ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2018, Vol. 55 ›› Issue (4): 846-853.doi: 10.7544/issn1000-1239.2018.20161043

• 信息安全 • 上一篇    下一篇

支持隐私保护的多机构属性基加密方案

闫玺玺1,刘媛1,李子臣2,汤永利1   

  1. 1(河南理工大学计算机科学与技术学院 河南焦作 454003); 2(北京印刷学院信息工程学院 北京 102600) (yanxx@hpu.edu.cn)
  • 出版日期: 2018-04-01
  • 基金资助: 
    “十三五”国家密码发展基金项目(MMJJ20170122);河南省科技厅项目(142300410147);河南省教育厅科研项目(12A520021,16A520013);河南理工大学2015年青年骨干教师资助项目

Multi-Authority Attribute-Based Encryption Scheme with Privacy Protection

Yan Xixi1, Liu Yuan1, Li Zichen2, Tang Yongli1   

  1. 1(School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, Henan 454003); 2(School of Information Engineering, Beijing Institute of Graphic Communication, Beijing 102600)
  • Online: 2018-04-01

摘要: 针对云环境中用户敏感信息的保护,提出一种支持隐私保护的多机构属性基加密(attribute based encryption, ABE)方案.该方案采用半策略隐藏方式,将属性分为属性名和属性值2部分,通过对用户的属性值进行隐藏,实现对用户的隐私保护,避免用户的具体属性值泄露给其他任何第三方.另外,加密时仅对与访问策略相关的属性名进行加密,而不是对系统所有属性进行加密,改变了已有的隐私保护属性基加密方式,大大减短了密文长度.方案的安全性依赖于DBDH假设,并且在标准模型下满足自适应选择明文攻击安全.同时,通过与其他方案的对比,方案计算代价和存储代价都有明显优势,尤其是密文长度仅与访问策略设置的属性相关,更加适用于实际应用中用户属性规模远远小于系统属性规模的情况.

关键词: 多机构, 隐私保护, 属性基加密, 属性隐藏, 标准模型

Abstract: Attribute based encryption (ABE) is a new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud. In order to protect the users’ sensitive information in the cloud, a multi-authority attribute based encryption (MA-ABE) scheme with privacy protection is proposed. In the scheme, the users’ attribute is divided into two parts: the attribute name and the attribute value. The value of user’s attributes would be hidden in the access structure to prevent from revealing to any third parties, so the users’ privacy will be effectively preserved. In addition, the attribute name is used to construct the access structure, and the length of our ciphertext is associated with the number of attribute name which belongs to the access policy, rather than the all attributes in the system. Besides, the scheme is secure against chosen plaintext attack under the decision bilinear Diffie-Hellman (DBDH) assumption in the standard model. Compared with the existing related schemes, the size of ciphertext and users’ secret key in the scheme are all reduced, and the lower computing cost and storage cost makes the scheme more effective in the practical application, especially the condition in which the scale of user attributes is far smaller than the scale of system attributes.

Key words: multi-authority, privacy protection, attribute based encryption (ABE), attribute hidden, standard model

中图分类号: