计算机工程

• 安全技术 • 上一篇    下一篇

云存储下可追踪的外包解密属性加密方案

杨其,张席,王平   

  1. (深圳大学 计算机与软件学院,广东 深圳 518060)
  • 收稿日期:2016-01-12 出版日期:2017-02-15 发布日期:2017-02-15
  • 作者简介:杨其(1990—),男,硕士研究生,主研方向为信息安全;张席,副教授;王平,博士。
  • 基金项目:
    国家自然科学基金(61402293);深圳市科技创新计划项目(JCYJ20150324141711694)。

Traceable Outsourcing Decryption Attribute Encryption Scheme Under Cloud Storage

YANG Qi,ZHANG Xi,WANG Ping   

  1. (College of Computer Science and Software Engineering,Shenzhen University,Shenzhen,Guangdong 518060,China)
  • Received:2016-01-12 Online:2017-02-15 Published:2017-02-15

摘要: 针对云存储中密钥追踪问题,基于外包解密的属性加密方案,提出一种新的属性加密方案。通过在密钥中加入密钥因子,生成所有用户的解密记录表T,数据拥有者可以随时监测用户的解密行为,为检测恶意散布解密密钥用户提供参考因子。通过查询表T,数据拥有者能快速地检测出该密钥是否为加密文件的有效密钥,并获得密钥关联的用户身份。同时解密操作大部分转移到云解密服务器中,用户只需要一次指数操作就能恢复出明文,减轻了用户端的解密工作。分析结果表明,该方案能满足云存储中密钥管理安全、高效、可追踪的要求。

关键词: 云存储, 访问控制, 属性, 外包解密, 白盒追踪

Abstract: Aiming at the problem of key tracking in cloud storage,a new attribute-based encryption scheme is proposed based on outsourcing decryption.By adding the key factor to the key,the decryption record table T of all users is generated.Data owner can monitor the decryption behavior of users at any time and provide the reference factor for detecting users maliciously spreading the decryption key.By querying the table T,data owner can quickly detect whether the key is valid for the encrypted file and obtain so user identity associated with the key.At the same time,most of the decryption operations are moved to the cloud decryption server,users only need an index operation to recover the plaintext,thus reducing the decryption work in user clients.Analysis results show that the scheme can meet the requirements of secure,efficient and traceable key management in cloud storage.

Key words: cloud storage, access control, attribute, outsourcing decryption, white-box tracing

中图分类号: