高级检索

    一种适用于广电网的属性基广播加密方案

    An Attribute-Based Broadcast Encryption Scheme Suitable for the Broadcasting Network

    • 摘要: 广电网在战略转型阶段中,协同“云管端”统一布局,规划服务云平台.但是,云的开放使广电网中信息安全无法得到保证.属性基广播加密技术融合了广播加密和属性基加密技术的优点,可将消息安全传送给多个用户的同时实现灵活的密文访问控制,适用于多用户、多服务的广电网.然而,目前属性基广播加密技术中仍存在一些缺陷,如广播密文长度过大、用户私钥数量过多、加解密计算复杂、访问策略不够灵活以及未考虑属性权重等.针对以上不足,提出一种适用于广电网的属性基广播加密方案.方案基于经典的广播加密方案,发送方可自由选择接收用户集,实现了高效的用户撤销;采用权重门限访问结构并引入通配符机制,实现了广播密文长度固定的同时增强了密文访问结构灵活性,权重思想也使方案更符合现实应用场景;引入一种基于中间人的属性基加密技术,同时实现了外包存储和外包解密,有效地降低了私钥存储和计算开销.最后通过安全性分析和实验仿真证明:该方案达到选择明文安全并具有较高效率.

       

      Abstract: In the transitional period, broadcasting network will cooperate with ‘cloud channel device’ to implement a unified layout and a service cloud platform. However, the opening cloud made the information security protection be hard in the broadcasting network. Attribute-based broadcast encryption technology combines the advantages of broadcast encryption and the attribute-based encryption technologies. It can securely transmit messages to multiple users and achieve flexible ciphertext access control. It is applicable to the broadcasting network which has multi-user and multi-service. However, most of the attribute-based broadcast encryption schemes up to now are not efficient enough and have many shortcomings, such as the long length of ciphertext, the big number of user private keys, the complicated calculation of encryption and decryption, and without weighted-attributes considering. In order to overcome the flaws of the attribute-based broadcast encryption schemes, the contribution of this paper is an efficient attribute-based broadcast encryption scheme for broadcasting network environment. This scheme is based on a classical broadcast encryption scheme, and the sender can choose the receiver set freely, achieving efficient user revocation. Adopt a dynamic weighted threshold access structure and introduce a wildcard mechanism which fixes the length of the broadcast ciphertext and enhance the flexibility of the ciphertext access control. The weighted attributes make the scheme more in line with the actual application environment. We incorporate a mediated attribute-based encryption to achieve outsourced storage and outsourced decryption. By this technology, we can effectively reduce the storage of private keys and computational overhead. Finally, through the security analysis and experimental simulation, we prove our scheme achieves choose plaintext attack (CPA) security safety, and has high efficiency.

       

    /

    返回文章
    返回