摘要
考虑到用户对数据隐私性的需求以及云服务器的不可信,利用属性基密码体制(ABE)构建面向云存储的安全数据共享方案被广泛研究。当用户被撤销时,现有的标准ABE机制无法确保被撤销的用户不能继续访问云服务器中的海量密文数据。针对上述问题,文章结合密文更新和密钥更新的思想,提出了一种可以支持加解密外包的可撤销存储的密文策略属性基加密(SR-CP-ABE)方案。该方案通过定期更新存储在云服务器中的密文来确保用户被撤销后无法访问这些密文。同时,该方案通过结合密钥拆分的思想,将加解密过程中的复杂计算外包到不可信的云服务器,降低了用户的加解密计算量,实验结果表明文章提出的方案是高效可行的。
Taking into account the user’s need for data privacy and the untrustworthiness of cloudservers,the use of attribute-based cryptography(ABE)to build cloud-oriented security data sharingprogram is widely studied.When a user is revoked,the existing standard ABE mechanism can’t ensurethat the revoked user can’t continue to access the massive ciphertext data in the cloud server.Aimingat the above problems,this paper proposes a ciphertext strategy attribute encryption scheme(SR-CPABE)which can support the reusable storage of encryption and decryption by combining the idea ofciphertext update and key update.The program ensures that the user can’t access the ciphertext byperiodically updating the ciphertext stored in the cloud server.At the same time,this program throughthe combination of the idea of key split,encryption and decryption process in the complex computingoutsourcing to the untrusted cloud server to reduce the user’s encryption and decryption calculation.The experimental results show that the proposed scheme is effi cient and feasible.
作者
卿勇
孙伟
熊虎
赵洋
QING Yong;SUN Wei;XIONG Hu;ZHAO Yang(School of Information and Software Engineering, University of Electronic Science and Technology of China,Chengdu Sichuan 610054, China;Dazhou Vocational and Technical College, Dazhou Sichuan 635001, China)
出处
《信息网络安全》
CSCD
2017年第6期6-13,共8页
Netinfo Security
基金
国家自然科学基金[61370026]
关键词
云计算
密文访问控制
外包加解密计算
用户撤销
密钥更新
cloud computing
ciphertext access control
outsourcing encryption and decryption computation
user revocation
key update
