摘要
针对云环境中用户属性更新和隐私安全问题,文章提出一种具有隐私保护且支持用户撤销的属性基加密方案。该方案采用半策略隐藏方式,将属性分为属性名和属性值,加密时对属性值进行隐藏,具体属性值不会泄露给任何第三方,有效地保护了用户的隐私。另外,通过令牌树机制为用户生成密钥加密密钥,控制用户对属性陷门的获取,实现了高效的属性撤销,即使用户错过密钥即时更新的信息,也可在解密密文前更新自己的密钥。安全性分析表明,该方案可以抵抗合谋攻击,并满足选择明文攻击安全。通过与其他方案对比,本文方案在存储代价和计算代价方面都有所优化,更适用于实际应用中用户属性规模远远小于系统属性规模的情况。
In order to support fi ne-grained attribute revocation and privacy preserving in data outsourcingsystems,an effi cient privacy preserving attribute-based encryption scheme with user revocation is proposed.In the scheme,the attribute will be divided into two parts:attribute name and attribute value.Encryptorspecified access structures is partially hidden,so the value of user’s attributes will never be revealed to anythird parties,and the user’s privacy will be effectively preserved.Meanwhile,a token system is used tocreate key encryption key which can address the challenging issue of effi cient attribute revocation.The newscheme achieved fi ne-grained and immediate attribute revocation which is more suitable for the practicalapplications.In addition,the scheme is proved to be adaptively chosen plaintext attack secure in the standardmodel,and it can withstand conspiracy attack.Compared to the existing related schemes,computational costand storage cost is reduced,and it is more suitable for the practical applications in which user attributes ismuch less than the total of system attributes.
作者
闫玺玺
叶青
刘宇
YAN Xixi;YE Qing;LIU Yu(School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo Henan 454003, China;Information System and Security & Countermeasures Experimental Center, Beijing Institute of Technology, Beijing 100081, China)
出处
《信息网络安全》
CSCD
2017年第6期14-21,共8页
Netinfo Security
基金
国家自然科学基金[61300216]
河南省科技厅项目[132102210123]
河南省教育厅科研项目[16A520013]
河南理工大学2015年青年骨干教师资助项目
关键词
云环境
属性基加密
属性撤销
隐私保护
cloud environment
attribute-based encryption
attribute revocation
privacy preserving
