计算机工程 ›› 2018, Vol. 44 ›› Issue (8): 19-23,29.doi: 10.19678/j.issn.1000-3428.0049268

所属专题: 云计算专题

• 云计算专题 • 上一篇    下一篇

多属性授权机构环境下属性可撤销的CP-ABE方案

张玉磊,刘文静,马彦丽,王彩芬   

  1. 西北师范大学 计算机科学与工程学院,兰州 730070
  • 收稿日期:2017-11-13 出版日期:2018-08-15 发布日期:2018-08-15
  • 作者简介:张玉磊(1979—),男,副教授、博士,主研方向为密码学、信息安全;刘文静、马彦丽,硕士研究生;王彩芬,教授、博士、博士生导师。
  • 基金项目:

    国家自然科学基金(61163038,61262056);甘肃省高等学校科研项目(2017A-003,2015B-220,2018A-207)。

CP-ABE Scheme with Attribute Revocation Under Environment of Multi-attribute Authority

ZHANG Yulei,LIU Wenjing,MA Yanli,WANG Caifen   

  1. College of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070,China
  • Received:2017-11-13 Online:2018-08-15 Published:2018-08-15

摘要:

针对属性基加密方案单一授权机构运行效率低且易泄露用户密钥的问题,通过建立分散的属性授权机构和代理重加密技术,设计一个多属性授权机构环境下具有属性撤销功能的密文策略属性基加密方案。该方案通过版本号标记法实现用户属性撤销,并建立访问树结构管理不 同属性授权机构所颁发的属性,以抵抗多个属性授权机构的联合攻击,实现用户的细粒度访问。分析结果表明,与现有属性基加密方案相比,该方案可以缩短密文的长度,并降低用户的计算开销。

关键词: 云存储, 密文策略, 属性基加密, 多属性授权机构, 撤销, 代理重加密

Abstract:

For the attribute-based encryption scheme,a single authority has the problem of low efficiency and easy disclosure of user keys.Through the establishment of a decentralized attribute authority and agent reencryption technology,a Ciphertext-policy Attribute-based Encrypfion(CP-ABE) with attribute revocation function in a multi-attribute authority environment is designed.The scheme implements user attribute revocation through the version number tagging method,and establishes the access tree structure to manage attributes issued by different attribute authorities,so as to resist the joint attack of multiple attribute authority and achieve fine-grained access of users.Analysis results show that compared with the existing attribute-based encryption schemes,this scheme can shorten the length of the ciphertext and reduce the user’s computation cost.

Key words: cloud storage, ciphertextpolicy, Attribute-based Encrytion(ABE), multi-attribute authority, revocation, proxy reencryption

中图分类号: