基于属性的BGN型密文解密外包方案

doi:10.11772/j.issn.1001-9081.2017.08.2287

计算机应用 ›› 2017, Vol. 37 ›› Issue (8): 2287-2291.DOI: 10.11772/j.issn.1001-9081.2017.08.2287

基于属性的BGN型密文解密外包方案

李镇林^1,2, 张薇^1,2, 白平², 王绪安²

1. 武警工程大学电子技术系, 西安 710086;
2. 武警工程大学信息安全保密重点实验室, 西安 710086

收稿日期:2017-03-03 修回日期:2017-05-02 出版日期:2017-08-10 发布日期:2017-08-12
通讯作者: 李镇林
作者简介:李镇林(1992-),男,四川巴中人,硕士研究生,主要研究方向:密码学;张薇(1976-),女,陕西西安人,教授,博士,主要研究方向:密码学、信息安全;白平(1990-),男,内蒙古乌兰察布人,硕士研究生,主要研究方向:密码学;王绪安(1981-),男,湖北公安人,副教授,博士,主要研究方向:密码学、信息安全。
基金资助:
陕西省自然科学基金资助项目（2016JQ6037）。

BGN type outsourcing the decryption of attribute-based encryption ciphertexts

LI Zhenlin^1,2, ZHANG Wei^1,2, BAI Ping², WANG Xu'an²

1. Electronic Technique Department, Engineering College of the Chinese Armed Police Force, Xi'an Shaanxi 710086, China;
2. Key Laboratory of Information Security, Engineering College of the Chinese Armed Police Force, Xi'an Shaanxi 710086, China

Received:2017-03-03 Revised:2017-05-02 Online:2017-08-10 Published:2017-08-12
Supported by:
This work is partially supported by the Natural Science Foundation of Shaanxi Province (2016JQ6037).

摘要/Abstract

摘要： 云计算的安全问题是制约其发展的关键瓶颈，其中对云计算结果的访问控制是当前研究的一个热点。在经典的类同态BGN方案基础上，结合CP-ABE（Ciphertext-Policy Attribute-Based Encryption）型密文解密外包设计，构造了基于属性的BGN型密文解密外包方案，部分密文的解密被外包到云上进行，减小了用户的存储开销与计算开销，并且只有用户属性满足访问策略时，才会得到正确的解密结果。与现有的基于属性的外包方案相比，新方案能对密文进行任意次加法同态和一次乘法同态操作。最后，分析了方案的安全性。所提方案在子群判定问题假设下达到语义安全，在随机预言机模型下满足属性安全。

关键词: 基于属性的加密, 云计算, 外包计算, 同态加密, 子群判定问题

Abstract: Cloud computing security is the key bottleneck that restricts its development, and access control on the result of cloud computing is a hot spot of current research. Based on the classical homomorphic encryption BGN (Boneh-Goh-Nissim) scheme, and combined with outsourcing the decryption of Ciphertext-Policy Attribute-Based Encryption (CP-ABE) ciphertexts, a BGN type outsourcing the decryption of ABE ciphertexts was constructed. In the scheme, partial decryption of ciphertexts was outsourced to the cloud, and only the users whose attributes meet the access policy could get the correct decryption result, thus reducing the storage and computation overhead of users. Compared with the existing outsourcing schemes of ABE, the proposed scheme can operate on ciphertexts for arbitrary additions and one multiplication. Finally, the security of the scheme was analyzed. The proposed scheme is semantically secure under the subgroup decision assumption, and its attribute security is proved under random oracle model.

Key words: attribute-based encryption, cloud computation, outsourcing computing, homomorphic encryption, subgroup decisional problem

中图分类号:

TP309.7

李镇林, 张薇, 白平, 王绪安. 基于属性的BGN型密文解密外包方案[J]. 计算机应用, 2017, 37(8): 2287-2291.

LI Zhenlin, ZHANG Wei, BAI Ping, WANG Xu'an. BGN type outsourcing the decryption of attribute-based encryption ciphertexts[J]. Journal of Computer Applications, 2017, 37(8): 2287-2291.

参考文献

[1] ERIC H. Head in the clouds[J]. Nature, 2007, 449(7156):963.
[2] KAUFMAN L M. Data security in the world of cloud computing[J]. IEEE Security & Privacy, 2009, 7(4):61-64.
[3] SHAMIR A. Identity-based cryptosystems and signature schemes[C]//CRYPTO 1984:Proceedings of the 1984 Workshop on the Theory and Application of Cryptographic Techniques, LNCS 196. Berlin:Springer-Verlag, 1984:47-53.
[4] SAHAI A, WATERS B. Fuzzy identity-based encryption[C]//EUROCRYPT 2005:Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, LNCS 3494. Berlin:Springer-Verlag, 2005:457-473.
[5] PIRRETTI M, TRAYNOR P, MCDANIEL P, et al. Secure attribute-based systems[J]. Journal of Computer Security, 2010, 18(5):799-837.
[6] NING J, DONG X, CAO Z, et al. White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(6):1274-1288.
[7] ZHANG K, MA J, LIU J, et al. Adaptively secure multi-authority attribute-based encryption with verifiable outsourced decryption[J]. Science China Information Sciences, 2016, 59:99105.
[8] GREEN M, HOHENBERGER S, WATERS B. Outsourcing the decryption of ABE ciphertexts[C]//SEC' 11:Proceedings of the 20th USENIX Conference on Security. Berkeley, CA:USENIX Association, 2011:34.
[9] WAN Z, LIU J, DENG R H. HASBE:a hierarchical attribute-based solution for flexible and scalable access control in cloud computing[J]. IEEE Transactions on Information Forensics and Security, 2012, 7(2):743-754.
[10] YANG K, JIA X, REN K, et al. DAC-MACS:effective data access control for multiauthority cloud storage systems[J]. IEEE Transactions on Information Forensics and Security, 2013, 8(11):1790-1801.
[11] WANG S, ZHOU J, LIU J, et al. An efficient file hierarchy attribute-based encryption scheme in cloud computing[J]. IEEE Transactions on Information Forensics & Security, 2016, 11(6):1265-1277.
[12] BONEH D, GOH E-J, NISSIM K. Evaluating 2-DNF formulas on ciphertexts[C]//TCC 2005:Proceedings of the 2005 Second International Conference on Theory of Cryptography. Springer Berlin Heidelberg, LNCS 3378. Berlin:Springer-Verlag, 2005:325-341.
[13] WATERS B. Ciphertext-policy attribute-based encryption:an expressive, efficient, and provably secure realization[C]//PKC' 11:Proceedings of the 14th International Conference on Public Key Cryptography, LNCS 6571. Berlin:Springer-Verlag, 2011:53-70.
[14] RIVEST R L, ADLEMAN L, DERTOUZOS M L. On data banks and privacy homomorphisms[J]. Foundations of Secure Computation, 1978, 4(11):169-179.
[15] GENTRY C, HALEVI S, VAIKUNTANATHAN V. A simple BGN-type cryptosystem from LWE[C]//EUROCRYPT 2010:Proceedings of the 2010 Annual International Conference on the Theory and Applications of Cryptographic Techniques, LNCS 6110. Berlin:Springer-Verlag, 2010:506-522.
[16] MENEZES A J, VAN OORSCHOT P, VANSTONE S A. Handbook of applied cryptography[S]. Boca Raton, FL:CRC Press, 1999:425-488.

基于属性的BGN型密文解密外包方案

BGN type outsourcing the decryption of attribute-based encryption ciphertexts

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	郑尚文, 刘尧, 周潭平, 杨晓元. 优化的基于错误学习问题的CKKS方案[J]. 计算机应用, 2021, 41(6): 1723-1728.
[2]	陈家豪, 殷新春. 基于云雾计算的可追踪可撤销密文策略属性基加密方案[J]. 计算机应用, 2021, 41(6): 1611-1620.
[3]	葛丽娜, 胡雨谷, 张桂芬, 陈园园. 云计算环境基于客体属性匹配的逆向混合访问控制方案[J]. 计算机应用, 2021, 41(6): 1604-1610.
[4]	杜志强, 郑东, 赵庆兰. 可验证的大规模矩阵满秩分解的安全外包[J]. 计算机应用, 2021, 41(5): 1367-1371.
[5]	杨翎, 姜春茂. 基于三支决策的虚拟机节能迁移策略[J]. 计算机应用, 2021, 41(4): 990-998.
[6]	郭丽峰, 王倩丽. 自适应安全的带关键字搜索的外包属性基加密方案[J]. 《计算机应用》唯一官方网站, 2021, 41(11): 3266-3273.
[7]	孙晓玲, 杨光, 沈焱萍, 杨秋格, 陈涛. 基于可拆分倒排索引的可搜索加密方案[J]. 《计算机应用》唯一官方网站, 2021, 41(11): 3288-3294.
[8]	马敏耀, 刘卓, 徐艺, 吴恋. 隐私保护整数区间位置关系判定问题[J]. 计算机应用, 2020, 40(9): 2657-2664.
[9]	吕佳玉, 竺智荣, 姚志强. 云计算环境下的双通道数据动态加密策略[J]. 计算机应用, 2020, 40(8): 2268-2273.
[10]	马敏耀, 吴恋, 刘卓, 徐艺. 隐私保护整数点和区间关系判定问题[J]. 计算机应用, 2020, 40(7): 1983-1988.
[11]	车小亮, 周昊楠, 周潭平, 李宁波, 杨晓元. 基于NTRU的多密钥同态加密方案解密结构[J]. 计算机应用, 2020, 40(7): 1959-1964.
[12]	陈程军, 毛莺池, 王绎超. 基于激活-熵的分层迭代剪枝策略的CNN模型压缩[J]. 计算机应用, 2020, 40(5): 1260-1265.
[13]	郭曙杰, 李志华, 蔺凯青. 云环境下基于模糊隶属度的虚拟机放置算法[J]. 计算机应用, 2020, 40(5): 1374-1381.
[14]	许英鑫, 孙磊, 赵建成, 郭松辉. 基于蚁群优化算法的虚拟现场可编程门阵列部署策略[J]. 计算机应用, 2020, 40(3): 747-752.
[15]	王庆永, 毛莺池, 王绎超, 王龙宝. 基于多微云协作的计算任务卸载[J]. 计算机应用, 2020, 40(2): 328-334.