CN108989037A - A kind of more authorization attribute base encryption methods, system, equipment and computer media - Google Patents
A kind of more authorization attribute base encryption methods, system, equipment and computer media Download PDFInfo
- Publication number
- CN108989037A CN108989037A CN201811014009.2A CN201811014009A CN108989037A CN 108989037 A CN108989037 A CN 108989037A CN 201811014009 A CN201811014009 A CN 201811014009A CN 108989037 A CN108989037 A CN 108989037A
- Authority
- CN
- China
- Prior art keywords
- key
- encrypted
- attribute
- authorized organization
- decryption side
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/3033—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test
Abstract
This application discloses a kind of more authorization attribute base encryption methods, system, equipment and computer medias, wherein this method comprises: obtaining the system common parameter and authorized organization's key that authorized organization generates;Cleartext information to be encrypted is obtained, determines the sets of authorizations in Attribute domain, encrypting plaintext information is treated based on system common parameter and sets of authorizations and is encrypted, encrypted cipher text information is obtained;Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access structure of decryption side, decruption key is generated based on identification information, access structure and authorized organization's key;It sends decruption key and obtains cleartext information to be encrypted so that decryption side is based on decruption key, encrypted cipher text information is decrypted in system common parameter to decryption side.A kind of more authorization attribute base encryption methods, system, equipment and computer readable storage medium disclosed in the present application, improve the safety of more authorization attribute base encryption methods.
Description
Technical field
This application involves more authorization attribute base encryption technology fields, add more specifically to a kind of more authorization attribute bases
Decryption method, system, equipment and computer media.
Background technique
Nowadays, cloud computing technology is increasingly mature, and people's lives is made to become more convenient.Cloud computing technology is for we
The open shared environment provided, while any desired resource can be downloaded.However, such a open
In shared environment, the controllability of the safety and shared range that how to guarantee shared information is the problem that must be solved.
In order to guarantee the safety of shared information and the controllability of shared range, a kind of existing encryption method is that more authorizations belong to
Property base encryption method.More authorization attribute base encryption methods namely multiple disjoint attributes are managed respectively using multiple authorized organizations
Set, each authorized organization complete alone the work such as key distribution and attribute certification, without any association between authorized organization, mutually
It is independent, both reduced the work load of authorized organization in this way, and the stability and safety of whole system had been also enhanced, as long as having one
A authorized organization is honesty it is ensured that whole system is safe.
However, in a kind of existing more authorization attribute base encryption methods, decryption side needed when obtaining key by oneself
Unique identity GID and access structure issue each encryption side, and can join together will be same for encryption side in this way
The corresponding attribute set of GID, which collects, generates a file, this file contains all properties information of decryption side, once
Encryption side is utilized by criminal, and the information of decryption side will be revealed, the privacy of decryption side be unable to get guarantee namely it is existing
A kind of safety of more authorization attribute base encryption methods is lower.
In conclusion the safety for how improving a kind of existing more authorization attribute base encryption methods is current this field skill
Art personnel's urgent problem to be solved.
Summary of the invention
The purpose of the application is to provide a kind of more authorization attribute base encryption methods, can solve how to mention to a certain extent
A kind of the technical issues of high existing more authorization attribute base encryption methods.Present invention also provides a kind of more authorization attribute bases to encrypt
System, equipment and computer readable storage medium.
To achieve the goals above, the application provides the following technical solutions:
A kind of more authorization attribute base encryption methods, comprising:
Obtain the system common parameter and authorized organization that authorized organization is generated based on the sizes values of security parameter and Attribute domain
Key;
Obtain cleartext information to be encrypted, determine the sets of authorizations in the Attribute domain, based on the system common parameter and
The sets of authorizations encrypts the cleartext information to be encrypted, obtains encrypted cipher text information;
Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access of decryption side
Structure generates decruption key based on the identification information, the access structure and authorized organization's key;
The decruption key is sent to the decryption side, so that the decryption side belongs in the attribute set of the decryption side
When the sets of authorizations, the encrypted cipher text information is decrypted based on the decruption key, the system common parameter, is obtained
To the cleartext information to be encrypted.
It is preferably, described that identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, comprising:
Agreement, which is generated, based on Anonymity Key obtains identification information corresponding with the identity of decryption side.
Preferably, the acquisition authorized organization based on the sizes values of security parameter and Attribute domain generate system common parameter and
The process of authorized organization's key, specifically includes:
Obtain the sizes values that the authorization generates formula, the security parameter and the Attribute domain based on system common parameter
The system common parameter generated generates the big of formula, the security parameter and the Attribute domain based on authorized organization's key
Authorized organization's key that small value generates;
The system common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates the system common parameter;ASKkIndicate authorized organization's key;xk∈Zp,
ZpIndicate the set of prime number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization with
The pseudo-random function seed shared between j-th of authorized organization, N indicate the total number of the authorized organization; vk∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), to adjust
With GEN_GP (1λ) algorithm carries out obtained Bilinear Groups parameter after operation to the security parameter, wherein | p |=λ, λ indicate institute
State security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Respectively group G1And G2Generation member, and exist
One from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2) ≠ 1, to the institute in Attribute domain U
There are attribute, h1,h2,…,h|U|∈G1,When, hk,i∈G1。
Preferably, described that the cleartext information to be encrypted is carried out based on the system common parameter and the sets of authorizations
Encryption, obtains encrypted cipher text information, comprising:
Based on encrypted cipher text information calculation formula, the system common parameter, the sets of authorizations and described to be encrypted bright
Literary information obtains the encrypted cipher text information;
The encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S;
Wherein, C0、C1、CxIndicate the encrypted cipher text information, m indicates the cleartext information to be encrypted, s ∈ Zp, S table
Show the sets of authorizations.
It is preferably, described that agreement acquisition identification information corresponding with the identity of decryption side is generated based on Anonymity Key,
Include:
Agreement is generated based on Anonymity Key and obtains identification information corresponding with the identity of decryption side, wherein described to hide
In name Key generation protocolH=g1, αk=δkjRkj, βk=skj, γk=δkj, Rkj∈Zp;When k > j, δkj=1, k
When < j, δkj=-1;When k > j,K < j
When,U indicates the identity;
It is described that decruption key is generated based on the identification information, the access structure and authorized organization's key, comprising:
It is obtained based on decruption key calculation formula, the identification information, the access structure and authorized organization's key
The decruption key;
The decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mk,ρk), indicate the access structure, MkFor l × n rank matrix, ρkFor one matrix
Row be mapped to the function of attribute;yk,u=vk-Σj∈{1,2…N}\kRkj, for the master key of authorized organization setting;ΓkIt indicates
Matrix MkThe corresponding attribute set of all rows,Γk/ x indicates set ΓkRemove element x
Resulting new set afterwards.
Preferably, the decryption side is based on the solution when the attribute set of the decryption side belongs to the sets of authorizations
The encrypted cipher text information is decrypted in key, the system common parameter, obtains the mistake of the cleartext information to be encrypted
Journey includes:
Judge whether the attribute set of the decryption side belongs to the sets of authorizations, if so, based on decryption formula to institute
It states decruption key, the system common parameter and the encrypted cipher text information and obtains the cleartext information to be encrypted;
The decryption formula includes:
M=C0/Ys;
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS
The parameter that matter obtains;Δk∈Sk;
Ru=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj。
A kind of more authorization attribute based encryption systems, comprising:
First obtains module, public for obtaining the system that authorized organization is generated based on the sizes values of security parameter and Attribute domain
Parameter and authorized organization's key altogether;
Second obtains module, for obtaining cleartext information to be encrypted, determines the sets of authorizations in the Attribute domain, is based on institute
It states system common parameter and the sets of authorizations to encrypt the cleartext information to be encrypted, obtains encrypted cipher text information;
Generation module is obtained for obtaining identification information corresponding with the identity of decryption side based on Key generation protocol
The access structure of decryption side is taken, it is close to generate decryption based on the identification information, the access structure and authorized organization's key
Key;
Sending module, for sending the decruption key to the decryption side, so that the decryption side is in the decryption side
Attribute set when belonging to the sets of authorizations, based on the decruption key, the system common parameter to the encrypted cipher text
Information is decrypted, and obtains the cleartext information to be encrypted.
Preferably, the generation module includes:
First acquisition unit obtains mark corresponding with the identity of decryption side for generating agreement based on Anonymity Key
Information.
Preferably, the first acquisition module includes:
Second acquisition unit is based on system common parameter generation formula, the safety ginseng for obtaining the authorized organization
The system common parameter that the sizes values of the several and described Attribute domain generate generates formula, the peace based on authorized organization's key
The authorized organization key that the sizes values of population parameter and the Attribute domain generate;
The system common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates the system common parameter;ASKkThe power agency key is awarded in expression;xk∈Zp,
ZpIndicate the set of prime number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization with
The pseudo-random function seed shared between j-th of authorized organization, N indicate the total number of the authorized organization;vk∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), it is
Call GEN_GP (1λ) algorithm carries out obtained Bilinear Groups parameter after operation to the security parameter, wherein | p |=λ, λ are indicated
The security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Respectively group G1And G2Generation member, and deposit
At one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2) ≠ 1, in the Attribute domain U
All properties, h1,h2,…,h|U|∈G1,When, hk,i∈G1。
Preferably, the second acquisition module may include:
Second acquisition unit, for being based on encrypted cipher text information calculation formula, the system common parameter, the authorization set
It closes and the cleartext information to be encrypted obtains the encrypted cipher text information;
The encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S;
Wherein, C0、C1、CxIndicate the encrypted cipher text information, m indicates the cleartext information to be encrypted, s ∈ Zp, S table
Show the sets of authorizations.
Preferably, the first acquisition unit may include:
First obtains subelement, obtains mark corresponding with the identity of decryption side for generating agreement based on Anonymity Key
Know information, wherein the Anonymity Key generates in agreementH=g1, αk=δkjRkj, βk=skj, γk=δkj, Rkj
∈Zp;When k > j, δkjWhen=1, k < j, δkj=-1;When k > j,When k < j,U indicates the identity
Mark;
The generation module may include:
Decryption unit, for being based on decruption key calculation formula, the identification information, the access structure and the authorization
Agency key obtains decruption key;
The decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mk,ρk), indicate the access structure, MkFor l × n rank matrix, ρkFor one matrix
Row be mapped to the function of attribute;yk,u=vk-Σj∈{1,2…N}\kRkj, for the master key of authorized organization setting;ΓkIt indicates
Matrix MkThe corresponding attribute set of all rows,Γk/ x indicates set ΓkRemove element x
Resulting new set afterwards.
Preferably, the decryption side is based on the decruption key, institute when the attribute set of decryption side belongs to sets of authorizations
It states system common parameter the encrypted cipher text information is decrypted, the process for obtaining the cleartext information to be encrypted can wrap
It includes:
Judge whether the attribute set of the decryption side belongs to the sets of authorizations, if so, based on decryption formula to institute
It states decruption key, the system common parameter and the encrypted cipher text information and obtains the cleartext information to be encrypted;
The decryption formula includes:
M=C0/Ys;
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;For according to LSSS reconstruction nature
Obtained parameter;Δk∈Sk; Ru
=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj。
A kind of more authorization attribute base encryption equipment, comprising:
Memory, for storing computer program;
Processor realizes as above any more authorization attribute base encryption methods when for executing the computer program
The step of.
A kind of computer readable storage medium is stored with computer program in the computer readable storage medium, described
The step of as above any described more authorization attribute base encryption methods are realized when computer program is executed by processor.
A kind of more authorization attribute base encryption methods provided by the present application obtain authorized organization and are based on security parameter and Attribute domain
Sizes values generate system common parameter and authorized organization's key;Cleartext information to be encrypted is obtained, determines awarding in Attribute domain
Power set, treats encrypting plaintext information based on system common parameter and sets of authorizations and is encrypted, obtain encrypted cipher text information;Base
Identification information corresponding with the identity of decryption side is obtained in Key generation protocol, the access structure of decryption side is obtained, is based on
Identification information, access structure and authorized organization's key generate decruption key;Decruption key is sent to decryption side, so that decryption side exists
When the attribute set of decryption side belongs to sets of authorizations, encrypted cipher text information is solved based on decruption key, system common parameter
It is close, obtain cleartext information to be encrypted.In a kind of more authorization attribute base encryption methods provided by the present application, Key generation protocol is peace
Complete two side calculates agreement, i.e., the safety that encryption side and decryption side participate in jointly calculates agreement, and encryption side is based on Key generation protocol
Identification information corresponding with the identity of decryption side is obtained, since Key generation protocol is that communicating pair is not knowing other side's
The agreement that still can be accordingly calculated based on the data of other side in the case where data, so encryption side can not know decryption side
Identity in the case where, using decryption side identity complete generate decruption key operation, thus to a certain degree
On avoid the occurrence of encryption side in the prior art the attribute set of decryption side get up to threaten by the identity of decryption side and decrypt
The situation of the safety of side, improves a kind of safety of existing more authorization attribute base encryption methods to a certain extent.This Shen
A kind of more authorization attribute based encryption systems, equipment and the computer readable storage medium that please be provided also solve relevant art and ask
Topic.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of application for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is a kind of flow chart of more authorization attribute base encryption methods provided by the embodiments of the present application;
Fig. 2 is the calculation flow chart that Anonymity Key generates agreement;
Fig. 3 is a kind of structural schematic diagram of more authorization attribute based encryption systems provided by the embodiments of the present application;
Fig. 4 is the structural schematic diagram that a kind of more authorization attribute bases provided by the embodiments of the present application encrypt equipment;
Fig. 5 is another structural schematic diagram that a kind of more authorization attribute bases provided by the embodiments of the present application encrypt equipment.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on
Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall in the protection scope of this application.
