摘要
针对移动云数据的访问控制进行了研究,提出一种高效的、无需CA的多授权机构密文策略属性基加密方案。借助外部资源,在数据加密和解密过程分别增加预加密操作和可验证外包解密操作,从而降低用户的加/解密计算量,并采用双因子身份认证机制实现对用户的匿名认证。安全性分析表明,新方案基于判定性qBDHE(decisional q-parallel bilinear Diffie-Hellman exponent)假设可证明是选择明文安全的,并且能够抵抗合谋攻击。仿真实验表明,新方案有效降低了数据加密、解密的计算开销以及对密文的通信开销,能够实现对移动云数据安全、高效的访问控制。
Study on the data access control in mobile cloud,this paper proposed an efficient multi-authority ciphertext-policy attribute-based encryption scheme without any central authority(CA).The main idea was to outsource a part of computing tasks to some external servers,and considered to increase a pre-encryption operation and outsourcing decryption operation in the process of encryption and decryption,and used the two-factor authentication mechanism to achieve anonymous authentication.Security analysis indicates that this scheme was proven choose plaintext attack(CPA)security under the decisional q-pa-rallel bilinear Diffie-Hellman exponent assumption,furthermore,it could resist collusion attack.Experimental result shows that this scheme significantly reduces the bandwidth and the computation time for both data encryption and data decryption.Therefore,this scheme can achieve security and efficiency of data access control in mobile cloud environment.
作者
李学俊
吕茂旭
Li Xuejun;Lyu Maoxu(School of Cyber Engineering,Xidian University,Xi’an 710071,China)
出处
《计算机应用研究》
CSCD
北大核心
2018年第5期1519-1525,1544,共8页
Application Research of Computers
基金
国家"111"计划资助项目(B16037)
关键词
多机构属性基加密
预加密
外包解密
可验证
双因子身份认证
multi-authority attribute-based encryption(MA-ABE)
pre-encryption
outsourcing decryption
verifiable
two-factor authentication
