云环境下基于环签密的用户身份属性保护方案

doi:10.3969/j.issn.1000-436x.2014.09.010

Abstract

Abstract:

Identity attribute leak as the most severe security threat of cloud computing,in order to solve this problem,a protection scheme of identity attributes based on ring signcryption was proposed.Focused on digital identity management in cloud service,which discusses user key parting management with decentralization.Users can choose some seeds for generation and storage of key,then integrated user key cannot be acquired by registrar,based on this payload on certifica-tion management is reduced.In addition,access-centric blindness ring signcryption verification for identity attribute is designed,which constitutes ring of users and CSP,combined with own attribute users can accomplish ring-oriented sub-linear blindness signcryption and non-interactive public ciphertext verifiability for messages so that integrity and confidentiality of identity attribute can be protected avoiding identity attribute leakage in collusion of multi-CSP.At last,strong blindness and unforgeability of ciphertext and attribute is proved in proposed model,three private key components can be generated by users and identity forgeability of ring member can be prevented successfully on the condition of DBDH difficult assumption and adaptive chosen-ciphertex tattacking.Effectiveness of proposed mechanism is verified via performance evaluation of blindness ring signcryption algorithm based on comprehensive payload in identity attribute protection,and optimization is confirmed compared with similar algorithms.

Key words: digital identity management, certificateless, strong unforgeability, blindness

Shuan-bao LI,Jian-ming FU,Huan-guo ZHANG,Jing CHEN,Jing WANG,Bi-jun REN. Scheme on user identity attribute preserving based on ring signcryption for cloud computing[J]. Journal on Communications, 2014, 35(9): 99-111.