In order to guarantee the safety of shared information and the controllability of shared range, a kind of existing encryption method is that more authorizations belong to
Property base encryption method.More authorization attribute base encryption methods namely multiple disjoint attributes are managed respectively using multiple authorized organizations
Set, each authorized organization complete alone the work such as key distribution and attribute certification, without any association between authorized organization, mutually
It is independent, both reduced the work load of authorized organization in this way, and the stability and safety of whole system had been also enhanced, as long as having one
A authorized organization is honesty it is ensured that whole system is safe.However, a kind of existing more authorization attribute bases add
In decryption method, user, which needs oneself unique identity GID and access structure issuing each when obtaining key, to be awarded
Mechanism is weighed, such authorized organization, which can join together to collect the corresponding attribute set of the same GID, generates a text
Part, this file contains all properties information of user, once authorized organization is utilized by criminal, the information of user will
Leakage, the privacy of user is unable to get guarantee namely a kind of safety of existing more authorization attribute base encryption methods is lower.And
A kind of more authorization attribute base encryption methods provided by the present application have preferable safety.
Referring to Fig. 1, Fig. 1 is a kind of flow chart of more authorization attribute base encryption methods provided by the embodiments of the present application.
A kind of more authorization attribute base encryption methods provided by the embodiments of the present application, may include steps of:
Step S101: obtain system common parameter that authorized organization is generated based on the sizes values of security parameter and Attribute domain with
Authorized organization's key.
It is understood that in a kind of more authorization attribute base encryption methods provided by the embodiments of the present application each step it is dynamic
Making executing subject is encryption side, and related encryption side refers to being responsible for the side that cleartext information to be encrypted is encrypted,
It can be specially to be responsible for server, the computer etc. that cleartext information to be encrypted is encrypted.Belong to involved in the application
Property domain be a series of attributes combination, specific attribute classification can determines according to actual conditions, by decryption side be student for,
Then the attribute in Attribute domain may include: grade, student number, school's title, class, age, achievement etc..
In practical application, authorized organization generates system common parameter and authorization based on the sizes values of security parameter and Attribute domain
The process of agency key can be with are as follows:
Authorized organization is public based on the sizes values generation system that system common parameter generates formula, security parameter and Attribute domain
Parameter, the sizes values for generating formula, security parameter and Attribute domain based on authorized organization's key generate authorized organization's key;
System common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIndicate element
The set of number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate that k-th of authorized organization awards with j-th
The pseudo-random function seed shared between power mechanism, the total number of N expression authorized organization, and Attribute domain are divided into N number of non-intersecting
Set, managed respectively by different authorized organization,The attribute set that k-th of authorized organization is managed is indicated, by N number of category
Property compound mapping be 1 to the unique integral between n;vk
∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), to call GEN_GP (1λ) algorithm to the security parameter carry out operation
The Bilinear Groups parameter obtained afterwards, GEN_GP (1λ) in algorithm, | p |=λ, λ indicate that the security parameter, e () indicate double
Linear right, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Respectively group G1And G2Generation member, and there are one
From G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→GTIt is right for a bilinear map
And a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2) ≠ 1, to all properties in Attribute domain U, h1,
h2,…,h|U|∈G1,When, hk,i∈G1。
The concept of Bilinear map is as follows: setting G0And G1It is the group of prime number p for rank, element g is G0Generation member, map e:G0
×G0→G1.Meet following three property: bilinearity (Bilinearity), e (ga,hb)=e (g, h)ab, wherein g, h ∈ G0, a,
b∈Zp;Non-degeneracy (Non-degeneracy), e (g, g) ≠ 1,1 is G1Identical element;Computability
(Computability), rightE (P, Q) is computable.If mapping meets e (ga,gb)=e (g, g)ab
=e (gb,ga), then mapping e is that symmetrically, otherwise, e is asymmetric mapping.
Step S102: obtaining cleartext information to be encrypted, determines the sets of authorizations in Attribute domain, based on system common parameter and
Sets of authorizations is treated encrypting plaintext information and is encrypted, and encrypted cipher text information is obtained.
In practical application, decryption side can based on encrypted cipher text information calculation formula, system common parameter, sets of authorizations and
Cleartext information to be encrypted obtains encrypted cipher text information;
Encrypted cipher text information calculation formula can be with are as follows:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S;
Wherein, C0、C1、CxIndicate encrypted cipher text information, m indicates cleartext information to be encrypted, s ∈ Zp, S expression authorization set
It closes, the concrete meaning about each parameter please refers to the associated description in step S102, and details are not described herein.
Step S103: identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains solution
The access structure of close side generates decruption key based on identification information, access structure and authorized organization's key.
