Effecient outsourced computing based on extended attribute-based functional encryption

doi:10.11772/j.issn.1001-9081.2017112657

Journal of Computer Applications ›› 2018, Vol. 38 ›› Issue (6): 1633-1639.DOI: 10.11772/j.issn.1001-9081.2017112657

Previous Articles Next Articles

Effecient outsourced computing based on extended attribute-based functional encryption

LI Cong^1,2, YANG Xiaoyuan^1,2, WANG Xu'an^1,2

1. College of Cryptographic Engineering, Engineering University of the Chinese Armed Police Force, Xi'an Shaanxi 710086, China;
2. Key Laboratory of Network and Information Security of the Chinese Armed Police Force, Xi'an Shaanxi 710086, China

Received:2017-11-09 Revised:2017-12-22 Online:2018-06-10 Published:2018-06-13
Supported by:
This work is partially supported by the National Natural Science Foundation of China (U1636114, 61772550).

基于扩展属性基功能加密的有效外包计算

李聪^1,2, 杨晓元^1,2, 王绪安^1,2

1. 武警工程大学密码工程学院, 西安 710086;
2. 网络与信息安全武警部队重点实验室, 西安 710086

通讯作者: 李聪
作者简介:李聪(1990-),男,山东济宁人,硕士研究生,主要研究方向:密码学;杨晓元(1959-),男,湖南湘潭人,教授,博士生导师,博士,CCF会员,主要研究方向:密码学、信息安全;王绪安(1981-),男,湖北公安人,副教授,博士,主要研究方向:密码学、信息安全。
基金资助:
国家自然科学基金资助项目（U1636114，61772550）。

Abstract

Abstract: The main problems exist in current Attribute-Based Encryption (ABE) schemes, such as the access policy has a single function, and the size and decryption time of ciphertext increase with the complexity of access formula. In order to solve the problems, a multi-function ABE scheme for effecient outsourced computing was proposed. Firstly, through the fine-grained access control of sensitive data, different function encryption systems were implemented. Then, using the huge computing power of cloud server to perform partial decryption calculations, the user attribute ciphertext satisfying the access policy was converted into a (constant-size) ElGamal-style ciphertext. At the same time, the correctness of outsourced computing was ensured through the efficient verification methods. The theoretical analysis results show that, compared with the traditional attribute-based functional encryption scheme, the decryption computation at the user end of the proposed scheme is reduced to one exponential operation and one pair operation. The proposed scheme can save a lot of bandwidth and decryption time for users without increasing the amount of transmission.

Key words: functional encryption, outsourced decryption, verifiability, Attribute-Based Encryption (ABE), cloud computing

摘要： 针对目前属性基加密（ABE）方案存在的主要问题，即访问策略功能单一的问题和密文的大小和解密时间随着访问公式的复杂性增加而增长的问题，提出了有效外包计算的多功能ABE方案。首先，通过对敏感数据的细粒度访问控制，实现了不同功能加密系统；然后，利用云服务器巨大的计算能力进行部分解密计算，将满足访问策略的用户属性密文转化为一个（常量大小） ElGamal类型的密文；同时通过有效的验证方法保证外包运算的正确性。理论分析结果表明，与传统属性基功能加密方案相比，所提方案用户端的解密计算降低至一次指数运算和一次对运算，该方案在不增加传输量的情况下，为用户节省了大量带宽和解密时间。

关键词: 功能加密, 外包解密, 可验证, 属性基加密, 云计算

CLC Number:

TP309.7

LI Cong, YANG Xiaoyuan, WANG Xu'an. Effecient outsourced computing based on extended attribute-based functional encryption[J]. Journal of Computer Applications, 2018, 38(6): 1633-1639.

李聪, 杨晓元, 王绪安. 基于扩展属性基功能加密的有效外包计算[J]. 计算机应用, 2018, 38(6): 1633-1639.

