期刊文献+

属性匹配检测的匿名CP-ABE机制

Anonymous Attribute-based Encryption Supporting Attribute Matching-Test
下载PDF
导出
摘要 属性基加密(简称ABE)机制以属性为公钥,将密文和用户私钥与属性关联,能够灵活地表示访问控制策略,从而极大地降低数据共享细粒度访问控制带来的网络带宽和发送节点的处理开销。作为和ABE相关的概念,匿名ABE机制进一步隐藏了密文中的属性信息,因为这些属性是敏感的,并且代表了用户身份。匿名ABE方案中,用户因不确定是否满足访问策略而需进行重复解密尝试,造成巨大且不必要的计算开销。文章提出一种支持属性匹配检测的匿名属性基加密机制,用户通过运行属性匹配检测算法判断用户属性集合是否满足密文的访问策略而无需进行解密尝试,且属性匹配检测的计算开销远低于一次解密尝试。结果分析表明,该解决方案能够显著提高匿名属性基加密机制中的解密效率。同时,可证明方案在双线性判定性假设下的安全性。 Attribute-based encryption (ABE) scheme takes attributes as the public key and associates the ciphertext and user's secret key with attributes, so that it can support expressive access control policies. This dramatically reduces the cost of network bandwidth and sending node operation in fine-grained access control of data sharing. Anonymous ABE, which is a relevant notion to ABE, further hides the receivers' attribute information in ciphertexts because many attributes are sensitive and related to the identity of eligible users. In the anonymous ABE scheme, a user repeats decryption attempts as he doesn't know whether the attributes match the policy, the computation overhead of each decryption is high and unnecessary.This paper proposes a new anonymous attribute-based encryption scheme which supports attribute matching-test, users can run the attribute matching-test algorithm to judge whether the set of attributes meet the ciphertext access policy without decrypting ciphertext. In this construction, the computation cost of such a test is much less than one decryption attempt. The proposed construction is proven to be secure on decisional bilinear Diffie-Hellman assumption.In addition,the result indicates that the proposed construction can significantly improve the efficiency of decryption.
出处 《信息网络安全》 2014年第10期59-63,共5页 Netinfo Security
基金 浙江省自然科学基金杰青团队项目[R109000138] 浙江省钱江人才计划项目[2013R10071]
关键词 属性基加密 隐藏访问策略 隐私 匿名 attribute-based encryption hidden access policy privacy anonymous
  • 相关文献

参考文献16

  • 1Ostrovsky R,Sahai A,Waters B.Attribute-Based encryption with non monotonic access structures[C]// Proc.of the ACM Conf.on Computer and Communications Security,2007:195-203.
  • 2Pirretti M,Traynor P,McDaniel P,et al.Secure attribute-based systems[J].Journal of Computer Security,2010,18(5):799-837.
  • 3Traynor P,Butler K,Enck W,etal.Realizing massive-scale conditional access systems through attribute-based cryptosystems[C]// Proc.of the 15th Annual Network and Distributed System Security Symp.(NDSS 2008),2008:1-13.
  • 4Stinson D R著.密码学原理与实践.第二版.冯登国译[M].北京:电子工业出版社,2003.
  • 5Cheung L,CooleyJA,Khazan R,et al.Collusion Resistant group key management using attribute-based encryption[EB/OL].http://eprint.iacr.org/2007/161.pdf,2007-03-22.
  • 6Lai J Z,Deng R H,Li Y J.Expressive CP-ABE with partially hidden access structures[C]// Proceedings of the 7th ACM Symposium on Information Computer and Communications Security,2012:18-19.
  • 7Baden R,Bender A,Spring N,et al.Persona:An online social network with user-defined privacy[C]//SIGCOMM '09 Proceedings of the ACM SIGCOMM 2009 conference on Data communication,2009:135-146.
  • 8Sahai A,Waters B.Fuzzy identity-based encryption[C]// Cramer R,ed.Advances in Cryptology-EUROCRYPT 2005,2005:457-473.
  • 9Goyal V,Pandey O,Sahai A,et al.Attribute-Based encryption for fine grained access control of encrypted data[C]//CCS' 06 Proceedings of the 13th ACM conference on Computer and communications security,2006:89-98.
  • 10Bethencourt J,Sahai A,Waters B.Ciphertext-Policy attribute-based encryption[C]//Proc,of the 2007 IEEE Symp.on Security and Privacy,2007:321-334.

共引文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部