CN108880801A - The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice - Google Patents
The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice Download PDFInfo
- Publication number
- CN108880801A CN108880801A CN201810744183.6A CN201810744183A CN108880801A CN 108880801 A CN108880801 A CN 108880801A CN 201810744183 A CN201810744183 A CN 201810744183A CN 108880801 A CN108880801 A CN 108880801A
- Authority
- CN
- China
- Prior art keywords
- user
- property
- key
- vector
- revocation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The distributed nature base encryption method that the revocation of fine granularity attribute is supported on a kind of lattice, belongs to information security field.Its step is mainly:System initialisation phase carries out linear privacy sharing to object vector, using sub-secret sharing behavior as the private key of respective attributes authorized organization;Attribute authority establishes corresponding y-bend revocation tree for all system properties of its management.User property key and update key generation phase:Attribute authority utilizes quadratic linear privacy sharing, obtains the secondary sub-secret sharing behavior of user property, and calculates user property key and user property more new key by primary image extraction algorithm and left sampling algorithm respectively.Encrypting stage:Encryption side calculates the ciphertext of message using Gaussian noise, encryption pretreatment noise vector and system public parameter.Decryption:Decryption side decrypts ciphertext using user property key and user property more new key.This method is highly-safe, and access strategy is flexible, and fine-grained property rights is supported to cancel.
Description
Technical field
The present invention relates to the distributed nature base encryption methods that the revocation of fine granularity attribute is supported on a kind of lattice.
Background technique
21 century is the information age, with Internet technologies such as electron medical treatment, instant messaging, shopping online, Online Videos
Rapid development, information by it is a kind of it is unprecedented in a manner of change the daily life of the mankind.According to China Internet network information
Center (CNNIC) publication《41st China Internet statistical report》It has been shown that, ended for the end of the year 2017, and China's netizen's scale has reached
7.72 hundred million, Internet penetration reaches 55.8%, 4.1 percentage points higher than global average level.Huge netizen group generates
Therefore how scale information and data beyond imagination realize the secure storage of massive information and data, become current society
Meeting problem urgently to be resolved.Partition by fine granularities is carried out to crowd using attribute based on the encryption method of attribute, can be realized a pair
More data sharing process, have the characteristics that ability to express it is strong, it is practical flexibly, be easy to protect privacy of user, for anonymity requirement
The certification of the networks such as high cloud computing, electron medical treatment and data Confidentiality protection provide strong algorithm support.Analytical table
Bright, the existing encryption method based on attribute still has following deficiency:Firstly, the existing encryption method based on attribute uses mostly
Bilinear map construction, safety, which is based on, to have been demonstrated to be difficult to resist the Diffie-Hellman difficulty of quantum cryptoanalysis and asks
Topic, therefore, these methods are difficult to ensure the confidentiality of storing data in " quantum epoch ";In addition, these methods are in encryption and decryption mistake
Journey needs to carry out a large amount of time-consuming Bilinear map operations, inefficiency.Secondly, the existing encryption method for being mostly based on attribute is not
Consider the problems of that property rights cancel, and in actual life, user property permission updates, Key Exposure is relatively common feelings
Therefore condition how under the premise of not influencing system other users, cancels the property rights of specific user, makes it not
It can be the problem of attribute base encryption method needs primary study using original key decryption ciphertext.Again, existing attribute base encryption
Method is responsible for the distribution and management of all properties key in system by single attribute authority mostly, if the attribute authority
It is broken through by attacker, attacker can use the attribute key of any user of its key generation system, and therefore, there are attributes for system
Key escrow.Finally, the existing encryption method based on attribute can only realize thresholding and AND access strategy mostly, plan is accessed
It is slightly inflexible, it is difficult to realize the access strategy for supporting any boolean's expression.To sum up, it designs and supports fine granularity attribute on a kind of lattice
The distributed nature base encryption method of revocation has important academic significance and wide application value.
Shi et al. " ShiYF, Zheng QJ, Liu JQ, Zhen H.Directly revocable key-policy
attribute-based encryptionwith verifiable ciphertext delegation[J]
.Information Sciences, 2015,295:221-231. " is based on multilinear pairing and BSP Tree, proposes one
Support the KP-ABE scheme directly cancelled, the program that user identity is embedded in user property more new key, by updating revocation column
The mode of table and ciphertext directly cancels whole access authority of user.Its property rights cancels coarse size, cannot be to multiple attributes
Permission respectively carries out the revocation of fine granularity property rights one by one;Meanwhile this method encryption, re-encryption, decrypting process need into
The a large amount of polytenies of row are not particularly suited for computing resource constrained environment to operation;In addition, decryption policy is tied up with user key
Fixed, the mode of attribute and ciphertext binding limits the flexibility and practicability of this method.
" lattice encryption attribute scheme [J] the air force of attribute can be revoked in Zhang Xinwei, string suede, still Ford to Zhang Xinwei et al.
Engineering college journal, 2015,16 (3):87-91. " proposed in 2015 it is a kind of support property rights cancel lattice attribute add
Decryption method.This method includes initialization, the generation of attribute private key, key updating, the generation of user's decruption key, encryption and decryption six
Stage.Case theory in conjunction with the encipherment scheme based on attribute, is introduced the think of of attribute revocation list and y-bend revocation tree by this method
Think, enables the system to resist quantum cryptoanalysis, while fine-grained user right being supported to cancel.But this method utilizes
Shamir privacy sharing method can only realize thresholding access strategy, and use is inflexible.In addition, system is by single attribute authority machine
Structure is responsible for the distribution and management of all properties key in system, and accordingly, there exist attribute key trustship problem, safety is not high.
Summary of the invention
The object of the present invention is to provide the distributed nature base encryption methods that the revocation of fine granularity attribute is supported on a kind of lattice, should
Method security is high, and access strategy is flexible, and fine-grained property rights is supported to cancel.
The technical scheme adopted by the invention for realizing the object of the invention is, point of fine granularity attribute revocation is supported on a kind of lattice
Cloth attribute base encryption method, step are:
A, system initialization
The generation of A1, system public key, private key
System centre according to the security parameter λ of setting, randomly selects λ prime number qs first, then randomly selects digit and be less than
The dimension n and Gaussian parameter α of λ;It then selects and meets relational expression m >=5nlog2The random number m of q, as columns m;
Then, system centre generates a n dimension object vector U at random and generates the revocation matrix of+1 n row m of η column at random
Bj, j ∈ [0, η];Wherein, object vector U and revocation matrix BjIn element be random number less than prime number q, j is revocation square
The serial number of battle array, η are the digit that user property cancels the time;
System centre carries out linear privacy sharing to object vector U, and sub-secret sharing behavior u is sent to corresponding attribute
Authorized organization, the private key as the attribute authority;
The generation of A2, attribute public key, private key
Attribute authority possesses system property subspace W, W={ w1,…,wi,…,w|W|Key distribution, administrative power
Limit;Wherein, wiFor i-th of system property in the W of system property subspace, | W | for system property w in the W of system property subspacei
Sum;
I-th of system property w that attribute authority manages for itiEstablish corresponding y-bend revocation tree BTi, i.e. i-th of system
Subordination wiY-bend revocation tree BTi;Attribute authority utilizes trapdoor generating algorithm, calculation system according to prime number q and dimension n
I-th of system property w in attribute subspace WiPublic key matrix AiWith private key matrix Ti;Wherein, public key matrix AiIt is equal for element
Less than the n row m column matrix of prime number q, private key matrix TiThe m row m column matrix of prime number q is respectively less than for element;
B, user property key generates
The composition of B1, user property set
The identity of User ID is id, the user property subset that User ID possesses
Wherein, user property subsetFor the subset of system property subspace W, i.e., Indicate user property subset
In k-th of user property;For user property subsetMiddle user propertyNumber;And user property subset
In k-th of user propertyIt is i-th of system property w in the W of system property subspacei, i.e.,User is belonged to
Temper collectionIn k-th of user propertyIt is named as i-th of system property w of User IDi,id,
B2, user property key generate
Attribute authority carries out quadratic linear privacy sharing to sub- Secret Shares u, obtains i-th of system of User ID
Attribute wi,idSecondary sub-secret sharing behavior ui,id;And calculate i-th of system property w of User IDi,idTree BT is cancelled in y-bendi
In node key SKi,id,θ, detailed process is as follows:
The identity id of User ID is deposited in i-th of system property w by attribute authorityiY-bend revocation tree BTi
In empty leaf node;Tree BT is cancelled for the leaf node to y-bendiNode v on the path of root nodei,θ, attribute authority
Mechanism randomly chooses a n-dimensional vector, i-th of system property w as User IDi,idTree BT is cancelled in y-bendiNode vi,θ
Key vectorWherein, key vectorIn element be random number less than prime number q;θ is node vi,θIn y-bend
Revocation tree BTiIn number;
Then, attribute authority calculates i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode
vi,θRevocation key vector And by i-th of system property w of User IDi,idTree BT is cancelled in y-bendi
Node vi,θKey vectorWith revocation key vectorDeposit in node vi,θIn;
Finally, attribute authority is according to Gaussian parameter α, i-th of system property wiPublic key matrix Ai, i-th of system category
Property wiPrivate key matrix TiWith i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θKey vectorI-th of system property w of User ID is generated using primary image extraction algorithmi,idIn node vi,θOn attribute key
C, user property more new key generates
The selection of C1, y-bend revocation tree node
As i-th of system property w of User IDi,idWhen being revoked, which is named as and has cancelled userIts body
Part mark is denoted asUser will have been cancelled simultaneouslyIdentity noteCharge to user's revocation list RL;Attribute authority
According to having cancelled userI-th of system propertyY-bend revocation tree BTiWith user revocation list RL, obtains and cancelled
UserProperty rights revocation when, y-bend revocation tree BTiThe minimal set for the node for needing to update, i.e. node updates minimal set
Close Y;
The update of C2, key vector sum revocation key vector
For any node v in node updates minimal set Yi,θ, vi,θ∈ Y, if i-th of system of the User ID of storage
Attribute wi,idTree BT is cancelled in y-bendiNode vi,θKey vectorWith revocation key vectorIt is not sky;Then carry out C3
The operation of step;Otherwise, attribute authority randomly chooses a n-dimensional vector, updates i-th of system property w of User IDi,id?
Node vi,θOn key vectorWherein, updated key vectorIn element be random number less than prime number q;
Then, attribute authority utilizes i-th of system property w of User IDi,idIn node vi,θOn key vector
With i-th of system property w of the User ID in B2 stepi,idSecondary sub-secret sharing behavior ui,id, according to equationObtain i-th of system property w of User IDi,idIn node vi,θOn revocation key vectorUpdate
Value;And by updated key vectorWith revocation key vectorDeposit in the node v in set Yi,θOn;
The calculating of C3, user property more new key
By C1 walk in cancelled userI-th of system propertyProperty rights cancel the moment, be denoted as digit be η
String of binary characters t, i.e., binary system revocation the time go here and there t, t=(t1,…,tj,…,tη);Wherein, tjWhen being cancelled for binary system
Between go here and there t in jth position binary-coded character;
The revocation matrix B that attribute authority is arranged first with+1 n row m of η of binary system revocation time string t and A1 stepj,
Revocation time cryptographic Hash H (t), H (t)=B is calculated in j ∈ [0, η]0+∑j∈[1,η]tj·Bj;Then, attribute authority root
According to Gaussian parameter α, i-th of system property wiPublic key matrix AiAnd private key matrix Ti, revocation time cryptographic Hash H (t) and User ID
I-th of system property wi,idIn node vi,θOn revocation key vectorRun left extraction algorithm generates User ID i-th
A system property wi,idIn node vi,θOn user property more new key
D, it encrypts
The composition of D1, cryptographic attributes set
Encryption side selects cryptographic attributes subclass W*,The cryptographic attributes subclass
W*For the subset of system property subspace W, i.e., Indicate cryptographic attributes subclass W*In first of cryptographic attributes;|
W*| indicate cryptographic attributes subclass W*The number of middle cryptographic attributes;And cryptographic attributes subclass W*In first of cryptographic attributes
It is i-th of system property w in the W of system property subspacei, i.e.,By cryptographic attributes subclass W*In first encryption
AttributeIt is named as i-th of system property of cryptographic attributes subclassI.e.
