支持追责和用户撤销的属性基加密方案

吉林大学学报(理学版)

支持追责和用户撤销的属性基加密方案

马华, 颜雪薇, 刘振华, 董恩廷

西安电子科技大学数学与统计学院, 西安 710071

收稿日期:2017-05-08 出版日期:2018-07-26 发布日期:2018-07-31
通讯作者: 马华 E-mail:xweiyans@163.com

AttributeBased Encryption Scheme Supporting Accountability and User Revocation

MA Hua, YAN Xuewei, LIU Zhenhua, DONG Enting

School of Mathematics and Statistics, Xidian University, Xi’an 710071, China

Received:2017-05-08 Online:2018-07-26 Published:2018-07-31
Contact: MA Hua E-mail:xweiyans@163.com

摘要/Abstract

摘要： 针对当前属性基加密系统中用户与中心滥用密钥以及用户解密权限的撤销问题, 提出一种支持追责和用户撤销的属性基加密方案. 该方案使用“不动点”作为密钥拥有者的标识符, 实现了对恶意用户的身份追踪；通过用户与中心交互生成解密密钥, 解决了半信任中心滥用密钥的问题；利用完全子集方案和自更新加密方案实现了用户的即时撤销, 并达到了前向/后向安全性; 同时使用Paillier加密体制, 避免了追踪过程中的存储代价. 该方案无需在系统建立阶段预先确定属性个数, 且在标准模型下被证明是选择明文安全的.

关键词: 追踪功能, 大属性空间, 撤销功能, 属性基加密

Abstract: Aiming at the problems of the current attributebased encryption system, such as the issues of users and center abused keys and decryption rights of user revocation, we proposed an attributebased encryption scheme that supported accountability and user revocation. The scheme used a “fixed point” as the identifier of the key owner to realize the identity tracing of malicious users. The decryption key was generated by interaction between user and center to solve the problem that semitrusted center abused keys. By using complete subset scheme and selfupdate encryption scheme, the proposed system could achieve immediate revocation and forward/backward security. Furthermore, we used a Paillier encryption system to avoid storage cost in the tracing process. The scheme didn’t need to predetermine the number of attributes at stage of system setup, and was proved to be chosenplaintext security in the standard model.

Key words: large attribute space, traceability functionality, attributebased encryption, revocation functionality

中图分类号:

TP309.7

马华, 颜雪薇, 刘振华, 董恩廷. 支持追责和用户撤销的属性基加密方案[J]. 吉林大学学报(理学版), 2018, 56(4): 939-944.

MA Hua, YAN Xuewei, LIU Zhenhua, DONG Enting. AttributeBased Encryption Scheme Supporting Accountability and User Revocation[J]. Journal of Jilin University Science Edition, 2018, 56(4): 939-944.

[1]	曹捷, 苏晋璇, 赵永哲, 邱志洋. 非确定的公钥密码及其实现[J]. 吉林大学学报(理学版), 2019, 57(04): 860-868.
[2]	王洪君, 刘毅, 苑卫鑫. 具有伪装图像的可视双秘密分享[J]. 吉林大学学报(理学版), 2015, 53(06): 1251-1256.
[3]	赵博, 赵宏伟, 苏晋璇, 赵永哲. MPKC的中心映射与公钥形式[J]. J4, 2012, 50(4): 719-724.
[4]	胡亮, 贺瑞莲, 袁巍, 初剑峰. 基于信任服务IBE体系的权限管理[J]. J4, 2011, 49(04): 696-702.
[5]	孟欣, 胡亮, 初剑峰, 林海群, 刘博超. 异构信任域的跨域授权[J]. J4, 2010, 48(1): 89-93.
[6]	胡亮, 刘博超, 袁巍, 贾旭\| 林海群\| 贺瑞莲. Rijndael密钥生成算法存在的问题与改进[J]. J4, 2009, 47(6): 1202-1210.
[7]	袁巍, 胡亮, 林宇, 张云龙, 黄瑞，李宏图. AES算法的结构分析与优化实现[J]. J4, 2008, 46(05): 885-890.