移动社交网络中跨域代理重加密朋友发现隐私保护方案研究

doi:10.11959/j.issn.1000-436x.2017200

通信学报 ›› 2017, Vol. 38 ›› Issue (10): 81-93.doi: 10.11959/j.issn.1000-436x.2017200

移动社交网络中跨域代理重加密朋友发现隐私保护方案研究

罗恩韬^1,²,王国军^2,³(),陈淑红^3,⁴,PINIALKhan-butt⁵

¹ 湖南科技学院电子与信息工程学院,湖南永州 425199
² 中南大学信息科学与工程学院,湖南长沙 410083
³ 广州大学计算机科学与教育软件学院,广东广州 510006
⁴ 湖南工程学院计算机与通信学院,湖南湘潭 411101；
⁵ 信德农业大学信息技术中心,巴基斯坦信德 70060

修回日期:2017-08-07 出版日期:2017-10-01 发布日期:2017-11-16
作者简介:罗恩韬（1978-），男，湖南永州人，博士，湖南科技学院副教授，主要研究方向为可信计算、云安全、隐私保护、大数据等。|王国军（1970-），男，湖南长沙人，中南大学教授、博士生导师，主要研究方向为信息安全、可信计算、净室计算、信任推荐等。|陈淑红（1975-），女，湖南祁东人，博士，广州大学副教授，主要研究方向为可信计算、社交网络分析、社区发现等。|PINIAL Khan-butt（1979-），男，巴基斯坦卡拉奇人，巴基斯坦信德农业大学助理教授，主要研究方向为绿色手机计算、节能计算等。
基金资助:
国家自然科学基金资助项目(61632009);国家自然科学基金资助项目(61472451);国家自然科学基金资助项目(61272151);国家自然科学基金资助项目(61502163);湖南省自然科学基金资助项目(2016JJ3051);中央高校基本科研业务费专项基金资助项目(2016zzts060);湖南省教育厅科研基金资助项目(2015C0589);湖南省重点研发计划基金资助项目(2017NK2390);湖南科技学院计算机应用技术重点建设学科基金资助项目(128030219-001)

Privacy preserving friend discovery cross domain scheme using re-encryption in mobile social networks

En-tao LUO^1,²,Guo-jun WANG^2,³(),Shu-hong CHEN^3,⁴,Khan-butt PINIAL⁵

¹ School of Electronics and Information Engineering,Hunan University of Science and Engineering,Yongzhou 425199,China
² School of Information Science and Engineering,Central South University,Changsha 410083,China
³ School of Computer Science and Educational Software,Guangzhou University,Guangzhou 510006,China
⁴ School of Computer and Communication,Hunan Institute of Engineering，Xiangtan 411101,China;5.Information Technology Center,Sindh Agriculture University,Tandojam 70060,Pakistan
⁵ Information Technology Center,Sindh Agriculture University,Tandojam 70060,Pakistan

Revised:2017-08-07 Online:2017-10-01 Published:2017-11-16
Supported by:
The National Natural Science Foundation of China(61632009);The National Natural Science Foundation of China(61472451);The National Natural Science Foundation of China(61272151);The National Natural Science Foundation of China(61502163);The Natural Science Foundation of Hunan Province(2016JJ3051);Special Fund for Basic Research and Business Expenses of Central Universities(2016zzts060);Research Project of Hunan Provincial Education Department(2015C0589);The Hunan Provincal Science and Technology Key Development Project(2017NK2390);The Key Construction of Computer Application Technology,Hunan University of Science and Engineering(128030219-001)

摘要/Abstract

摘要：

在移动社交网络中，为保证交友过程中的用户隐私，提出跨域环境下的代理重加密交友隐私保护方案。利用跨域多授权中心共享密钥，实现了跨域用户数据的互相访问与共享；利用代理重加密与属性加密技术，对用户属性密钥进行重新加密，实现了以扩充交友访问策略条件的交友匹配；利用用户隐私密文文件与密钥分离技术，增强了用户数据的隐私性。解决了现有方案中存在的用户数据不能跨域跨云共享、交友过少匹配及用户下线不能交友的问题。安全和实验分析表明，方案可以达到选择明文攻击（CPA,chosen plaintext attack）安全，保证交友用户的隐私不被泄露，并且比现有方案更有效。

关键词: 跨域数据访问, 代理重加密, 跨域多授权中心, 属性加密, 隐私保护

Abstract:

In order to guarantee the users’ privacy in the process of making friends in the mobile social networks,a new scheme of proxy re-encryption privacy protection in the cross-domain environment was introduced.The scheme employed the cross-domain multi-authority to sharing secret keys,so as to realize the access and shave of the cross-domain users data.And the secret keys of users’ attributes were re-encrypted,based on the technology of the proxy re-encryption and attribute encryption,to achieve the friends matching under the conditions of extending the access policy.Meanwhile,in purpose of enhancing the privacy of users’ data,the technology which contained the separation of users’ privacy ciphertext and secret keys was adopted.Based on that,problems in the existing system such as user data’s inability to be shared cross-cloud,less matching during the process of making friends and users’ inability to make friends when offline had been addressed.Security and experimental analysis show that this scheme can achieve chosen plaintext attack (CPA) security,ensure the privacy of friend discovery,and that is more effective than existing solutions.

Key words: cross domain data access, proxy re-encryption, cross domain multi-authority, attribute-based encryption, privacy-preserving

中图分类号:

TP393

罗恩韬,王国军,陈淑红,PINIALKhan-butt. 移动社交网络中跨域代理重加密朋友发现隐私保护方案研究[J]. 通信学报, 2017, 38(10): 81-93.

En-tao LUO,Guo-jun WANG,Shu-hong CHEN,Khan-butt PINIAL. Privacy preserving friend discovery cross domain scheme using re-encryption in mobile social networks[J]. Journal on Communications, 2017, 38(10): 81-93.

图/表 7

表1

符号描述"

符号	描述
φ _i、φ_j	分别为第i、j个域
$G P 、 P K_{ϕ_{i}} 、 M S K_{ϕ_{i}}$	公共参数、系统公钥、系统主密钥
$U_{ϕ_{i}}$	用户属性集 $U_{ϕ_{i}}$
S	交友发起者属性集
S′	交友请求者属性集
SK _S	属性集S 对应的私钥
(M ,ρ)	交友发起者的属性访问结构
(M′,ρ′)	交友代理者的属性访问结构
$(M^{}, ρ^{})$	假设挑战的访问控制结构
m	交友明文
M	访问控制结构矩阵
CT	输出密钥密文
CT′	重加密密钥密文
$r k_{S \to (M^{'}, ρ^{'})}$	代理重加密密钥

表1

图1

表2

计算开销分析"

阶段	本文方案计算开销	HMCP方案计算开销
系统初始化阶段	E (G)+E(G_T)+1B	5E(G)+E(G_T)+B
密钥生成阶段	$(2 + \| A \|) E (G)$	$(k + \| A \|) E (G)$
加密阶段	$\| A \| E (G) + 1 B$	$(2 + 3 \| A \|) E (G) + 1 E (G_{T})$
解密阶段	$\| A \| B + (γ) E (G_{T})$	$(\| A \|) B + (γ) E (G_{T})$

表2

表3

通信开销分析"

比较对象	本文方案通信开销	HMCP方案通信开销
系统公钥(PK)	$L_{Z_{P}} + 4 L_{G} + L_{G_{T}}$	$4 L_{G} + L_{G_{T}}$
系统主密钥(MK)	L_G	$2 L_{Z_{P}} + L_{G}$
用户私钥(SK)	$(2 + 3 \| A \|) L (G)$	$(1 + 3 \| A \|) L (G)$
加密密文(CT)	$\| A \| L_{G} + L_{G_{T}}$	$5 \| γ \| L_{G} + L_{G_{T}}$

