《计算机应用》唯一官方网站 ›› 2021, Vol. 41 ›› Issue (11): 3257-3265.DOI: 10.11772/j.issn.1001-9081.2021010024

• 网络空间安全 • 上一篇    下一篇

区块链环境下基于秘密共享的数字权限管理方案

庞晓琼1(), 杨婷1, 陈文俊1,2, 王云婷1, 刘天野3   

  1. 1.中北大学 大数据学院,太原 030051
    2.中国人民银行 太原中心支行,太原 030001
    3.中北大学朔州校区 电气与计算机工程管理部,山西 朔州 036000
  • 收稿日期:2021-01-06 修回日期:2021-03-15 接受日期:2021-04-28 发布日期:2021-05-12 出版日期:2021-11-10
  • 通讯作者: 庞晓琼
  • 作者简介:庞晓琼(1982—),女,山西太原人,副教授,博士,CCF会员,主要研究方向:信息安全、密码学、复杂系统的故障预测与健康管理
    杨婷(1995—),女,山西运城人,硕士研究生,主要研究方向:区块链
    陈文俊(1980—),男,江西南昌人,高级工程师,博士研究生,主要研究方 向:金融大数据、信息安全
    王云婷(1996—),女,山西运城人,硕士研究生,主要研究方向:区块链
    刘天野(1976—),男,吉林辽源人,副教 授,博士,主要研究方向:区块链。
  • 基金资助:
    山西省自然科学基金资助项目(201901D111164)

Digital rights management scheme based on secret sharing in blockchain environment

Xiaoqiong PANG1(), Ting YANG1, Wenjun CHEN1,2, Yunting WANG1, Tianye LIU3   

  1. 1.School of Data Science and Technology,North University of China,Taiyuan Shanxi 030051,China
    2.Taiyuan Central Sub-branch,The People’s Bank of China,Taiyuan Shanxi 030001,China
    3.Electrical and Computer Engineering Management Department,North University of China,Shuozhou,Shuozhou Shanxi 036000,China
  • Received:2021-01-06 Revised:2021-03-15 Accepted:2021-04-28 Online:2021-05-12 Published:2021-11-10
  • Contact: Xiaoqiong PANG
  • About author:PANG Xiaoqiong,born in 1982,Ph. D.,associate professor. Her research interests include information security, cryptography, prognostics and health management of complex systems
    YANG Ting,born in 1995,M. S. candidate. Her research interests include blockchain
    CHEN Wenjun,born in 1980,Ph. D. candidate,senior engineer. His research interests include financial big data,information security
    WANG Yunting,born in 1996,M. S. candidate. Her research interests include blockchain
    LIU Tianye, born in 1976, Ph. D., associate professor. His research interests include blockchain.
  • Supported by:
    the Natural Science Foundation of Shanxi Province(201901D111164)

摘要:

针对数字权限保护中对内容加密密钥的安全保存和有效分发的需求,提出了一个区块链环境下基于秘密共享的数字权限保护方案。该方案主要包括系统初始化、内容加密、许可授权和内容解密4个协议。在该方案中,利用Pedersen可验证秘密共享方案和属性基加密(ABE)算法来实现内容加密密钥的保护和分发,将内容提供商从管理内容加密密钥的任务中解放出来,从而确保了密钥管理的安全性和灵活性。此外,基于区块链的数字权限保护方案具有信息公开透明、不可篡改等特点。安全性分析表明,该方案在区块链环境下是安全可行的;仿真实验结果表明,该方案能够以较低的开销实现数字内容的权限保护。

关键词: 数字权限管理, 区块链, 秘密共享方案, 智能合约, 属性基加密

Abstract:

In order to meet the requirements of safe storage and effective distribution of content encryption key in digital rights protection, a new digital rights protection scheme based on secret sharing in blockchain environment was proposed, including 4 protocols: system initialization, content encryption, license authorization and content decryption. The Pedersen’s verifiable secret sharing scheme and Attribute-Based Encryption (ABE) algorithm were used to protect and distribute the content encryption key. The content providers were freed from the task of managing content encryption keys, which ensured the security and flexibility of key management. In addition, the digital rights protection scheme based on blockchain has the characteristics of information openness and transparency, and is tamper-resistant. Security analysis show that the proposed scheme is safe and feasible in the blockchain environment; simulation results show that the proposed scheme can achieve the rights protection of digital content with low cost.

Key words: Digital Rights Management (DRM), blockchain, secret sharing scheme, smart contract, Attribute-Based Encryption (ABE)

中图分类号: