通信学报 ›› 2018, Vol. 39 ›› Issue (11): 63-69.doi: 10.11959/j.issn.1000-436x.2018231

• 学术论文 • 上一篇    下一篇

可撤销和可追踪的密钥策略属性基加密方案

齐芳,李艳梅(),汤哲   

  1. 中南大学信息科学与工程学院,湖南 长沙 410083
  • 修回日期:2018-05-19 出版日期:2018-11-01 发布日期:2018-12-10
  • 作者简介:齐芳(1978–),女,湖南长沙人,博士,中南大学副教授、博士生导师,主要研究方向为网络信息安全、通信协议。|李艳梅(1990–),女,山西吕梁人,中南大学硕士生,主要研究方向为信息安全、现代密码学。|汤哲(1977–),男,湖南长沙人,博士,中南大学副教授、硕士生导师,主要研究方向为智能技术、机器人、工业控制、电池管理与应用。
  • 基金资助:
    国家自然科学基金重点项目(61632009);长沙市科技计划基金资助项目(kq1701089);国家重点研发计划基金资助项目(2018YFD0700500)

Revocable and traceable key-policy attribute-based encryption scheme

Fang QI,Yanmei LI(),Zhe TANG   

  1. School of Information Science and Engineering,Central South University,Changsha 410083,China
  • Revised:2018-05-19 Online:2018-11-01 Published:2018-12-10
  • Supported by:
    The National Natural Science Foundation of China(61632009);The Science and Technology Project of Changsha(kq1701089);The National Key Research and Development Program of China(2018YFD0700500)

摘要:

针对基于密钥策略属性基加密(KP-ABE,key-policy attribute-based encryption)方案不能兼顾属性撤销和用户身份追踪的问题,提出一种支持可撤销和可追踪的KP-ABE方案。首先,该方案能够在不更新系统公钥和用户私钥的情况下实现对用户属性的撤销,更新代价比较小,同时可以根据解密密钥追踪到用户身份,从而有效地防止匿名用户的密钥泄露问题。其次,该方案基于线性访问结构(LSSS,linear secret sharing scheme),与树形访问结构相比,执行效率更高。最后,该方案基于判定性q-BDHE假设,给出了在标准模式下的安全性证明。通过与已有的KP-ABE方案进行对比分析得出,该方案的公钥长度更短、加解密的计算开销更低,且在实现属性可撤销的基础上实现了用户身份的可追踪功能,具有较为明显的优势。

关键词: 基于密钥策略属性基加密, 可撤销, 可追踪, 线性访问结构

Abstract:

The existing key-policy attribute-based encryption (KP-ABE) scheme can not balance the problem of attribute revocation and user identity tracking.Hence,a KP-ABE scheme which supported revocable and traceable was proposed.The scheme could revoke the user attributes without updating the system public key and user private key with a less update cost.Meanwhile,it could trace the user identity based on decryption key which could effectively prevent anonymous user key leakage problem.The proposed scheme was based on linear secret sharing scheme (LSSS),which was more efficient than tree-based access structure.Based on the deterministic q-BDHE hypothesis,the proposed scheme gave security proof until standard mode.Finally,compared with the existing KP-ABE scheme,the scheme has a shorter public key length,lower computational overhead and realizes the traceability function of user identity based on the revocable attribute,which has obvious advantages.

Key words: KP-ABE, revocable, traceable, linear secret sharing scheme

中图分类号: 

No Suggested Reading articles found!