ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2018, Vol. 55 ›› Issue (7): 1409-1420.doi: 10.7544/issn1000-1239.2018.20180085

所属专题: 2018物联网安全专题

• 信息安全 • 上一篇    下一篇

一种适用于广电网的属性基广播加密方案

李学俊1,袁亚文1,金春花2   

  1. 1(西安电子科技大学网络与信息安全学院 西安 710071); 2(江苏省物联网移动互联技术工程实验室(淮阴工学院) 江苏淮安 223001) (aluckydd@mail.xidian.edu.en)
  • 出版日期: 2018-07-01
  • 基金资助: 
    国家自然科学基金项目(61572460);国家重点研发计划项目(2016YFB0800703);江苏省物联网移动互联技术工程实验室资助项目(JSWLW-2017-011)

An Attribute-Based Broadcast Encryption Scheme Suitable for the Broadcasting Network

Li Xuejun1, Yuan Yawen1, Jin Chunhua2   

  1. 1(School of Cyber Engineering, Xidian University, Xi’an 710071); 2(The Laboratory for Internet of Things and Mobile Internet Technology of Jiangsu Province (Huaiyin University of Technology), Huaian Jiangsu 223001)
  • Online: 2018-07-01

摘要: 广电网在战略转型阶段中,协同“云管端”统一布局,规划服务云平台.但是,云的开放使广电网中信息安全无法得到保证.属性基广播加密技术融合了广播加密和属性基加密技术的优点,可将消息安全传送给多个用户的同时实现灵活的密文访问控制,适用于多用户、多服务的广电网.然而,目前属性基广播加密技术中仍存在一些缺陷,如广播密文长度过大、用户私钥数量过多、加解密计算复杂、访问策略不够灵活以及未考虑属性权重等.针对以上不足,提出一种适用于广电网的属性基广播加密方案.方案基于经典的广播加密方案,发送方可自由选择接收用户集,实现了高效的用户撤销;采用权重门限访问结构并引入通配符机制,实现了广播密文长度固定的同时增强了密文访问结构灵活性,权重思想也使方案更符合现实应用场景;引入一种基于中间人的属性基加密技术,同时实现了外包存储和外包解密,有效地降低了私钥存储和计算开销.最后通过安全性分析和实验仿真证明:该方案达到选择明文安全并具有较高效率.

关键词: 广电网, 属性基广播加密, 权重属性, 长度固定密文, 计算开销小, 存储开销小, 选择明文安全

Abstract: In the transitional period, broadcasting network will cooperate with ‘cloud channel device’ to implement a unified layout and a service cloud platform. However, the opening cloud made the information security protection be hard in the broadcasting network. Attribute-based broadcast encryption technology combines the advantages of broadcast encryption and the attribute-based encryption technologies. It can securely transmit messages to multiple users and achieve flexible ciphertext access control. It is applicable to the broadcasting network which has multi-user and multi-service. However, most of the attribute-based broadcast encryption schemes up to now are not efficient enough and have many shortcomings, such as the long length of ciphertext, the big number of user private keys, the complicated calculation of encryption and decryption, and without weighted-attributes considering. In order to overcome the flaws of the attribute-based broadcast encryption schemes, the contribution of this paper is an efficient attribute-based broadcast encryption scheme for broadcasting network environment. This scheme is based on a classical broadcast encryption scheme, and the sender can choose the receiver set freely, achieving efficient user revocation. Adopt a dynamic weighted threshold access structure and introduce a wildcard mechanism which fixes the length of the broadcast ciphertext and enhance the flexibility of the ciphertext access control. The weighted attributes make the scheme more in line with the actual application environment. We incorporate a mediated attribute-based encryption to achieve outsourced storage and outsourced decryption. By this technology, we can effectively reduce the storage of private keys and computational overhead. Finally, through the security analysis and experimental simulation, we prove our scheme achieves choose plaintext attack (CPA) security safety, and has high efficiency.

Key words: broadcasting network, attribute-based broadcast encryption, weighted-attributes, fixed-length ciphertext, low computational overhead, low outsourced decryption, choose plaintext attack (CPA) security

中图分类号: