摘要
随着网络空间竞争与对抗的日益尖锐复杂,安全问题以前所未有的深度与广度向传统领域延伸。随着移动互联网、下一代互联网、物联网、云计算、命名数据网、大数据等为代表的新型网络形态及网络服务的兴起,安全需求方式已经由通信双方都是单用户向至少有一方是多用户的方式转变。论述了涉及"多方"的现代密码学产生的主要特点:1)"端端"单方模式改变为多方模式——由"一对一"的单方通信模式改变为"一对多"、"多对一"、"多对多"的多方通信模式(这里的"多"通常是动态的由访问结构定义的"多");2)"位置"本地模式改变为异地模式——计算和处理模式由本地位置向异地位置转变,包括外包计算、外包信号处理、外包聚合等。说明云计算、未来网络、大数据等应用模式对现代密码学提出了新的要求,产生了新的密码学原语。在此基础上,详细介绍了这些密码学原语中属性基加密(ABE)的主要进展,重点介绍了可追踪、可撤销、多权威机构等的ABE问题的解决情况。最后,介绍了这些成果的应用,包括ABE密码原语的芯片研制、芯片应用,重点介绍了电子政务敏感信息加密访问控制系统、银行账户信息加密访问控制系统、安全有线电视分发管理系统、安全移动终端服务系统等加密数据访问控制类应用,以及指纹防伪银行卡、指纹防伪护照、指纹防伪加油卡、指纹防伪门禁卡和指纹防伪身份证等证卡票券防伪认证类应用。
Along with the increasingly sharp and complex network space competition and confrontation,security issues have extended to the traditional area at an unprecedented depth and breath. With the emerging of new types of network forms and services such as the mobile Internet,the Internet of next generation,the Internet of things,the cloud computing,the named data networks and the big data,security requirements have transformed from a single user to multiple users on at least one of both communication ends. In this paper, the main characteristics of modern cryptography in multiparty scenarios are summarized.One is the change of end-to-end multiparty pattern,which changes from the one-to-one situation to the one-to-many,many-to-one and many-to-many situations,where the multiple users are dynamically defined by the access structure. The another is the change of multiple location pattern,where both the computing and processing are executed from the locality to the remote sides,including outsourced computation,outsourced signal processing and outsourced aggregation. The research line of attribute-based encryption( ABE) is mainly introduced,focusing on study of traceable and revocable attribute-based encryption in the multi-authority setting. Finally,some valuable applications of the research results are presented,including the chip development and applications of the proposed cryptographic primitives,which focus on the access control of the encrypted data and the biometricbased identity authentication.
出处
《四川大学学报(工程科学版)》
EI
CAS
CSCD
北大核心
2015年第1期1-12,共12页
Journal of Sichuan University (Engineering Science Edition)
基金
国家自然科学基金资助项目(61033014
61411146001
61373154)
高等学校博士点基金优先发展领域资助项目(20130073130004)
关键词
应用密码学
“端端”多方模式
位置异地模式
多方密码学
外包密码学
applied cryptography
multi-party mode
location off-side mode
multi-party cryptography
outsourced cryptography
