摘要
为保护组合文档全生命周期的隐私安全,提出了一种基于属性加密的组合文档安全自毁方案.该方案引入多级安全思想创建新的组合文档结构,采用访问密钥加密组合文档内容、基于属性的加密算法加密访问密钥,两者的密文经过一系列算法提取和变换后获得密文分量和封装自毁对象,分别存储在两个分布式哈希表网络和云服务器中.当组合文档过期后,该网络节点将自动丢弃所存密文分量,使得原始组合文档密文和访问密钥不可恢复,从而实现安全自毁.安全分析表明,该方案既能抵抗传统的密码分析或蛮力攻击,又能抵抗分布式哈希表网络的Sybil攻击.
In order to protect the confidentiality and privacy security of the composite documents within the whole life cycle , we leverage attribute-based encryption (ABE ) algorithm to propose a secure self-destruction scheme for composite documents ,re-ferred to as SelfDoc .We firstly set up a new composite document structure by employing the idea of multilevel security ,and then , use an access key to encrypt the composite document and the ABE algorithm to encrypt the access key .After a series of algorithms for extracting and transforming from the two ciphertexts ,we obtain ciphertext shares and encapsulated self-destruction object ,both of which are stored into two distributed hash table (DHT ) networks and cloud servers respectively .Nodes in the DHT networks will self-discard the ciphertext shares periodically ,so the original ciphertext and access key are unrecoverable after the expiration time , and the function of secure self-destruction is achieved .Compared with existing schemes ,the security analyses indicate that SelfDoc scheme is able to resist the traditional cryptoanalysis or brute-force attack ,and the Sybil attacks from the DHT networks .
出处
《电子学报》
EI
CAS
CSCD
北大核心
2014年第2期366-376,共11页
Acta Electronica Sinica
基金
长江学者和创新团队发展计划(No.IRT1078)
国家自然基金委员会-广东联合基金重点基金(No.U1135002)
国家自然科学基金(No.61370078
No.61170251)
国家科技重大专项(No.2011ZX03005-002)
国家863高技术研究发展计划(No.2012AA013102)
