CN108418681A - A kind of searching ciphertext system and method based on attribute for supporting proxy re-encryption - Google Patents
A kind of searching ciphertext system and method based on attribute for supporting proxy re-encryption Download PDFInfo
- Publication number
- CN108418681A CN108418681A CN201810058235.4A CN201810058235A CN108418681A CN 108418681 A CN108418681 A CN 108418681A CN 201810058235 A CN201810058235 A CN 201810058235A CN 108418681 A CN108418681 A CN 108418681A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- keyword
- encryption
- private key
- attribute
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
Abstract
The invention discloses a kind of searching ciphertext system and method based on attribute for supporting proxy re-encryption, this method is retrieved with realizing user security simultaneously under cloud environment shares two functions with the effective of search permission.This method use based on the linear privacy sharing matrix access structures of LSSS, not only support fine-grained description to access the attribute of user, but also there is higher computational efficiency.It is submitted to Cloud Server after the threshold generation stage blinds user key using random value, ensure that confidentiality and the safety of user key.On the other hand the commission problem for considering search right when authorized user is not online in practical application introduces proxy re-encryption technology and is converted to ciphertext by Cloud Server realization, alleviates the encrypting and decrypting pressure of data owner, substantially increase system effectiveness.
Description
Technical field
The present invention relates to a kind of searching ciphertext system and methods based on attribute for supporting proxy re-encryption, belong to cloud computing
Technical field.
Background technology
Cloud computing is an emerging project of information technology field, is parallel computation, Distributed Calculation and grid computing
Further development.Cloud storage is a critical services of cloud computing, it allows data owner to store their data on cloud,
Cloud Server provides round-the-clock data access to user.Ordinary user only needs a terminal, a smart mobile phone or tablet
Computer is connected to internet, so that it may to access the data in Cloud Server anywhere or anytime.For enterprise customer, especially fund
Limited medium-sized and small enterprises, cloud computing make they need not the prodigious hardware platform of buying expenses, flexible clothes on demand can be obtained
Business, to reduce cost.Although cloud service brings benefits much more so, come therewith there are many more safety problem,
Data upload to high in the clouds and have still deprived the right that data owner directly controls private data after all.In order to alleviate these loads
Sorrow, data owner need that data are encrypted before their data storage to Cloud Server.But encryption can influence
Data and file it is shared.For example, user cannot search encrypted data in Cloud Server.But it is rapidly sent out in network
Today of exhibition, information explosion, people need quick search to desired information.It can be seen that how finding rapidly and efficiently
Data interested to user are essential functions under cloud computing environment.
Then it can search for encryption to be suggested, it realizes the retrieval to ciphertext, especially suitable for cloud computing environment.With cloud
The fast development of calculating so that user can use a large amount of abilities stored and calculate of Cloud Server with cheap price, this
So that public key can search for encryption and become more popular.Although public key existing at present, which can search for encryption, safely and effectively to be completed
Search operation, however in order to realize control and the one-to-many communication pattern to searchers.2013, Kulvaibhavh etc.
People constructs can search for encrypted scheme (ABKS) based on CP-ABE, and program data owner utilizes access structure cryptography key
Word generates key when user wants to carry out cipher text searching according to self attributes, encrypts keyword to be retrieved and generates keyword
Trap is passed to server by thresholding Trap.Server first judges whether user key attribute meets the access structure of ciphertext, when
Attribute could carry out keyword verification when meeting, only attribute and keyword it is matched simultaneously in the case of, server will include
The ciphertext of the search thresholding returns to user.Wherein, ABE refers to the encryption based on attribute, and the encipherment scheme based on attribute is divided into
Two kinds, key strategy based on encryption attribute (Key-Policy ABE, KP-ABE) and Ciphertext policy based on encryption attribute
(Ciphertext-Policy ABE,CP-ABE).In KP-ABE, key is with access strategy correlation, and ciphertext is with property set phase
It closes, encipherer is only data and selects descriptive attribute, cannot determine that who can decrypt ciphertext, can only believe cipher key distribution
Person;Attribute is used for describing the private key of user in CP-ABE, and encipherer using access strategy can determine that encryption number can be accessed
According to, but encipherer is not aware that specifically who can access ciphertext.So the deployment way of CP-ABE and traditional access control mould
Type is more nearly, and can be good at the protection to sensitive data suitable for cloud computing environment, while may be implemented to accessing plan
Slightly more flexible control.
However, ABKS schemes having some limitations property in data sharing, for example when authorized user is not online, can not will search
Suo Quanli entrusts to the demand of other users.One effective method is exactly to introduce proxy re-encryption (Proxy Re-
Encryption, PRE) technology, a half online believable agency is set, the conversion of ciphertext is completed instead of authorized person, it is important
Be that proxy server does not know any information about plaintext, to have effectively achieved the shared of search right.But mesh
In preceding currently existing scheme, there is no realizing well to combine ABKS and PRE, also fail to realize while meeting user security retrieval
The demand of other users is authorized with search right.
Invention content
It can search in encipherment scheme based on attribute to overcome in cloud computing environment, cannot effectively realize awarding for search permission
Problem is given, the present invention provides a kind of searching ciphertext system and method based on attribute for supporting proxy re-encryption in cloud computing.
The present invention uses the access structure encrypted cipher text of LSSS, realizes data owner to the fine-grained description of searchers's attribute, spirit
Access rights are controlled livingly, improve system effectiveness.
The present invention uses following technical scheme to solve above-mentioned technical problem:
On the one hand, the present invention provides a kind of searching ciphertext system based on attribute for supporting proxy re-encryption, the system packet
Include initialization module, private key generation module, ciphertext generation module, threshold generation module, searching ciphertext module, re-encrypted private key life
At module, re-encryption ciphertext generation module, re-encryption searching ciphertext module;Wherein:
Initialization module:System public key and system master key are generated by authorization center, wherein system public key discloses, system
Master key generates center by private key and preserves;
Private key generation module:The private key that user is used to that encryption file to be decrypted is generated according to the attribute set of user;
Ciphertext generation module:Data owner utilizes LSSS access structure encryption keywords, generates keyword ciphertext;
Threshold generation module:The private key and keyword to be searched encryption that server possesses according to user generate thresholding
Value;
Searching ciphertext module:When the attribute for the private key that user possesses meets the access structure in keyword ciphertext, Yi Jimen
When the keyword in keyword and keyword ciphertext to be searched in limit value is equal, searching ciphertext is carried out, otherwise retrieval failure;
Re-encrypted private key generation module:Authorized user is close according to the private key of oneself and the generation re-encryption of new access structure
Key is then passed to proxy server;
Re-encryption ciphertext generation module:Proxy server is according to the re-encrypted private key that authorized user provides come re-encrypted original
Beginning ciphertext generates re-encryption keyword ciphertext;
Re-encryption searching ciphertext module:When the attribute in private key for user meets the access structure in re-encryption keyword ciphertext
And keyword in the keyword and re-encryption keyword ciphertext to be searched of threshold value it is equal when, carry out re-encryption ciphertext inspection
Rope, otherwise retrieval failure.
As the present invention further technical solution, the ciphertext generation module use Ciphertext policy based on category
The Encryption Algorithm CP-ABE of property.
Used as the further technical solution of the present invention, in the threshold generation module random value first to private key into
Row blinds processing, then is uploaded to Cloud Server.
As the further technical solution of the present invention, the re-encryption ciphertext generation module uses proxy re-encryption skill
Art.
On the other hand, described the present invention also provides a kind of cipher text retrieval method based on attribute for supporting proxy re-encryption
Method includes the following steps:
Step 1:Security parameter κ and global property U is inputted, system public key is centrally generated by private key generation and system master is close
Key, wherein system public key PK is disclosed, and system master key MSK generates center by private key and preserves:
MSK=(a, b, c)
Wherein, eαIt is a multilinear pairing { eα:G0×Gα→Gα+1| α=0,1,2 }, gjIt is prime number p rank cyclic group GjOn
Generation member, j=0,1,2,3, and have gα+1=eα(g0,gα), H is the hash function of a safety,
A, b, c are the group of integers Z of p rankspOn random integers;
Step 2:Input system public key PK, system master key MSK and user property collection S are centrally generated pair by private key generation
The private key SK answeredS:
SKS=(K, L, { Kx}x∈S)
Wherein,Kx=H (x)t, H () is the hash function in step 1;Random value t ∈ Zp;
Step 3:Input system public key PK, keyword w and access structure (M, ρ), data owner execute Encryption Algorithm, generate
Keyword ciphertext CPH:
CPH=(W1,W2,W3,{Ci,Di}1≤i≤l)
Wherein, M is a linear matrix of l rows n, and ρ is one and every a line of matrix M is mapped to singly reflecting for user property
Penetrate function;q1,q2For two random values;ForHaveHave from the 1st row to l rows for MMiIt is that the i-th rows of matrix M are corresponding
Vector,y2,…,ynIt is one group of random value;
Step 4:User input systems public key PK, private key for user SKSWith keyword w ' generation threshold Ts K to be found:
TK=(T1,T2,T3,T4,{Tx}x∈S)
Wherein,At random
Value s ∈ Zp;
Step 5:If authorized user authorizes retrieval permissions to other users and thens follow the steps 6, otherwise input system public key PK,
The threshold T K and keyword ciphertext CPH of user, Cloud Server carry out searching ciphertext, and detailed process includes as follows:
Step 5-1:First judge whether the attribute set in data search person's private key meets access structure (M, ρ), if meeting
5-2 is thened follow the steps, ⊥ is otherwise exported and represents retrieval failure;
Step 5-2:Judge whether keyword w ' to be searched is equal with the keyword w in keyword ciphertext, if then closing
Key word is consistent, and then server success search key file exports judgment value 1, representative is retrieved successfully;Otherwise judgment value is exported
0, indicate retrieval failure;
Step 6:Input system public key PK, authorized user input the private key SK of oneselfSWith new access structure (M ', ρ '),
Re-encrypted private key RK is generated by authorized user, is then sent to proxy server:
RK=(V1,V2,V3,{C′i′,D′i′}1≤i′≤l′,R1,R2,R3,R4,{Rx}x∈S)
Wherein, M ' is the linear matrix of l ' row n ' row, and ρ ' is one and every a line of matrix M ' is mapped to user property
Single mapping function;q1′,q2' it is two random values, random value δ ∈R
{0,1}κ;ForHaveHave from the 1st row to l ' rows for M 'M′i′It is the corresponding vector of the rows of matrix M ' the i-th ',y2′,…,yn' be one group with
Machine value;Random value μ ∈ Zp, R1=(g0 bg0 aH(δ))μ,ForHave
Step 7:Input system public key PK, original cipher text CPH and re-encrypted private key RK, proxy server is calculated to be added again
Close keyword ciphertext RCPH:
RCPH=(A1,V1,V2,V3,{C′i′,D′i′}1≤i′≤l′)
Wherein,
Step 8:When Cloud Server receives the keyword match request of authorized user, input system public key PK, awarded
The threshold value and re-encryption keyword ciphertext RCPH for weighing user execute re-encryption keyword cipher text retrieval, specifically by Cloud Server
Process includes as follows:
Step 8-1:First determine whether the attribute set in authorized user's private key whether meet new access structure (M ',
ρ '), 8-2 is thened follow the steps if meeting, ⊥ is otherwise exported and represents retrieval failure;
Step 8-2:Judge whether keyword to be searched is equal with the keyword w in re-encryption keyword ciphertext, if
Then keyword is consistent, and then server success search key file exports judgment value 1, representative is retrieved successfully;Otherwise output is sentenced
Disconnected value 0 indicates retrieval failure.
As the further technical solution of the present invention, according to being awarded in the thresholding value generation method generation step 8 of step 4
Weigh the threshold value of user.
As the further technical solution of the present invention, judge whether the attribute set in private key meets access in step 5-1
Structure (M, ρ), as verifies equationIt is whether true:
Constant vector { ω is found in polynomial timei∈Zp}i∈ISo thatWhereinρ () is single mapping function in step 3, then the equation is set up, that is, represents property set
Whether conjunction meets access structure, and otherwise equation is invalid, that is, represents attribute set and be unsatisfactory for access structure.
Judge as the further technical solution of the present invention, in step 5-2 keyword w ' to be searched whether and keyword
Keyword w in ciphertext is equal, as verifies equation Eroote0(W2,T2)=e0(W1,T1)e0(T3,W3) whether true:If
It is consistent with keyword w that the equation establishment then represents keyword w ', otherwise represents keyword w ' and keyword w is inconsistent.
The present invention has the following technical effects using above technical scheme is compared with the prior art:
1. the present invention can search for encipherment scheme using CP-ABE's, ciphertext is encrypted using LSSS access structures,
LSSS access strategies can realize the fine granularity description to user property, the control for facilitating data owner to weigh file access, symbol
It closes practical application first to blind the private key of user in thresholding calculating process, prevents private key in the leakage of server, protect
The privacy of user is protected;
2. encrypted ciphertext under one access structure, which is switched to another, present invention introduces proxy re-encryption technology accesses knot
Ciphertext under structure, realizes and search permission is entrusted to other users when authorized user is not online, significantly reduces mandate and uses
The encrypting and decrypting pressure at family, and proxy server cannot obtain any information about keyword ciphertext, to ensure that number
According to secure access and shared;
Both 3. the present invention effectively will can search for encryption and proxy re-encryption technological incorporation based on attribute, make full use of
The advantages of, when authorized user is not online in effectively solving the problems, such as practical application under the premise of the commission of search permission, both ensured
Flexible control to visitor's permission, and secure access to data and shared is realized, computing cost is reduced, is improved
System effectiveness.
Description of the drawings
Fig. 1 is flow chart of the method for the present invention.
Fig. 2 is the specific implementation flow chart of ciphertext re-encryption algorithm of the present invention.
Fig. 3 is system model figure of the present invention in cloud computing environment.
Specific implementation mode
Technical scheme of the present invention is described in further detail below in conjunction with the accompanying drawings:
The invention discloses a kind of under cloud computing environment supports the searching ciphertext system based on attribute of proxy re-encryption
And method, this method is retrieved with realizing user security simultaneously under cloud environment shares two functions with the effective of search permission.
This method use based on the linear privacy sharing matrix access structures of LSSS, not only support fine-grained description to access the category of user
Property, and there is higher computational efficiency.It is submitted to cloud service after the threshold generation stage blinds user key using random value
Device ensure that confidentiality and the safety of user key.On the other hand consider to search for when authorized user is not online in practical application
The commission problem of right introduces proxy re-encryption technology and is converted to ciphertext by Cloud Server realization, alleviates data category
Main encrypting and decrypting pressure, substantially increases system effectiveness.
The searching ciphertext system based on attribute of proxy re-encryption, including initialization mould are supported in a kind of cloud computing of the present invention
Block, private key generation module, ciphertext generation module, threshold generation module, searching ciphertext module, re-encrypted private key generation module, again
Encrypted cipher text generation module, re-encryption searching ciphertext module.
Initialization module:System public key and system master key are generated by authorization center, wherein system public key discloses, system
Master key generates center by private key and preserves;
Private key generation module:The private key that user is used to that encryption file to be decrypted is generated according to the attribute set of user;
Ciphertext generation module:Data owner utilizes LSSS access structure encryption keywords, generates keyword ciphertext.
Threshold generation module:The private key and keyword to be searched encryption that server possesses according to user generate thresholding
Value;
Searching ciphertext module:Meet in access structure and threshold value in ciphertext and if only if the attribute in private key for user
Keyword and keyword ciphertext to be searched in keyword it is equal when, could search for successfully, otherwise search failure.
Re-encrypted private key generation module:Authorized user is close according to the private key of oneself and the generation re-encryption of new access structure
Key is then passed to proxy server;
Re-encryption ciphertext generation module:Proxy server is according to the re-encrypted private key that authorized user provides come re-encrypted original
Beginning ciphertext generates re-encryption keyword ciphertext;
Re-encryption searching ciphertext module:Meet re-encryption keyword ciphertext and if only if the attribute in authorized user's private key
In access structure and keyword in keyword to be searched and re-encryption keyword ciphertext in threshold value it is equal when, ability
It searches for successfully, otherwise search failure.
The ciphertext generation module uses the Encryption Algorithm based on CP-ABE;The CP-ABE refers to based on close
The encryption attribute algorithm of literary strategy, private key is related to property set in the algorithm, and ciphertext is related to access structure, it is easier to realization category
The main permission to visitor controls;LSSS access structures are used, can realize and visitor's attribute fine granularity is described, flexibly
Ground controls access rights.
Random value is used in the threshold generation module first private key is carried out to blind processing, then be uploaded to cloud service
Device so that private key is invisible for incredible server, ensure that the safety of private key, ensures that the safety of ciphertext.
Only be in described two retrieval modules (searching ciphertext module and re-encryption searching ciphertext module) to keyword into
Row matching, operation is not decrypted, because mutually binding has correspondence after data ciphertext and keyword ciphertext,
When user search is to corresponding keyword ciphertext, corresponding data ciphertext just can submit to user, in this way can safety protection number
According to ciphertext, and search operaqtion only is carried out to keyword ciphertext, improves effectiveness of retrieval.
