抗密钥委托滥用的可追踪属性基加密方案

doi:10.11959/j.issn.1000-436x.2020016

通信学报 ›› 2020, Vol. 41 ›› Issue (4): 150-161.doi: 10.11959/j.issn.1000-436x.2020016

抗密钥委托滥用的可追踪属性基加密方案

闫玺玺,何旭,刘涛,叶青,于金霞,汤永利

河南理工大学计算机科学与技术学院，河南焦作 454003

修回日期:2019-12-18 出版日期:2020-04-25 发布日期:2020-04-30
作者简介:闫玺玺（1985- ），女，河南灵宝人，博士，河南理工大学副教授，主要研究方向为网络与信息安全、数字版权管理、数字内容安全|何旭（1993- ），男，河北冀州人，河南理工大学硕士生，主要研究方向为网络与信息安全、密码学|刘涛（1994- ），男，河南商丘人，河南理工大学硕士生，主要研究方向为网络与信息安全、软件定义网络|叶青（1981- ），女，辽宁营口人，博士，河南理工大学讲师，主要研究方向为信息安全、格密码学、数字签名|于金霞（1974- ），女，河南博爱人，博士，河南理工大学教授，主要研究方向为网络与信息安全、人工智能、智能信息处理|汤永利（1972- ），男，河南孟州人，博士，河南理工大学教授，主要研究方向为网络与信息安全、密码学
基金资助:
国家自然科学基金资助项目(61802117);“十三五”国家密码发展基金资助项目(MMJJ20170122);河南省科技攻关基金资助项目(192102210280);河南省高校科技创新团队基金资助项目(20IRTSTHN013);河南理工大学创新型科研团队基金资助项目(T2018-1)

Traceable attribute-based encryption scheme with key-delegation abuse resistance

Xixi YAN,Xu HE,Tao LIU,Qing YE,Jinxia YU,Yongli TANG

School of Computer Science and Technology,Henan Polytechnic University,Jiaozuo 454003,China

Revised:2019-12-18 Online:2020-04-25 Published:2020-04-30
Supported by:
The National Natural Science Foundation of China(61802117);The “13th Five-Year” National Crypto Development Foundation(MMJJ20170122);Projects of Henan Provincial Department of Science and Technology(192102210280);The Innovative Scientists and Technicians Team of Henan Provincial High Education(20IRTSTHN013);The Innovative Research Team of Henan Polytechnic University(T2018-1)

摘要/Abstract

摘要：

针对可追踪属性基加密方案利用追踪功能解决密钥委托滥用问题的不完备性，提出了一种抗密钥委托滥用的可追踪属性基加密方案。将秘密参数分享给用户私钥中关联属性的全部组件，使解密过程必须由全部组件共同参与完成，仅由用户私钥的一部分不能进行解密操作，从而实现真正的抗密钥委托滥用。利用一种短签名技术保护用户私钥中的追踪参数，防止追踪参数被伪造，从而获得对用户的追踪能力。同时支持抗密钥委托滥用和可追踪增强了所提方案的安全性。与相关方案的对比分析表明，所提方案在参数尺寸和计算代价上具有更好的性能优势。

关键词: 属性基加密, 抗密钥委托滥用, 白盒, 可追踪性

Abstract:

Aiming at the problem that the traceability of a traceable attribute-based encryption (ABE) scheme was not sufficient to address the key abuse completely,a traceable ABE scheme against key-delegation abuse was proposed.A secret parameter was be shared to all user private key components corresponding to attributes,and the decryption was completed by using all these components together,such that only parts of them could not realize the decryption and the real key-delegation abuse resistance ability was be obtained consequently.A short signature technique was employed to prevent the tracing parameter embedded in a user private key from being forged,so as to achieve the traceability of the user who leaked his user private key.Supporting both key-delegation abuse resistance and user tracing enhances the security of the proposed scheme.And compared with related schemes,the proposed scheme has better advantage in terms of the parameters size and the computation cost.

Key words: attribute-based encryption, key-delegation abuse resistance, white-box, traceability

中图分类号:

TP309

闫玺玺,何旭,刘涛,叶青,于金霞,汤永利. 抗密钥委托滥用的可追踪属性基加密方案[J]. 通信学报, 2020, 41(4): 150-161.

Xixi YAN,Xu HE,Tao LIU,Qing YE,Jinxia YU,Yongli TANG. Traceable attribute-based encryption scheme with key-delegation abuse resistance[J]. Journal on Communications, 2020, 41(4): 150-161.

