一种基于LWE‐CPABE的区块链数据共享方案

doi:10.19678/j.issn.1000-3428.0062803

摘要/Abstract

摘要： 为应对量子计算对区块链上基于数论的隐私保护技术所带来的威胁，将区块链技术与格属性基加密算法有效融合，提出一种基于格的后量子CPABE区块链数据共享方案。将容错学习（LWE）作为方案的困难问题假设，构造一种基于格的密文策略属性基加密算法LWE-CPABE，抵御量子计算对公钥密码安全的攻击，实现数据的安全共享。设计算法参数的标准格式化交易结构，以满足LWE-CPABE算法的可追责性。在此基础上，给出交易生成与交易验证智能合约，以实现交易的自动验证与共识。功能性分析与仿真实验结果表明，该方案在算法初始化、加解密以及密钥生成的计算效率方面均优于传统的基于双线性映射理论的CPABE方案，可实现区块链上数据的高效、安全、动态共享与隐私保护，明显提高区块链数据共享安全性。

关键词: 后量子密码, 区块链, 属性基加密, 数据共享, 隐私保护

Abstract: To solve the threat that quantum computing poses to the privacy protection technology using number theory applied to blockchains, a post-quantum Ciphertext-Policy Attribute-Based Encryption(CPABE) blockchain data sharing scheme based on lattice theory is proposed in this paper by effectively integrating blockchain technology and a lattice-based attribute-based encryption algorithm.First, using the Learning With Errors (LWE) problem, a lattice-based LWE-CPABE algorithm is constructed, which can effectively resist quantum computing attacks on public key cryptography to realize secure data sharing.Second, the standard formatted transaction structure of the algorithm parameters is designed to satisfy the accountability requirements associated with the LWE-CPABE algorithm.Finally, an intelligent contract for transaction generation and transaction verification is designed to realize the automatic verification and consensus of a transaction.Functional analysis and simulation results demonstrate that the initialized encryption as well as the key generation efficiency using the proposed algorithm is superior to the traditional CPABE scheme based on bilinear mapping theory.The proposed LWE-CPABE achieves higher efficiency and improves privacy protection in blockchain dynamic data sharing scenarios.

Key words: post-quantum cryptography, blockchain, Attribute-Based Encryption(ABE), data sharing, privacy protection

中图分类号:

TP309

张晓东, 陈韬伟, 余益民. 一种基于LWE‐CPABE的区块链数据共享方案[J]. 计算机工程, 2022, 48(10): 158-168,175.

ZHANG Xiaodong, CHEN Taowei, YU Yimin. A Blockchain Data Sharing Scheme Based on LWE-CPABE[J]. Computer Engineering, 2022, 48(10): 158-168,175.

http://www.ecice06.com/CN/Y2022/V48/I10/158

图/表 10

参考文献

[1] 黄穗, 陈丽炜, 范冰冰.基于CP-ABE和区块链的数据安全共享方法[J].计算机系统应用, 2019, 28(11):79-86. HUANG S, CHEN L W, FAN B B.Data security sharing method based on CP-ABE and blockchain[J].Computer Systems & Applications, 2019, 28(11):79-86.(in Chinese)
[2] 王秀利, 江晓舟, 李洋.应用区块链的数据访问控制与共享模型[J].软件学报, 2019, 30(6):1661-1669. WANG X L, JIANG X Z, LI Y.Model for data access control and sharing based on blockchain[J].Journal of Software, 2019, 30(6):1661-1669.(in Chinese).
[3] 杨亚涛, 蔡居良, 张筱薇, 等.基于SM9算法可证明安全的区块链隐私保护方案[J].软件学报, 2019, 30(6):1692-1704. YANG Y T, CAI J L, ZHANG X W, et al.Privacy preserving scheme in block chain with provably secure based on SM9 algorithm[J].Journal of Software, 2019, 30(6):1692-1704.(in Chinese)
[4] 田有亮, 杨科迪, 王缵, 等.基于属性基加密的区块链数据溯源算法[J].通信学报, 2019, 40(11):101-111. TIAN Y L, YANG K D, WANG Z, et al.Algorithm of blockchain data provenance based on ABE[J].Journal on Communications, 2019, 40(11):101-111.(in Chinese)
[5] FAN Y K, LIN X D, LIANG W, et al.TraceChain:a blockchain-based scheme to protect data confidentiality and traceability[J].Software:Practice and Experience, 2022, 52(1):115-129.
[6] WANG H, SONG Y J.Secure cloud-based EHR system using attribute-based cryptosystem and blockchain[J].Journal of Medical Systems, 2018, 42(8):152.
[7] ZHANG Y R, HE D B, CHOO K K R.BaDS:blockchain-based architecture for data sharing with ABS and CP-ABE in IoT[J].Wireless Communications and Mobile Computing, 2018, 18:1-9.
[8] SAHAI A, WATERS B.Fuzzy identity-based encryption[C]//Proceedings of Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin, Germany:Springer, 2005:457-473.
[9] GOYAL V, PANDEY O, SAHAI A, et al.Attribute-based encryption for fine-grained access control of encrypted data[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security.New York, USA:ACM Press, 2006:89-98.
[10] WATERS B.Ciphertext-policy attribute-based encryption:an expressive, efficient and provable secure realization[C]//Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography.Washington D.C., USA:IEEE Press, 2011:53-70.
[11] 王悦, 樊凯.隐藏访问策略的高效CP-ABE方案[J].计算机研究与发展, 2019, 56(10):2151-2159. WANG Y, FAN K.Effective CP-ABE with hidden access policy[J].Journal of Computer Research and Development, 2019, 56(10):2151-2159.(in Chinese)
[12] ZHOU Z, HUANG D, WANG Z.Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption[J].IEEE Transactions on Computers, 2015, 64(1):126-138.
[13] YANGLI C, LINGLING S, GNEG Y.Attribute-based access control for multi-authority systems with constant size ciphertext in clouds[J].China Communications, 2016, 13(2):146-162.
[14] PHUONG T V X, YANG G M, SUSILO W.Hidden ciphertext policy attribute-based encryption under standard assumptions[J].IEEE Transactions on Information Forensics and Security, 2016, 11(1):35-45.
[15] RUJ S, STOJMENOVIC M, NAYAK A.Decentralized access control with anonymous authentication of data stored in clouds[J].IEEE Transactions on Parallel and Distributed Systems, 2014, 25(2):384-394.
[16] BETHENCOURT J, SAHAI A, WATERS B.Ciphertext-policy attribute-based encryption[C]//Proceedings of 2007 IEEE Symposium on Security and Privacy.Washington D.C., USA:IEEE Press, 2007:321-334.
[17] OKAMOTO T, TAKASHIMA K.Fully secure unbounded inner-product and attribute-based encryption[C]//Proceedings of Advances in Cryptology-ASIACRYPTʼ12.Washington D.C., USA:IEEE Press, 2012:349-366.
[18] GORBUNOV S, VAIKUNTANATHAN V, WEE H.Attribute-based encryption for circuits[C]//Proceedings of the 45th Annual ACM Symposium on Theory of Computing.New York, USA:ACM Press, 2013:545-554.
[19] HOHENBERGER S, WATERS B.Online/offline attribute-based encryption[C]//Proceedings of International Conference on Theory and Application of Cryptology.New York, USA:ACM Press, 2014:293-310.
[20] ROUSELAKIS Y, WATERS B.Practical constructions and new proof methods for large universe attribute-based encryption[C]//Proceedings of 2013 ACM SIGSAC Conference on Computer & Communications Security.New York, USA:ACM Press, 2013:463-474.
[21] AJTAI M.Generating hard instances of lattice problems[C]//Proceedings of STOCʼ96.Washington D.C., USA:IEEE Press, 1996:99-108.
[22] REGEV O.On lattices, learning with errors, random linear-codes, and cryptography[J].Journal of the ACM, 2009, 48(5):1-40.
[23] 钱心缘, 吴文渊.基于R-SIS和R-LWE构建的IBE加密方案[J].计算机科学, 2021, 48(6):315-323. QIAN X Y, WU W Y.Identity-based encryption scheme based on R-SIS/R-LWE[J].Computer Science, 2021, 48(6):315-323.(in Chinese)
[24] 周艺华, 董松寿, 杨宇光.标准模型下基于格的身份代理部分盲签名方案[J].信息网络安全, 2021, 21(3):37-43. ZHOU Y H, DONG S S, YANG Y G.A lattice-based identity-based proxy partially blind signature scheme in the standard model[J].Netinfo Security, 2021, 21(3):37-43.(in Chinese)
[25] 张彦华, 胡予濮, 刘西蒙, 等.格上本地验证者撤销属性基群签名的零知识证明[J].电子与信息学报, 2020, 42(2):315-321. ZHANG Y H, HU Y P, LIU X M, et al.Zero-knowledge proofs for attribute-based group signatures with verifier-local revocation over lattices[J].Journal of Electronics & Information Technology, 2020, 42(2):315-321.(in Chinese).
[26] DATTA P, KOMARGODSKI I, WATERS B.Decentralized multi-authority abe for DNFs from LWE[C]//Proceedings of Advances in Cryptology-EUROCRYPTʼ21.Washington D.C., USA:IEEE Press, 2021:145-158.

选择文件类型/文献管理软件名称

选择包含的内容