Proxy re-encryption technology has been used in the re-encryption ciphertext generation module;Proxy re-encryption technology is exactly to close
A kind of encryption technology that text is converted, wherein Cloud Server play the function of proxy server, it can search donor
The ciphertext of rope is converted into the ciphertext that licensee can search for, and in the process, proxy server is for the data corresponding to ciphertext
File is known nothing in plain text, to ensure that the safety of data file and effectively sharing for search permission.
The proxy re-encryption technology is single-hop, unidirectional;According to the conversion times of ciphertext in proxy re-encryption, agency
Re-encryption scheme can be divided into single-hop and multi-hop, and single-hop, which refers to proxy re-encryption scheme, can only allow ciphertext primary by conversion,
A proxy re-encryption can only be carried out;Multi-hop refers to that ciphertext can be multiple by conversion;Again according to the conversion direction of ciphertext, Dai Lichong
Encryption can be divided into two-way and unidirectional, and two-way to refer to agency can both be converted into the A ciphertexts that can be decrypted the ciphertext that B can be decrypted,
The B ciphertexts that can be decrypted can be converted into the ciphertext that A can be decrypted again;Unidirectional refers to that the ciphertext that can decrypt A is only allowed to be converted into B
The ciphertext that can be decrypted.
Below with an example come to supporting the ciphertext based on attribute of proxy re-encryption to examine in the cloud computing in the present invention
Suo Fangfa is specifically illustrated.
As shown in Figures 1 to 3, the present invention also provides the ciphertext inspections based on attribute that proxy re-encryption is supported in a kind of cloud computing
Suo Fangfa, this method comprises the following steps:
Step 1:Security parameter κ and global property U is inputted, system public key is centrally generated by private key generation and system master is close
Key, public key is disclosed, and system master key generates center by private key and preserves, specific to determine that method includes as follows:
Wherein PK represents system public key, eαIt is a multilinear pairing { eα:G0×Gα→Gα+1| α=0,1,2 }, gjIt is prime number
P rank cyclic groups GjOn generation member, j=0,1,2,3, and have gα+1=eα(g0,gα), H is the hash function of a safety,
MSK=(a, b, c) formula 2
Wherein, MSK is system master key, and a, b, c is the group of integers Z of p rankspOn random integers.
After initialization module is finished, step 2 is continued to execute.
Step 2:Input system public key PK, system master key MSK and user property collection S are centrally generated pair by private key generation
The private key SK answeredS, it is used for thresholding computing module and re-encrypted private key generation module.
SKS=(K, L, { Kx}x∈S) formula 3
Wherein, SKSRepresent private key, K, L, KxAll it is the component part of private key, selects a random value t ∈ Zp, then calculateFor any one attribute x in property set S, there is Kx=H (x)t。
It, must be first to data file for the safety and privacy of data before data file is uploaded Cloud Server by user
It is uploaded again after being encrypted with keyword, executes step 3.
Step 3:Input system public key PK, keyword w and access structure (M, ρ), data owner execute Encryption Algorithm.It accesses
In structure (M, ρ), M is the linear matrix of l × n, and ρ is a single mapping function, can every a line of matrix be mapped to user
Attribute, specific ciphering process include as follows:
CPH=(W1,W2,W3,{Ci,Di}1≤i≤l) formula 4
Wherein, CPH represents ciphertext, W1,W2,W3,Ci,DiIt is the component part of ciphertext, randomly chooses two random value q1,
q2, one group of random value is then selected to constitute random vectorFor access matrix from the 1st row to l
Row hasWherein MiIt is the corresponding vector of the i-th rows of matrix M, finally selects random value r1,r2,…,rl∈Zp, Wherein w represents keyword,ForHave
When user wants search key, threshold generation module is gone to, executes step 4;
Step 4:User input systems public key PK, private key for user SK and keyword w ' generation threshold values to be found, specifically
Calculating process includes as follows:
TK=(T1,T2,T3,T4,{Tx}x∈S) formula 5
Wherein, TK represents threshold value, T1,T2,T3,T4,TxIt is the component part of threshold value, selects a random value s first
∈Zp, calculateThen private key is blinded using random value,
When Cloud Server receives the threshold value submitted when the retrieval of user, searching ciphertext module is gone to, executes step 5;
Step 5:Input system public key PK, the threshold T K of user and keyword ciphertext CPH, Cloud Server are retrieved,
Detailed process includes as follows:
Step 5-1:First judge whether the attribute set of data search person meets access structure, that is, verifies:
Constant vector { ω can be found in polynomial time if attribute meets access structurei∈Zp}i∈ISo thatWhereinSo formula 6 is set up, i.e., the attribute of searchers, which meets, accesses knot
Structure, otherwise formula 6 is invalid, illustrates that the attribute in private key is unsatisfactory for the access structure in ciphertext, output ⊥ represents retrieval failure;
Step 5-2:If formula 6 set up, next judge keyword w ' to be searched whether with the pass in keyword ciphertext
Whether key word w is equal, that is, verifies Eroote0(W2,T2)=e0(W1,T1)e0(T3,W3) whether true.Verification process is as follows:
It is consistent that keyword is represented if formula 7 is set up, then server success search key file exports 1, representative is searched
Suo Chenggong;Otherwise judgment value 0 is exported, indicates retrieval failure.
If authorized user (step 5 and before referred to as data search person, so-called authorized user be for act on behalf of for
, data search person is all referred to as before not acted on behalf of) it is not online when want search permission licensing to other users, go to
Re-encrypted private key generation module executes step 6;
Step 6:Input system public key PK, authorized user input the private key SK and new access structure (M ', ρ ') of oneself, visit
It asks in structure (M ', ρ '), M ' is the linear matrix of l ' × n ', and ρ ' is a single mapping function, can reflect every a line of matrix
User property is penetrated into, re-encrypted private key is generated by authorized user, is then sent to proxy server, detailed process is as follows:
RK=(V1,V2,V3,{C′i′,D′i′}1≤i′≤l′,R1,R2,R3,R4,{Rx}x∈S) formula 8
Wherein, RK represents re-encrypted private key, V1,V2,V3,C′i′,D′i′,R1,R2,R3,R4,RxIt is the composition of re-encrypted private key
Part;A random value δ ∈ is selected firstR{0,1}κ, then consistent with original cipher text generation method that δ is encrypted.First with
Machine selects two random value q1′,q2', then select one group of random value to constitute random vectorFor
Access matrix has from the 1st row to l ' rowsWherein M 'i′It is the corresponding vector of the rows of matrix M ' the i-th ', finally selects
Random value r1′,r2′,…,r′l∈Zp,ForHave Then selection random value μ ∈ Zp, calculate R1=(g0 bg0 aH(δ))μ, ForHave
When proxy server receives the re-encrypted private key of authorized person's offer, re-encryption module, agency service are gone to
Device executes step 7;
Step 7:Input system public key PK, original cipher text CPH and re-encrypted private key RK, proxy server is calculated to be added again
Close keyword ciphertext, detailed process are as follows:
RCPH=(A1,V1,V2,V3,{C′i′,D′i′}1≤i′≤l′) formula 9
Wherein, RCPH represents re-encryption ciphertext, A1,V1,V2,V3,C′i′,D′i′It is the component part of re-encryption ciphertext, whereinIt calculates as follows:
When Cloud Server receives the keyword match request of authorized user, re-encryption searching ciphertext module is gone to, is held
Row step 8;
Step 8:Input system public key PK, the thresholding TK of licensee and re-encryption ciphertext RCPH, are executed by Cloud Server
Re-encryption searching ciphertext, detailed process include as follows:
Step 8-1:First determine whether the attribute set in authorized user's private key whether meet new access structure (M ',
ρ '), 8-2 is thened follow the steps if meeting, ⊥ is otherwise exported and represents retrieval failure;
Step 8-2:First according to the thresholding and re-encryption cryptogram computation X=B using licensee1/e0(V2,T2), it is awarded
The threshold generation process of people is weighed with step 4, wherein B1It calculates as follows:
Next X is calculated:
Finally verification equation e2(V1,e1(T2′,A1))=e2(W1,e1(R2, X)) it is whether true
I.e.
If w=w ', i.e., when the keyword in re-encryption keyword ciphertext is consistent with the keyword in threshold value, formula 12 at
It is vertical, export judgment value 1, representative server success search key file.Otherwise judgment value 0 is exported, indicates retrieval failure.
It is only the preferred embodiments of the invention in summary, it is noted that for the ordinary skill people of the art
Member, without departing from the inventive concept of the premise, can also make several improvements and modifications, these improvements and modifications also should be regarded as
In protection scope of the present invention.
Claims (8)
1. a kind of searching ciphertext system based on attribute for supporting proxy re-encryption, which is characterized in that the system includes initialization
Module, private key generation module, ciphertext generation module, threshold generation module, searching ciphertext module, re-encrypted private key generation module,
Re-encryption ciphertext generation module, re-encryption searching ciphertext module;Wherein:
Initialization module:System public key and system master key are generated by authorization center, wherein system public key discloses, and system master is close
Key generates center by private key and preserves;
Private key generation module:The private key that user is used to that encryption file to be decrypted is generated according to the attribute set of user;
Ciphertext generation module:Data owner utilizes LSSS access structure encryption keywords, generates keyword ciphertext;
Threshold generation module:The private key and keyword to be searched encryption that server possesses according to user generate threshold value;
Searching ciphertext module:When the attribute for the private key that user possesses meets access structure and threshold value in keyword ciphertext
In keyword and keyword ciphertext to be searched in keyword it is equal when, carry out searching ciphertext, otherwise retrieval failure;
Re-encrypted private key generation module:Authorized user generates re-encrypted private key according to the private key of oneself and new access structure,
It is then passed to proxy server;
Re-encryption ciphertext generation module:Proxy server is original close come re-encrypted according to the re-encrypted private key that authorized user provides
Text generates re-encryption keyword ciphertext;
Re-encryption searching ciphertext module:When the attribute in private key for user meet access structure in re-encryption keyword ciphertext and
When keyword in the keyword and re-encryption keyword ciphertext to be searched of threshold value is equal, re-encryption searching ciphertext is carried out,
Otherwise retrieval failure.
2. a kind of searching ciphertext system based on attribute for supporting proxy re-encryption according to claim 1, feature exist
In the ciphertext generation module uses the Encryption Algorithm CP-ABE based on attribute of Ciphertext policy.
3. a kind of searching ciphertext system based on attribute for supporting proxy re-encryption according to claim 1, feature exist
In using random value in the threshold generation module and first carry out blinding processing to private key, then be uploaded to Cloud Server.
4. a kind of searching ciphertext system based on attribute for supporting proxy re-encryption according to claim 1, feature exist
In the re-encryption ciphertext generation module uses proxy re-encryption technology.
5. a kind of cipher text retrieval method based on attribute for supporting proxy re-encryption, which is characterized in that the method includes as follows
Step:
Step 1:Security parameter κ and global property U is inputted, system public key and system master key are centrally generated by private key generation,
In, system public key PK is disclosed, and system master key MSK generates center by private key and preserves:
MSK=(a, b, c)
Wherein, eαIt is a multilinear pairing { eα:G0×Gα→Gα+1| α=0,1,2 }, gjIt is prime number p rank cyclic group GjOn life
Cheng Yuan, j=0,1,2,3, and have gα+1=eα(g0,gα), H is the hash function of a safety,a,b,c
All it is the group of integers Z of p rankspOn random integers;
Step 2:Input system public key PK, system master key MSK and user property collection S are centrally generated corresponding by private key generation
Private key SKS:
SKS=(K, L, { Kx}x∈S)
Wherein,Kx=H (x)t, H () is the hash function in step 1;Random value t ∈ Zp;
Step 3:Input system public key PK, keyword w and access structure (M, ρ), data owner execute Encryption Algorithm, generate crucial
Word ciphertext CPH:
CPH=(W1,W2,W3,{Ci,Di}1≤i≤l)
Wherein, M is a linear matrix of l rows n, and ρ is a single mapping letter that every a line of matrix M is mapped to user property
Number;q1,q2For two random values;ForHaveHave from the 1st row to l rows for MMiBe the i-th rows of matrix M it is corresponding to
Amount,y2,…,ynIt is one group of random value;
Step 4:User input systems public key PK, private key for user SKSWith keyword w ' generation threshold Ts K to be found:
TK=(T1,T2,T3,T4,{Tx}x∈S)
Wherein,
Random value s ∈ Zp;
Step 5:If authorized user authorizes retrieval permissions to other users and thens follow the steps 6, otherwise input system public key PK, user
Threshold T K and keyword ciphertext CPH, Cloud Server carry out searching ciphertext, detailed process include it is as follows:
Step 5-1:First judge whether the attribute set in data search person's private key meets access structure (M, ρ), is held if meeting
Otherwise row step 5-2 exports ⊥ and represents retrieval failure;
Step 5-2:Judge whether keyword w ' to be searched is equal with the keyword w in keyword ciphertext, if then keyword
Unanimously, then server success search key file exports judgment value 1, and representative is retrieved successfully;Otherwise judgment value 0, table are exported
Show retrieval failure;
Step 6:Input system public key PK, authorized user input the private key SK of oneselfSWith new access structure (M ', ρ '), by authorizing
User generates re-encrypted private key RK, is then sent to proxy server:
RK=(V1,V2,V3,{C′i′,D′i′}1≤i′≤l′,R1,R2,R3,R4,{Rx}x∈S)
Wherein, M ' is the linear matrix of l ' row n ' row, and ρ ' is one and every a line of matrix M ' is mapped to singly reflecting for user property
Penetrate function;q′1,q′2For two random values, random value δ ∈R{0,1}κ;
ForHaveHave from the 1st row to l ' rows for M '
It is the corresponding vector of the rows of matrix M ' the i-th ',y′2,…,y′nIt is one group of random value;Random value μ ∈
Zp,ForHave
Step 7:Re-encryption pass is calculated in input system public key PK, original cipher text CPH and re-encrypted private key RK, proxy server
Key word ciphertext RCPH:
RCPH=(A1,V1,V2,V3,{C′i′,D′i′}1≤i′≤l′)
Wherein,
Step 8:When Cloud Server receives the keyword match request of authorized user, input system public key PK, it is authorized to and uses
The threshold value and re-encryption keyword ciphertext RCPH at family execute re-encryption keyword cipher text retrieval, detailed process by Cloud Server
Including as follows:
Step 8-1:First determine whether the attribute set in authorized user's private key meets new access structure (M ', ρ '), if
Satisfaction thens follow the steps 8-2, otherwise exports ⊥ and represents retrieval failure;
Step 8-2:Judge whether keyword to be searched is equal with the keyword w in re-encryption keyword ciphertext, if then closing
Key word is consistent, and then server success search key file exports judgment value 1, representative is retrieved successfully;Otherwise judgment value is exported
0, indicate retrieval failure.
6. a kind of cipher text retrieval method based on attribute for supporting proxy re-encryption according to claim 5, feature exist
According to the threshold value of the authorized user in the thresholding value generation method generation step 8 of step 4.
7. a kind of cipher text retrieval method based on attribute for supporting proxy re-encryption according to claim 5, feature exist
In judging whether the attribute set in private key meets access structure (M, ρ) in step 5-1, as verify equationIt is whether true:
Constant vector { ω is found in polynomial timei∈Zp}i∈ISo thatWhereinρ () is single mapping function in step 3, then the equation is set up, that is, represents property set
Whether conjunction meets access structure, and otherwise equation is invalid, that is, represents attribute set and be unsatisfactory for access structure.
8. a kind of cipher text retrieval method based on attribute for supporting proxy re-encryption according to claim 7, feature exist
In judging whether keyword w ' to be searched is equal with the keyword w in keyword ciphertext, as verifies equation in step 5-2
Eroot·e0(W2,T2)=e0(W1,T1)e0(T3,W3) whether true:Keyword w ' and keyword w are represented if the equation is set up
Unanimously, it otherwise represents keyword w ' and keyword w is inconsistent.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810058235.4A CN108418681B (en) | 2018-01-22 | 2018-01-22 | Attribute-based ciphertext retrieval system and method supporting proxy re-encryption |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810058235.4A CN108418681B (en) | 2018-01-22 | 2018-01-22 | Attribute-based ciphertext retrieval system and method supporting proxy re-encryption |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108418681A true CN108418681A (en) | 2018-08-17 |
CN108418681B CN108418681B (en) | 2020-10-23 |
Family
ID=63125911
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810058235.4A Active CN108418681B (en) | 2018-01-22 | 2018-01-22 | Attribute-based ciphertext retrieval system and method supporting proxy re-encryption |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108418681B (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109120639A (en) * | 2018-09-26 | 2019-01-01 | 众安信息技术服务有限公司 | A kind of data cloud storage encryption method and system based on block chain |
CN109189727A (en) * | 2018-09-14 | 2019-01-11 | 江西理工大学 | A kind of block chain ciphertext cloud storage sharing method based on property broker re-encryption |
CN109451077A (en) * | 2019-01-04 | 2019-03-08 | 大连大学 | The model that medical cloud search permission is shared |
CN109510826A (en) * | 2018-11-16 | 2019-03-22 | 中国人民解放军战略支援部队信息工程大学 | Safe and reliable cloud storage method and device based on renewable encryption |
CN109660555A (en) * | 2019-01-09 | 2019-04-19 | 上海交通大学 | Content safety sharing method and system based on proxy re-encryption |
CN109740364A (en) * | 2019-01-04 | 2019-05-10 | 大连大学 | The cipher text searching method based on attribute of controllable search permission |
CN109872787A (en) * | 2019-02-02 | 2019-06-11 | 上海龙健信息技术科技有限公司 | A kind of publication of distributed data and method for subscribing |
CN110138561A (en) * | 2019-03-22 | 2019-08-16 | 西安电子科技大学 | Efficient cipher text retrieval method, the cloud computing service system automatically corrected based on CP-ABE |
CN110224986A (en) * | 2019-05-07 | 2019-09-10 | 电子科技大学 | It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE |
CN110474768A (en) * | 2019-08-22 | 2019-11-19 | 上海豆米科技有限公司 | A kind of information safety transmission system and method having the control of group's decrypted rights |
CN110610102A (en) * | 2019-09-23 | 2019-12-24 | 郑州师范学院 | Data access method, device and system |
CN110851850A (en) * | 2019-11-18 | 2020-02-28 | 南京邮电大学 | Searchable encryption system based on general circuit access structure |
CN111541535A (en) * | 2020-04-17 | 2020-08-14 | 西南交通大学 | Boolean retrieval attribute-based encryption method capable of verifying search results |
CN111698240A (en) * | 2020-06-08 | 2020-09-22 | 南京工业大学 | CP-ABE encryption outsourcing |
CN112685763A (en) * | 2021-03-18 | 2021-04-20 | 上海众旦信息科技有限公司 | Data opening method and system based on ciphertext authorized access |
CN113630245A (en) * | 2021-07-20 | 2021-11-09 | 武汉理工大学 | Data encryption method and system based on threshold attribute |
CN114036240A (en) * | 2021-11-25 | 2022-02-11 | 北京师范大学 | Multi-service provider private data sharing system and method based on block chain |
WO2023044963A1 (en) * | 2021-09-27 | 2023-03-30 | 深圳前海环融联易信息科技服务有限公司 | Method and system for re-encrypting threshold proxy based on attribute condition |
CN116319104A (en) * | 2023-05-22 | 2023-06-23 | 云上(江西)安全技术有限公司 | Data security operation method based on attribute re-encryption |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101220160B1 (en) * | 2012-03-09 | 2013-01-11 | 동국대학교 경주캠퍼스 산학협력단 | Secure data management method based on proxy re-encryption in mobile cloud environment |
CN103220291A (en) * | 2013-04-09 | 2013-07-24 | 电子科技大学 | Access control method base on attribute encryption algorithm |
CN104580205A (en) * | 2015-01-05 | 2015-04-29 | 南京邮电大学 | CP-ABE-based fixed ciphertext length proxy re-encryption system and method in cloud computing |
CN106375346A (en) * | 2016-11-14 | 2017-02-01 | 北京邮电大学 | Condition-based broadcast agent re-encryption data protection method for cloud environment |
CN106452748A (en) * | 2016-10-18 | 2017-02-22 | 西安电子科技大学 | Multiple users-based outsourcing database audit method |
CN106656997A (en) * | 2016-11-09 | 2017-05-10 | 湖南科技学院 | Mobile social network based agent proxy re-encryption cross-domain friend-making privacy protection method |
-
2018
- 2018-01-22 CN CN201810058235.4A patent/CN108418681B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101220160B1 (en) * | 2012-03-09 | 2013-01-11 | 동국대학교 경주캠퍼스 산학협력단 | Secure data management method based on proxy re-encryption in mobile cloud environment |
CN103220291A (en) * | 2013-04-09 | 2013-07-24 | 电子科技大学 | Access control method base on attribute encryption algorithm |
CN104580205A (en) * | 2015-01-05 | 2015-04-29 | 南京邮电大学 | CP-ABE-based fixed ciphertext length proxy re-encryption system and method in cloud computing |
CN106452748A (en) * | 2016-10-18 | 2017-02-22 | 西安电子科技大学 | Multiple users-based outsourcing database audit method |
CN106656997A (en) * | 2016-11-09 | 2017-05-10 | 湖南科技学院 | Mobile social network based agent proxy re-encryption cross-domain friend-making privacy protection method |
CN106375346A (en) * | 2016-11-14 | 2017-02-01 | 北京邮电大学 | Condition-based broadcast agent re-encryption data protection method for cloud environment |
Non-Patent Citations (2)
Title |
---|
WEIDONG ZHONG ; XU AN WANG ; ZIQING WANG ; YI DING: ""Proxy Re-encryption with Keyword Search from Anonymous Conditional Proxy Re-encryption"", 《2011 SEVENTH INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND SECURITY》 * |
熊安萍: ""云存储环境下基于属性的密文策略访问控制机制研究"", 《电子科技大学博士学位论文》 * |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109189727A (en) * | 2018-09-14 | 2019-01-11 | 江西理工大学 | A kind of block chain ciphertext cloud storage sharing method based on property broker re-encryption |
CN109189727B (en) * | 2018-09-14 | 2021-07-23 | 江西理工大学 | Block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption |
CN109120639B (en) * | 2018-09-26 | 2021-03-16 | 众安信息技术服务有限公司 | Data cloud storage encryption method and system based on block chain |
CN109120639A (en) * | 2018-09-26 | 2019-01-01 | 众安信息技术服务有限公司 | A kind of data cloud storage encryption method and system based on block chain |
CN109510826A (en) * | 2018-11-16 | 2019-03-22 | 中国人民解放军战略支援部队信息工程大学 | Safe and reliable cloud storage method and device based on renewable encryption |
CN109451077A (en) * | 2019-01-04 | 2019-03-08 | 大连大学 | The model that medical cloud search permission is shared |
CN109740364A (en) * | 2019-01-04 | 2019-05-10 | 大连大学 | The cipher text searching method based on attribute of controllable search permission |
CN109660555A (en) * | 2019-01-09 | 2019-04-19 | 上海交通大学 | Content safety sharing method and system based on proxy re-encryption |
CN109872787A (en) * | 2019-02-02 | 2019-06-11 | 上海龙健信息技术科技有限公司 | A kind of publication of distributed data and method for subscribing |
CN110138561B (en) * | 2019-03-22 | 2021-09-17 | 西安电子科技大学 | Efficient ciphertext retrieval method based on CP-ABE automatic correction and cloud computing service system |
CN110138561A (en) * | 2019-03-22 | 2019-08-16 | 西安电子科技大学 | Efficient cipher text retrieval method, the cloud computing service system automatically corrected based on CP-ABE |
CN110224986A (en) * | 2019-05-07 | 2019-09-10 | 电子科技大学 | It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE |
CN110474768A (en) * | 2019-08-22 | 2019-11-19 | 上海豆米科技有限公司 | A kind of information safety transmission system and method having the control of group's decrypted rights |
CN110610102A (en) * | 2019-09-23 | 2019-12-24 | 郑州师范学院 | Data access method, device and system |
CN110610102B (en) * | 2019-09-23 | 2021-06-25 | 郑州师范学院 | Data access method, device and system |
CN110851850B (en) * | 2019-11-18 | 2022-11-08 | 南京邮电大学 | Method for realizing searchable encryption system |
CN110851850A (en) * | 2019-11-18 | 2020-02-28 | 南京邮电大学 | Searchable encryption system based on general circuit access structure |
CN111541535A (en) * | 2020-04-17 | 2020-08-14 | 西南交通大学 | Boolean retrieval attribute-based encryption method capable of verifying search results |
CN111698240A (en) * | 2020-06-08 | 2020-09-22 | 南京工业大学 | CP-ABE encryption outsourcing |
CN112685763A (en) * | 2021-03-18 | 2021-04-20 | 上海众旦信息科技有限公司 | Data opening method and system based on ciphertext authorized access |
CN113630245A (en) * | 2021-07-20 | 2021-11-09 | 武汉理工大学 | Data encryption method and system based on threshold attribute |
CN113630245B (en) * | 2021-07-20 | 2023-12-12 | 武汉理工大学 | Data encryption method and system based on threshold attribute |
WO2023044963A1 (en) * | 2021-09-27 | 2023-03-30 | 深圳前海环融联易信息科技服务有限公司 | Method and system for re-encrypting threshold proxy based on attribute condition |
CN114036240A (en) * | 2021-11-25 | 2022-02-11 | 北京师范大学 | Multi-service provider private data sharing system and method based on block chain |
CN114036240B (en) * | 2021-11-25 | 2024-04-09 | 北京师范大学 | Multi-service provider privacy data sharing system and method based on block chain |
CN116319104A (en) * | 2023-05-22 | 2023-06-23 | 云上(江西)安全技术有限公司 | Data security operation method based on attribute re-encryption |
CN116319104B (en) * | 2023-05-22 | 2023-08-04 | 云上(江西)安全技术有限公司 | Data security operation method based on attribute re-encryption |
Also Published As
Publication number | Publication date |
---|---|
CN108418681B (en) | 2020-10-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108418681A (en) | A kind of searching ciphertext system and method based on attribute for supporting proxy re-encryption | |
CN109690551B (en) | Block chain data protection method, device and system and computer readable storage medium | |
CN106127075B (en) | Encryption method can search for based on secret protection under a kind of cloud storage environment | |
CN108881314B (en) | Privacy protection method and system based on CP-ABE ciphertext under fog computing environment | |
CN103636160B (en) | secure file sharing method and system | |
CN108400871B (en) | In conjunction with the searching ciphertext system and method for identity and the support proxy re-encryption of attribute | |
CN110099043A (en) | The hiding more authorization center access control methods of support policy, cloud storage system | |
CN112765650A (en) | Attribute-based searchable encryption block chain medical data sharing method | |
US20190354969A1 (en) | System and method for securing digital assets | |
CN107395568A (en) | A kind of cipher text retrieval method of more data owner's certifications | |
JP2023502346A (en) | Quantum secure networking | |
CN105071937B (en) | Ciphertext policy ABE base encryption method with the revocation of efficient attribute | |
CN105915520A (en) | File storage and searching method based on public key searchable encryption, and storage system | |
CN103038750A (en) | Systems and methods for securing data in motion | |
CN102655508A (en) | Method for protecting privacy data of users in cloud environment | |
CN103229165A (en) | Systems and methods for secure remote storage | |
CN103609059A (en) | Systems and methods for secure data sharing | |
CN108418784A (en) | A kind of distributed cross-domain authorization and access control method based on properties secret | |
US20220014367A1 (en) | Decentralized computing systems and methods for performing actions using stored private data | |
CN111274599A (en) | Data sharing method based on block chain and related device | |
CN113515759A (en) | Block chain-based power terminal data access control method and system | |
CN110611662A (en) | Attribute-based encryption-based fog collaborative cloud data sharing method | |
CN106326666A (en) | Health record information management service system | |
CN108170753B (en) | Key-Value database encryption and security query method in common cloud | |
CN114500069A (en) | Method and system for storing and sharing electronic contract |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 210003 Gulou District, Jiangsu, Nanjing new model road, No. 66 Applicant after: NANJING University OF POSTS AND TELECOMMUNICATIONS Address before: Yuen Road Qixia District of Nanjing City, Jiangsu Province, No. 9 210023 Applicant before: NANJING University OF POSTS AND TELECOMMUNICATIONS |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |