一种支持完全细粒度属性撤销的CP-ABE方案

doi:10.3724/SP.J.1001.2012.04184

微信服务号

微信订阅号

2025年4月26日 21:23 星期六

首页 > 过刊浏览>2012年第23卷第10期 >2805-2816. DOI:10.3724/SP.J.1001.2012.04184

PDF HTML阅读 XML下载导出引用引用提醒

一种支持完全细粒度属性撤销的CP-ABE方案
DOI:
                        10.3724/SP.J.1001.2012.04184
                    
CSTR:
                        
                    
作者:
                        王鹏翩王鹏翩
信息安全国家重点实验室(中国科学院软件研究所), 北京 100190;信息安全共性技术国家工程中心, 北京 100190
在期刊界中查找
在百度中查找
在本站中查找
冯登国冯登国
信息安全国家重点实验室(中国科学院软件研究所), 北京 100190
在期刊界中查找
在百度中查找
在本站中查找
张立武张立武
信息安全国家重点实验室(中国科学院软件研究所), 北京 100190;信息安全共性技术国家工程中心, 北京 100190
在期刊界中查找
在百度中查找
在本站中查找

                    
作者单位:
作者简介:
通讯作者:
中图分类号:
基金项目:国家自然科学基金(60803129); 下一代互联网商用及设备产业化专项资金(CNGI-09-03-03); 信息网络安全公安部重点实验室(公安部第三研究所)开放基金(C11604)

CP-ABE Scheme Supporting Fully Fine-Grained Attribute Revocation

Author:

WANG Peng-Pian
WANG Peng-Pian
State Key Laboratory of Information Security (Institute of Software, The Chinese Academy of Sciences), Beijing 100190, China;National Engineering Research Center of Information Security, Beijing 100190, China
在期刊界中查找
在百度中查找
在本站中查找
FENG Deng-Guo
FENG Deng-Guo
State Key Laboratory of Information Security (Institute of Software, The Chinese Academy of Sciences), Beijing 100190, China
在期刊界中查找
在百度中查找
在本站中查找
ZHANG Li-Wu
ZHANG Li-Wu
State Key Laboratory of Information Security (Institute of Software, The Chinese Academy of Sciences), Beijing 100190, China;National Engineering Research Center of Information Security, Beijing 100190, China
在期刊界中查找
在百度中查找
在本站中查找

Affiliation:

Fund Project:

摘要

图/表

访问统计

参考文献 [21]

相似文献 [20]

引证文献

资源附件

文章评论

摘要:

属性撤销是基于属性的加密(attribute based encryption,简称 ABE)在实际应用中所必须解决的问题.在直接撤销模式下,已有的支持属性撤销的 ABE 方案只能以撤销用户身份的方式对用户所拥有的全部属性进行撤销,而无法做到针对属性的细粒度撤销.提出了直接模式下支持完全细粒度属性撤销的 CP-ABE(cipher policy ABE)模型,在合数阶双线性群上,基于双系统加密的思想构造了具体的方案,并在标准模型下给出了严格的安全性证明.该方案能够对用户所拥有的任意数量的属性进行撤销,解决了已有方案中属性撤销粒度过粗的问题.

关键词:属性撤销;直接撤销模式;基于属性的加密;密文策略

Abstract:

Attribute revocation is crucial to use of ABE. The existing ABE schemes that support attributerevocation under the direct revocation model can only revoke the whole attributes that the user possesses byrevoking the user’s identity, so the attribute revocation is coarse-grained. This paper proposes the model of CP-ABEthat supports fully fine-grained attribute revocation. Based on the dual encryption system proposed by Waters, aconcrete CP-ABE scheme that fully supports fine-grained attribute revocation is constructed over the compositeorder bilinear groups, and the study proves its security under the standard model. Compared to the existing relatedschemes, this scheme is much more flexible and can revoke an arbitrary number of attributes that user possesses.

Key words:attribute revocation;direct revocation mode;attribute based encryption;cipher policy

参考文献

[1] Sahai A, Waters B. Fuzzy identity-based encryption. In: Cramer R, ed. Advances in Cryptology—EUROCRYPT 2005. Berlin: Springer-Verlag, 2005. 457 473. [doi: 10.1007/11426639_27]

[2] Goyal V, Pandey O, Sahai A, Waters B. Attribute-Based encryption for fine-grained access control of encrypted data. In: Proc. of the 13th ACM Conf. on Computer and Communications Security. New York: ACM Press, 2006. 89 98. [doi: 10.1145/1180405.1180418]

[3] Ostrovsky R, Sahai A, Waters B. Attribute-Based encryption with non-monotonic access structures. In: Proc. of the 14th ACM Conf. on Computer and Communications Security. New York: ACM Press, 2007. 195 203. [doi: 10.1145/1315245.1315270]

[4] Attrapadung N, Imai H. Conjunctive broadcast and attribute-based encryption. In: Shacham H, Waters B, eds. Proc. of the Pairing-Based Cryptography—Pairing 2009. Berlin: Springer-Verlag, 2009. 248 265. [doi: 10.1007/978-3-642-03298-1_16]

[5] Attrapadung N, Imai H. Attribute-Based encryption supporting direct/indirect revocation modes. In: Parker MG, ed. Proc. of the Cryptography and Coding. Berlin: Springer-Verlag, 2009. 278 300. [doi: 10.1007/978-3-642-10868-6_17]

[6] Bethencourt J, Sahai A, Waters B. Ciphertext-Policy attribute-based encryption. In: Proc. of the 2007 IEEE Symp. on Security and Privacy. Washington: IEEE Computer Society, 2007. 321 334. http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=4223236 [doi: 10.1109/SP.2007.11]

[7] Waters B. Ciphertext-Policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Catalano D, Catalano N, eds. Proc. of the Public Key Cryptography (PKC 2011). Berlin: Springer-Verlag, 2011. 53 70. [doi: 10.1007/978-3-642-19379-8_4]

[8] Su JS, Cao D, Wang XF, Sun YP, Hu QL. Attribute based encryption schemes. Journal of Software, 2011,22(6):1299 1315 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/3993.htm [doi: 10.3724/SP.J.1001.2011.03993]

[9] Hanaoka Y, Hanaoka G, Shikata J, Imai H. Identity-Based hierarchical strongly key-insulated encryption and its application. In: Roy B, ed. Advances in Cryptology—ASIACRYPT 2005. Berlin: Springer-Verlag, 2005. 495 514. [doi: 10.1007/11593447_27]

[10] Boldyreva A, Goyal V, Kumar V. Identity-Based encryption with efficient revocation. In: Proc. of the 15th ACM Conf. on Computer and Communications Security. New York: ACM Press, 2008. 417 426. [doi: 10.1145/1455770.1455823]

[11] Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup V, ed. Advances in Cryptology—CRYPTO 2005. Berlin: Springer-Verlag, 2005. 258 275. [doi: 10.1007/11535218_16]

[12] Yu SC, Wang C, Ren K, Lou WJ. Attribute based data sharing with attribute revocation. In: Proc. of the 5th ACM Symp. on Information, Computer and Communications Security. New York: ACM Press, 2010. 261 270. [doi: 10.1145/1755688.1755720]

[13] Hur JD, Noh K. Attribute-Based access control with efficient revocation in data outsourcing systems. IEEE Trans. on Parallel and Distributed Systems, 2011,22(7):1214 1221. [doi: 10.1109/TPDS.2010.203]

[14] Wang PP, Feng DG, Zhang LW. Towards attribute revocation in key-policy attribute based encryption. In: Lin DD, Tsudik G, Wang XY, eds. Proc. of the 10th Int’l Conf. on Cryptography and Network Security. Berlin: Springer-Verlag, 2011. 272 291. [doi:10.1007/978-3-642-25513-7_19]

[15] Boneh D, Goh E, Nissim K. Evaluating 2-DNF formulas on ciphertexts. In: Kilian J, ed. Proc. of the Theory of Cryptography (TCC2005). Berlin: Springer-Verlag, 2005. 325 341. [doi: 10.1007/978-3-540-30576-7_18]

[16] Waters B. Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions. In: Halevi S, ed. Advances in Cryptology—CRYPTO 2009. Berlin: Springer-Verlag, 2009. 619 636. [doi: 10.1007/978-3-642-03356-8_36]

[17] Beimel A. Secure schemes for secret sharing and key distribution [Ph.D. Thesis]. Haifa: Israel Institute of Technology, 1996.

[18] Katz J, Sahai A, Waters B. Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart N, ed. Advances in Cryptology—EUROCRYPT 2008. Berlin: Springer-Verlag, 2008. 146 162. [doi: 10.1007/978-3-540-78967-3_9]

[19] Lewko A, Okamoto T, Sahai A, Takashima K, Waters B. Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert H, ed. Advances in Cryptology—EUROCRYPT 2010. Berlin: Springer-Verlag,2010. 62 91. [doi: 10.1007/ 978-3-642-13190-5_4]

[20] Lewko A, Waters B. Decentralizing attribute-based encryption. In: Paterson K, ed. Advances in Cryptology—EUROCRYPT 2011. Berlin: Springer-Verlag, 2011. 568 588. [doi: 10.1007/978-3-642-20465-4_31]

[21] Amada S, Attrapadung N, Hanaoka G, Kunihiro N. Generic constructions for chosen-ciphertext secure attribute based encryption. In: Catalano D, Catalano N, eds. Proc. of the Public Key Cryptography (PKC 2011). Berlin: Springer-Verlag, 2011. 71 89. [doi:10.1007/978-3- 642-19379-8_5]

引用本文

王鹏翩,冯登国,张立武.一种支持完全细粒度属性撤销的CP-ABE方案.软件学报,2012,23(10):2805-2816

复制

文章指标

点击次数:4530
下载次数: 9013
HTML阅读次数: 0
引用次数: 0

历史

收稿日期:2011-09-15
最后修改日期:2012-01-17
录用日期:
在线发布日期: 2012-09-30
出版日期:

微信服务号

微信订阅号

引用本文

分享

文章指标

历史

文章二维码

微信服务号

微信订阅号

引用本文

分享

微信扫一扫：分享

文章指标

历史

文章二维码