D2, the first sub- cryptogram computation
It is the n-dimensional vector less than prime number q as encryption vector s that encryption side randomly selects element first;Then, choosing element is
The Gaussian noise x that distribution parameter is Gaussian parameter α is obeyed less than prime number q;Finally, encryption side utilizes encryption vector s, Gaussian noise
X, the object vector U in prime number q and A1 step, calculates the first sub- ciphertext C of outbound message M1,Its
In, T is matrix transposition symbol,For downward rounding operation;
D3, the second sub- cryptogram computation
Encryption side randomly selects m and obeys the Gaussian noise that distribution parameter is Gaussian parameter α, and composition m ties up noise vector xi,
I-th of system property as cryptographic attributes subclassSecret noise vector xi;And utilize the secret noise vector xiPlus
Close vector s, i-th of system property wiPublic key matrix Ai, encryption vector s, i-th of the second sub- ciphertext of calculating outbound message M
Divide Ci,2, Ci,2=Ai T·s+xi;Various pieces are sequentially connected in series, the second sub- ciphertext C of message M is obtained2;
The sub- cryptogram computation of D4, third
Encryption side randomly selects the fuzzy matrix R that the random number that element value is -1 or 1 constitutes m row m columni, as encryption
I-th of system property that attribute set closesAttribute fuzzy matrix Ri, and then calculate i-th of system of cryptographic attributes subclass
SubordinationEncryption pre-process noise vector zi, zi=(xi|Ri·xi), wherein | indicate row connection;
Then, encryption side utilizes i-th of system property wiPublic key matrix AiWith revocation time cryptographic Hash H (t), pass through chain
The mode connect generates i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, Fi=Ai|H(t);
Finally, encryption side utilizes i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, encryption vector
I-th of system property of s and cryptographic attributes subclassEncryption pre-process noise vector zi, calculate third of outbound message M
I-th of part C of ciphertexti,3, Ci,3=Fi T·s+zi;Various pieces are sequentially connected in series, the sub- ciphertext of third of message M is obtained
C3;
By the sub- ciphertext C of the third of message M1, the sub- ciphertext C of third2, the sub- ciphertext C of third3It is sequentially connected in series, obtains message M
Ciphertext C;
E, it decrypts
E1, decryption properties set are constituted
User ID is first by user property subsetWith cryptographic attributes subclass W*Intersection as decryption properties subclass Wherein,For decryption properties subclassIn r
A decryption properties,For decryption properties subclassThe number of middle decryption properties;And decryption properties subclassIn r
A decryption propertiesIt is i-th of system property w in the W of system property subspacei,By decryption properties subclass
In r-th of decryption propertiesIt is named as i-th of system property of decryption properties subclassI.e.
E2, decryption message
After User ID receives the ciphertext C of message M, decryption properties subclass is determinedWhether satisfaction decrypts substrategy;If solution
Close attribute set closesIt is unsatisfactory for decryption substrategy, algorithm stops;Otherwise, User ID executes following operation:
According to B2 walk in quadratic linear privacy sharing method obtain i-th of system property of decryption properties subclassMeter
Calculate factor mui,id;And utilize i-th of system property w of User IDi,idIn node vi,θOn attribute keyI-th of User ID
System property wi,idIn node vi,θOn user property more new keyAnd i-th of the second sub- ciphertext of the message M extracted
Part Ci,2With i-th of part C of the sub- ciphertext of third of message Mi,3, according to equation
Calculate i-th of system property of the corresponding decryption properties subclass of ciphertext CSolution confidential information Di;By the corresponding solution of ciphertext C
The solution confidential information summation for all system properties that close attribute set closes, obtains the solution secret letter that ciphertext C corresponds to attribute authority
Cease Dsum;
Then, User ID corresponds to the solution confidential information D of attribute authority using all ciphertext Csum, and walked according to A1
Linear privacy sharing method, the solution confidential information D of ciphertext C is calculated;
Finally, User ID is by the first of message M the sub- ciphertext C1Disappear with the difference M' of the solution confidential information D of ciphertext C as decryption
Cease M', M'=C1-D;When decryption message M' meets inequalityWhen, the message M decrypted is 1;It is no
Then, the message M decrypted is 0.
Compared with prior art, beneficial achievement of the invention is:
One, by way of more attribute authorities, so that each attribute authority is only responsible for adhering to separately property in the middle part of system
Key distribution and administration authority.When the union of the attribute set of only each attribute authority management meets decryption policy, benefit
Ciphertext could be decrypted with all partial user attributes keys that they are generated.Due to the category of any single attribute authority management
Property set be not satisfied decryption policy, therefore any single attribute authority can not generate complete user property key solution
Ciphertext.It is asked to solve attribute key existing for prior art by single attribute authorized organization possible divulge a secret of trustship
Topic, improves the safety of the method for the present invention.
Two, using linear privacy sharing method, it can be realized any access strategy for meeting any Boolean expression;And
Different random vectors is chosen during privacy sharing, so that user property key also not phase of the different user for same attribute
Together.It solves that prior art access structure is inflexible, can not resist and possess the malicious user of complementary attribute set and pass through combination
The problem of mode of key starts conspiracy attack.
Three, by introducing attribute revocation list, the thought of y-bend revocation tree is used for reference, when the particular community permission of specific user
When being revoked, the user property of the user by the way that the revocation of particular community permission does not occur in the sub- ciphertext of third and system to message
More new key is updated, and prevents to have cancelled user property more new key decryption ciphertext of the user from utilizing original particular community,
And the access authority of the other attributes of the user is still effective, removes to solve prior art and be difficult to realize fine granularity property rights
The problem of pin.
In short, the present invention by distributed mode, solve the existing encryption method based on attribute be widely present it is close
Key trustship problem;Using linear privacy sharing method, different random vectors is chosen during privacy sharing, is realized more
Flexible access strategy, and conspiracy attack can be resisted;It sets in addition, being cancelled by y-bend, cancels with enabling the system to fine granularity
The property rights of user.Its is highly-safe, access strategy is flexible, supports the revocation of fine-grained property rights, can for cloud computing,
The data confidentiality protection of the networks such as electron medical treatment provides strong algorithm support.
The present invention is described in further detail With reference to embodiment.
Specific embodiment
Embodiment
The distributed nature base encryption method of fine granularity attribute revocation, step are supported on a kind of lattice is:
A, system initialization
The generation of A1, system public key, private key
System centre according to the security parameter λ of setting, randomly selects λ prime number qs first, then randomly selects digit and be less than
The dimension n and Gaussian parameter α of λ;It then selects and meets relational expression m >=5nlog2The random number m of q, as columns m;
Then, system centre generates a n dimension object vector U at random and generates the revocation matrix of+1 n row m of η column at random
Bj, j ∈ [0, η];Wherein, object vector U and revocation matrix BjIn element be random number less than prime number q, j is revocation square
The serial number of battle array, η are the digit that user property cancels the time;
System centre carries out linear privacy sharing to object vector U, and sub-secret sharing behavior u is sent to corresponding attribute
Authorized organization, the private key as the attribute authority;
The generation of A2, attribute public key, private key
Attribute authority possesses system property subspace W, W={ w1,…,wi,…,w|W|Key distribution, administrative power
Limit;Wherein, wiFor i-th of system property in the W of system property subspace, | W | for system property w in the W of system property subspacei
Sum;
I-th of system property w that attribute authority manages for itiEstablish corresponding y-bend revocation tree BTi, i.e. i-th of system
Subordination wiY-bend revocation tree BTi;Attribute authority utilizes trapdoor generating algorithm, calculation system according to prime number q and dimension n
I-th of system property w in attribute subspace WiPublic key matrix AiWith private key matrix Ti;Wherein, public key matrix AiIt is equal for element
Less than the n row m column matrix of prime number q, private key matrix TiThe m row m column matrix of prime number q is respectively less than for element;
B, user property key generates
The composition of B1, user property set
The identity of User ID is id, the user property subset that User ID possesses
Wherein, user property subsetFor the subset of system property subspace W, i.e., Indicate user property subset
In k-th of user property;For user property subsetMiddle user propertyNumber;And user property subset
In k-th of user propertyIt is i-th of system property w in the W of system property subspacei, i.e.,User is belonged to
Temper collectionIn k-th of user propertyIt is named as i-th of system property w of User IDi,id,
B2, user property key generate
Attribute authority carries out quadratic linear privacy sharing to sub- Secret Shares u, obtains i-th of system of User ID
Attribute wi,idSecondary sub-secret sharing behavior ui,id;And calculate i-th of system property w of User IDi,idTree BT is cancelled in y-bendi
In node key SKi,id,θ, detailed process is as follows:
The identity id of User ID is deposited in i-th of system property w by attribute authorityiY-bend revocation tree BTi
In empty leaf node;Tree BT is cancelled for the leaf node to y-bendiNode v on the path of root nodei,θ, attribute authority
Mechanism randomly chooses a n-dimensional vector, i-th of system property w as User IDi,idTree BT is cancelled in y-bendiNode vi,θ
Key vectorWherein, key vectorIn element be random number less than prime number q;θ is node vi,θIt is removed in y-bend
Pin tree BTiIn number;
Then, attribute authority calculates i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode
vi,θRevocation key vector And by i-th of system property w of User IDi,idTree BT is cancelled in y-bendi
Node vi,θKey vectorWith revocation key vectorDeposit in node vi,θIn;
Finally, attribute authority is according to Gaussian parameter α, i-th of system property wiPublic key matrix Ai, i-th of system category
Property wiPrivate key matrix TiWith i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θKey vectorI-th of system property w of User ID is generated using primary image extraction algorithmi,idIn node vi,θOn attribute key
C, user property more new key generates
The selection of C1, y-bend revocation tree node
As i-th of system property w of User IDi,idWhen being revoked, which is named as and has cancelled userIts body
Part mark is denoted asUser will have been cancelled simultaneouslyIdentity noteCharge to user's revocation list RL;Attribute authority
According to having cancelled userI-th of system propertyY-bend revocation tree BTiWith user revocation list RL, obtains and cancelled
UserProperty rights revocation when, y-bend revocation tree BTiThe minimal set for the node for needing to update, i.e. node updates are minimum
Set Y;
The update of C2, key vector sum revocation key vector
For any node v in node updates minimal set Yi,θ, vi,θ∈ Y, if i-th of system of the User ID of storage
Attribute wi,idTree BT is cancelled in y-bendiNode vi,θKey vectorWith revocation key vectorIt is not sky;Then carry out C3
The operation of step;Otherwise, attribute authority randomly chooses a n-dimensional vector, updates i-th of system property w of User IDi,id?
Node vI, θOn key vectorWherein, updated key vectorIn element be random number less than prime number q;
Then, attribute authority utilizes i-th of system property w of User IDi,idIn node vi,θOn key vectorWith
I-th of system property w of the User ID in B2 stepi,idSecondary sub-secret sharing behavior ui,id, according to equation?
