ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2017, Vol. 54 ›› Issue (11): 2456-2466.doi: 10.7544/issn1000-1239.2017.20170373

所属专题: 2017车联网关键技术与应用研究专题

• 网络技术 • 上一篇    下一篇

可撤销动静态属性的车联网属性基加密方法

何倩1,2,刘鹏1,2,王勇1   

  1. 1(广西云计算与大数据协同创新中心(桂林电子科技大学) 广西桂林 541004); 2(认知无线电与信息处理教育部重点实验室(桂林电子科技大学) 广西桂林 541004) (heqian@guet.edu.cn)
  • 出版日期: 2017-11-01
  • 基金资助: 
    国家自然科学基金项目(61661015,61572148);认知无线电与信息处理教育部重点实验室基金项目(CRKL160101);广西云计算与大数据协同创新中心基金项目(YD16801)

Attribute Based Encryption Method with Revocable Dynamic and Static Attributes for VANETs

He Qian1,2, Liu Peng1,2, Wang Yong1   

  1. 1(Guangxi Collaborative Innovation Center of Cloud Computing and Big Data (Guilin University of Electronic Technology), Guilin, Guangxi 541004); 2(Key Laboratory of Cognitive Radio and Information Processing (Guilin University of Electronic Technology), Ministry of Education, Guilin, Guangxi 541004)
  • Online: 2017-11-01

摘要: 车载自组织网络(vehicular ad hoc network, VANET) (也称车联网)数据安全共享通常采用群加密方式,高速移动的车载终端给群组构建和群密钥管理带来困难.密文策略属性基加密(ciphertext-policy attribute-based encryption, CP-ABE)为车联网通信安全带来了新的解决方案,但是传统的CP-ABE方案解密计算复杂度高,属性撤销需要整个密文进行全部更新,策略树的构建不够灵活,导致在车联网中的应用受限.为了解决上述问题,围绕车联网云存储数据安全分享,设计可撤销动静态属性的属性基加密方案.将动态属性和静态属性分开管理,构建组合策略树,引入解密代理将高复杂度的属性基解密过程的主要部分外包到服务端,车辆终端通过中央和本地认证中心进行属性撤销和动态属性更新.可撤销动静态属性的车联网属性基加密方案是安全的,在空间和加解密时间复杂度上较传统CP-ABE算法具有优势,实验还分析了车载终端解密、属性撤销和系统并发等性能.

关键词: 车联网, 属性基加密, 动静态属性, 可撤销属性, 解密代理

Abstract: The data secure sharing in vehicular ad hoc network (VANET) usually uses group encryption mode. However it is difficult to construct group and to manage group key for vehicular terminal with high mobility. Ciphertext-policy attribute-based encryption (CP-ABE) is a kind of new solution for VANETs' communication security. In the traditional CP-ABE strategy, it has several shortcomings, such as high decryption computation complex, and attributes revoking requires the re-encrypting of the whole cipher-text and the inflexible construction of access policy tree. These shortcomings lead to the limited application of CP-ABE in VANETs. In order to solve these problems, an ABE with revocable dynamic and static attributes (ABE-RDS) is proposed for the data secure sharing of cloud storage in VANETs. In the ABE-RDS, dynamic attribute and static attribute are managed separately, and combination policy tree is constructed, and main decryption part with high computation cost is delegated to servers using decryption proxy. In addition, the vehicular terminal can revoke attributes and refresh dynamic attributes through global and local trusted authority. The proposed ABE-RDS is secure, and it has superiority over traditional CP-ABE in space and time complexity. The performance of ABE-RDS in vehicular terminal decryption, attribute revocation, and system concurrent is evaluated with experiments.

Key words: vehicular ad hoc network (VANET), attribute based encryption (ABE), dynamic and static attribute, revocable attribute, decryption proxy

中图分类号: