仲红,崔杰,朱文龙,许艳.高效且可验证的多授权机构属性基加密方案.软件学报,2018,29(7):2006-2017 |
高效且可验证的多授权机构属性基加密方案 |
Efficient and Verifiable Muti-Authority Attribute Based Encryption Scheme |
投稿时间:2017-06-02 修订日期:2017-07-13 |
DOI:10.13328/j.cnki.jos.005365 |
中文关键词: 属性基加密 多授权机构 在线/离线 隐私保护 可验证 |
英文关键词:attribute-based encryption multi-authority online/offline privacy preservation verifiable |
基金项目:国家自然科学基金(61572001,61502008);安徽省自然科学基金(1508085QF132,1708085QF136) |
|
摘要点击次数: 1510 |
全文下载次数: 1157 |
中文摘要: |
移动云计算对于移动应用程序来说是一种革命性的计算模式,其原理是把数据存储及计算能力从移动终端设备转移到资源丰富及计算能力强的云服务器.但是这种转移也引起了一些安全问题,例如,数据的安全存储、细粒度访问控制及用户的匿名性.虽然已有的多授权机构属性基加密云存储数据的访问控制方案,可以实现云存储数据的保密性及细粒度访问控制;但其在加密和解密阶段要花费很大的计算开销,不适合直接应用于电力资源有限的移动设备.另外,虽然可以通过外包解密的方式减少解密计算的开销,但其通常是把解密外包给不完全可信的第三方,其并不能完全保证解密的正确性.针对以上挑战,提出了一种高效的可验证的多授权机构属性基加密方案,该方案不仅可以降低加密解密的计算开销,还可以验证外包解密的正确性并且保护用户隐私.最后,安全分析和仿真实验结果表明了方案的安全性和高效性. |
英文摘要: |
Mobile cloud computing is a revolutionary computing paradigm for mobile applications, which enables storage and computation migration from mobile users to resource-rich and powerful cloud server. This migration causes some privacy issues in providing secure data storage, fine-grained access control and anonymity of users. The existing multi-authority ciphertext policy attribute based encryption (CP-ABE) access control scheme guarantees the confidentiality of sensitive data in the cloud server and provides fine-grained access control using defined policies. However it costs too much computation time on encryption and decryption and consumes enormous power resources, making it unsuitable for the mobile devices which are usually equipped with a limited power support. To cope with these challenging concerns, this paper proposes a new data access control scheme for cloud computing by using a new cryptographic primitive known as online/offline multi-authority ABE and the transform key technique. This scheme implements fine-grained access of data and reduces online computation cost of the encryption and decryption on the user side. The proposed scheme acquires user's secret key received from different authorities. That results in protecting privacy of each user against single authority. At last, the security and performance analysis demonstrate that this scheme has high security in terms of data confidentiality and high efficiency in terms of online computation cost. |
HTML 下载PDF全文 查看/发表评论 下载PDF阅读器 |