摘要
为了在5G网络D2D(设备到设备)环境中实现数据安全传输、安全的属性撤销、防共谋和动态的用户管理,提出了一种新型防共谋密文策略属性基加密方案(NDA-CP-ABE).基于密文策略属性基加密算法,实现了数据细粒度的访问控制和属性的安全撤销,保障了数据的机密性,并在密文的生成阶段采用多项式方程来实现安全且高效的用户管理.将随机数用于防止合法用户设备、被撤销用户设备和外部网络攻击者之间的共谋攻击.最后基于Diffie-Hellman难题,对NDA-CP-ABE方案进行了形式化证明,并与同类型的方案进行了仿真性能比较.比较结果表明,数据可以在D2D通道中安全传输,并且保障了属性撤销、防共谋和动态的用户管理.此外,与其他同类型方案相比,NDA-CP-ABE方案在加密、解密和存储方面更为高效.
To share data securely with secure attribute revocation,anti-collusion,and dynamic user management in the 5G device-to-device(D2D)environment,a novel dynamic anti-collusion ciphertext policy attribute-based encryption(NDA-CP-ABE)scheme in the 5G D2D environment is proposed.On the basis of the ciphertext policy attribute-based encryption algorithm,fine-grained access control and secure attribute revocation are realized,and the confidentiality of data is guaranteed.A polynomial function is adopted in the ciphertext generation phase to realize dynamic user management.A random number is used to prevent a collusion attack among the legitimate user equipment(UE),revoked UE,and external network attackers.Finally,on the basis of the Diffie-Hellman problem,the NDA-CP-ABE scheme is formally proved,and the simulation performances are compared with those of similar schemes.The results show that data can be securely shared through a D2D channel with secure attribute revocation,anti-collusion,and dynamic user management.Moreover,compared with similar schemes,the NDA-CP-ABE scheme has higher efficiency in encryption,decryption,and storage.
作者
徐相杰
蒋睿
Xu Xiangjie;Jiang Rui(School of Cyber Science and Engineering, Southeast University, Nanjing 210096, China)
基金
The National Natural Science Foundation of China(No.61372103)
the Natural Science Foundation of Jiangsu Province(No.SBK2020020282)
the Program of Key Laboratory of Information Network Security of the Ministry of Public Security(No.C19607)
the Program of Key Laboratory of Computer Network Technology of Jiangsu Province.
关键词
D2D
属性撤销
用户管理
密文策略属性基加密
访问控制
device-to-device(D2D)
attribute revocation
user management
dynamic anti-collusion ciphertext policy attribute-based encryption(NDA-CP-ABE)
access control