计算机应用 ›› 2017, Vol. 37 ›› Issue (2): 473-482.DOI: 10.11772/j.issn.1001-9081.2017.02.0473

• 网络空间安全 • 上一篇    下一篇

基于匿名广播加密的云存储访问控制方法

许盛伟, 林慕清   

  1. 北京电子科技学院 信息安全研究所, 北京 100070
  • 收稿日期:2016-08-29 修回日期:2016-09-30 出版日期:2017-02-10 发布日期:2017-02-11
  • 通讯作者: 林慕清,linmq@besti.edu.cn
  • 作者简介:许盛伟(1976-),男,江西吉安人,副研究员,博士,主要研究方向:信息安全、密码应用;林慕清(1987-),男,安徽宿州人,助理研究员,博士,主要研究方向:密码学、网络安全。
  • 基金资助:
    中共中央办公厅信息安全重点实验室开放基金资助项目(基本科研业务费2014KF_XSW);北京电子科技学院博士启动项目(2016博士启动-林慕清)。

Anonymous broadcast encryption based access control method for cloud storage

XU Shengwei, LIN Muqing   

  1. Information Security Institute, Beijing Electronic Science and Technology Institute, Beijing 100070, China
  • Received:2016-08-29 Revised:2016-09-30 Online:2017-02-10 Published:2017-02-11
  • Supported by:
    This work is partially supported by the Open-fund Project of the Key Laboratory of Information Security (JBKYYWF2014KF_XSW), the Doctorial Initializing Project of Beijing Electronic Science and Technology Institute (2016BSQD-LMQ).

摘要: 针对现有的匿名广播加密方法在加解密性能和安全性方面的不足,提出一种基于拉格朗日插值多项式的匿名广播加密方法。首先定义了可以抵御自适应敌手攻击的匿名广播加密安全模型;然后在合数阶双线性群环境下采用拉格朗日插值多项式对方案进行了构建,在保证用户身份匿名性的同时,实现了高效的加解密;最后基于子群判定假设和合数阶判定双线性Diffie-Hellman假设,在标准模型下证明了方法针对自适应敌手具有密文的机密性和接收者匿名性。实验与性能分析表明,方法具有较低的通信和计算开销,可以有效地解决云存储中密文数据的匿名访问控制问题。

关键词: 云存储, 访问控制, 匿名广播加密, 拉格朗日插值多项式, 合数阶双线性群

Abstract: Focusing on the deficiencies on performance and security of the existing anonymous broadcast encryption scheme, a new anonymous broadcast encryption scheme based on the Lagrange interpolation polynomial was proposed. Firstly, an anonymous broadcast encryption security model against adaptive adversaries was defined. Then the scheme was constructed based on the Lagrange interpolation polynomial under the composite order bilinear group settings, which ensures user identity anonymity and achieves an efficient encryption and decryption at the same time. Finally, based on the subgroup decision assumption and the composite decisional bilinear Diffie-Hellman assumption, the security was proved in standard model, which shows that the proposed scheme has both ciphertext confidentiality and receiver anonymity against adaptive adversaries. Experimental results and performance analysis show that the proposed method has low communication and computing overhead, and can efficiently solve the anonymous access control issues of ciphertext data in cloud storage.

Key words: cloud storage, access control, anonymous broadcast encryption, Lagrange interpolation polynomial, composite order bilinear group

中图分类号: