ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2018, Vol. 55 ›› Issue (1): 216-224.doi: 10.7544/issn1000-1239.2018.20160799

• 信息安全 • 上一篇    

在线/离线的可追责属性加密方案

张凯1,马建峰2,张俊伟2,应作斌3,张涛2,刘西蒙4,   

  1. 1(西安电子科技大学通信工程学院 西安 710071);2(西安电子科技大学计算机学院 西安 710071);3(安徽大学计算机科学与技术学院 合肥 230601);4(新加坡管理大学信息系统学院 新加坡 178902) (629zhangkai@163.com)
  • 出版日期: 2018-01-01
  • 基金资助: 
    国家“八六三”高技术研究发展计划基金项目(2015AA016007);中央高校基本科研业务费专项资金项目(BDZ011402);国家自然科学基金项目(U1405255, 61472310)

Online/Offline Traceable Attribute-Based Encryption

Zhang Kai1, Ma Jianfeng2, Zhang Junwei2, Ying Zuobin3, Zhang Tao2, Liu Ximeng4   

  1. 1(School of Telecommunications Engineering, Xidian University, Xi’an 710071);2(School of Computer Science and Technology, Xidian University, Xi’an 710071);3(School of Computer Science and Technology, Anhui University, Hefei 230601);4(School of Information Systems, Singapore Management University, Singapore 178902)
  • Online: 2018-01-01

摘要: 作为一种公钥加密,属性加密能够实现细粒度的访问控制.然而,由于在密文策略属性加密中多个用户可能会拥有相同的解密权限,所以抓获那些出售自己私钥的用户是困难的.其次,在密文策略的属性加密中,加密一个消息所要用到的指数运算是随着访问策略复杂性的增长而增长的,由此带来的计算开销对使用移动设备进行加密的用户造成了重大挑战.针对上述问题,给出了在线/离线可追责属性加密的安全模型,然后在素数阶双线性群下构造了一个在线/离线的可追责密文策略属性加密方案,并在标准模型下证明了方案是选择性安全的.当一个恶意用户泄露的自己私钥给别人时,该方案能够通过一个追责算法将其抓获.效率分析表明该方案加密的主要开销是在离线阶段,更适用于移动设备进行加密.此外,所提方案支持大属性域,在实际应用中更加灵活.

关键词: 属性加密, 可追责, 在线/离线, 大属性域, 标准模型

Abstract: Attribute-based encryption (ABE), as a public key encryption, can be utilized for fine-grained access control. However, there are two main drawbacks that limit the applications of attribute-based encryption. First, as different users may have the same decryption privileges in ciphertext-policy attribute-based encryption,it is difficult to catch the users who sell their secret keys for financial benefit. Second, the number of resource-consuming exponentiation operations required to encrypt a message in ciphertext-policy attribute-based encryption grows with the complexity of the access policy, which presents a significant challenge for the users who encrypt data on mobile devices. Towards this end, after proposing the security model for online/offline traceable attribute-based encryption, we present an online/offline traceable ciphertext-policy attribute-based encryption scheme in prime order bilinear groups, and further prove that it is selectively secure in the standard model. If a malicious user leaks his/her secret key to others for benefit, he/she will be caught by a tracing algorithm in our proposed scheme. Extensive efficiency analysis results indicate that the proposed scheme moves the majority cost of an encryption into the offline encryption phase and is suitable for user encryption on mobile devices. In addition, the proposed scheme supports large universe of attributes, which makes it more flexible for practical applications.

Key words: attribute-based encryption (ABE), traceability, online/offline, large universe, standard model

中图分类号: