隐藏策略的可验证外包解密OO-CP-ABE访问控制方案

doi:10.19678/j.issn.1000-3428.0052085

计算机工程 ›› 2019, Vol. 45 ›› Issue (10): 166-170.doi: 10.19678/j.issn.1000-3428.0052085

隐藏策略的可验证外包解密OO-CP-ABE访问控制方案

迪力夏提·吾普尔, 陈成, 努尔买买提·黑力力

新疆大学数学与系统科学学院, 乌鲁木齐 830046

收稿日期:2018-07-12 修回日期:2018-10-07 出版日期:2019-10-15 发布日期:2018-10-15
作者简介:迪力夏提·吾普尔(1992-),男,硕士研究生,主研方向为访问控制;陈成,硕士研究生;努尔买买提·黑力力(通信作者),教授、博士。
基金项目:
国家自然科学基金（61562085，61862059，11461069）；新疆维吾尔自治区人力资源和社会保障厅留学人员科技活动项目。

Verifiable Outsourced Decryption OO-CP-ABE Access Control Scheme with Hidden Policy

DILXAT Ghopur, CHEN Cheng, NURMAMAT Helil

School of Mathematics and System Science, Xinjiang University, Urumqi 830046, China

Received:2018-07-12 Revised:2018-10-07 Online:2019-10-15 Published:2018-10-15

摘要/Abstract

摘要： 在密文策略属性基加密（CP-ABE）中，数据加密和解密所需时间与访问结构的复杂性相关，在移动设备中实施CP-ABE会使设备面临较大的计算压力。为此，提出一种隐藏策略的可验证外包解密在线/离线密文策略属性基加密访问控制方案。考虑到加密阶段较大的计算量，通过在线/离线加密方法，使数据拥有者在未确定明文和访问结构的情况下，运用高性能服务器提前完成大量的计算操作，确定明文和属性后在其移动设备上通过较少的计算量完成整个加密过程，从而减轻移动设备在加密阶段的计算负担，同时使用代理服务器对数据进行解密，并引入短签名方法对解密的数据进行正确性验证。分析结果表明，该方案能够减轻移动设备的计算负担，并验证了代理服务器解密数据的正确性。

关键词: 密文策略属性基加密, 在线/离线加密, 外包解密, 隐藏策略, 移动设备

Abstract: In Ciphertext-Policy Attribute-Based Encryption(CP-ABE),the time required for data encryption and decryption is related to the complexity of the access structure,so implementing CP-ABE in mobile devices makes the device under greater computational pressure.Therefore,this paper proposes a verifiable outsourced decryption Online/Offline Ciphertext-Policy Attribute-Based Encryption(OO-CP-ABE) access control scheme with hidden policy.Considering the large amount of computation in the encryption phase,through the online/offline encryption method,the data owner uses a high-performance server to complete a large number of computational operations ahead of time without determining the plaintext and access structure.After determining the plaintext and attributes,the entire encryption process is completed with less computation on its mobile device,thereby reducing the computational burden of the mobile device during the encryption phase.At the same time,the scheme uses a proxy server to decrypt the data and introduces a short signature method to verify the correctness of the decrypted data.Analysis results show that the scheme reduces the computational burden of the mobile device and verifies the correctness of data decrypted by the proxy server.

Key words: Ciphertext-Policy Attribute-Based Encryption(CP-ABE), online/offline encryption, outsourced decryption, hiding policy, mobile device

中图分类号:

TP309

迪力夏提·吾普尔, 陈成, 努尔买买提·黑力力. 隐藏策略的可验证外包解密OO-CP-ABE访问控制方案[J]. 计算机工程, 2019, 45(10): 166-170.

DILXAT Ghopur, CHEN Cheng, NURMAMAT Helil. Verifiable Outsourced Decryption OO-CP-ABE Access Control Scheme with Hidden Policy[J]. Computer Engineering, 2019, 45(10): 166-170.

图/表 3

参考文献 15

[1]	BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-policy attribute-based encryption[C]//Proceedings of IEEE Symposium on Security and Privacy.[S.1.]:IEEE Computer Society,2007:321-334.
[2]	HELIL N,RAHMAN K.CP-ABE access control scheme for sensitive data set constraint with hidden access policy and constraint policy[J].Security and Communication Networks,2017(6):1-13.
[3]	应作斌,马建峰,崔江涛.支持动态策略更新的半策略隐藏属性加密方案[J].通信学报,2015,36(12):178-189.
[4]	HUR J.Attribute-based secure data sharing with hidden policies in smart grid[J].IEEE Transactions on Parallel and Distributed Systems,2013,24(11):2171-2180.
[5]	HOHENBERGER S,WATERS B.Online/offline attribute-based encryption[C]//Proceedings of International Workshop on Public Key Cryptography.Berlin,Germany:Springer,2014:293-310.
[6]	LAI Jiancheng,MU Yi,GUO Fuchuan,et al.Improved identity-based online/offline encryption[C]//Proceedings of Conference on Information Security and Privacy.Berlin,Germany:Springer,2015:247-261.
[7]	LIU J K,ZHOU J.An efficient identity-based online/offline encryption scheme[M].Berlin,Germany:Springer,2009.
[8]	张凯,马建峰,张俊伟,等.在线/离线的可追责属性加密方案[J].计算机研究与发展,2018,55(1):216-224.
[9]	GREEN M,HOHENBERGER S,WATERS B.Outsourcing the decryption of ABE ciphertexts[C]//Proceedings of the 20th USENIX Conference on Security.[S.1.]:USENIX Association,2011:34-34.
[10]	LAI Junzhuo,DENG R H,GUAN Chaowen,et al.Attributebased encryption with verifiable outsourced decryption[J].IEEE Transactions on Information Forensics and Security,2013,8(8):1343-1354.
[11]	孙剑飞.基于外包的属性基密码体制应用研究[D].成都:电子科技大学,2017.
[12]	MAO Xianping,LAI Junzhuo,MEI Qixiang,et al.Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption[J].IEEE Transactions on Dependable and Secure Computing,2016,13(5):533-546.
[13]	LIU Hongwei,WANG Xueyuan,ZHANG Peng.Verifying outsourced decryption of CP-ABE with signature[C]//Proceedings of the 4th International Conference on Mechatronics,Materials,Chemistry and Computer Engineering.[S.1.]:Atlantis Press,2015:388-397.
[14]	江泽涛,赵嘉旭,吴辉.策略隐藏的CP-ABE访问控制方案[J].计算机工程与设计,2017,38(6):1429-1433.
[15]	陈成,努尔买买提·黑力力.基于CP-ABE的隐藏属性外包解密访问控制[J].计算机与现代化,2018(5):74-78.

隐藏策略的可验证外包解密OO-CP-ABE访问控制方案

Verifiable Outsourced Decryption OO-CP-ABE Access Control Scheme with Hidden Policy

RichHTML

PDF

可视化

摘要/Abstract

引用本文

使用本文

图/表 3

参考文献 15

相关文章 7

Metrics

本文评价

推荐阅读 10

[1]	韩舒艳, 努尔买买提·黑力力. 选择性隐藏树型访问结构的CP-ABE方案[J]. 计算机工程, 2020, 46(7): 150-158.
[2]	余翔, 石雪琴, 刘一勋. 移动边缘计算中卸载策略与功率的联合优化[J]. 计算机工程, 2020, 46(6): 20-25.
[3]	冯旭,华庆一,樊攀,王文建. 一种移动设备用户界面描述语言的设计与实现[J]. 计算机工程, 2019, 45(3): 73-77,90.
[4]	杨其,张席,王平. 云存储下可追踪的外包解密属性加密方案[J]. 计算机工程, 2017, 43(2): 176-182.
[5]	邓海生, 李军怀, 张璟, 倪靖清. 基于反射式中间件的移动计算模型[J]. 计算机工程, 2012, 38(20): 278-281.
[6]	张建新;欧宗瑛;刘典婷. 基于移动设备的掌纹验证系统[J]. 计算机工程, 2010, 36(4): 164-165.
[7]	李铁帅;梁爱民;王克宏. 基于Web注释的移动客户端自适应机制的研究[J]. 计算机工程, 2006, 32(13): 136-138.