Figures/Tables 8

References 31

[1]	MICHAEL A , ARMANDO F , REAN G . Above the Clouds: a Berkeley View of Cloud Computing[R]. Berkeley:University of California,UC Berkeley Reliable Adaptive Distributed Systems Laboratory, 2009.
[2]	童晓渝，张云勇，徐雷．智能普适网络[J]．通信学报， 2011,32(7):182-188. TONG X Y , ZHANG Y Y , XU L . Intelligent ubiquitous network[J]. Journal on Communications, 2011,32(7):182-188.
[3]	ANGEL J M , INY K . Spontaneous task composition in urban computing environments based on social,spatial and temporal aspects[J]. En-gineering Applications of Artificial Intelligence, 2011,24:1446-1460.
[4]	ZHANG H G , LI C L , TANG M . Evolutionary cryptography against multidimensional linear cryptanalysis[J]. Sci China InfSci, 2011,54(12):2565-2577.
[5]	WANG H Z , ZHANG H G , et al. Extended multivariate public key crypto systems with secure encryption function[J]. Sci China InfSci, 2011,54(6):1161-1171.
[6]	ZHANG H G , LI C L , TANG M . Capability of evolutionary crypto-systems against differential cryptanalysis[J]. Sci China InfSci, 2011,54(10):1991-2000.
[7]	TANG M , ZHANG H G , et al. Evolutionary chipers against differential power analysis and differential fault analysis[J]. Sci China InfSci, 2012,55(4):911-920.
[8]	彭长根，田有亮，张豹等．基于同态加密体制的通用可传递签名方案[J]．通信学报， 2013,34(11):18-25. PENG C G , TIAN Y L , ZHANG B , et al. General transitive signature scheme based on homomorphism encryption[J]. Journal on Communications, 2013,34(11):18-25.
[9]	FENG D G , ZHANG M , et al. Study on cloud computing security[J]. Journal of Software, 2011,22(1):71-83.
[10]	MARK D R . Cloud computing security: the scientific challenge,and a survey of solutions[J]. The Journal of Systems and Software, 2013,86:2263-2268.
[11]	HASSAN T , JAMES B D , et al. Security and privacy challenges incloud computing environments[J]. IEEE Security and Privacy, 2010,10:24-31.
[12]	SHAREEFULI , HARALAMBOS M , et al. Model based process to support security and privacy requirements engineering[J]. International Journal of Secure Software Engineering, 2012,3:1-3.
[13]	NIR K . Privacy and security issues in cloud computing: the role of institutions and institutional evolution[J]. Telecommunications Policy, 2013,37:372-386.
[14]	ALLIANCE C S . The notorious nine cloud computing top threats in 2013[EB/OL]. .
[15]	BERTINO E , PACI F , et al. Privacy preserving digital identity man-agement for cloud computing[J]. IEEE Data Eng Bull, 2009,32(1):21-27.
[16]	PELIN A , BHARAT B , et al. An entity-centric approach for privacy and identity management in cloud computing[A]. Proc of 29th IEEE Symposium on Reliable Distributed Systems[C]. 2010.177-183.
[17]	HUSSAIN M . The Design and Applications of a Privacy-Preserving Identity and Trust-Management System[D]. Canada:School of Computing,Queen's University, 2010.
[18]	CELESTI A , TUSA F , et al. Security and cloud computing: intercloud identity management infrastructure[A]. Proc of 2010 Workshops on Enabling Technologies[C]. 2010.263-265.
[19]	ROHIT R , BHARAT B , et al. Protection of identity information in cloud computing without trusted third party[A]. Proc of the 29th IEEE Symposium on Reliable Distributed Systems[C]. 2010.368-372.
[20]	GOVINDA K , SATHIYAMOORTHY D E . Identity anonymization and secure data storage using group signature in private cloud[J]. Procedia Technology, 2012,4:495-499.
[21]	HARALAMBOS M , SHAREEFUL I , et al. A framework to support selection of cloud providers based on security and privacy require-ments[J]. The Journal of Systems and Software, 2013,86:2276-2293.
[22]	WANG H . Privacy preserving data sharing in cloud computing[J]. Journal of Computer Science and Technology, 2010,25(3):401-414.
[23]	CHUANG I-HSUN , LI S H , et al. An effective privacy protection scheme for cloud computing[A]. Proc of 13th International Conference on Advanced Communication Technology[C]. PyeongChang, 2011.260-265.
[24]	SHERMAN S M C , HE Y J , et al. Simple privacy-preserving identity-management for cloud environment[A]. Proc of ACNS 2012[C]. Berlin Heidelberg, 2012.526-543.
[25]	WEI L F , ZHU H J , et al. Security and privacy for storage and computa-tion in cloud computing[J]. Information Sciences, 2014,258:371-386.
[26]	ADEELA W , ASAD R , et al. A framework for preservation of cloud users' data privacy using dynamic reconstruction of metadata[J]. Journal of Network and Computer Applications, 2013,36:235-248.
[27]	GUO Z Z , LI M C , FAN X X . Attribute-based ring signcryption scheme[J]. Security and Comm Networks, 2013,6:790-796.
[28]	LIU Z H , HU Y P , et al. Certificatelesssigncryption scheme in the standard model[J]. Information Sciences, 2010,180:452-464.
[29]	ESSAM G . Sub-linear Blind Ring Signatures without Random Ora-cles[R]. Cryptology ePrint Archive,Report 2013/612, 2013.
[30]	SHARMILA S D S , SREE V , et al. ID Based Signcryption Scheme in Standard Model[R]. Cryptology ePrint Archive,Report 2012/392, 2013.
[31]	DAN B , MATT F . Identity-based encryption from the weil pairing[A]. Proc of CRYPTO 2001[C]. Berlin Heidelberg, 2001,213:229-464.

Metrics

Recommended 0

No Suggested Reading articles found!

记号	含义	记号	含义
PKG	公共参数和密钥生成器	SK_ωs	用户私钥
m	消息	SK_ωR	CSP私钥
ω_s	用户属性集	PK_ωs	用户公钥
ω_R	CSP属性集	PK_ωR	CSP公钥
C1	环	CT	签密文

通信成本	本文方案	文献[24]方案	文献[25]方案
用户和PKG	3\|g\|	\|g+2n_a\|g\|	2\|g\|+n_a\|g\|
源CSP和PKG	3\|g\|+\|g_T\|	2\|g\|+\|p\|	2\|g\|+2\|p\|
用户和源CSP	\|g_T\|+n_a\|g\|	\|g_T\|+\|p\|\|g\|	\|g_T\|+n_u\|p\|

实体	本文方案	文献[24]方案	文献[25]方案
PKG	(2+n_a)\|p\|	n_u\|g\|+2\|p\|	n_u\|g\|+log_nup
用户	(3+n_a) \|g\|	(2n_u+1)\|g\|+log_nup	n_u\|p\|+3\|g\|
源CSP	3\|g\|+\|g_T\|	2\|g_T\|+3\|g\|	2\|g_T\|+n_u\|g\|

指标	本文方案	文献[24]方案	文献[25]方案
对运算	5p_a	6p_a	5p_a
指数运算	3Exp_G+Exp_GT	2Exp_G+2 Exp_GT	5Exp_G+Exp_GT
散列计算	2H_a	4H_a	5H_a
密文规模	4\|G\|+\|G_T\|	5\|G\|+2\|G_T\|	4\|G\|+\|G_T\|
模型	标准	RO	RO

Scheme on user identity attribute preserving based on ring signcryption for cloud computing

RichHTML

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

Figures/Tables 8

References 31

Related Articles 15

Metrics

Recommended 0

[1]	Ziyuan WANG, Ruizhong DU. Certificateless public key cryptography based provable data possession scheme in edge environment [J]. Journal on Communications, 2022, 43(7): 62-72.
[2]	Zhu WANG, Siqi YANG, Fenghua LI, Kui GENG, Tingting PENG, Mengyao SHI. Efficient and provably-secure certificateless sequential aggregate signature scheme [J]. Journal on Communications, 2022, 43(5): 58-67.
[3]	Wenbo ZHANG, Wenhua HUANG, Jingyu FENG. Secure communication mechanism for VSN based on certificateless signcryption [J]. Journal on Communications, 2021, 42(7): 128-136.
[4]	Qimei CUI, Wenjing ZHAO, Xiaoyang GU, Zengbao ZHU, Xiaoxuan ZHU, Xiaofeng TAO, Wei NI. Efficient handover authentication and secure key-updating mechanism for B5G networks [J]. Journal on Communications, 2021, 42(12): 96-108.
[5]	Shun ZHANG,Hongli FAN,Hong ZHONG,Miaomiao TIAN. Efficient revocable certificateless remote anonymous authentication protocol for wireless body area network [J]. Journal on Communications, 2018, 39(4): 100-111.
[6]	Yan-lin QIN,Xiao-ping WU,Wei HU. Leakage-resilient certificateless signcryption scheme [J]. Journal on Communications, 2017, 38(Z2): 43-50.
[7]	Zhi-yan XU,Li-bing WU,Li LI,De-biao HE. Provably secure certificateless aggregate signature scheme in wireless roaming authentication [J]. Journal on Communications, 2017, 38(7): 123-130.
[8]	Shu-fen NIU,Ling NIU,Cai-fen WANG,Ya-hong LI. Certificateless generalized signcryption scheme in the standard model [J]. Journal on Communications, 2017, 38(4): 35-45.
[9]	Cheng SONG,Ming-yue ZHANG,Wei-ping PENG,Zong-pu JIA,Zhi-zhong LIU,Xi-xi YAN. Research on pairing-free certificateless batch anonymous authentication scheme for VANET [J]. Journal on Communications, 2017, 38(11): 35-43.
[10]	Zhi-yan XU,Li-bing WU,Li LI,De-biao HE. New certificateless aggregate signature scheme with universal designated verifier [J]. Journal on Communications, 2017, 38(11): 76-83.
[11]	Jin CAO,Yi-qing ZHENG,Hui LI. Conditional privacy-protection remote user authentication mechanism for WBAN [J]. Journal on Communications, 2016, 37(Z1): 63-71.
[12]	Hang SU,Jian-wei LIU,Rui TAO. Hierarchical certificateless authenticated key agreement protocol [J]. Journal on Communications, 2016, 37(7): 161-171.
[13]	Dan LIU,Run-hua SHI,Shun ZHANG,Hong ZHONG. Efficient anonymous roaming authentication scheme using certificateless aggregate signature in wireless network [J]. Journal on Communications, 2016, 37(7): 182-192.
[14]	Yan-lin QIN,Xiao-ping WU,Wei HU. Efficient certificateless multi-receiver anonymous signcryption scheme [J]. Journal on Communications, 2016, 37(6): 129-136.
[15]	Hong-zhen DU,Qiao-yan WEN. Certificateless strong designated verifier multi-signature [J]. Journal on Communications, 2016, 37(6): 20-28.