To i-th of system property w of User IDi,idIn node vi,θOn revocation key vectorUpdated value;And it will be updated
Key vectorWith revocation key vectorDeposit in the node v in set Yi,θOn;
The calculating of C3, user property more new key
By C1 walk in cancelled userI-th of system propertyProperty rights cancel the moment, be denoted as digit be η
String of binary characters t, i.e., binary system revocation the time go here and there t, t=(t1,…,tj,…,tη);Wherein, tjWhen being cancelled for binary system
Between go here and there t in jth position binary-coded character;
The revocation matrix B that attribute authority is arranged first with+1 n row m of η of binary system revocation time string t and A1 stepj,
Revocation time cryptographic Hash H (t), H (t)=B is calculated in j ∈ [0, η]0+∑j∈[1,η]tj·Bj;Then, attribute authority root
According to Gaussian parameter α, i-th of system property wiPublic key matrix AiAnd private key matrix Ti, revocation time cryptographic Hash H (t) and User ID
I-th of system property wI, idIn node vI, θOn revocation key vectorRun left extraction algorithm generates User ID i-th
A system property wi,idIn node vi,θOn user property more new key
D, it encrypts
The composition of D1, cryptographic attributes set
Encryption side selects cryptographic attributes subclass W*,The cryptographic attributes subclass W*
For the subset of system property subspace W, i.e., Indicate cryptographic attributes subclass W*In first of cryptographic attributes;|W*|
Indicate cryptographic attributes subclass W*The number of middle cryptographic attributes;And cryptographic attributes subclass W*In first of cryptographic attributesIt is
I-th of system property w in the W of system property subspacei, i.e.,By cryptographic attributes subclass W*In first of encryption belong to
PropertyIt is named as i-th of system property of cryptographic attributes subclassI.e.
D2, the first sub- cryptogram computation
It is the n-dimensional vector less than prime number q as encryption vector s that encryption side randomly selects element first;Then, choosing element is
The Gaussian noise x that distribution parameter is Gaussian parameter α is obeyed less than prime number q;Finally, encryption side utilizes encryption vector s, Gaussian noise
X, the object vector U in prime number q and A1 step, calculates the first sub- ciphertext C of outbound message M1,Its
In, T is matrix transposition symbol,For downward rounding operation;
D3, the second sub- cryptogram computation
Encryption side randomly selects m and obeys the Gaussian noise that distribution parameter is Gaussian parameter α, and composition m ties up noise vector xi,
I-th of system property as cryptographic attributes subclassSecret noise vector xi;And utilize the secret noise vector xiPlus
Close vector s, i-th of system property wiPublic key matrix Ai, encryption vector s, i-th of the second sub- ciphertext of calculating outbound message M
Divide Ci,2, Ci,2=Ai T·s+xi;Various pieces are sequentially connected in series, the second sub- ciphertext C of message M is obtained2;
The sub- cryptogram computation of D4, third
Encryption side randomly selects the fuzzy matrix R that the random number that element value is -1 or 1 constitutes m row m columni, as encryption
I-th of system property that attribute set closesAttribute fuzzy matrix Ri, and then calculate i-th of system of cryptographic attributes subclass
SubordinationEncryption pre-process noise vector zi, zi=(xi|Ri·xi), wherein | indicate row connection;
Then, encryption side utilizes i-th of system property wiPublic key matrix AiWith revocation time cryptographic Hash H (t), pass through chain
The mode connect generates i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, Fi=Ai|H(t);
Finally, encryption side utilizes i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, encryption vector
I-th of system property of s and cryptographic attributes subclassEncryption pre-process noise vector zi, calculate third of outbound message M
I-th of part C of ciphertexti,3, Ci,3=Fi T·s+zi;Various pieces are sequentially connected in series, the sub- ciphertext of third of message M is obtained
C3;
By the sub- ciphertext C of the third of message M1, the sub- ciphertext C of third2, the sub- ciphertext C of third3It is sequentially connected in series, obtains message M
Ciphertext C;
E, it decrypts
E1, decryption properties set are constituted
User ID is first by user property subsetWith cryptographic attributes subclass W*Intersection as decryption properties subclass Wherein,For decryption properties subclassIn r
A decryption properties,For decryption properties subclassThe number of middle decryption properties;And decryption properties subclassIn r
A decryption propertiesIt is i-th of system property w in the W of system property subspacei,By decryption properties subclass
In r-th of decryption propertiesIt is named as i-th of system property of decryption properties subclassI.e.
E2, decryption message
After User ID receives the ciphertext C of message M, decryption properties subclass is determinedWhether satisfaction decrypts substrategy;If solution
Close attribute set closesIt is unsatisfactory for decryption substrategy, algorithm stops;Otherwise, User ID executes following operation:
According to B2 walk in quadratic linear privacy sharing method obtain i-th of system property of decryption properties subclassMeter
Calculate factor mui,id;And utilize i-th of system property w of User IDi,idIn node vi,θOn attribute keyI-th of User ID
System property wi,idIn node vi,θOn user property more new keyAnd i-th of the second sub- ciphertext of the message M extracted
Part Ci,2With i-th of part C of the sub- ciphertext of third of message Mi,3, according to equation
Calculate i-th of system property of the corresponding decryption properties subclass of ciphertext CSolution confidential information Di;By the corresponding solution of ciphertext C
The solution confidential information summation for all system properties that close attribute set closes, obtains the solution secret letter that ciphertext C corresponds to attribute authority
Cease Dsum;
Then, User ID corresponds to the solution confidential information D of attribute authority using all ciphertext Csum, and walked according to A1
Linear privacy sharing method, the solution confidential information D of ciphertext C is calculated;
Finally, User ID is by the first of message M the sub- ciphertext C1Disappear with the difference M' of the solution confidential information D of ciphertext C as decryption
Cease M', M'=C1-D;When decryption message M' meets inequalityWhen, the message M decrypted is 1;It is no
Then, the message M decrypted is 0.
Claims (1)
1. supporting the distributed nature base encryption method of fine granularity attribute revocation on a kind of lattice, step is:
A, system initialization
The generation of A1, system public key, private key
System centre according to the security parameter λ of setting, randomly selects λ prime number qs first, then randomly selects digit less than λ's
Dimension n and Gaussian parameter α;It then selects and meets relational expression m >=5nlog2The random number m of q, as columns m;
Then, system centre generates a n dimension object vector U at random and generates the revocation matrix B of+1 n row m of η column at randomj, j
∈[0,η];Wherein, object vector U and revocation matrix BjIn element be random number less than prime number q, j is revocation matrix
Serial number, η be user property cancel the time digit;
System centre carries out linear privacy sharing to object vector U, and sub-secret sharing behavior u is sent to corresponding attribute authority
Mechanism, the private key as the attribute authority;
The generation of A2, attribute public key, private key
Attribute authority possesses system property subspace W, W={ w1,…,wi,…,w|W|Key distribution, administration authority;Its
In, wiFor i-th of system property in the W of system property subspace, | W | for system property w in the W of system property subspaceiIt is total
Number;
I-th of system property w that attribute authority manages for itiEstablish corresponding y-bend revocation tree BTi, i.e. i-th of system category
Property wiY-bend revocation tree BTi;Attribute authority utilizes trapdoor generating algorithm, calculation system attribute according to prime number q and dimension n
I-th of system property w in the W of subspaceiPublic key matrix AiWith private key matrix Ti;Wherein, public key matrix AiIt is respectively less than for element
The n row m column matrix of prime number q, private key matrix TiThe m row m column matrix of prime number q is respectively less than for element;
B, user property key generates
The composition of B1, user property set
The identity of User ID is id, the user property subset that User ID possesses
Wherein, user property subsetFor the subset of system property subspace W, i.e., Indicate user property subset
In k-th of user property;For user property subsetMiddle user propertyNumber;And user property subset
In k-th of user propertyIt is i-th of system property w in the W of system property subspacei, i.e.,By user property
SubsetIn k-th of user propertyIt is named as i-th of system property w of User IDi,id,
B2, user property key generate
Attribute authority carries out quadratic linear privacy sharing to sub- Secret Shares u, obtains i-th of system property of User ID
wi,idSecondary sub-secret sharing behavior ui,id;And calculate i-th of system property w of User IDi,idTree BT is cancelled in y-bendiIn
Node key SKi,id,θ, detailed process is as follows:
The identity id of User ID is deposited in i-th of system property w by attribute authorityiY-bend revocation tree BTiIn
Empty leaf node;Tree BT is cancelled for the leaf node to y-bendiNode v on the path of root nodei,θ, attribute authority
A n-dimensional vector is randomly choosed, i-th of system property w as User IDi,idTree BT is cancelled in y-bendiNode vi,θIt is close
Key vectorWherein, key vectorIn element be random number less than prime number q;θ is node vi,θIt is cancelled in y-bend
Set BTiIn number;
Then, attribute authority calculates i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θ's
Cancel key vectorAnd by i-th of system property w of User IDi,idTree BT is cancelled in y-bendiSection
Point vi,θKey vectorWith revocation key vectorDeposit in node vi,θIn;
Finally, attribute authority is according to Gaussian parameter α, i-th of system property wiPublic key matrix Ai, i-th of system property wi
Private key matrix TiWith i-th of system property w of User IDi,idTree BT is cancelled in y-bendiNode vi,θKey vector
I-th of system property w of User ID is generated using primary image extraction algorithmi,idIn node vi,θOn attribute key
C, user property more new key generates
The selection of C1, y-bend revocation tree node
As i-th of system property w of User IDi,idWhen being revoked, which is named as and has cancelled userIts identity mark
Memorize isUser will have been cancelled simultaneouslyIdentity noteCharge to user's revocation list RL;Attribute authority according to
User is cancelledI-th of system property wi,idY-bend revocation tree BTiWith user revocation list RL, obtains and cancelled userProperty rights revocation when, y-bend revocation tree BTiThe minimal set for the node for needing to update, i.e. node updates minimal set
Y;
The update of C2, key vector sum revocation key vector
For any node v in node updates minimal set Yi,θ, vi,θ∈ Y, if i-th of system property of the User ID of storage
wi,idTree BT is cancelled in y-bendiNode vi,θKey vectorWith revocation key vectorIt is not sky;Then carry out C3 step
Operation;Otherwise, attribute authority randomly chooses a n-dimensional vector, updates i-th of system property w of User IDi,idIn node
vi,θOn key vectorWherein, updated key vectorIn element be random number less than prime number q;
Then, attribute authority utilizes i-th of system property w of User IDi,idIn node vi,θOn key vectorAnd B2
I-th of system property w of the User ID in stepi,idSecondary sub-secret sharing behavior ui,id, according to equationIt obtains
I-th of system property w of User IDi,idIn node vi,θOn revocation key vectorUpdated value;And it will be updated close
Key vectorWith revocation key vectorDeposit in the node v in set Yi,θOn;
The calculating of C3, user property more new key
By C1 walk in cancelled userI-th of system propertyProperty rights cancel the moment, be denoted as digit be η two
System character string t, i.e. binary system cancel time string t, t=(t1,…,tj,…,tη);Wherein, tjTime string t is cancelled for binary system
The binary-coded character of middle jth position;
The revocation matrix B that attribute authority is arranged first with+1 n row m of η of binary system revocation time string t and A1 stepj, j ∈
Revocation time cryptographic Hash H (t), H (t)=B is calculated in [0, η]0+∑j∈[1,η]tj·Bj;Then, attribute authority according to
Gaussian parameter α, i-th of system property wiPublic key matrix AiAnd private key matrix Ti, revocation time cryptographic Hash H (t) and User ID
I-th of system property wi,idIn node vi,θOn revocation key vectorIt runs i-th that left extraction algorithm generates User ID
System property wi,idIn node vi,θOn user property more new key
D, it encrypts
The composition of D1, cryptographic attributes set
Encryption side selects cryptographic attributes subclass W*,The cryptographic attributes subclass W*To be
The subset of subordination subspace W, i.e., Indicate cryptographic attributes subclass W*In first of cryptographic attributes;|W*| it indicates
Cryptographic attributes subclass W*The number of middle cryptographic attributes;And cryptographic attributes subclass W*In first of cryptographic attributesIt is system
I-th of system property w in attribute subspace Wi, i.e.,By cryptographic attributes subclass W*In first of cryptographic attributes
It is named as i-th of system property of cryptographic attributes subclassI.e.
