高级检索

    采用扩展公钥的云存储广播加密优化方法

    Optimization for Broadcast Encryption in Cloud Using Extended Public Key

    • 摘要: 基于广播加密的云存储系统受到研究者的关注.然而,基本的广播加密方案不能适应云存储环境中用户和权限的动态变更情况.针对广播加密中密钥管理分发开销大的问题,提出一种扩展公钥的广播加密优化方法,通过保留初始产生公钥时使用的部分私有参数,当用户加入或撤离系统时,使用保留的私有参数产生新的公钥来加密数据.这样,合法用户仍可以使用之前已分发的私钥解密新公钥加密的数据,从而避免了用户动态变化时公钥的频繁变化和密钥的重复分发.通过引入懒惰回收机制,降低了权限变更和密钥定期更新带来的开销.测试结果表明:采用优化方案后,增加用户数量和权限撤销时,系统性能得到较大提高.

       

      Abstract: Security issues have been a major hurdle for the application of cloud storage. As data encryption is the mainstream method to ensure confidentiality, users always share their data by means of key's management and distribution. However, how to manage massive keys and distribute them securely and efficiently is a challenge in cloud storage. In recent years, broadcast encryption scheme has been paid more attention by researchers to mitigate above problems for cloud data sharing. Since current schemes take insufficient account of changes of users and users's privilege, they do not perform well in cloud. To reduce the overhead of key distribution, an optimization method is proposed for public-key based broadcast encryption in this paper. First, the scope of public keys is expanded to two or more times and the initial related parameters used for generating public keys are kept simultaneously. These parameters can ensure private keys distributed previously still available when they are employed to generate the new public keys for new valid users, thus greatly decreases the cost of redistributing private keys. Second, lazy revocation is adopted to reduce the cost of updating keys. Experimental results show that our optimized method outperforms the existing schemes while adding new users and revoking users' privilege in cloud.

       

    /

    返回文章
    返回