References

[1] SAHAI A, WATERS B. Fuzzy identity-based encryption[C]//Proceedings of the 2005 Annual International Conference on the Theory and Applications of Cryptographic Techniques, LNCS 3494. Berlin:Springer, 2005:457-473.
[2] LEWKO A, OKAMOTO T, SAHAI A, et al. Fully secure functional encryption:attribute-based encryption and (hierarchical) inner product encryption[C]//Proceedings of the 29th Annual International Conference on Theory and Applications of Cryptographic Techniques. Berlin:Springer, 2010:62-91.
[3] BONEH D, SAHAI A, WATERS B. Functional encryption:definitions and challenges[C]//Proceedings of the 20118th Conference on Theory of Cryptography. Berlin:Springer, 2011:253-273.
[4] GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]//Proceedings of the 200613th ACM Conference on Computer and Communications Security. New York:ACM, 2006:89-98.
[5] KATZ J, SAHAI A, WATERS B. Predicate encryption supporting disjunctions, polynomial equations, and inner products[C]//Proceedings of the 200827th Annual International Conference on the Theory and Applications of Cryptographic Techniques. Berlin:Springer, 2008:146-162.
[6] OKAMOTO T, TAKASHIMA K. Fully secure functional encryption with general relations from the decisional linear assumption[C]//Proceedings of the 201030th Annual Conference on Advances in Cryptology. Berlin:Springer, 2010:191-208.
[7] ATTRAPADUNG N, LIBERT B. Functional encryption for inner product:achieving constant-size ciphertexts with adaptive security or support for negation[C]//Proceedings of the 2010 IACR International Workshop on Public Key Cryptography, LNCS 6056. Berlin:Springer, 2010:384-402.
[8] HUO W Q, PEI J S, ZHANG K, et al. KP-ABE with attribute extension:towards functional encryption schemes integration[C]//Proceedings of the 2014 Sixth International Symposium on Parallel Architectures, Algorithms and Programming. Piscataway, NJ:IEEE, 2014:230-237.
[9] GREEN M, HOHENBERGER S, WATERS B. Outsourcing the decryption of ABE ciphertexts[C]//Proceedings of the 201120th USENIX Conference on Security. Berkeley, CA:USENIX Association, 2011:34-1-34-16.
[10] QIN B D, DENG R H, LIU S L, et al. Attribute-based encryption with efficient verifiable outsourced decryption[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(7):1384-1393.
[11] MAO X P, LAI J Z, MEI Q X, et al. Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption[J]. IEEE Transactions on Dependable and Secure Computing, 2016, 13(5):533-546.
[12] 任艳丽,蔡建兴,黄春水,等.基于身份加密中可验证的私钥生成外包算法[J].通信学报,2015,36(11):61-66.(REN Y L, CAI J X, HUANG C S, et al. Verifiable outsourcing private key generation algorithm in an identity-based encryption scheme[J]. Journal on Communications, 2015, 36(11):61-66.)
[13] WATERS B. Functional encryption for regular languages[C]//Proceedings of the 32nd Annual Cryptology Conference on Advances in Cryptology, LNCS 7417. Berlin:Springer, 2012:218-235.
[14] MA H, ZHANG R, WAN Z G, et al. Verifiable and exculpable outsourced attribute-based encryption for access control in cloud computing[J]. IEEE Transactions on Dependable and Secure Computing, 2017, 14(6):679-692.
[15] 刘梦君,刘树波,王颖,等.基于LSSS共享矩阵无授权策略的属性密码解密效率提高方案[J].电子学报,2015,43(6):1065-1072.(LIU M J, LIU S B, WANG Y, et al. Optimizing the decryption efficiency in LSSS matrix-based attribute-based encryption without given policy[J]. Acta Electronica Sinica, 2015, 43(6):1065-1072.)
[16] HOHENBERGER S, WATERS B. Attribute-based encryption with fast decryption[C]//Proceedings of the 201316th International Conference on Practice and Theory in Public-Key Cryptography, LNCS 7778. Berlin:Springer, 2013:162-179.
[17] OSTROVSKY R, SAHAI A, WATERS B. Attribute-based encryption with non-monotonic access structures[C]//CCS 07:Proceedings of the 200714th ACM Conference on Computer and Communications Security. New York:ACM, 2007:195-203.

Effecient outsourced computing based on extended attribute-based functional encryption

基于扩展属性基功能加密的有效外包计算

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

[1]	CHEN Jiahao, YIN Xinchun. Traceable and revocable ciphertext-policy attribute-based encryption scheme based on cloud-fog computing [J]. Journal of Computer Applications, 2021, 41(6): 1611-1620.
[2]	GE Lina, HU Yugu, ZHANG Guifen, CHEN Yuanyuan. Reverse hybrid access control scheme based on object attribute matching in cloud computing environment [J]. Journal of Computer Applications, 2021, 41(6): 1604-1610.
[3]	YANG Ling, JIANG Chunmao. Strategy of energy-aware virtual machine migration based on three-way decision [J]. Journal of Computer Applications, 2021, 41(4): 990-998.
[4]	ZHANG En, LI Huimin, CHANG Jian. Verifiable k-means clustering scheme with privacy-preserving [J]. Journal of Computer Applications, 2021, 41(2): 413-421.
[5]	Xiaoqiong PANG, Ting YANG, Wenjun CHEN, Yunting WANG, Tianye LIU. Digital rights management scheme based on secret sharing in blockchain environment [J]. Journal of Computer Applications, 2021, 41(11): 3257-3265.
[6]	Lifeng GUO, Qianli WANG. Adaptive secure outsourced attribute-based encryption scheme with keyword search [J]. Journal of Computer Applications, 2021, 41(11): 3266-3273.
[7]	Xiaoling SUN, Guang YANG, Yanping SHEN, Qiuge YANG, Tao CHEN. Searchable encryption scheme based on splittable inverted index [J]. Journal of Computer Applications, 2021, 41(11): 3288-3294.
[8]	LYU Jiayu, ZHU Zhirong, YAO Zhiqiang. Two-channel dynamic data encryption strategy in cloud computing environment [J]. Journal of Computer Applications, 2020, 40(8): 2268-2273.
[9]	CHEN Chengjun, MAO Yingchi, WANG Yichao. CNN model compression based on activation-entropy based layer-wise iterative pruning strategy [J]. Journal of Computer Applications, 2020, 40(5): 1260-1265.
[10]	GUO Shujie, LI Zhihua, LIN Kaiqing. Fuzzy membership degree based virtual machine placement algorithmin cloud environment [J]. Journal of Computer Applications, 2020, 40(5): 1374-1381.
[11]	XU Yingxin, SUN Lei, ZHAO Jiancheng, GUO Songhui. Virtual field programmable gate array placement strategy based on ant colony optimization algorithm [J]. Journal of Computer Applications, 2020, 40(3): 747-752.
[12]	WANG Qingyong, MAO Yingchi, WANG Yichao, WANG Longbao. Computing task offloading based on multi-cloudlet collaboration [J]. Journal of Computer Applications, 2020, 40(2): 328-334.
[13]	LIU Fuxin, LI Jingwei, WANG Yihong, LI Lin. Design and implementation of cloud native massive data storage system based on Kubernetes [J]. Journal of Computer Applications, 2020, 40(2): 547-552.
[14]	YANG Shenshen, WU Huizhen, ZHUANG Lili, LYU Hongwu. Markov process-based availability modeling and analysis method of IaaS system [J]. Journal of Computer Applications, 2020, 40(10): 3013-3018.
[15]	YU Qingfei, TU Guangsheng, LI Ningbo, ZHOU Tanping. Multi-hop multi-policy attributed-based fully homomorphic encryption scheme [J]. Journal of Computer Applications, 2019, 39(8): 2326-2332.