D2, the first sub- cryptogram computation
It is the n-dimensional vector less than prime number q as encryption vector s that encryption side randomly selects element first;Then, it is small for choosing element
The Gaussian noise x that distribution parameter is Gaussian parameter α is obeyed in prime number q;Finally, encryption side utilizes encryption vector s, Gaussian noise
X, the object vector U in prime number q and A1 step, calculates the first sub- ciphertext C of outbound message M1,Its
In, T is matrix transposition symbol,For downward rounding operation;
D3, the second sub- cryptogram computation
Encryption side randomly selects m and obeys the Gaussian noise that distribution parameter is Gaussian parameter α, and composition m ties up noise vector xi, as
I-th of system property of cryptographic attributes subclassSecret noise vector xi;And utilize the secret noise vector xi, encrypt to
Measure s, i-th of system property wiPublic key matrix Ai, encryption vector s, i-th of part of the second sub- ciphertext of calculating outbound message M
Ci,2, Ci,2=Ai T·s+xi;Various pieces are sequentially connected in series, the second sub- ciphertext C of message M is obtained2;
The sub- cryptogram computation of D4, third
Encryption side randomly selects the fuzzy matrix R that the random number that element value is -1 or 1 constitutes m row m columni, as cryptographic attributes
I-th of system property of setAttribute fuzzy matrix Ri, and then calculate i-th of system property of cryptographic attributes subclassEncryption pre-process noise vector zi, zi=(xi|Ri·xi), wherein | indicate row connection;
Then, encryption side utilizes i-th of system property wiPublic key matrix AiWith revocation time cryptographic Hash H (t), pass through link
Mode generates i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, Fi=Ai|H(t);
Finally, encryption side utilizes i-th of system property of cryptographic attributes subclassRe-encryption matrix Fi, encryption vector s and plus
I-th of system property that close attribute set closesEncryption pre-process noise vector zi, calculate the sub- ciphertext of third of outbound message M
I-th of part Ci,3, Ci,3=Fi T·s+zi;Various pieces are sequentially connected in series, the sub- ciphertext C of third of message M is obtained3;
By the sub- ciphertext C of the third of message M1, the sub- ciphertext C of third2, the sub- ciphertext C of third3It is sequentially connected in series, obtains the close of message M
Literary C;
E, it decrypts
E1, decryption properties set are constituted
User ID is first by user property subsetWith cryptographic attributes subclass W*Intersection as decryption properties subclass Wherein,For decryption properties subclassIn r-th solution
Close attribute,For decryption properties subclassThe number of middle decryption properties;And decryption properties subclassIn r-th solution
Close attributeIt is i-th of system property w in the W of system property subspacei,By decryption properties subclassIn
R-th of decryption propertiesIt is named as i-th of system property of decryption properties subclassI.e.
E2, decryption message
After User ID receives the ciphertext C of message M, decryption properties subclass is determinedWhether satisfaction decrypts substrategy;If decryption belongs to
Temper setIt is unsatisfactory for decryption substrategy, algorithm stops;Otherwise, User ID executes following operation:
According to B2 walk in quadratic linear privacy sharing method obtain i-th of system property of decryption properties subclassMeter
Calculate factor mui,id;And utilize i-th of system property w of User IDi,idIn node vi,θOn attribute keyI-th of User ID
System property wi,idIn node vi,θOn user property more new keyAnd i-th of the second sub- ciphertext of the message M extracted
Part Ci,2With i-th of part C of the sub- ciphertext of third of message Mi,3, according to equation
Calculate i-th of system property of the corresponding decryption properties subclass of ciphertext CSolution confidential information Di;By the corresponding solution of ciphertext C
The solution confidential information summation for all system properties that close attribute set closes, obtains the solution secret letter that ciphertext C corresponds to attribute authority
Cease Dsum;
Then, User ID corresponds to the solution confidential information D of attribute authority using all ciphertext Csum, and according to A1 walk in line
Property privacy sharing method, is calculated the solution confidential information D of ciphertext C;
Finally, User ID is by the first of message M the sub- ciphertext C1It is used as decryption message M' with the difference M' of the solution confidential information D of ciphertext C,
M'=C1-D;When decryption message M' meets inequalityWhen, the message M decrypted is 1;Otherwise, it solves
Close obtained message M is 0.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810744183.6A CN108880801B (en) | 2018-07-09 | 2018-07-09 | Distributed attribute-based encryption method for supporting fine-grained attribute revocation in lattice manner |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810744183.6A CN108880801B (en) | 2018-07-09 | 2018-07-09 | Distributed attribute-based encryption method for supporting fine-grained attribute revocation in lattice manner |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108880801A true CN108880801A (en) | 2018-11-23 |
CN108880801B CN108880801B (en) | 2020-11-27 |
Family
ID=64299973
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810744183.6A Active CN108880801B (en) | 2018-07-09 | 2018-07-09 | Distributed attribute-based encryption method for supporting fine-grained attribute revocation in lattice manner |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108880801B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110247761A (en) * | 2019-06-18 | 2019-09-17 | 西安电子科技大学 | The ciphertext policy ABE encryption method of attribute revocation is supported on a kind of lattice |
CN110351093A (en) * | 2019-06-14 | 2019-10-18 | 西南交通大学 | Based on attribute can linked network ring signatures method |
CN111447209A (en) * | 2020-03-24 | 2020-07-24 | 西南交通大学 | Black box traceable ciphertext policy attribute-based encryption method |
CN112187757A (en) * | 2020-09-21 | 2021-01-05 | 上海同态信息科技有限责任公司 | Multilink privacy data circulation system and method |
CN113486384A (en) * | 2021-07-28 | 2021-10-08 | 北京字节跳动网络技术有限公司 | Key updating method, device, multi-attribute authority management system, equipment and medium |
