高级检索
    王皓, 郑志华, 吴磊, 王伊蕾. 自适应安全的外包CP-ABE方案研究[J]. 计算机研究与发展, 2015, 52(10): 2270-2280. DOI: 10.7544/issn1000-1239.2015.20150497
    引用本文: 王皓, 郑志华, 吴磊, 王伊蕾. 自适应安全的外包CP-ABE方案研究[J]. 计算机研究与发展, 2015, 52(10): 2270-2280. DOI: 10.7544/issn1000-1239.2015.20150497
    Wang Hao, Zheng Zhihua, Wu Lei, Wang Yilei. Adaptively Secure Outsourcing Ciphertext-Policy Attribute-Based Encryption[J]. Journal of Computer Research and Development, 2015, 52(10): 2270-2280. DOI: 10.7544/issn1000-1239.2015.20150497
    Citation: Wang Hao, Zheng Zhihua, Wu Lei, Wang Yilei. Adaptively Secure Outsourcing Ciphertext-Policy Attribute-Based Encryption[J]. Journal of Computer Research and Development, 2015, 52(10): 2270-2280. DOI: 10.7544/issn1000-1239.2015.20150497

    自适应安全的外包CP-ABE方案研究

    Adaptively Secure Outsourcing Ciphertext-Policy Attribute-Based Encryption

    • 摘要: 属性基加密(attribute-based encryption, ABE)体制是身份基加密(identity-based encryption, IBE)体制的一种扩展,在ABE体制中,密钥产生中心根据用户拥有的属性为用户颁发密钥,加密者可以针对某个访问策略对消息进行加密,当且仅当用户拥有的属性满足相应的访问策略时,能够成功解密. 由于ABE体制可以实现对密文灵活的访问控制,因此有着良好的应用前景,尤其适用于保障云存储环境中信息的机密性. 然而,计算效率较低却一直是阻碍各类ABE方案被实际应用的主要问题. 针对这一问题,研究了借助外部资源降低ABE方案本地计算量的思想和方法,给出了外包ABE方案的形式化定义,并根据实际的敌手环境、安全目标制定了相应的安全模型. 随后,利用合数阶双线性群构造了一个具体的外包密文策略属性基加密(ciphertext-policy ABE, CP-ABE)方案,并利用双系统加密技术在标准模型下证明其满足自适应安全性.

       

      Abstract: Attribute-based encryption (ABE) is a type of public key encryption that allows users to encrypt and decrypt messages based on users attributes. In such a system, the decryption of a ciphertext is possible only if the set of the attributes of the user key matches the access policy of the ciphertext. Given its expressiveness, ABE is currently being considered for many network applications, especially for cloud storage and cloud computing. However, one of the main drawbacks of ABE is that the running time of encryption and decryption grows with the complexity of the access formula or the number of attributes. In practice, this makes encryption and decryption be possible bottlenecks for a lot of applications. In this work, we introduce outsourcing ABE system to mitigate this problem. In the outsourcing ABE system, users can outsource a part of the storage and computing tasks to some semi-honest servers. It is significant for mobile devices to save storage and computational resources. Then, we propose a specific outsourcing ciphertext-policy ABE (CP-ABE) scheme using the composite order bilinear groups. In our scheme, the local computation of (online) encryption and decryption can reach constant level. Finally, we prove its adaptive security in the standard model using the methodology of dual system encryption.

       

    /

    返回文章
    返回