高级检索

    可撤销动静态属性的车联网属性基加密方法

    Attribute Based Encryption Method with Revocable Dynamic and Static Attributes for VANETs

    • 摘要: 车载自组织网络(vehicular ad hoc network, VANET) (也称车联网)数据安全共享通常采用群加密方式,高速移动的车载终端给群组构建和群密钥管理带来困难.密文策略属性基加密(ciphertext-policy attribute-based encryption, CP-ABE)为车联网通信安全带来了新的解决方案,但是传统的CP-ABE方案解密计算复杂度高,属性撤销需要整个密文进行全部更新,策略树的构建不够灵活,导致在车联网中的应用受限.为了解决上述问题,围绕车联网云存储数据安全分享,设计可撤销动静态属性的属性基加密方案.将动态属性和静态属性分开管理,构建组合策略树,引入解密代理将高复杂度的属性基解密过程的主要部分外包到服务端,车辆终端通过中央和本地认证中心进行属性撤销和动态属性更新.可撤销动静态属性的车联网属性基加密方案是安全的,在空间和加解密时间复杂度上较传统CP-ABE算法具有优势,实验还分析了车载终端解密、属性撤销和系统并发等性能.

       

      Abstract: The data secure sharing in vehicular ad hoc network (VANET) usually uses group encryption mode. However it is difficult to construct group and to manage group key for vehicular terminal with high mobility. Ciphertext-policy attribute-based encryption (CP-ABE) is a kind of new solution for VANETs' communication security. In the traditional CP-ABE strategy, it has several shortcomings, such as high decryption computation complex, and attributes revoking requires the re-encrypting of the whole cipher-text and the inflexible construction of access policy tree. These shortcomings lead to the limited application of CP-ABE in VANETs. In order to solve these problems, an ABE with revocable dynamic and static attributes (ABE-RDS) is proposed for the data secure sharing of cloud storage in VANETs. In the ABE-RDS, dynamic attribute and static attribute are managed separately, and combination policy tree is constructed, and main decryption part with high computation cost is delegated to servers using decryption proxy. In addition, the vehicular terminal can revoke attributes and refresh dynamic attributes through global and local trusted authority. The proposed ABE-RDS is secure, and it has superiority over traditional CP-ABE in space and time complexity. The performance of ABE-RDS in vehicular terminal decryption, attribute revocation, and system concurrent is evaluated with experiments.

       

    /

    返回文章
    返回