图/表 5

图1

表1

表2

参考文献 20

[1]	SAHAI A , WATERS B . Fuzzy identity-based encryption[C]// The 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques. Berlin:Springer, 2005: 457-473.
[2]	GOYAL V , PANDEY O , SAHAI A ,et al. Attribute-based encryption for fine-grained access control of encrypted data[C]// The 13th ACM Conference on Computer and Communications Security. New York:ACM Press, 2006: 89-98.
[3]	齐芳, 李艳梅, 汤哲 . 可撤销和可追踪的密钥策略属性基加密方案[J]. 通信学报, 2018,39(11): 63-69.
	QI F , LI Y M , TANG Z . Revocable and traceable key-policy attribute-based encryption scheme[J]. Journal on Communications, 2018,39(11): 63-69.
[4]	李学俊, 张丹, 李晖 . 可高效撤销的属性基加密方案[J]. 通信学报, 2019,40(6): 32-39.
	LI X J , ZHANG D , LI H . Efficient revocable attribute-based encryption scheme[J]. Journal on Communications, 2019,40(6): 32-39.
[5]	于金霞, 何旭, 闫玺玺 . 机构可验证的密文策略属性基加密方案[J]. 西安电子科技大学学报, 2019,46(4): 49-57.
	YU J X , HE X , YAN X X . Ciphertext-policy attribute-based encryption scheme with verifiability on authority[J]. Journal of Xidian University, 2019,46(4): 49-57.
[6]	JIANG Y , SUSILO W , MU Y ,et al. Ciphertext-policy attribute-based encryption with key-delegation abuse resistance[C]// The 21st Australasian Conference on Information Security and Privacy. Berlin:Springer, 2016: 477-494.
[7]	JIANG Y , SUSILO W , MU Y ,et al. Ciphertext-policy attribute-based encryption against key-delegation abuse in fog computing[J]. Future Generation Computer Systems, 2018,78(2): 720-729.
[8]	LIU Z , CAO Z , WONG D S . White-box traceable ciphertext-policy attribute-based encryption supporting any monotone access structures[J]. IEEE Transactions on Information Forensics and Security, 2013,8(1): 76-88.
[9]	ROUSELAKIS Y , WATERS B . Practical constructions and new proof methods for large universe attribute-based encryption[C]// The 2013 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2013: 463-474.
[10]	BONEH D , BOYEN X . Short signatures without random oracles[C]// The International Conference on the Theory and Applications of Cryptographic Techniques. Berlin:Springer, 2004: 56-73.
[11]	NING J , CAO Z , DONG X ,et al. Large universe ciphertext-policy attribute-based encryption with white-box traceability[C]// The 19th European Symposium on Research in Computer Security. Berlin:Springer, 2014: 55-72.
[12]	YU S , REN K , LOU W ,et al. Defending against key abuse attacks in KP-ABE enabled broadcast systems[C]// The 5th International Conference on Security and Privacy in Communication Networks. Berlin:Springer, 2009: 311-329.
[13]	张星, 文子龙, 沈晴霓 ,等. 可追责并解决密钥托管问题的属性基加密方案[J]. 计算机研究与发展, 2015,52(10): 2293-2303.
	ZHANG X , WEN Z L , SHEN Q N ,et al. Accountable attribute-based encryption scheme without key escrow[J]. Journal of Computer Research and Development, 2015,52(10): 2293-2303.
[14]	NING J , DONG X , CAO Z ,et al. Accountable authority ciphertext-policy attribute-based encryption with white-box traceability and public auditing in the cloud[C]// The 20th European Symposium on Research in Computer Security. Berlin:Springer, 2015: 270-289.
[15]	YU G , MA X , CAO Z ,et al. Accountable multi-authority ciphertext-policy attribute-based encryption without key escrow and key abuse[C]// The 9th International Symposium on Cyberspace Safety and Security. Berlin:Springer, 2017: 337-351.
[16]	ZHANG Y , LI J , ZHENG D ,et al. Towards privacy protection and malicious behavior traceability in smart health[J]. Personal and Ubiquitous Computing, 2017,21(5): 815-830.
[17]	LAI J , TANG Q . Making any attribute-based encryption accountable,efficiently[C]// The 23rd European Symposium on Research in Computer Security. Berlin:Springer, 2018: 527-547.
[18]	LI Q , ZHU H , YING Z ,et al. Traceable ciphertext-policy attributebased encryption with verifiable outsourced decryption in eHealth cloud[J]. Wireless Communications and Mobile Computing, 2018(1):1701675.
[19]	QIAO H , REN J , WANG Z ,et al. Compulsory traceable ciphertext-policy attribute-based encryption against privilege abuse in fog computing[J]. Future Generation Computer Systems, 2018,88(1): 107-116.
[20]	CARO A D , IOVINO V . jPBC:Java pairing based cryptography[C]// The 16th IEEE Symposium on Computers and Communications. Piscataway:IEEE Press, 2011: 850-855.

