高级检索

    支持隐私保护的多机构属性基加密方案

    Multi-Authority Attribute-Based Encryption Scheme with Privacy Protection

    • 摘要: 针对云环境中用户敏感信息的保护,提出一种支持隐私保护的多机构属性基加密(attribute based encryption, ABE)方案.该方案采用半策略隐藏方式,将属性分为属性名和属性值2部分,通过对用户的属性值进行隐藏,实现对用户的隐私保护,避免用户的具体属性值泄露给其他任何第三方.另外,加密时仅对与访问策略相关的属性名进行加密,而不是对系统所有属性进行加密,改变了已有的隐私保护属性基加密方式,大大减短了密文长度.方案的安全性依赖于DBDH假设,并且在标准模型下满足自适应选择明文攻击安全.同时,通过与其他方案的对比,方案计算代价和存储代价都有明显优势,尤其是密文长度仅与访问策略设置的属性相关,更加适用于实际应用中用户属性规模远远小于系统属性规模的情况.

       

      Abstract: Attribute based encryption (ABE) is a new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud. In order to protect the users’ sensitive information in the cloud, a multi-authority attribute based encryption (MA-ABE) scheme with privacy protection is proposed. In the scheme, the users’ attribute is divided into two parts: the attribute name and the attribute value. The value of user’s attributes would be hidden in the access structure to prevent from revealing to any third parties, so the users’ privacy will be effectively preserved. In addition, the attribute name is used to construct the access structure, and the length of our ciphertext is associated with the number of attribute name which belongs to the access policy, rather than the all attributes in the system. Besides, the scheme is secure against chosen plaintext attack under the decision bilinear Diffie-Hellman (DBDH) assumption in the standard model. Compared with the existing related schemes, the size of ciphertext and users’ secret key in the scheme are all reduced, and the lower computing cost and storage cost makes the scheme more effective in the practical application, especially the condition in which the scale of user attributes is far smaller than the scale of system attributes.

       

    /

    返回文章
    返回