CN108880801A - The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice - Google Patents

The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice Download PDF

Info

Publication number
CN108880801A
CN108880801A CN201810744183.6A CN201810744183A CN108880801A CN 108880801 A CN108880801 A CN 108880801A CN 201810744183 A CN201810744183 A CN 201810744183A CN 108880801 A CN108880801 A CN 108880801A
Authority
CN
China
Prior art keywords
user
property
key
vector
revocation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810744183.6A
Other languages
Chinese (zh)
Other versions
CN108880801B (en
Inventor
张文芳
刘旭东
王小敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yami Technology Guangzhou Co ltd
Original Assignee
Southwest Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Jiaotong University filed Critical Southwest Jiaotong University
Priority to CN201810744183.6A priority Critical patent/CN108880801B/en
Publication of CN108880801A publication Critical patent/CN108880801A/en
Application granted granted Critical
Publication of CN108880801B publication Critical patent/CN108880801B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The distributed nature base encryption method that the revocation of fine granularity attribute is supported on a kind of lattice, belongs to information security field.Its step is mainly:System initialisation phase carries out linear privacy sharing to object vector, using sub-secret sharing behavior as the private key of respective attributes authorized organization;Attribute authority establishes corresponding y-bend revocation tree for all system properties of its management.User property key and update key generation phase:Attribute authority utilizes quadratic linear privacy sharing, obtains the secondary sub-secret sharing behavior of user property, and calculates user property key and user property more new key by primary image extraction algorithm and left sampling algorithm respectively.Encrypting stage:Encryption side calculates the ciphertext of message using Gaussian noise, encryption pretreatment noise vector and system public parameter.Decryption:Decryption side decrypts ciphertext using user property key and user property more new key.This method is highly-safe, and access strategy is flexible, and fine-grained property rights is supported to cancel.