CN116094845A (en) * | 2023-04-10 | 2023-05-09 | 中国人民解放军国防科技大学 | Efficient revocation conditional proxy re-encryption method and system |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103297227A (en) * | 2013-07-02 | 2013-09-11 | 西安电子科技大学 | Attribute-based encryption supporting flexible and direct-revocatory ciphertext policy |
CN104022869A (en) * | 2014-06-17 | 2014-09-03 | 西安电子科技大学 | Fine-grained data access control method based on fragmenting of secret keys |
US20160269373A1 (en) * | 2015-03-12 | 2016-09-15 | Fornetix Llc | Systems and methods for organizing devices in a policy hierarchy |
WO2017061950A1 (en) * | 2015-10-09 | 2017-04-13 | Singapore Management University | Data security system and method for operation thereof |
CN107359986A (en) * | 2017-07-03 | 2017-11-17 | 暨南大学 | The outsourcing encryption and decryption CP ABE methods of user revocation |
CN107566386A (en) * | 2017-09-14 | 2018-01-09 | 上海海事大学 | A kind of voidable attribute base encryption method |
-
2018
- 2018-07-09 CN CN201810744183.6A patent/CN108880801B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103297227A (en) * | 2013-07-02 | 2013-09-11 | 西安电子科技大学 | Attribute-based encryption supporting flexible and direct-revocatory ciphertext policy |
CN104022869A (en) * | 2014-06-17 | 2014-09-03 | 西安电子科技大学 | Fine-grained data access control method based on fragmenting of secret keys |
US20160269373A1 (en) * | 2015-03-12 | 2016-09-15 | Fornetix Llc | Systems and methods for organizing devices in a policy hierarchy |
WO2017061950A1 (en) * | 2015-10-09 | 2017-04-13 | Singapore Management University | Data security system and method for operation thereof |
CN107359986A (en) * | 2017-07-03 | 2017-11-17 | 暨南大学 | The outsourcing encryption and decryption CP ABE methods of user revocation |
CN107566386A (en) * | 2017-09-14 | 2018-01-09 | 上海海事大学 | A kind of voidable attribute base encryption method |
Non-Patent Citations (3)
Title |
---|
HUIJUN ZHU: "Key-Policy Attribute-Based Encryption With Equality Test in Cloud Computing", 《IEEE》 * |
房梁: "基于属性的访问控制关键技术研究综述", 《计算机学报》 * |
王鹏翩: "一种支持完全细粒度属性撤销的 CP-ABE 方案", 《软件学报》 * |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110351093A (en) * | 2019-06-14 | 2019-10-18 | 西南交通大学 | Based on attribute can linked network ring signatures method |
CN110351093B (en) * | 2019-06-14 | 2021-08-03 | 西南交通大学 | Linkable network ring signature method based on attributes |
CN110247761A (en) * | 2019-06-18 | 2019-09-17 | 西安电子科技大学 | The ciphertext policy ABE encryption method of attribute revocation is supported on a kind of lattice |
CN110247761B (en) * | 2019-06-18 | 2021-04-20 | 西安电子科技大学 | Ciphertext strategy attribute encryption method supporting attribute revocation in lattice manner |
CN111447209A (en) * | 2020-03-24 | 2020-07-24 | 西南交通大学 | Black box traceable ciphertext policy attribute-based encryption method |
CN111447209B (en) * | 2020-03-24 | 2021-04-06 | 西南交通大学 | Black box traceable ciphertext policy attribute-based encryption method |
CN112187757A (en) * | 2020-09-21 | 2021-01-05 | 上海同态信息科技有限责任公司 | Multilink privacy data circulation system and method |
CN113486384A (en) * | 2021-07-28 | 2021-10-08 | 北京字节跳动网络技术有限公司 | Key updating method, device, multi-attribute authority management system, equipment and medium |
CN116094845A (en) * | 2023-04-10 | 2023-05-09 | 中国人民解放军国防科技大学 | Efficient revocation conditional proxy re-encryption method and system |
CN116094845B (en) * | 2023-04-10 | 2023-07-25 | 中国人民解放军国防科技大学 | Efficient revocation conditional proxy re-encryption method and system |
Also Published As
Publication number | Publication date |
---|---|
CN108880801B (en) | 2020-11-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Zhong et al. | Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage | |
CN108880801A (en) | The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice | |
CN104363215B (en) | A kind of encryption method and system based on attribute | |
CN108833393A (en) | A kind of revocable data sharing method calculated based on mist | |
Li et al. | Two-factor data access control with efficient revocation for multi-authority cloud storage systems | |
CN105100083B (en) | A kind of secret protection and support user's revocation based on encryption attribute method and system | |
CN109194523A (en) | The multi-party diagnostic model fusion method and system, cloud server of secret protection | |
CN106059763B (en) | The properties base multi-mechanism hierarchical Ciphertext policy weight encryption method of cloud environment | |
Ying et al. | Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating | |
CN110933033A (en) | Cross-domain access control method for multiple Internet of things domains in smart city environment | |
Zhang et al. | Adaptively secure multi-authority attribute-based encryption with verifiable outsourced decryption. | |
Ming et al. | Efficient revocable multi-authority attribute-based encryption for cloud storage | |
CN111953483A (en) | Multi-authority access control method based on criterion | |
Wang et al. | Attribute-based equality test over encrypted data without random oracles | |
Liu et al. | Dynamic attribute-based access control in cloud storage systems | |
CN116011014A (en) | Privacy computing method and privacy computing system | |
CN105978689A (en) | Anti-key-exposure cloud data safe sharing method | |
Wang et al. | Traceable ciphertext policy attribute-based encryption scheme with user revocation for cloud storage | |
Zhang et al. | Multi-authority attribute-based encryption with user revocation and outsourcing decryption | |
Wang et al. | Revocable, dynamic and decentralized data access control in cloud storage | |
CN114629640A (en) | White-box accountable attribute-based encryption system and method for solving key escrow problem | |
CN111010386B (en) | Privacy protection and data supervision control method based on shared account book | |
Zhenpeng et al. | Multi-authority attribute based encryption with attribute revocation | |
Yan et al. | Revocable ciphertext-policy attribute-based encryption in data outsourcing systems from lattices | |
Sun et al. | Multi-Authority Criteria-Based Encryption Scheme for IoT |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230414 Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province Patentee after: Yami Technology (Guangzhou) Co.,Ltd. Address before: 610031 No. two, section 111, ring road, Chengdu, Sichuan, China Patentee before: SOUTHWEST JIAOTONG University |
|
TR01 | Transfer of patent right |