Key generation protocol refers to: in distributed environment, mutually independent two participants Q and L hold secret respectively
Close x and y inputs respective secret x and y, common calculating target function f (x, y)=(f by executing an interaction protocol1(x,
Y), f2(x, y)), last Q and L respectively obtain the output valve f1 (x, y) and f2 (x, y) of function, in this process each participation
Information relevant to the secret that other participants hold that person will not obtain namely Q do not know that any information relevant with y, L
Any information relevant to x will not be known, accordingly even when Q and L both sides mutual mistrust also can be carried out communication.It is generated and is assisted by key
It is found that by Key generation protocol, decryption side can be obtained in the case where not knowing the identity of decryption side for the description of view
Identification information corresponding with the identity of decryption side is decrypted so as to avoid encryption root according to the identity collection of decryption side together
The all properties of side, avoid encryption side to the security threat of decryption side.
In practical application, the type of Key generation protocol can be determined flexibly according to actual needs, for example it can be peace
Complete two side calculates the Anonymity Key in agreement and generates agreement etc., in order to improve computational efficiency, based on Key generation protocol obtain with
The corresponding identification information of the identity of decryption side, can be with specifically: generates agreement based on Anonymity Key and obtains and decryption side
The corresponding identification information of identity.Wherein, decryption side need to call N-1 Anonymity Key to generate agreement, and Anonymity Key generates association
In viewH=g1, αk=δkjRkj, βk=skj, γk=δkj, Rkj∈Zp;When k > j, δkjWhen=1, k < j, δkj=-1;When k > j,When k < j,u
Indicate identity.
Referring to Fig. 2, Fig. 2 is the calculation flow chart that Anonymity Key generates agreement.Decryption side provides (u, ρ1), encryption side mentions
For private key cc, β, γ, encryption side is using 2PC to (u, ρ1), α, β, γ carry out operation obtainDecryption side
In conjunction withIt is rightOperation is carried out, ρ is obtained2∈RZp, then obtain
Encryption side is based on Y, PoK (ρ2) rightOperation is carried out, is obtainedDecryption side is based onIt is rightOperation is carried out, is obtainedWherein, PoK indicates that zero-knowledge proof, u indicate the identity of decryption side.Specifically
In application scenarios, in order to further ensure the safety of identity, an anti-conspiracy hash function H:{ 0,1 can be defined }*→
Zp, operation is carried out to identity (GID), obtains H (GID), at this time u=H (GID).Meaning about other parameters please refers to
Anonymity Key generates the related definition of agreement in the prior art, and details are not described herein by the application.
Access structure involved in the application refers to: for entity sets { p1,p2,...,pn,If working as B
∈ A andWhen, haveSo just claim setBe it is dull, an access structure is if it exists
{p1,p2,...,pnNon-empty dullness subset A, i.e.,So the collection in A is claimed to be combined into sets of authorizations, no
The collection belonged in A is combined into unauthorized set.
Optionally, decruption key is generated based on identification information, access structure and authorized organization's key, it can be with specifically: base
Decruption key is obtained in decruption key calculation formula, identification information, access structure and authorized organization's key;
Decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,
Ak=(Mk,ρk), indicate access structure, MkFor l × n rank matrix, ρkThe row of matrix is mapped to for one the function of attribute;
yk,u=vk-Σj∈{1,2…N}\kRkj, for the master key of authorized organization's setting;ΓkRepresenting matrix MkThe corresponding property set of all rows
It closes,Γk/ x indicates set ΓkResulting new set after removal element x.
Step S104: decruption key is sent to decryption side, so that decryption side belongs to authorization set in the attribute set of decryption side
When conjunction, encrypted cipher text information is decrypted based on decruption key, system common parameter, obtains cleartext information to be encrypted.
In practical application, by taking student as an example, it is assumed that sets of authorizations is electronic information profession, 1301 classes of communication, then for adopting
The encrypted cipher text information encrypted with the sets of authorizations, attribute set include that electronic information profession and 1301 classes of each student have
There is the permission that encrypted cipher text information is decrypted, distributes authentication secret without being individually for each student, simplify whole
A decryption process.
In practical application, decryption side is public based on decruption key, system when the attribute set of decryption side belongs to sets of authorizations
Encrypted cipher text information is decrypted in parameter altogether, and the process for obtaining cleartext information to be encrypted can be with specifically:
Decryption side judges whether the attribute set of decryption side belongs to sets of authorizations, if so, based on decryption formula to decryption
Key, system common parameter and encrypted cipher text information obtain cleartext information to be encrypted;
Decrypting formula includes:
M=C0/Ys;
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS
The parameter that matter obtains;Δk∈Sk;
Ru=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj。
By the calculating process of decryption formula it is found that due to first multiply accordingly to decruption key and encrypted cipher text information
Method operation, so that for single decryption side, it is final only to calculate two Bilinear map operations, decryption efficiency is improved, it is real
Fast decryption is showed.
LSSS reconstruction nature is explained as follows: setting Π as a LSSS, corresponding access structure is A, and S ∈ A is authorization set
It closes, separatelyThe set of row relevant to the attribute in S in representing matrix.If { λiBe
, then there are a series of constants in effective sharing of secret SSo thatWherein, { wiCan be multinomial
Formula is found in the time.
A kind of more authorization attribute base encryption methods provided by the present application obtain authorized organization and are based on security parameter and Attribute domain
Sizes values generate system common parameter and authorized organization's key;Cleartext information to be encrypted is obtained, determines awarding in Attribute domain
Power set, treats encrypting plaintext information based on system common parameter and sets of authorizations and is encrypted, obtain encrypted cipher text information;Base
Identification information corresponding with the identity of decryption side is obtained in Key generation protocol, the access structure of decryption side is obtained, is based on
Identification information, access structure and authorized organization's key generate decruption key;Decruption key is sent to decryption side, so that decryption side exists
When the attribute set of decryption side belongs to sets of authorizations, encrypted cipher text information is solved based on decruption key, system common parameter
It is close, obtain cleartext information to be encrypted.In a kind of more authorization attribute base encryption methods provided by the present application, Key generation protocol is peace
Complete two side calculates agreement, i.e., the safety that encryption side and decryption side participate in jointly calculates agreement, and encryption side is based on Key generation protocol
Identification information corresponding with the identity of decryption side is obtained, since Key generation protocol is that communicating pair is not knowing other side's
The agreement that still can be accordingly calculated based on the data of other side in the case where data, so encryption side can not know decryption side
Identity in the case where, using decryption side identity complete generate decruption key operation, thus to a certain degree
On avoid the occurrence of encryption side in the prior art the attribute set of decryption side get up to threaten by the identity of decryption side and decrypt
The situation of the safety of side, improves a kind of safety of existing more authorization attribute base encryption methods to a certain extent.
It is more with one kind provided by the embodiments of the present application present invention also provides a kind of more authorization attribute based encryption systems
The correspondence effect that authorization attribute base encryption method has.Referring to Fig. 3, Fig. 3 is a kind of more authorizations provided by the embodiments of the present application
The structural schematic diagram of attribute-based encryption system.
A kind of more authorization attribute based encryption systems provided by the embodiments of the present application may include:
First obtains module 101, is for obtaining authorized organization based on what the sizes values of security parameter and Attribute domain generated
System common parameter and authorized organization's key;
Second obtains module 102, for obtaining cleartext information to be encrypted, determines the sets of authorizations in Attribute domain, based on being
System common parameter and sets of authorizations are treated encrypting plaintext information and are encrypted, and encrypted cipher text information is obtained;
Generation module 103, for obtaining identification information corresponding with the identity of decryption side based on Key generation protocol,
The access structure for obtaining decryption side generates decruption key based on identification information, access structure and authorized organization's key;
Sending module 104, for sending decruption key to decryption side, so that decryption side belongs in the attribute set of decryption side
When sets of authorizations, encrypted cipher text information is decrypted based on decruption key, system common parameter, obtains plaintext letter to be encrypted
Breath.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, generation module may include:
First acquisition unit obtains mark corresponding with the identity of decryption side for generating agreement based on Anonymity Key
Information.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, the first acquisition module may include:
Second acquisition unit is based on system common parameter generation formula, security parameter and attribute for obtaining authorized organization
The system common parameter that the sizes values in domain generate generates the size of formula, security parameter and Attribute domain based on authorized organization's key
It is worth the authorized organization's key generated;
System common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIndicate element
The set of number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization and j-th of authorization machine
The pseudo-random function seed shared between structure, N indicate the total number of authorized organization;vk
∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), to call GEN_GP (1λ) algorithm to security parameter carry out operation after
The Bilinear Groups parameter arrived, wherein | p |=λ, λ indicate security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2
Respectively group G1And G2Generation member, and there are one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2
→GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,
g2) ≠ 1, to all properties in Attribute domain U, h1,h2,…,h|U|∈G1,When, hk,i∈G1。
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, the second acquisition module may include:
Second acquisition unit, for based on encrypted cipher text information calculation formula, system common parameter, sets of authorizations and to be added
Close cleartext information obtains encrypted cipher text information;
Encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S;
Wherein, C0、C1、CxIndicate encrypted cipher text information, m indicates cleartext information to be encrypted, s ∈ Zp, S expression authorization set
It closes.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, first acquisition unit may include:
First obtains subelement, obtains mark corresponding with the identity of decryption side for generating agreement based on Anonymity Key
Know information, wherein Anonymity Key generates in agreementH=g1, αk=δkjRkj, βk=skj, γk=δkj, Rkj∈Zp;
When k > j, δkjWhen=1, k < j, δkj=-1;When k > j,
When k < j,U indicates identity;
Generation module may include:
Decryption unit, for being obtained based on decruption key calculation formula, identification information, access structure and authorized organization's key
Decruption key;
Decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mk,ρk), indicate access structure, MkFor l × n rank matrix, ρkFor a row matrix
It is mapped to the function of attribute;yk,u=vk-Σj∈{1,2…N}\kRkj, for the master key of authorized organization's setting;ΓkRepresenting matrix MkInstitute
There is the corresponding attribute set of row,Γk/ x indicates set ΓkIt is resulting after removal element x
New set.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, attribute set of the decryption side in decryption side
When belonging to sets of authorizations, encrypted cipher text information is decrypted based on decruption key, system common parameter, obtains plaintext to be encrypted
The process of information may include:
Judge whether the attribute set of decryption side belongs to sets of authorizations, if so, based on decryption formula to decruption key, be
System common parameter and encrypted cipher text information obtain cleartext information to be encrypted;
Decrypting formula includes:
M=C0/Ys;
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS
The parameter that matter obtains;Δk∈Sk; Ru
=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj。
Present invention also provides a kind of more authorization attribute base encryption equipment and computer readable storage mediums, all have this
The correspondence effect that a kind of more authorization attribute base encryption methods that application embodiment provides have.Referring to Fig. 4, Fig. 4 is the application
A kind of structural schematic diagram for more authorization attribute base encryption equipment that embodiment provides.
A kind of more authorization attribute bases provided by the embodiments of the present application encrypt equipment, may include: memory 201, for depositing
Store up computer program;Processor 202 realizes following steps when for executing the computer program stored in memory 201:
Obtain the system common parameter and authorized organization that authorized organization is generated based on the sizes values of security parameter and Attribute domain
Key;
Cleartext information to be encrypted is obtained, determines the sets of authorizations in Attribute domain, is based on system common parameter and sets of authorizations
It treats encrypting plaintext information to be encrypted, obtains encrypted cipher text information;
Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access of decryption side
Structure generates decruption key based on identification information, access structure and authorized organization's key;
Decruption key is sent to decryption side, so that decryption side is based on when the attribute set of decryption side belongs to sets of authorizations
Encrypted cipher text information is decrypted in decruption key, system common parameter, obtains cleartext information to be encrypted.
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201
The computer subprogram of storage, is also implemented as follows step: the identity of agreement acquisition and decryption side is generated based on Anonymity Key
Identify corresponding identification information.
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201
The computer subprogram of storage is also implemented as follows step: obtaining authorized organization and is based on system common parameter generation formula, peace
The sizes values of population parameter and Attribute domain generate system common parameter, based on authorized organization's key generate formula, security parameter and
Authorized organization's key that the sizes values of Attribute domain generate;
System common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIndicate element
The set of number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization and j-th of authorization machine
The pseudo-random function seed shared between structure, N indicate the total number of authorized organization;vk
∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), to call GEN_GP (1λ) algorithm to security parameter carry out operation after
The Bilinear Groups parameter arrived, wherein | p |=λ, λ indicate security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2
Respectively group G1And G2Generation member, and there are one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2
→GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,
g2) ≠ 1, to all properties in Attribute domain U, h1,h2,…,h|U|∈G1,When, hk,i∈G1。
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201
The computer subprogram of storage, is also implemented as follows step: based on encrypted cipher text information calculation formula, system common parameter,
Sets of authorizations and cleartext information to be encrypted obtain encrypted cipher text information;
Encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S;
Wherein, C0、C1、CxIndicate encrypted cipher text information, m indicates cleartext information to be encrypted, s ∈ Zp, S expression authorization set
It closes.
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201
The computer subprogram of storage, is also implemented as follows step: the identity of agreement acquisition and decryption side is generated based on Anonymity Key
Identify corresponding identification information, wherein Anonymity Key generates in agreementH=g1, αk=δkjRkj, βk=skj, γk
=δkj, Rkj∈Zp;When k > j, δkjWhen=1, k < j,k
When > j,When k < j,U indicates identity
Mark;
Decruption key is obtained based on decruption key calculation formula, identification information, access structure and authorized organization's key;Decryption
Cipher key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mk,ρk), indicate access structure, MkFor l × n rank matrix, ρkFor a row matrix
It is mapped to the function of attribute;yk,u=vk-Σj∈{1,2…N}\kRkj, for the master key of authorized organization's setting;ΓkRepresenting matrix MkInstitute
There is the corresponding attribute set of row,Γk/ x indicates set ΓkIt is resulting after removal element x
New set.