Description

The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice
Technical field
The present invention relates to the distributed nature base encryption methods that the revocation of fine granularity attribute is supported on a kind of lattice.
Background technique
21 century is the information age, with Internet technologies such as electron medical treatment, instant messaging, shopping online, Online Videos Rapid development, information by it is a kind of it is unprecedented in a manner of change the daily life of the mankind.According to China Internet network information Center (CNNIC) publication《41st China Internet statistical report》It has been shown that, ended for the end of the year 2017, and China's netizen's scale has reached 7.72 hundred million, Internet penetration reaches 55.8%, 4.1 percentage points higher than global average level.Huge netizen group generates Therefore how scale information and data beyond imagination realize the secure storage of massive information and data, become current society Meeting problem urgently to be resolved.Partition by fine granularities is carried out to crowd using attribute based on the encryption method of attribute, can be realized a pair More data sharing process, have the characteristics that ability to express it is strong, it is practical flexibly, be easy to protect privacy of user, for anonymity requirement The certification of the networks such as high cloud computing, electron medical treatment and data Confidentiality protection provide strong algorithm support.Analytical table Bright, the existing encryption method based on attribute still has following deficiency:Firstly, the existing encryption method based on attribute uses mostly Bilinear map construction, safety, which is based on, to have been demonstrated to be difficult to resist the Diffie-Hellman difficulty of quantum cryptoanalysis and asks Topic, therefore, these methods are difficult to ensure the confidentiality of storing data in " quantum epoch ";In addition, these methods are in encryption and decryption mistake Journey needs to carry out a large amount of time-consuming Bilinear map operations, inefficiency.Secondly, the existing encryption method for being mostly based on attribute is not Consider the problems of that property rights cancel, and in actual life, user property permission updates, Key Exposure is relatively common feelings Therefore condition how under the premise of not influencing system other users, cancels the property rights of specific user, makes it not It can be the problem of attribute base encryption method needs primary study using original key decryption ciphertext.Again, existing attribute base encryption Method is responsible for the distribution and management of all properties key in system by single attribute authority mostly, if the attribute authority It is broken through by attacker, attacker can use the attribute key of any user of its key generation system, and therefore, there are attributes for system Key escrow.Finally, the existing encryption method based on attribute can only realize thresholding and AND access strategy mostly, plan is accessed It is slightly inflexible, it is difficult to realize the access strategy for supporting any boolean's expression.To sum up, it designs and supports fine granularity attribute on a kind of lattice The distributed nature base encryption method of revocation has important academic significance and wide application value.
Shi et al. " ShiYF, Zheng QJ, Liu JQ, Zhen H.Directly revocable key-policy attribute-based encryptionwith verifiable ciphertext delegation[J] .Information Sciences, 2015,295:221-231. " is based on multilinear pairing and BSP Tree, proposes one Support the KP-ABE scheme directly cancelled, the program that user identity is embedded in user property more new key, by updating revocation column The mode of table and ciphertext directly cancels whole access authority of user.Its property rights cancels coarse size, cannot be to multiple attributes Permission respectively carries out the revocation of fine granularity property rights one by one;Meanwhile this method encryption, re-encryption, decrypting process need into The a large amount of polytenies of row are not particularly suited for computing resource constrained environment to operation;In addition, decryption policy is tied up with user key Fixed, the mode of attribute and ciphertext binding limits the flexibility and practicability of this method.
" lattice encryption attribute scheme [J] the air force of attribute can be revoked in Zhang Xinwei, string suede, still Ford to Zhang Xinwei et al. Engineering college journal, 2015,16 (3):87-91. " proposed in 2015 it is a kind of support property rights cancel lattice attribute add Decryption method.This method includes initialization, the generation of attribute private key, key updating, the generation of user's decruption key, encryption and decryption six Stage.Case theory in conjunction with the encipherment scheme based on attribute, is introduced the think of of attribute revocation list and y-bend revocation tree by this method Think, enables the system to resist quantum cryptoanalysis, while fine-grained user right being supported to cancel.But this method utilizes Shamir privacy sharing method can only realize thresholding access strategy, and use is inflexible.In addition, system is by single attribute authority machine Structure is responsible for the distribution and management of all properties key in system, and accordingly, there exist attribute key trustship problem, safety is not high.
Summary of the invention
The object of the present invention is to provide the distributed nature base encryption methods that the revocation of fine granularity attribute is supported on a kind of lattice, should Method security is high, and access strategy is flexible, and fine-grained property rights is supported to cancel.
The technical scheme adopted by the invention for realizing the object of the invention is, point of fine granularity attribute revocation is supported on a kind of lattice Cloth attribute base encryption method, step are:
A, system initialization
The generation of A1, system public key, private key
System centre according to the security parameter λ of setting, randomly selects λ prime number qs first, then randomly selects digit and be less than The dimension n and Gaussian parameter α of λ;It then selects and meets relational expression m >=5nlog2The random number m of q, as columns m;
Then, system centre generates a n dimension object vector U at random and generates the revocation matrix of+1 n row m of η column at random Bj, j ∈ [0, η];Wherein, object vector U and revocation matrix BjIn element be random number less than prime number q, j is revocation square The serial number of battle array, η are the digit that user property cancels the time;
System centre carries out linear privacy sharing to object vector U, and sub-secret sharing behavior u is sent to corresponding attribute Authorized organization, the private key as the attribute authority;
The generation of A2, attribute public key, private key
Attribute authority possesses system property subspace W, W={ w1,…,wi,…,w|W|Key distribution, administrative power Limit;Wherein, wiFor i-th of system property in the W of system property subspace, | W | for system property w in the W of system property subspacei Sum;
I-th of system property w that attribute authority manages for itiEstablish corresponding y-bend revocation tree BTi, i.e. i-th of system Subordination wiY-bend revocation tree BTi;Attribute authority utilizes trapdoor generating algorithm, calculation system according to prime number q and dimension n I-th of system property w in attribute subspace WiPublic key matrix AiWith private key matrix Ti;Wherein, public key matrix AiIt is equal for element Less than the n row m column matrix of prime number q, private key matrix TiThe m row m column matrix of prime number q is respectively less than for element;
B, user property key generates
The composition of B1, user property set
The identity of User ID is id, the user property subset that User ID possesses Wherein, user property subsetFor the subset of system property subspace W, i.e., Indicate user property subset In k-th of user property;For user property subsetMiddle user propertyNumber;And user property subset In k-th of user propertyIt is i-th of system property w in the W of system property subspacei, i.e.,User is belonged to Temper collectionIn k-th of user propertyIt is named as i-th of system property w of User IDi,id,
B2, user property key generate
Attribute authority carries out quadratic linear privacy sharing to sub- Secret Shares u, obtains i-th of system of User ID Attribute wi,idSecondary sub-secret sharing behavior ui,id;And calculate i-th of system property w of User IDi,idTree BT is cancelled in y-bendi In node key SKi,id,θ, detailed process is as follows:
The identity id of User ID is deposited in i-th of system property w by attribute authorityiY-bend revocation tree BTi In empty leaf node;Tree BT is cancelled for the leaf node to y-bendiNode v on the path of root nodei,θ, attribute authority Mechanism randomly chooses a n-dimensional vector, i-th of system property w as User IDi,idTree BT is cancelled in y-bendiNode vi,θ Key vectorWherein, key vectorIn element be random number less than prime number q;θ is node vi,θIn y-bend Revocation tree BTiIn number;
Then, attribute authority calculates i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θRevocation key vector And by i-th of system property w of User IDi,idTree BT is cancelled in y-bendi Node vi,θKey vectorWith revocation key vectorDeposit in node vi,θIn;
Finally, attribute authority is according to Gaussian parameter α, i-th of system property wiPublic key matrix Ai, i-th of system category Property wiPrivate key matrix TiWith i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θKey vectorI-th of system property w of User ID is generated using primary image extraction algorithmi,idIn node vi,θOn attribute key
C, user property more new key generates
The selection of C1, y-bend revocation tree node
As i-th of system property w of User IDi,idWhen being revoked, which is named as and has cancelled userIts body Part mark is denoted asUser will have been cancelled simultaneouslyIdentity noteCharge to user's revocation list RL;Attribute authority According to having cancelled userI-th of system propertyY-bend revocation tree BTiWith user revocation list RL, obtains and cancelled UserProperty rights revocation when, y-bend revocation tree BTiThe minimal set for the node for needing to update, i.e. node updates minimal set Close Y;
The update of C2, key vector sum revocation key vector
For any node v in node updates minimal set Yi,θ, vi,θ∈ Y, if i-th of system of the User ID of storage Attribute wi,idTree BT is cancelled in y-bendiNode vi,θKey vectorWith revocation key vectorIt is not sky;Then carry out C3 The operation of step;Otherwise, attribute authority randomly chooses a n-dimensional vector, updates i-th of system property w of User IDi,id? Node vi,θOn key vectorWherein, updated key vectorIn element be random number less than prime number q;
Then, attribute authority utilizes i-th of system property w of User IDi,idIn node vi,θOn key vector With i-th of system property w of the User ID in B2 stepi,idSecondary sub-secret sharing behavior ui,id, according to equationObtain i-th of system property w of User IDi,idIn node vi,θOn revocation key vectorUpdate Value;And by updated key vectorWith revocation key vectorDeposit in the node v in set Yi,θOn;
The calculating of C3, user property more new key
By C1 walk in cancelled userI-th of system propertyProperty rights cancel the moment, be denoted as digit be η String of binary characters t, i.e., binary system revocation the time go here and there t, t=(t1,…,tj,…,tη);Wherein, tjWhen being cancelled for binary system Between go here and there t in jth position binary-coded character;
The revocation matrix B that attribute authority is arranged first with+1 n row m of η of binary system revocation time string t and A1 stepj, Revocation time cryptographic Hash H (t), H (t)=B is calculated in j ∈ [0, η]0+∑j∈[1,η]tj·Bj;Then, attribute authority root According to Gaussian parameter α, i-th of system property wiPublic key matrix AiAnd private key matrix Ti, revocation time cryptographic Hash H (t) and User ID I-th of system property wi,idIn node vi,θOn revocation key vectorRun left extraction algorithm generates User ID i-th A system property wi,idIn node vi,θOn user property more new key
D, it encrypts
The composition of D1, cryptographic attributes set
Encryption side selects cryptographic attributes subclass W*,The cryptographic attributes subclass W*For the subset of system property subspace W, i.e., Indicate cryptographic attributes subclass W*In first of cryptographic attributes;| W*| indicate cryptographic attributes subclass W*The number of middle cryptographic attributes;And cryptographic attributes subclass W*In first of cryptographic attributes It is i-th of system property w in the W of system property subspacei, i.e.,By cryptographic attributes subclass W*In first encryption AttributeIt is named as i-th of system property of cryptographic attributes subclassI.e.
D2, the first sub- cryptogram computation
It is the n-dimensional vector less than prime number q as encryption vector s that encryption side randomly selects element first;Then, choosing element is The Gaussian noise x that distribution parameter is Gaussian parameter α is obeyed less than prime number q;Finally, encryption side utilizes encryption vector s, Gaussian noise X, the object vector U in prime number q and A1 step, calculates the first sub- ciphertext C of outbound message M1,Its In, T is matrix transposition symbol,For downward rounding operation;
D3, the second sub- cryptogram computation
Encryption side randomly selects m and obeys the Gaussian noise that distribution parameter is Gaussian parameter α, and composition m ties up noise vector xi, I-th of system property as cryptographic attributes subclassSecret noise vector xi;And utilize the secret noise vector xiPlus Close vector s, i-th of system property wiPublic key matrix Ai, encryption vector s, i-th of the second sub- ciphertext of calculating outbound message M Divide Ci,2, Ci,2=Ai T·s+xi;Various pieces are sequentially connected in series, the second sub- ciphertext C of message M is obtained2
The sub- cryptogram computation of D4, third
Encryption side randomly selects the fuzzy matrix R that the random number that element value is -1 or 1 constitutes m row m columni, as encryption I-th of system property that attribute set closesAttribute fuzzy matrix Ri, and then calculate i-th of system of cryptographic attributes subclass SubordinationEncryption pre-process noise vector zi, zi=(xi|Ri·xi), wherein | indicate row connection;
Then, encryption side utilizes i-th of system property wiPublic key matrix AiWith revocation time cryptographic Hash H (t), pass through chain The mode connect generates i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, Fi=Ai|H(t);
Finally, encryption side utilizes i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, encryption vector I-th of system property of s and cryptographic attributes subclassEncryption pre-process noise vector zi, calculate third of outbound message M I-th of part C of ciphertexti,3, Ci,3=Fi T·s+zi;Various pieces are sequentially connected in series, the sub- ciphertext of third of message M is obtained C3
By the sub- ciphertext C of the third of message M1, the sub- ciphertext C of third2, the sub- ciphertext C of third3It is sequentially connected in series, obtains message M Ciphertext C;
E, it decrypts
E1, decryption properties set are constituted
User ID is first by user property subsetWith cryptographic attributes subclass W*Intersection as decryption properties subclass Wherein,For decryption properties subclassIn r A decryption properties,For decryption properties subclassThe number of middle decryption properties;And decryption properties subclassIn r A decryption propertiesIt is i-th of system property w in the W of system property subspacei,By decryption properties subclass In r-th of decryption propertiesIt is named as i-th of system property of decryption properties subclassI.e.
E2, decryption message
After User ID receives the ciphertext C of message M, decryption properties subclass is determinedWhether satisfaction decrypts substrategy;If solution Close attribute set closesIt is unsatisfactory for decryption substrategy, algorithm stops;Otherwise, User ID executes following operation:
