通信学报 ›› 2018, Vol. 39 ›› Issue (5): 123-133.doi: 10.11959/j.issn.1000-436x.2018083

• 学术论文 • 上一篇    下一篇

支持高效密文密钥同步演化的安全数据共享方案

严新成1,陈越1,贾洪勇2,陈彦如3,张馨月1   

  1. 1 解放军信息工程大学数据与目标工程学院,河南 郑州 450001
    2 郑州大学软件与应用科技学院,河南 郑州 450001
    3 公安部第一研究所,北京 100048
  • 修回日期:2018-04-13 出版日期:2018-05-01 发布日期:2018-06-01
  • 作者简介:严新成(1991-),男,河南信阳人,解放军信息工程大学博士生,主要研究方向为应用密码学、云数据隐私保护、安全数据共享等。|陈越(1965-),男,河南开封人,博士,解放军信息工程大学教授、博士生导师,主要研究方向为网络与信息安全。|贾洪勇(1975-),男,河南西平人,博士,郑州大学讲师,主要研究方向为网络与信息安全、应用密码学、云数据访问控制。|陈彦如(1990-),女,河南三门峡人,公安部第一研究所助理工程师,主要研究方向为信息安全、等级保护等。|张馨月(1994-),女,满族,吉林通化人,解放军信息工程大学硕士生,主要研究方向为应用密码学、多级安全访问控制。
  • 基金资助:
    国家重点基础研究发展计划(“973”计划)基金资助项目(2012CB315901);河南省科技攻关计划基金资助项目(172102210017)

Secure data sharing scheme supporting efficient synchronous evolution for ciphertext and key

Xincheng YAN1,Yue CHEN1,Hongyong JIA2,Yanru CHEN3,Xinyue ZHANG1   

  1. 1 School of Data and Target Engineering,PLA Information Engineering University,Zhengzhou 450001,China
    2 School of Software and Applied Technology,Zhengzhou University,Zhengzhou 450001,China
    2 The First Research Institute of the Ministry of Public Security,Beijing 100048,China
  • Revised:2018-04-13 Online:2018-05-01 Published:2018-06-01
  • Supported by:
    The National Basic Research Program of China (973 Program)(2012CB315901);The Key Technologies R&D Program of Henan Province(172102210017)

摘要:

云存储密文的静态性增大了攻击者通过获取密钥破解密文的概率,而基于密钥分发和重加密的密文密钥更新则开销过大。针对此问题,提出一种支持高效密文密钥同步演化的安全数据共享方案(CKSE-SDS),通过在广播加密中引入密码学累加器构造支持时间周期性跳变的拟态变换因子,并基于密文及密钥的动态分割与融合实现高效的密文密钥同步演化,从而减少了加密过程和私钥分发的确定性,增大了攻击者利用安全漏洞获取密文密钥并破解密文的难度。理论分析及安全性证明表明,该方案在支持数据安全高效访问条件下,可有效降低攻击者攻击成功的概率,提升系统的主动安全防御能力。

关键词: 云存储, 广播加密, 密码学累加器, 数据共享, 同步演化

Abstract:

The static property of stored ciphertext in cloud increases the probability that an attacker can crack the ciphertext by obtaining a key,while ciphertext and key updates based on key distribution and re-encryption are excessively expensive.For this problem,a secure data sharing scheme supporting efficient synchronous evolution for ciphertext and key (CKSE-SDS) was proposed.By introducing cryptography accumulator in broadcast encryption,mimicry transformation factor could be constructed supporting time-hopping periodically and efficient synchronous evolution for ciphertext and key could be achieved based on dynamic segmentation and fusion of ciphertext and key,which reduced certainty in the process of encryption and key distribution and increased the difficulty for attackers exploiting security vulnerabilities to obtain key to crack ciphertext as well.Theoretical analysis and security proofs show that the proposed scheme can support secure and efficient data access as well as reduce the probability of a successful attack effectively for an attacker,which can also enhance the system’s active security defense capability.

Key words: cloud storage, broadcast encryption, cryptography accumulator, data sharing, synchronous evolution

中图分类号: 

No Suggested Reading articles found!