摘要
由于目前云存储的访问控制策略中密文与密钥长度过大,引发存储与通信代价过高,并且针对用户权限撤销需要频繁地重新加密对称密钥或者重新加密原始数据,导致系统安全性差、效率低下的问题,提出了一种安全可靠的,基于CP-ABE(ciphertext-policy attribute based encryption)的访问控制方案。该方案不仅可以固定密文与密钥的长度,具有较高的计算效率,而且支持用户权限的撤销功能,并且在密钥与密文传送的过程中使用了签名机制,防止传输过程遭受破坏。通过理论与实验证明,该方案可以抵抗选择密文攻击、合谋攻击等常见的攻击。与现有的方案相比,该方案具有较高的计算效率,并且更容易实现。
The ciphertext and key length are too large in the current cloud storage access control strategy,which leads to the high storage and communication costs.And user rights revocation requires frequent re-encryption of the symmetric key or re-encrypt the original data,resulting in poor system security and low efficiency.Aiming at these problem,we present a secure and efficient CP-ABE-based(ciphertext-policy attribute based encryption)access control scheme,which not only can be constant size ciphertexts and secret keys with a high computational efficiency,but also supports the revocation of user rights.In the secret keys and the ciphertexts transfer,the signature mechanism is used to prevent the transmission from being destroyed.The theory and experiment proves that the program can resist the choice of ciphertexts attacks,collusion attacks,etc.,which is more efficient and easier to implement than existing solutions.
作者
唐忠原
何利文
陈超
焦宏宇
吴超
周睿
TANG Zhong-yuan;HE Li-wen;CHEN Chao;JIAO Hong-yu;WU Chao;ZHOU Rui(School of Computer Science and Technology,Nanjing University of Posts and Telecommunications, Nanjing 210003,China)
出处
《计算机技术与发展》
2018年第11期128-134,共7页
Computer Technology and Development
基金
江苏省"六大人才高峰"高层次人才项目(2014-WLW-005)
南京邮电大学引进人才科研启动基金(NY212012)
中兴通讯研究基金(2015外)
