支持身份认证的数据持有性证明方案[J]. 通信学报, 2016, 37(10): 117-127.
[15]	马海英,曾国荪,陈建平,王金华,王占君. 适应性安全的可追踪叛徒的基于属性加密方案[J]. 通信学报, 2016, 37(1): 76-87.