方案	抗密钥委托滥用	可追踪	群阶数	可追踪性证明
文献[8]方案	×	√	合数阶	标准模型
文献[7]基础方案	√	×	素数阶	—
文献[7]扩展方案	√	√	素数阶	一般双线性群模型
本文方案	√	√	素数阶	标准模型

方案	通信代价			计算代价
方案	公共参数大小	密文大小	用户私钥大小	加密计算量	解密计算量
文献[8]方案	$\| U \| + 4$	$2 l + 3$	$\| S \| + 4$	$(3 l + 2) E + E_{T}$	$(2 \| I \| + 1) P + 2 E + \| I \| E_{T}$
文献[7]基础方案	$2 \| U \| + 1$	$2 \| U \| - l + 1$	$\| S \| + 4$	$(2 \| U \| - l) E + E_{T}$	$\| U \| P$
文献[7]扩展方案	$2 (\| U \| + ρ) + 1$	$2 (\| U \| + ρ) - l + 1$	$\| U \| + ρ$	$(2 (\| U \| + ρ) - l) E + E_{T}$	$(\| U \| + ρ) P$
本文方案	$2 \| U \| + 3$	$2 \| U \| - l + 3$	$\| U \| + 3$	$(2 \| U \| - l + 2) E + E_{T}$	$(\| U \| + 1) P + E$

抗密钥委托滥用的可追踪属性基加密方案

Traceable attribute-based encryption scheme with key-delegation abuse resistance

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献 20

相关文章 15

Metrics

推荐阅读 0

[1]	刘雪娇, 曹天聪, 夏莹杰. 区块链架构下高效的车联网跨域数据安全共享研究[J]. 通信学报, 2023, 44(3): 186-197.
[2]	韩益亮, 郭凯阳, 吴日铭, 刘凯. 格上基于OBDD访问结构的抗密钥滥用属性加密方案[J]. 通信学报, 2023, 44(1): 75-88.
[3]	杜瑞忠, 张添赫, 石朋亮. 基于区块链且支持数据共享的密文策略隐藏访问控制方案[J]. 通信学报, 2022, 43(6): 168-178.
[4]	殷新春, 王梦宇, 宁建廷. 轻量级可搜索医疗数据共享方案[J]. 通信学报, 2022, 43(5): 110-122.
[5]	王滨, 陈思, 陈加栋, 王星. DWB-AES：基于AES的动态白盒实现方法[J]. 通信学报, 2021, 42(2): 177-186.
[6]	张嘉伟, 马建峰, 马卓, 李腾. 云计算中基于时间和隐私保护的可撤销可追踪的数据共享方案[J]. 通信学报, 2021, 42(10): 81-94.
[7]	闫玺玺,原笑含,汤永利,陈艳丽. 基于区块链且支持验证的属性基搜索加密方案[J]. 通信学报, 2020, 41(2): 187-198.
[8]	李学俊,张丹,李晖. 可高效撤销的属性基加密方案[J]. 通信学报, 2019, 40(6): 32-39.
[9]	孙磊,赵志远,王建华,朱智强. 云存储环境下支持属性撤销的属性基加密方案[J]. 通信学报, 2019, 40(5): 47-56.
[10]	刘建,鲜明,王会梅,荣宏. 面向移动云的属性基密文访问控制优化方法[J]. 通信学报, 2018, 39(7): 39-49.
[11]	闫玺玺,刘媛,李子臣,汤永利,叶青. 理想格上支持隐私保护的属性基加密方案[J]. 通信学报, 2018, 39(3): 128-135.
[12]	齐芳,李艳梅,汤哲. 可撤销和可追踪的密钥策略属性基加密方案[J]. 通信学报, 2018, 39(11): 63-69.
[13]	张磊,马春光,杨松涛,李增鹏. 基于属性基加密的用户协作连续查询隐私保护策略[J]. 通信学报, 2017, 38(9): 76-85.
[14]	周长利,田晖,马春光,杨松涛. 路网环境下基于伪随机置换的LBS隐私保护方法研究[J]. 通信学报, 2017, 38(6): 19-29.
[15]	张维纬,张育钊,黄焯,张茹,杨义先. 支持安全外包计算的无线体域网数据共享方案[J]. 通信学报, 2017, 38(4): 64-75.