ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2016, Vol. 53 ›› Issue (10): 2207-2215.doi: 10.7544/issn1000-1239.2016.20160459

所属专题: 2016网络空间共享安全研究进展专题

• 信息安全 • 上一篇    下一篇



  1. 1(数学工程与先进计算国家重点实验室(中国人民解放军信息工程大学) 郑州 450000); 2(陆军航空兵学院 北京 101116); 3(信息安全国家重点实验室(中国科学院信息工程研究所) 北京 100093) (
  • 出版日期: 2016-10-01
  • 基金资助: 
    国家自然科学基金项目(61309016,61379150,61502529);信息安全国家重点实验室开放课题(2016-MS-15) This work was supported by the National Natural Science Foundation of China (61309016, 61379150, 61502529) and the Open Foundation of the Sate Key Laboratory of Information Security (2016-MS-15).

Decentralized Attribute-Based Encryption Scheme with Constant-Size Ciphertexts

Xiao Siyu1, Ge Aijun1,3, Ma Chuangui1,2   

  1. 1(State Key Laboratory of Mathematical Engineering and Advanced Computing (PLA Information Engineering University), Zhengzhou 450000); 2(Army Aviation Institute, Beijing 101116); 3(State Key Laboratory of Information Security (Institute of Information Engineering, Chinese Academy of Sciences), Beijing 100093)
  • Online: 2016-10-01

摘要: 基于素数阶双线性群,提出了一种去中心化的基于属性加密方案,并在标准模型下证明了方案的安全性.该方案中含有一个中央机构(central authority, CA)和多个属性机构(attribute authority, AA),其中中央机构负责生成与用户全局唯一身份标识绑定的随机值,并且不参与任何属性相关的操作,有效地抵抗了合谋攻击.每个属性机构负责互不相交的属性域并且相互独立,甚至不需要知道其他属性机构的存在.特别地,任何机构都不能独立解开密文.进一步,可以将该方案推广至多中央机构情形,中央机构之间亦相互独立,用户只需在其信任的任何一个中央机构注册即可,实现了真正意义上的“去中心化”.该方案中密文长度达到了固定值,同时解密运算只需要2个双线性对,在Charm架构下的仿真实验表明:该方案具有非常高的效率.

关键词: 去中心化, 多机构基于属性加密, 密文数据访问控制, 固定长度密文, 抗合谋攻击

Abstract: Based on prime-order bilinear groups, we propose a decentralized multi-authority attribute-based encryption scheme which is proven to be secure in the standard model. Firstly, we construct an attribute-based encryption system with a central authority (CA) and multiple attribute authorities (AAs), where CA is responsible for generating a random value associated with each user’s unique global identifier (GID), and does not participate in any operation related to users’ attributes. Different users will get different random values, thus they cannot obtain any information beyond authority even through collusion. Every attribute authority is responsible for different attributes domain and they are independent of each other. It’s even not necessary to know the existence of each other in the system. In particular, there is no authority that can decrypt a ciphertext alone. Secondly, this scheme can be extended to a decentralized attribute-based encryption with multiple CAs setting, where every CA is also independent of each other, and each user can issue his private key from only one CA. Bringing it into practice under the Charm infrastructure, the results show that the decentralized attribute based encryption schemes are very efficient, whose ciphertexts are of constant size, i.e., regardless of the number of underlying attributes of access control policy or users.

Key words: decentralized, multi-authority attribute-based encryption, ciphertext access control, constant-size ciphertext, collusion resistant