ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2015, Vol. 52 ›› Issue (10): 2293-2303.doi: 10.7544/issn1000-1239.2015.20150550

所属专题: 2015网络安全与隐私保护研究进展

• 信息安全 • 上一篇    下一篇



  1. 1(北京大学信息科学技术学院 北京 100871); 2(北京大学软件与微电子学院 北京 102600); 3(北京大学软件工程国家工程研究中心 北京 100871) (
  • 出版日期: 2015-10-01
  • 基金资助: 

Accountable Attribute-Based Encryption Scheme Without Key Escrow

Zhang Xing1, Wen Zilong2, Shen Qingni2, Fang Yuejian2, Wu Zhonghai2,3   

  1. 1(School of Electronics Engineering and Computer Science, Peking University, Beijing 100871);2(School of Software and Microelectronics, Peking University, Beijing 102600);3(National Engineering Research Center for Software Engineering, Peking University, Beijing 100871)
  • Online: 2015-10-01

摘要: 属性基加密(attribute-based encryption, ABE)用于对存储在第三方的加密数据的细粒度共享. 在ABE中:1)由于密钥不包含用户的身份信息,用户可以共享他/她的密钥而不被发现;2)密钥生成中心(key generation center, KGC)可以生成带有任意属性集或访问结构的密钥;3)KGC可以用它的主密钥解密任意的密文.这3类问题的存在,使得使用ABE的系统中的数据面临极大的安全挑战.提出一个可追责并解决密钥托管问题的属性基加密方案(accountable key-policy attribute-based encryption scheme without key escrow, WoKE-AKP-ABE),包含2个机构:KGC和属性机构(attribute authority, AA),KGC生成用户密钥中与身份相关的部分,KGC和AA联合生成用户密钥中与属性相关的部分,在判定双线性Diffie-Hellman假设下达到了选择属性集模型下的选择明文安全,不仅可以抵抗恶意的用户或者机构的攻击,还可以抵抗用户与机构的合谋攻击,能够实现对于解密器的黑盒追踪.

关键词: 云存储, 数据共享, 属性基加密, 可追责性, 密钥托管

Abstract: To ensure the security of sensitive data on cloud storage, people need to store them in encrypted form. Attribute-based encryption (ABE) is widely applied to the fine-grained sharing of encrypted data stored in the third parties. However, there exist three types of data confidentiality issues in ABE schemes: 1) As secret key does not contain identity-specified information, a user can share his/her secret key without being identified; 2) Key generation center (KGC) can generate a user’s secret key with arbitrary access structure or attribute set; 3) KGC can decrypt ciphertext directly using its master key. As the existence of these three issues, the security of data in the ABE system faces great challenges. In this paper, we proposed an accountable key-policy attribute-based encryption scheme without key escrow (WoKE-AKP-ABE). In our construction, we have two authorities which are KGC and attribute authority (AA). KGC generates identity-related part in user’s secret key, and KGC and AA generate attribute-related part through cooperation. Our scheme has chosen plaintext security in the selective-set model under the decisional bilinear Diffie-Hellman assumption and can resist the attack from not only dishonest user or authority but also the collusion between user and single authority. Our scheme can trace decoder box in black-box model.

Key words: cloud storage, data sharing, attribute-based encryption (ABE), accountability, key escrow