摘要
针对现有云环境中密文策略属性加密都依赖于一个可信密钥生成机构的问题,提出一种无可信第三方的密文策略属性加密方案.该方案使密钥生成机构在负责用户认证和属性管理时,必须与另一方(如云服务提供商)通过安全双方计算协议来生成密钥,而它们中的任何一方都没有能力单独解密密文.安全性分析表明,所提出的方案能够解决单独密钥生成机构所带来的安全性问题,而且用户端仅需一次加法运算,提高了计算效率.
The existing ciphertext-policy attribute-based encryption(CP-ABE) schemes have to rely on a single trusted key generation center in cloud computing.Therefore,a removing trusted third party of CP-ABE scheme is proposed.The key generation center(KGC) is responsible for the user identity authentication and attributes management,which must be with the other party(cloud service providers) through secure two party computation protocol to generate keys,and neither of them has the ability to decrypt the ciphertexts.The security analysis shows that the proposed scheme can solve the security problem caused by the single trusted key generation center,and the end-user only needs once addition operation and the computional efficiency is greatly improved.
出处
《控制与决策》
EI
CSCD
北大核心
2015年第9期1630-1634,共5页
Control and Decision
基金
国家自然科学基金项目(61163025
61462069)
内蒙古自然科学基金项目(2012MS0912)
关键词
属性加密
安全双方计算
可信第三方
访问控制
attribute-based encryption
secure two-party computation
trusted third-party
access control
