计算机应用 ›› 2015, Vol. 35 ›› Issue (8): 2189-2194.DOI: 10.11772/j.issn.1001-9081.2015.08.2189

• 信息安全 • 上一篇    下一篇

素数阶群上属性可重复的多授权机构基于属性的加密方案

李作辉, 杨梦梦, 陈性元   

  1. 信息工程大学, 郑州 450001
  • 收稿日期:2015-03-09 修回日期:2015-05-09 出版日期:2015-08-10 发布日期:2015-08-14
  • 通讯作者: 李作辉(1981-),男,湖南衡阳人,副研究员,博士研究生,主要研究方向:公钥密码、网络安全,forestspringer@163.com
  • 作者简介:杨梦梦(1980-),女,安徽无为人,博士研究生,主要研究方向:公钥密码; 陈性元(1964-),男,安徽无为人,教授,博士,主要研究方向:网络安全。
  • 基金资助:

    国家973计划项目(2011CB311801)。

Attribute repeatable multi-authority attribute-based encryption scheme on prime order group

LI Zuohui, YANG Mengmeng, CHEN Xingyuan   

  1. Information Engineering University, Zhengzhou Henan 450001, china
  • Received:2015-03-09 Revised:2015-05-09 Online:2015-08-10 Published:2015-08-14

摘要:

针对目前多授权机构基于属性的加密方案(MA-ABE)限制每个属性在访问结构中只能出现一次,而属性重复编码必将导致系统效率降低的问题,提出了一种素数阶群上属性可重复的多授权机构密文策略(MA-CP-ABE)方案。首先基于对偶配对空间和线性秘密共享等技术,在素数阶群上构建了一个MA-CP-ABE方案;然后通过引入q-Parallel BDHE假设,解决了经典对偶系统加密证明过程依赖一个统计意义假设,而该假设只有在访问结构中属性不重复出现才能成立的问题,构建一系列两两不可区分的攻击游戏证明该方案在标准模型下是自适应安全的;最后通过性能分析说明,与另两种素数阶群上构建的自适应安全MA-CP-ABE方案相比,在不考虑属性重复的情况下,该方案解密速度随着参与属性数量的增加分别提高了20%~40%和0%~50%,在真实应用环境中的性能优势更大。

关键词: 基于属性的加密, 多授权机构, 属性可重复, 素数阶, 标准模型

Abstract:

Since previous Multi-Authority Attribute-Based Encryption (MA-ABE) schemes limit each attribute to appear only once in the access structure, and suffer from superfluous computation overhead on repetitive encoding technique, an adaptively secure and unrestricted Multi-Authority Ciphertext-Policy ABE (MA-CP-ABE) scheme was proposed on prime order groups. Firstly, based on dual pairing vector space and linear secret-sharing schemes technology, an MA-CP-ABE scheme was constructed on prime order groups. Then, q-Parallel BDHE (Bilinear Diffie-Hellman Exponent) assumption was introduced to solve the problem that classical dual system encryption depends on a statistical hypothesis which requires each attribute to appear only once in the access structure, and a series of attacking games indistinguishable from each other was designed to prove that this scheme was adaptively secure in the standard model. Finally, performance analysis indicated that in comparison with another two adaptively secure MA-CP-ABE schemes on prime order groups, the speed of decryption was obviously improved by nearly 20%-40% and 0%-50% respectively as the number of participating attributes increasing, without considering the attribute repetition. This scheme is more efficient in real applications.

Key words: Attribute-Based Encryption (ABE), multi-authority, attribute repeatable, prime order, standard model

中图分类号: