高级检索

    在线/离线的可追责属性加密方案

    Online/Offline Traceable Attribute-Based Encryption

    • 摘要: 作为一种公钥加密,属性加密能够实现细粒度的访问控制.然而,由于在密文策略属性加密中多个用户可能会拥有相同的解密权限,所以抓获那些出售自己私钥的用户是困难的.其次,在密文策略的属性加密中,加密一个消息所要用到的指数运算是随着访问策略复杂性的增长而增长的,由此带来的计算开销对使用移动设备进行加密的用户造成了重大挑战.针对上述问题,给出了在线/离线可追责属性加密的安全模型,然后在素数阶双线性群下构造了一个在线/离线的可追责密文策略属性加密方案,并在标准模型下证明了方案是选择性安全的.当一个恶意用户泄露的自己私钥给别人时,该方案能够通过一个追责算法将其抓获.效率分析表明该方案加密的主要开销是在离线阶段,更适用于移动设备进行加密.此外,所提方案支持大属性域,在实际应用中更加灵活.

       

      Abstract: Attribute-based encryption (ABE), as a public key encryption, can be utilized for fine-grained access control. However, there are two main drawbacks that limit the applications of attribute-based encryption. First, as different users may have the same decryption privileges in ciphertext-policy attribute-based encryption,it is difficult to catch the users who sell their secret keys for financial benefit. Second, the number of resource-consuming exponentiation operations required to encrypt a message in ciphertext-policy attribute-based encryption grows with the complexity of the access policy, which presents a significant challenge for the users who encrypt data on mobile devices. Towards this end, after proposing the security model for online/offline traceable attribute-based encryption, we present an online/offline traceable ciphertext-policy attribute-based encryption scheme in prime order bilinear groups, and further prove that it is selectively secure in the standard model. If a malicious user leaks his/her secret key to others for benefit, he/she will be caught by a tracing algorithm in our proposed scheme. Extensive efficiency analysis results indicate that the proposed scheme moves the majority cost of an encryption into the offline encryption phase and is suitable for user encryption on mobile devices. In addition, the proposed scheme supports large universe of attributes, which makes it more flexible for practical applications.

       

    /

    返回文章
    返回