表3

图2

图3

表4

参考文献 35

[1]	付艳艳, 张敏, 冯登国 ,等. 基于节点分割的社交网络属性隐私保护[J]. 软件学报, 2014,25(4): 768-780.
	FU Y Y , ZHANG M , FENG D G ,et al. Attribute privacy preservation in social networks based on node anatoncy[J]. Journal of Software, 2014,25(4): 768-780.
[2]	DONG W , DAVE V , QIU L . Secure friend discovery in mobile social networks[J]. IEEE Global Communications Conference(INFOCOM), 2015,34(17): 1647-1655.
[3]	LI M , GAO Z , DU S ,et al. PriMatch:fairness-aware secure friend discovery protocol in mobile social network[C]// IEEE Global Communications Conference (GLOBECOM). 2013: 738-743.
[4]	程瑶, 应凌云, 焦四辈 . 移动社交应用的用户隐私泄露问题研究[J]. 计算机学报, 2014,37(1): 87-100.
	CHENG Y , YING L Y , JIAO S B . Research an user privacy leakage in mobile social messaging applications[J]. Chinese Journal of Computers, 2014,37(1): 87-100.
[5]	SARPONG S , XU C . A secure and efficient privacy-preserving attribute matchmaking protocol in proximity-based mobile social networks[J]. Advanced Data Mining and Applications, 2014,8933: 305-318.
[6]	LI M , CAO N , YU S ,et al. Findu:privacy-preserving personal profile matching in mobile social networks[C]// IEEE International Conference on Computer Communications (INFOCOM). 2011, 2(3): 2435-2443.
[7]	YAN Z , DING W , NIEMI V . Two schemes of privacy-preserving trust evaluation[J]. Future Generation Computer Systems, 2016,62(C): 175-189.
[8]	KIRAZ M S , GENC Z A , KARDAS S . Security and efficiency analysis of the hamming distance computation protocol based on oblivious transfer[J]. Security ＆ Communication Networks, 2015,8(18): 4123-4135.
[9]	ZHANG R , ZHANG J , ZHANG Y ,et al. Privacy-preserving profile matching for proximity-based mobile social networking[J]. IEEE Journal on Selected Areas in Communications, 2013,31(9): 656-668.
[10]	NIU B , ZHU X , LIU J . Weight-aware private matching scheme for proximity-based mobile social networks[C]// IEEE Global Communications Conf (GLOBECOM). 2013: 3170-3175.
[11]	ZHU X , CHEN Z , CHI H . Two-party and multi-party private matching for proximity-based mobile social networks[C]// IEEE International Conference on Communications (ICC). 2014: 926-931.
[12]	HAN J , SUSILO W , MU Y . Privacy-preserving decentralized key-policy attribute-based encryption[J]. IEEE Transactions on Parallel ＆ Distributed Systems, 2012,23(11): 2150-2162.
[13]	OSTROVSKY R , SAHAI A , WATERS B . Attribute-based encryption with non-monotonic access structures[C]// CCS 07 ACM Conference on Computer and Communications Security. 2007: 195-203.
[14]	LEWKO A , OKAMOTO T , SAHAI A . Fully secure functional encryption:attribute-based encryption and (hierarchical) inner product encryption[J]. Springer Berlin Heidelberg, 2010,6110: 62-91.
[15]	TAN S F , SAMSUDIN A . Key policy-attribute based fully homomorphic encryption (KP-ABFHE) scheme for securing cloud application in multi-users environment[J].Springer Singapore,2017. Springer Singapore, 2017
[16]	WATERS B . Ciphertext-policy attribute-based encryption:an expressive,efficient,and provably secure realization[J]. Lecture Notes in Computer Science, 2011,2008: 321-334.
[17]	RAO Y S . A secure and efficient ciphertext-policy attribute-based signcryption for personal health records sharing in cloud computing[J]. Future Generation Computer Systems, 2017,67: 133-151.
[18]	ZHOU Z , HUANG D , WANG Z . Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption[J]. IEEE Transactions on Computers, 2014,64(1): 126-138.
[19]	LUO E , LIU Q , WANG G . Hierachical multi-authority and attribute-based encryption friend discovery scheme in mobile social networks[J]. IEEE Communications Letters, 2016,20(9): 1772-1775.
[20]	BLOMER J A . How to share a secret[J]. Communications of the ACM, 1979,22(22): 612-613.
[21]	BLAKLEY G R . Safeguarding cryptographic keys[J]. IEEE Computer Society Digital Library, 1979: 313-317.
[22]	BENALOH J C , YUNG M . Distributing the power of a government to enhance the privacy of voters[J]. Principles of Distributed Computing Symposium, 1986: 52-62.
[23]	WATERS B . Ciphertext-policy attribute-based encryption:an expressive,efficient,and provably secure realization[J]. Lectures Notes in Computer Science, 2011,2008: 321-334.
[24]	CURTMOLA R , GARAY J , KAMARA S ,et al. Searchable symmetric encryption:improved definitions and efficient constructions[J]. Journal of Computer Security, 2011,19(5): 895-934.
[25]	CHASE M , CHOW S S . Improving privacy and security in multi-authority attribute-based encryption[C]// ACM Conference on Computer and Communications Security. 2009: 121-130.
[26]	LI J , HUANG Q , CHEN X . Multi-authority ciphertext-policy attribute-based encryption with accountability[J]. ACM Symposium on Information, 2011: 386-390.
[27]	JUNG T , LI X , WAN Z . Control cloud data access privilege and anonymity with fully anonymous attribute-based encryption[J]. IEEE Transactions on Information Forensics ＆ Security, 2014,10(1): 190-199.
[28]	CHEUNG L , NEWPORT C . Provably secure ciphertext policy ABE[C]// ACM Conference on Computer and Communications Security. 2007: 456-465.
[29]	EMURA K , MIYAJI A , OMOTE K . A ciphertext-policy attributebased encryption scheme with constant ciphertext length[C]// International Conference on Information Security Practice and Experience. 2009: 13-23.
[30]	ZHOU Z , HUANG D . On efficient ciphertext-policy attribute based encryption and broadcast encryption:extended abstract[J]. IEEE Transactions on Computers, 2010(1).
[31]	HERRANZ J , LAGUILLAUMIE F RàFols C . Constant size ciphertexts in threshold attribute-based encryption[C]// International Conference on Practice and Theory in Public Key Cryptography. 2010: 19-34.
[32]	LAI J , DENG R H , LI Y . Fully secure cipertext-policy hiding CP-ABE[J]. International Conference on Information Security Practice and Experience, 2011,6672(2): 24-39.
[33]	LI X , GU D , REN Y . Efficient ciphertext-policy attribute based encryption with hidden policy[C]// International Conference on Internet＆ Distributed Computing Systems. 2012: 146-159.
[34]	GE A , ZHANG R , CHEN C . Threshold ciphertext policy attribute-based encryption with constant size ciphertexts[C]// Australasian Conference on Information Security and Privacy, 2012: 336-349.
[35]	CHEN C , CHEN J , LIM H W . Fully secure attribute-based systems with short ciphertexts/signatures and threshold access structures[M]. Springer Berlin Heidelbag. 2013: 50-67.

