摘要
针对多授权属性基加密云存储访问控制方案中的安全性和有效性问题,提出一种无中央授权中心的多授权属性加密的云存储访问控制方案.利用分布式密钥生成协议,多个授权中心联合分发用户的属性密钥;采用线性秘密共享方案,支持灵活的访问控制策略;引入代理重加密和解密外包技术,将大部分计算任务委托给云服务器执行,实现用户的即时撤销,有效降低用户的计算开销.分析结果表明,新方案在文件加密和文件解密上具有较高的性能,并且在q-BDHE假设下是自适应性安全的.
In order to improve the security and efficiency of multi-authority attribute-based encryption access control scheme for cloud storage,a multi-authority attribute-based encryption without central authority for access control scheme in cloud storage is presented. In the proposed scheme, multiple attribute authority jointly distribute the user's key by using the distributed key generation protocol. This scheme can support flexible access control policy through linear secret sharing scheme. Furthermore, by introducing proxy re-encryp- tion and decryption outsourcing technology,the majority of computing tasks entrusted to the cloud server to perform. Hence,it can re- alize on-demand attribute revocation of user and effectively reduce the computational overhead of users. The results show that this scheme has high performance on encryptiort/decryption operations. It is adaptively secure under q-BDHE assumption.
出处
《小型微型计算机系统》
CSCD
北大核心
2017年第4期826-829,共4页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61662069
61262057)资助
甘肃省科技计划项目(145RJDA325)资助
国家档案局科技项目计划项目(2014-X-33)资助
兰州市科技计划项目(2013-4-22)资助
甘肃省高校科研项目(2014-A011)资助
西北师范大学青年教师科研能力提升计划项目(NWNU-LKQN-14-7)资助
关键词
多授权属性加密
云存储
访问控制
重加密
中央授权
multi-authority attribute-based encryption
cloud storage
access control
re-encryption
central authority