According to B2 walk in quadratic linear privacy sharing method obtain i-th of system property of decryption properties subclassMeter Calculate factor mui,id;And utilize i-th of system property w of User IDi,idIn node vi,θOn attribute keyI-th of User ID System property wi,idIn node vi,θOn user property more new keyAnd i-th of the second sub- ciphertext of the message M extracted Part Ci,2With i-th of part C of the sub- ciphertext of third of message Mi,3, according to equation Calculate i-th of system property of the corresponding decryption properties subclass of ciphertext CSolution confidential information Di;By the corresponding solution of ciphertext C The solution confidential information summation for all system properties that close attribute set closes, obtains the solution secret letter that ciphertext C corresponds to attribute authority Cease Dsum
Then, User ID corresponds to the solution confidential information D of attribute authority using all ciphertext Csum, and walked according to A1 Linear privacy sharing method, the solution confidential information D of ciphertext C is calculated;
Finally, User ID is by the first of message M the sub- ciphertext C1Disappear with the difference M' of the solution confidential information D of ciphertext C as decryption Cease M', M'=C1-D;When decryption message M' meets inequalityWhen, the message M decrypted is 1;It is no Then, the message M decrypted is 0.
Compared with prior art, beneficial achievement of the invention is:
One, by way of more attribute authorities, so that each attribute authority is only responsible for adhering to separately property in the middle part of system Key distribution and administration authority.When the union of the attribute set of only each attribute authority management meets decryption policy, benefit Ciphertext could be decrypted with all partial user attributes keys that they are generated.Due to the category of any single attribute authority management Property set be not satisfied decryption policy, therefore any single attribute authority can not generate complete user property key solution Ciphertext.It is asked to solve attribute key existing for prior art by single attribute authorized organization possible divulge a secret of trustship Topic, improves the safety of the method for the present invention.
Two, using linear privacy sharing method, it can be realized any access strategy for meeting any Boolean expression;And Different random vectors is chosen during privacy sharing, so that user property key also not phase of the different user for same attribute Together.It solves that prior art access structure is inflexible, can not resist and possess the malicious user of complementary attribute set and pass through combination The problem of mode of key starts conspiracy attack.
Three, by introducing attribute revocation list, the thought of y-bend revocation tree is used for reference, when the particular community permission of specific user When being revoked, the user property of the user by the way that the revocation of particular community permission does not occur in the sub- ciphertext of third and system to message More new key is updated, and prevents to have cancelled user property more new key decryption ciphertext of the user from utilizing original particular community, And the access authority of the other attributes of the user is still effective, removes to solve prior art and be difficult to realize fine granularity property rights The problem of pin.
In short, the present invention by distributed mode, solve the existing encryption method based on attribute be widely present it is close Key trustship problem;Using linear privacy sharing method, different random vectors is chosen during privacy sharing, is realized more Flexible access strategy, and conspiracy attack can be resisted;It sets in addition, being cancelled by y-bend, cancels with enabling the system to fine granularity The property rights of user.Its is highly-safe, access strategy is flexible, supports the revocation of fine-grained property rights, can for cloud computing, The data confidentiality protection of the networks such as electron medical treatment provides strong algorithm support.
The present invention is described in further detail With reference to embodiment.
Specific embodiment
Embodiment
The distributed nature base encryption method of fine granularity attribute revocation, step are supported on a kind of lattice is:
A, system initialization
The generation of A1, system public key, private key
System centre according to the security parameter λ of setting, randomly selects λ prime number qs first, then randomly selects digit and be less than The dimension n and Gaussian parameter α of λ;It then selects and meets relational expression m >=5nlog2The random number m of q, as columns m;
Then, system centre generates a n dimension object vector U at random and generates the revocation matrix of+1 n row m of η column at random Bj, j ∈ [0, η];Wherein, object vector U and revocation matrix BjIn element be random number less than prime number q, j is revocation square The serial number of battle array, η are the digit that user property cancels the time;
System centre carries out linear privacy sharing to object vector U, and sub-secret sharing behavior u is sent to corresponding attribute Authorized organization, the private key as the attribute authority;
The generation of A2, attribute public key, private key
Attribute authority possesses system property subspace W, W={ w1,…,wi,…,w|W|Key distribution, administrative power Limit;Wherein, wiFor i-th of system property in the W of system property subspace, | W | for system property w in the W of system property subspacei Sum;
I-th of system property w that attribute authority manages for itiEstablish corresponding y-bend revocation tree BTi, i.e. i-th of system Subordination wiY-bend revocation tree BTi;Attribute authority utilizes trapdoor generating algorithm, calculation system according to prime number q and dimension n I-th of system property w in attribute subspace WiPublic key matrix AiWith private key matrix Ti;Wherein, public key matrix AiIt is equal for element Less than the n row m column matrix of prime number q, private key matrix TiThe m row m column matrix of prime number q is respectively less than for element;
B, user property key generates
The composition of B1, user property set
The identity of User ID is id, the user property subset that User ID possesses Wherein, user property subsetFor the subset of system property subspace W, i.e., Indicate user property subset In k-th of user property;For user property subsetMiddle user propertyNumber;And user property subset In k-th of user propertyIt is i-th of system property w in the W of system property subspacei, i.e.,User is belonged to Temper collectionIn k-th of user propertyIt is named as i-th of system property w of User IDi,id,
B2, user property key generate
Attribute authority carries out quadratic linear privacy sharing to sub- Secret Shares u, obtains i-th of system of User ID Attribute wi,idSecondary sub-secret sharing behavior ui,id;And calculate i-th of system property w of User IDi,idTree BT is cancelled in y-bendi In node key SKi,id,θ, detailed process is as follows:
The identity id of User ID is deposited in i-th of system property w by attribute authorityiY-bend revocation tree BTi In empty leaf node;Tree BT is cancelled for the leaf node to y-bendiNode v on the path of root nodei,θ, attribute authority Mechanism randomly chooses a n-dimensional vector, i-th of system property w as User IDi,idTree BT is cancelled in y-bendiNode vi,θ Key vectorWherein, key vectorIn element be random number less than prime number q;θ is node vi,θIt is removed in y-bend Pin tree BTiIn number;
Then, attribute authority calculates i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θRevocation key vector And by i-th of system property w of User IDi,idTree BT is cancelled in y-bendi Node vi,θKey vectorWith revocation key vectorDeposit in node vi,θIn;
Finally, attribute authority is according to Gaussian parameter α, i-th of system property wiPublic key matrix Ai, i-th of system category Property wiPrivate key matrix TiWith i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θKey vectorI-th of system property w of User ID is generated using primary image extraction algorithmi,idIn node vi,θOn attribute key
C, user property more new key generates
The selection of C1, y-bend revocation tree node
As i-th of system property w of User IDi,idWhen being revoked, which is named as and has cancelled userIts body Part mark is denoted asUser will have been cancelled simultaneouslyIdentity noteCharge to user's revocation list RL;Attribute authority According to having cancelled userI-th of system propertyY-bend revocation tree BTiWith user revocation list RL, obtains and cancelled UserProperty rights revocation when, y-bend revocation tree BTiThe minimal set for the node for needing to update, i.e. node updates are minimum Set Y;
The update of C2, key vector sum revocation key vector
For any node v in node updates minimal set Yi,θ, vi,θ∈ Y, if i-th of system of the User ID of storage Attribute wi,idTree BT is cancelled in y-bendiNode vi,θKey vectorWith revocation key vectorIt is not sky;Then carry out C3 The operation of step;Otherwise, attribute authority randomly chooses a n-dimensional vector, updates i-th of system property w of User IDi,id? Node vI, θOn key vectorWherein, updated key vectorIn element be random number less than prime number q;
Then, attribute authority utilizes i-th of system property w of User IDi,idIn node vi,θOn key vectorWith I-th of system property w of the User ID in B2 stepi,idSecondary sub-secret sharing behavior ui,id, according to equation? To i-th of system property w of User IDi,idIn node vi,θOn revocation key vectorUpdated value;And it will be updated Key vectorWith revocation key vectorDeposit in the node v in set Yi,θOn;
The calculating of C3, user property more new key
By C1 walk in cancelled userI-th of system propertyProperty rights cancel the moment, be denoted as digit be η String of binary characters t, i.e., binary system revocation the time go here and there t, t=(t1,…,tj,…,tη);Wherein, tjWhen being cancelled for binary system Between go here and there t in jth position binary-coded character;
The revocation matrix B that attribute authority is arranged first with+1 n row m of η of binary system revocation time string t and A1 stepj, Revocation time cryptographic Hash H (t), H (t)=B is calculated in j ∈ [0, η]0+∑j∈[1,η]tj·Bj;Then, attribute authority root According to Gaussian parameter α, i-th of system property wiPublic key matrix AiAnd private key matrix Ti, revocation time cryptographic Hash H (t) and User ID I-th of system property wI, idIn node vI, θOn revocation key vectorRun left extraction algorithm generates User ID i-th A system property wi,idIn node vi,θOn user property more new key
D, it encrypts
The composition of D1, cryptographic attributes set
Encryption side selects cryptographic attributes subclass W*,The cryptographic attributes subclass W* For the subset of system property subspace W, i.e., Indicate cryptographic attributes subclass W*In first of cryptographic attributes;|W*| Indicate cryptographic attributes subclass W*The number of middle cryptographic attributes;And cryptographic attributes subclass W*In first of cryptographic attributesIt is I-th of system property w in the W of system property subspacei, i.e.,By cryptographic attributes subclass W*In first of encryption belong to PropertyIt is named as i-th of system property of cryptographic attributes subclassI.e.
D2, the first sub- cryptogram computation
It is the n-dimensional vector less than prime number q as encryption vector s that encryption side randomly selects element first;Then, choosing element is The Gaussian noise x that distribution parameter is Gaussian parameter α is obeyed less than prime number q;Finally, encryption side utilizes encryption vector s, Gaussian noise X, the object vector U in prime number q and A1 step, calculates the first sub- ciphertext C of outbound message M1,Its In, T is matrix transposition symbol,For downward rounding operation;
D3, the second sub- cryptogram computation
Encryption side randomly selects m and obeys the Gaussian noise that distribution parameter is Gaussian parameter α, and composition m ties up noise vector xi, I-th of system property as cryptographic attributes subclassSecret noise vector xi;And utilize the secret noise vector xiPlus Close vector s, i-th of system property wiPublic key matrix Ai, encryption vector s, i-th of the second sub- ciphertext of calculating outbound message M Divide Ci,2, Ci,2=Ai T·s+xi;Various pieces are sequentially connected in series, the second sub- ciphertext C of message M is obtained2
The sub- cryptogram computation of D4, third
Encryption side randomly selects the fuzzy matrix R that the random number that element value is -1 or 1 constitutes m row m columni, as encryption I-th of system property that attribute set closesAttribute fuzzy matrix Ri, and then calculate i-th of system of cryptographic attributes subclass SubordinationEncryption pre-process noise vector zi, zi=(xi|Ri·xi), wherein | indicate row connection;
Then, encryption side utilizes i-th of system property wiPublic key matrix AiWith revocation time cryptographic Hash H (t), pass through chain The mode connect generates i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, Fi=Ai|H(t);
Finally, encryption side utilizes i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, encryption vector I-th of system property of s and cryptographic attributes subclassEncryption pre-process noise vector zi, calculate third of outbound message M I-th of part C of ciphertexti,3, Ci,3=Fi T·s+zi;Various pieces are sequentially connected in series, the sub- ciphertext of third of message M is obtained C3
By the sub- ciphertext C of the third of message M1, the sub- ciphertext C of third2, the sub- ciphertext C of third3It is sequentially connected in series, obtains message M Ciphertext C;
E, it decrypts
E1, decryption properties set are constituted
User ID is first by user property subsetWith cryptographic attributes subclass W*Intersection as decryption properties subclass Wherein,For decryption properties subclassIn r A decryption properties,For decryption properties subclassThe number of middle decryption properties;And decryption properties subclassIn r A decryption propertiesIt is i-th of system property w in the W of system property subspacei,By decryption properties subclass In r-th of decryption propertiesIt is named as i-th of system property of decryption properties subclassI.e.
E2, decryption message
After User ID receives the ciphertext C of message M, decryption properties subclass is determinedWhether satisfaction decrypts substrategy;If solution Close attribute set closesIt is unsatisfactory for decryption substrategy, algorithm stops;Otherwise, User ID executes following operation:
According to B2 walk in quadratic linear privacy sharing method obtain i-th of system property of decryption properties subclassMeter Calculate factor mui,id;And utilize i-th of system property w of User IDi,idIn node vi,θOn attribute keyI-th of User ID System property wi,idIn node vi,θOn user property more new keyAnd i-th of the second sub- ciphertext of the message M extracted Part Ci,2With i-th of part C of the sub- ciphertext of third of message Mi,3, according to equation Calculate i-th of system property of the corresponding decryption properties subclass of ciphertext CSolution confidential information Di;By the corresponding solution of ciphertext C The solution confidential information summation for all system properties that close attribute set closes, obtains the solution secret letter that ciphertext C corresponds to attribute authority Cease Dsum
Then, User ID corresponds to the solution confidential information D of attribute authority using all ciphertext Csum, and walked according to A1 Linear privacy sharing method, the solution confidential information D of ciphertext C is calculated;
Finally, User ID is by the first of message M the sub- ciphertext C1Disappear with the difference M' of the solution confidential information D of ciphertext C as decryption Cease M', M'=C1-D;When decryption message M' meets inequalityWhen, the message M decrypted is 1;It is no Then, the message M decrypted is 0.

Claims (1)

1. supporting the distributed nature base encryption method of fine granularity attribute revocation on a kind of lattice, step is:
A, system initialization
The generation of A1, system public key, private key
System centre according to the security parameter λ of setting, randomly selects λ prime number qs first, then randomly selects digit less than λ's Dimension n and Gaussian parameter α;It then selects and meets relational expression m >=5nlog2The random number m of q, as columns m;
Then, system centre generates a n dimension object vector U at random and generates the revocation matrix B of+1 n row m of η column at randomj, j ∈[0,η];Wherein, object vector U and revocation matrix BjIn element be random number less than prime number q, j is revocation matrix Serial number, η be user property cancel the time digit;
System centre carries out linear privacy sharing to object vector U, and sub-secret sharing behavior u is sent to corresponding attribute authority Mechanism, the private key as the attribute authority;
The generation of A2, attribute public key, private key
Attribute authority possesses system property subspace W, W={ w1,…,wi,…,w|W|Key distribution, administration authority;Its In, wiFor i-th of system property in the W of system property subspace, | W | for system property w in the W of system property subspaceiIt is total Number;
I-th of system property w that attribute authority manages for itiEstablish corresponding y-bend revocation tree BTi, i.e. i-th of system category Property wiY-bend revocation tree BTi;Attribute authority utilizes trapdoor generating algorithm, calculation system attribute according to prime number q and dimension n I-th of system property w in the W of subspaceiPublic key matrix AiWith private key matrix Ti;Wherein, public key matrix AiIt is respectively less than for element The n row m column matrix of prime number q, private key matrix TiThe m row m column matrix of prime number q is respectively less than for element;
B, user property key generates
The composition of B1, user property set
The identity of User ID is id, the user property subset that User ID possesses Wherein, user property subsetFor the subset of system property subspace W, i.e., Indicate user property subset In k-th of user property;For user property subsetMiddle user propertyNumber;And user property subset In k-th of user propertyIt is i-th of system property w in the W of system property subspacei, i.e.,By user property SubsetIn k-th of user propertyIt is named as i-th of system property w of User IDi,id,
B2, user property key generate
Attribute authority carries out quadratic linear privacy sharing to sub- Secret Shares u, obtains i-th of system property of User ID wi,idSecondary sub-secret sharing behavior ui,id;And calculate i-th of system property w of User IDi,idTree BT is cancelled in y-bendiIn Node key SKi,id,θ, detailed process is as follows:
The identity id of User ID is deposited in i-th of system property w by attribute authorityiY-bend revocation tree BTiIn Empty leaf node;Tree BT is cancelled for the leaf node to y-bendiNode v on the path of root nodei,θ, attribute authority A n-dimensional vector is randomly choosed, i-th of system property w as User IDi,idTree BT is cancelled in y-bendiNode vi,θIt is close Key vectorWherein, key vectorIn element be random number less than prime number q;θ is node vi,θIt is cancelled in y-bend Set BTiIn number;
Then, attribute authority calculates i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θ's Cancel key vectorAnd by i-th of system property w of User IDi,idTree BT is cancelled in y-bendiSection Point vi,θKey vectorWith revocation key vectorDeposit in node vi,θIn;
Finally, attribute authority is according to Gaussian parameter α, i-th of system property wiPublic key matrix Ai, i-th of system property wi Private key matrix TiWith i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θKey vector I-th of system property w of User ID is generated using primary image extraction algorithmi,idIn node vi,θOn attribute key
C, user property more new key generates
The selection of C1, y-bend revocation tree node
As i-th of system property w of User IDi,idWhen being revoked, which is named as and has cancelled userIts identity mark Memorize isUser will have been cancelled simultaneouslyIdentity noteCharge to user's revocation list RL;Attribute authority according to User is cancelledI-th of system property wi,idY-bend revocation tree BTiWith user revocation list RL, obtains and cancelled userProperty rights revocation when, y-bend revocation tree BTiThe minimal set for the node for needing to update, i.e. node updates minimal set Y;
The update of C2, key vector sum revocation key vector
For any node v in node updates minimal set Yi,θ, vi,θ∈ Y, if i-th of system property of the User ID of storage wi,idTree BT is cancelled in y-bendiNode vi,θKey vectorWith revocation key vectorIt is not sky;Then carry out C3 step Operation;Otherwise, attribute authority randomly chooses a n-dimensional vector, updates i-th of system property w of User IDi,idIn node vi,θOn key vectorWherein, updated key vectorIn element be random number less than prime number q;
Then, attribute authority utilizes i-th of system property w of User IDi,idIn node vi,θOn key vectorAnd B2 I-th of system property w of the User ID in stepi,idSecondary sub-secret sharing behavior ui,id, according to equationIt obtains I-th of system property w of User IDi,idIn node vi,θOn revocation key vectorUpdated value;And it will be updated close Key vectorWith revocation key vectorDeposit in the node v in set Yi,θOn;
The calculating of C3, user property more new key
By C1 walk in cancelled userI-th of system propertyProperty rights cancel the moment, be denoted as digit be η two System character string t, i.e. binary system cancel time string t, t=(t1,…,tj,…,tη);Wherein, tjTime string t is cancelled for binary system The binary-coded character of middle jth position;
The revocation matrix B that attribute authority is arranged first with+1 n row m of η of binary system revocation time string t and A1 stepj, j ∈ Revocation time cryptographic Hash H (t), H (t)=B is calculated in [0, η]0+∑j∈[1,η]tj·Bj;Then, attribute authority according to Gaussian parameter α, i-th of system property wiPublic key matrix AiAnd private key matrix Ti, revocation time cryptographic Hash H (t) and User ID I-th of system property wi,idIn node vi,θOn revocation key vectorIt runs i-th that left extraction algorithm generates User ID System property wi,idIn node vi,θOn user property more new key
D, it encrypts
The composition of D1, cryptographic attributes set
Encryption side selects cryptographic attributes subclass W*,The cryptographic attributes subclass W*To be The subset of subordination subspace W, i.e., Indicate cryptographic attributes subclass W*In first of cryptographic attributes;|W*| it indicates Cryptographic attributes subclass W*The number of middle cryptographic attributes;And cryptographic attributes subclass W*In first of cryptographic attributesIt is system I-th of system property w in attribute subspace Wi, i.e.,By cryptographic attributes subclass W*In first of cryptographic attributes It is named as i-th of system property of cryptographic attributes subclassI.e.
D2, the first sub- cryptogram computation
It is the n-dimensional vector less than prime number q as encryption vector s that encryption side randomly selects element first;Then, it is small for choosing element The Gaussian noise x that distribution parameter is Gaussian parameter α is obeyed in prime number q;Finally, encryption side utilizes encryption vector s, Gaussian noise X, the object vector U in prime number q and A1 step, calculates the first sub- ciphertext C of outbound message M1,Its In, T is matrix transposition symbol,For downward rounding operation;
D3, the second sub- cryptogram computation
Encryption side randomly selects m and obeys the Gaussian noise that distribution parameter is Gaussian parameter α, and composition m ties up noise vector xi, as I-th of system property of cryptographic attributes subclassSecret noise vector xi;And utilize the secret noise vector xi, encrypt to Measure s, i-th of system property wiPublic key matrix Ai, encryption vector s, i-th of part of the second sub- ciphertext of calculating outbound message M Ci,2, Ci,2=Ai T·s+xi;Various pieces are sequentially connected in series, the second sub- ciphertext C of message M is obtained2
The sub- cryptogram computation of D4, third
Encryption side randomly selects the fuzzy matrix R that the random number that element value is -1 or 1 constitutes m row m columni, as cryptographic attributes I-th of system property of setAttribute fuzzy matrix Ri, and then calculate i-th of system property of cryptographic attributes subclassEncryption pre-process noise vector zi, zi=(xi|Ri·xi), wherein | indicate row connection;
Then, encryption side utilizes i-th of system property wiPublic key matrix AiWith revocation time cryptographic Hash H (t), pass through link Mode generates i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, Fi=Ai|H(t);
Finally, encryption side utilizes i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, encryption vector s and plus I-th of system property that close attribute set closesEncryption pre-process noise vector zi, calculate the sub- ciphertext of third of outbound message M I-th of part Ci,3, Ci,3=Fi T·s+zi;Various pieces are sequentially connected in series, the sub- ciphertext C of third of message M is obtained3
By the sub- ciphertext C of the third of message M1, the sub- ciphertext C of third2, the sub- ciphertext C of third3It is sequentially connected in series, obtains the close of message M Literary C;
E, it decrypts
E1, decryption properties set are constituted
User ID is first by user property subsetWith cryptographic attributes subclass W*Intersection as decryption properties subclass Wherein,For decryption properties subclassIn r-th solution Close attribute,For decryption properties subclassThe number of middle decryption properties;And decryption properties subclassIn r-th solution Close attributeIt is i-th of system property w in the W of system property subspacei,By decryption properties subclassIn R-th of decryption propertiesIt is named as i-th of system property of decryption properties subclassI.e.
E2, decryption message
After User ID receives the ciphertext C of message M, decryption properties subclass is determinedWhether satisfaction decrypts substrategy;If decryption belongs to Temper setIt is unsatisfactory for decryption substrategy, algorithm stops;Otherwise, User ID executes following operation:
According to B2 walk in quadratic linear privacy sharing method obtain i-th of system property of decryption properties subclassMeter Calculate factor mui,id;And utilize i-th of system property w of User IDi,idIn node vi,θOn attribute keyI-th of User ID System property wi,idIn node vi,θOn user property more new keyAnd i-th of the second sub- ciphertext of the message M extracted Part Ci,2With i-th of part C of the sub- ciphertext of third of message Mi,3, according to equation Calculate i-th of system property of the corresponding decryption properties subclass of ciphertext CSolution confidential information Di;By the corresponding solution of ciphertext C The solution confidential information summation for all system properties that close attribute set closes, obtains the solution secret letter that ciphertext C corresponds to attribute authority Cease Dsum
Then, User ID corresponds to the solution confidential information D of attribute authority using all ciphertext Csum, and according to A1 walk in line Property privacy sharing method, is calculated the solution confidential information D of ciphertext C;
Finally, User ID is by the first of message M the sub- ciphertext C1It is used as decryption message M' with the difference M' of the solution confidential information D of ciphertext C, M'=C1-D;When decryption message M' meets inequalityWhen, the message M decrypted is 1;Otherwise, it solves Close obtained message M is 0.
CN201810744183.6A 2018-07-09 2018-07-09 Distributed attribute-based encryption method for supporting fine-grained attribute revocation in lattice manner Active CN108880801B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810744183.6A CN108880801B (en) 2018-07-09 2018-07-09 Distributed attribute-based encryption method for supporting fine-grained attribute revocation in lattice manner

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810744183.6A CN108880801B (en) 2018-07-09 2018-07-09 Distributed attribute-based encryption method for supporting fine-grained attribute revocation in lattice manner

Publications (2)

Publication Number Publication Date
CN108880801A true CN108880801A (en) 2018-11-23
CN108880801B CN108880801B (en) 2020-11-27

Family

ID=64299973

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810744183.6A Active CN108880801B (en) 2018-07-09 2018-07-09 Distributed attribute-based encryption method for supporting fine-grained attribute revocation in lattice manner

Country Status (1)

Country Link
CN (1) CN108880801B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110247761A (en) * 2019-06-18 2019-09-17 西安电子科技大学 The ciphertext policy ABE encryption method of attribute revocation is supported on a kind of lattice
CN110351093A (en) * 2019-06-14 2019-10-18 西南交通大学 Based on attribute can linked network ring signatures method
CN111447209A (en) * 2020-03-24 2020-07-24 西南交通大学 Black box traceable ciphertext policy attribute-based encryption method
CN112187757A (en) * 2020-09-21 2021-01-05 上海同态信息科技有限责任公司 Multilink privacy data circulation system and method
CN113486384A (en) * 2021-07-28 2021-10-08 北京字节跳动网络技术有限公司 Key updating method, device, multi-attribute authority management system, equipment and medium
CN116094845A (en) * 2023-04-10 2023-05-09 中国人民解放军国防科技大学 Efficient revocation conditional proxy re-encryption method and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103297227A (en) * 2013-07-02 2013-09-11 西安电子科技大学 Attribute-based encryption supporting flexible and direct-revocatory ciphertext policy
CN104022869A (en) * 2014-06-17 2014-09-03 西安电子科技大学 Fine-grained data access control method based on fragmenting of secret keys
US20160269373A1 (en) * 2015-03-12 2016-09-15 Fornetix Llc Systems and methods for organizing devices in a policy hierarchy
WO2017061950A1 (en) * 2015-10-09 2017-04-13 Singapore Management University Data security system and method for operation thereof
CN107359986A (en) * 2017-07-03 2017-11-17 暨南大学 The outsourcing encryption and decryption CP ABE methods of user revocation
CN107566386A (en) * 2017-09-14 2018-01-09 上海海事大学 A kind of voidable attribute base encryption method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103297227A (en) * 2013-07-02 2013-09-11 西安电子科技大学 Attribute-based encryption supporting flexible and direct-revocatory ciphertext policy
CN104022869A (en) * 2014-06-17 2014-09-03 西安电子科技大学 Fine-grained data access control method based on fragmenting of secret keys
US20160269373A1 (en) * 2015-03-12 2016-09-15 Fornetix Llc Systems and methods for organizing devices in a policy hierarchy
WO2017061950A1 (en) * 2015-10-09 2017-04-13 Singapore Management University Data security system and method for operation thereof
CN107359986A (en) * 2017-07-03 2017-11-17 暨南大学 The outsourcing encryption and decryption CP ABE methods of user revocation
CN107566386A (en) * 2017-09-14 2018-01-09 上海海事大学 A kind of voidable attribute base encryption method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
HUIJUN ZHU: "Key-Policy Attribute-Based Encryption With Equality Test in Cloud Computing", 《IEEE》 *
房梁: "基于属性的访问控制关键技术研究综述", 《计算机学报》 *
王鹏翩: "一种支持完全细粒度属性撤销的 CP-ABE 方案", 《软件学报》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110351093A (en) * 2019-06-14 2019-10-18 西南交通大学 Based on attribute can linked network ring signatures method
CN110351093B (en) * 2019-06-14 2021-08-03 西南交通大学 Linkable network ring signature method based on attributes
CN110247761A (en) * 2019-06-18 2019-09-17 西安电子科技大学 The ciphertext policy ABE encryption method of attribute revocation is supported on a kind of lattice
CN110247761B (en) * 2019-06-18 2021-04-20 西安电子科技大学 Ciphertext strategy attribute encryption method supporting attribute revocation in lattice manner
CN111447209A (en) * 2020-03-24 2020-07-24 西南交通大学 Black box traceable ciphertext policy attribute-based encryption method
CN111447209B (en) * 2020-03-24 2021-04-06 西南交通大学 Black box traceable ciphertext policy attribute-based encryption method
CN112187757A (en) * 2020-09-21 2021-01-05 上海同态信息科技有限责任公司 Multilink privacy data circulation system and method
CN113486384A (en) * 2021-07-28 2021-10-08 北京字节跳动网络技术有限公司 Key updating method, device, multi-attribute authority management system, equipment and medium
CN116094845A (en) * 2023-04-10 2023-05-09 中国人民解放军国防科技大学 Efficient revocation conditional proxy re-encryption method and system
CN116094845B (en) * 2023-04-10 2023-07-25 中国人民解放军国防科技大学 Efficient revocation conditional proxy re-encryption method and system

Also Published As

Publication number Publication date
CN108880801B (en) 2020-11-27

Similar Documents

Publication Publication Date Title
Zhong et al. Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage
CN108880801A (en) The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice
CN104363215B (en) A kind of encryption method and system based on attribute
CN108833393A (en) A kind of revocable data sharing method calculated based on mist
Li et al. Two-factor data access control with efficient revocation for multi-authority cloud storage systems
CN105100083B (en) A kind of secret protection and support user's revocation based on encryption attribute method and system
CN109194523A (en) The multi-party diagnostic model fusion method and system, cloud server of secret protection
CN106059763B (en) The properties base multi-mechanism hierarchical Ciphertext policy weight encryption method of cloud environment
Ying et al. Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating
CN110933033A (en) Cross-domain access control method for multiple Internet of things domains in smart city environment
Zhang et al. Adaptively secure multi-authority attribute-based encryption with verifiable outsourced decryption.
Ming et al. Efficient revocable multi-authority attribute-based encryption for cloud storage
CN111953483A (en) Multi-authority access control method based on criterion
Wang et al. Attribute-based equality test over encrypted data without random oracles
Liu et al. Dynamic attribute-based access control in cloud storage systems
CN116011014A (en) Privacy computing method and privacy computing system
CN105978689A (en) Anti-key-exposure cloud data safe sharing method
Wang et al. Traceable ciphertext policy attribute-based encryption scheme with user revocation for cloud storage
Zhang et al. Multi-authority attribute-based encryption with user revocation and outsourcing decryption
Wang et al. Revocable, dynamic and decentralized data access control in cloud storage
CN114629640A (en) White-box accountable attribute-based encryption system and method for solving key escrow problem
CN111010386B (en) Privacy protection and data supervision control method based on shared account book
Zhenpeng et al. Multi-authority attribute based encryption with attribute revocation
Yan et al. Revocable ciphertext-policy attribute-based encryption in data outsourcing systems from lattices
Sun et al. Multi-Authority Criteria-Based Encryption Scheme for IoT

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20230414

Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province

Patentee after: Yami Technology (Guangzhou) Co.,Ltd.

Address before: 610031 No. two, section 111, ring road, Chengdu, Sichuan, China

Patentee before: SOUTHWEST JIAOTONG University

TR01 Transfer of patent right