方案	循环群	安全模型	安全假设	访问控制策略适应性	通配符	是否可隐藏访问控制策略
文献[28]	p	selective	DBDH	AND-gates on +/-	√	×
文献[29]	p	selective	DBDH	AND-gates on multi-valued attributes	×	×
文献[30]	p	selective	n-DBDH	AND-gates on multi-valued attributes	√	×
文献[31]	p	selective	Amse-DDH	Threshold Gates	×	×
文献[32]	pqr	fully	Subgroup Assumption	AND-gates on multi-valued attributes	√	√
文献[33]	pq	fully	DBDH	AND-gates on multi-valued attributes	×	√
文献[34]	P	selective	n-DBDH	Threshold Gates	×	×
文献[35]	pqr	fully	Subgroup Assumption	Threshold Gates	×	×
本文方案	p	selective	DBDH	AND-gates on multi-valued	×	√

移动社交网络中跨域代理重加密朋友发现隐私保护方案研究

Privacy preserving friend discovery cross domain scheme using re-encryption in mobile social networks

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献 35

相关文章 15

Metrics

推荐阅读 0

[1]	马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153.
[2]	冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233.
[3]	夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123.
[4]	胡柏吉, 张晓娟, 李元诚, 赖荣鑫. 支持多功能的V2G网络隐私保护数据聚合方案[J]. 通信学报, 2023, 44(4): 187-200.
[5]	徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127.
[6]	余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28.
[7]	韩益亮, 郭凯阳, 吴日铭, 刘凯. 格上基于OBDD访问结构的抗密钥滥用属性加密方案[J]. 通信学报, 2023, 44(1): 75-88.
[8]	张学旺, 黎志鸿, 林金朝. 基于公平盲签名和分级加密的联盟链隐私保护方案[J]. 通信学报, 2022, 43(8): 131-141.
[9]	王继锋, 王国峰. 边缘计算模式下密文搜索与共享技术研究[J]. 通信学报, 2022, 43(4): 227-238.
[10]	封化民, 史瑞, 袁峰, 李艳俊, 杨旸. 高效的强隐私保护和可转让的属性票据方案[J]. 通信学报, 2022, 43(3): 63-75.
[11]	于海宁, 张宏莉, 余翔湛, 曲家兴, 葛蒙蒙. 隐私保护的轨迹相似度计算方法[J]. 通信学报, 2022, 43(11): 1-13.
[12]	彭滔, 钟文韬, 王国军, 罗恩韬, 熊金波, 刘忆宁, Hao Wang. 移动社交网络中面向隐私保护的精确好友匹配[J]. 通信学报, 2022, 43(11): 90-103.
[13]	史瑞, 封化民, 谢惠琴, 史国振, 刘飚, 杨旸. 基于带智能卡的移动终端实现的隐私保护的属性票据方案[J]. 通信学报, 2022, 43(10): 26-41.
[14]	熊金波, 周永洁, 毕仁万, 万良, 田有亮. 边缘协同的轻量级隐私保护分类框架[J]. 通信学报, 2022, 43(1): 127-137.
[15]	晏燕, 丛一鸣, Adnan Mahmood, 盛权政. 基于深度学习的位置大数据统计发布与隐私保护方法[J]. 通信学报, 2022, 43(1): 203-216.