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201
The computer subprogram of storage, be also implemented as follows step: the side of judgement judges whether the attribute set of decryption side belongs to authorization
Set is believed if so, obtaining plaintext to be encrypted to decruption key, system common parameter and encrypted cipher text information based on decryption formula
Breath;Decrypting formula includes:
M=C0/Ys;
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS
The parameter that matter obtains;Δk∈Sk;
Ru=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj。
Referring to Fig. 5, can also include: in the more authorization attribute bases encryption equipment of another kind provided by the embodiments of the present application with
The input port 203 that processor 202 connects is used for transmission the extraneous order inputted to processor 202;It is connect with processor 202
Display unit 204, the processing result for video-stream processor 202 is to the external world;The communication module 205 being connect with processor 202,
For realizing more authorization attribute bases encryption equipment and extraneous communication.Display unit 202 can make for display panel, laser scanning
Display etc.;Communication mode used by communication module 205 includes but is not limited to mobile high definition chained technology (HML), general
Universal serial bus (USB), high-definition media interface (HDMI), be wirelessly connected: adopting wireless fidelity technology (WiFi), Bluetooth Communication Technology,
The low-power consumption bluetooth communication technology, the communication technology based on IEEE802.11s.
A kind of computer readable storage medium provided by the embodiments of the present application is stored with meter in computer readable storage medium
Calculation machine program, realizes following steps when computer program is executed by processor:
Obtain the system common parameter and authorized organization that authorized organization is generated based on the sizes values of security parameter and Attribute domain
Key;
Cleartext information to be encrypted is obtained, determines the sets of authorizations in Attribute domain, is based on system common parameter and sets of authorizations
It treats encrypting plaintext information to be encrypted, obtains encrypted cipher text information;
Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access of decryption side
Structure generates decruption key based on identification information, access structure and authorized organization's key;
Decruption key is sent to decryption side, so that decryption side is based on when the attribute set of decryption side belongs to sets of authorizations
Encrypted cipher text information is decrypted in decruption key, system common parameter, obtains cleartext information to be encrypted.
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium
Computer subprogram, computer subprogram realize following steps when being executed by processor: generating agreement based on Anonymity Key and obtain
Identification information corresponding with the identity of decryption side.
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium
Computer subprogram, computer subprogram realize following steps when being executed by processor: it is public based on system to obtain authorized organization
Parameter generates the system common parameter that the sizes values of formula, security parameter and Attribute domain generate, and is generated based on authorized organization's key
Authorized organization's key that the sizes values of formula, security parameter and Attribute domain generate;
System common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIndicate element
The set of number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization and j-th of authorization machine
The pseudo-random function seed shared between structure, N indicate the total number of authorized organization;vk∈
Zp;GP=(e (), p, g1,g2,G1,G2,GT), to call GEN_GP (1λ) algorithm to security parameter carry out operation after obtain
Bilinear Groups parameter, wherein | p |=λ, λ indicate security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Point
It Wei not group G1And G2Generation member, and there are one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→
GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2)
≠ 1, to all properties in Attribute domain U, h1,h2,…,h|U|∈G1,When, hk,i∈G1。
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium
Computer subprogram, computer subprogram realize following steps when being executed by processor: based on encrypted cipher text information calculation formula,
System common parameter, sets of authorizations and cleartext information to be encrypted obtain encrypted cipher text information;
Encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S;
Wherein, C0、C1、CxIndicate encrypted cipher text information, m indicates cleartext information to be encrypted, s ∈ Zp, S expression authorization set
It closes.
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium
Computer subprogram, computer subprogram realize following steps when being executed by processor: generating agreement based on Anonymity Key and obtain
Identification information corresponding with the identity of decryption side, wherein Anonymity Key generates in agreementH=g1, αk=δkjRkj, βk=skj, γk=δkj, Rkj∈Zp;When k > j, δkjWhen=1, k < j, δkj=-1;K > j
When,When k < j,U indicates identity mark
Know;
Decruption key is obtained based on decruption key calculation formula, identification information, access structure and authorized organization's key;Decryption
Cipher key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mk,ρk), indicate access structure, MkFor l × n rank matrix, ρkFor a row matrix
It is mapped to the function of attribute;yk,u=vk-Σj∈{1,2…N}\kRkj, for the master key of authorized organization's setting;ΓkRepresenting matrix MkInstitute
There is the corresponding attribute set of row,Γk/ x indicates set ΓkIt is resulting after removal element x
New set.
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium
Computer subprogram, computer subprogram realize following steps when being executed by processor: judgement side judges the property set of decryption side
It closes and whether belongs to sets of authorizations, if so, being obtained based on decryption formula to decruption key, system common parameter and encrypted cipher text information
To cleartext information to be encrypted;Decrypting formula includes:
M=C0/Ys;
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS
The parameter that matter obtains;Δk∈Sk; Ru
=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj。
Computer readable storage medium involved in the application includes random access memory (RAM), memory, read-only memory
(ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field
Any other form of storage medium well known to interior.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, equipment and computer readable storage medium
The explanation of relevant portion refers to the detailed of corresponding part in a kind of more authorization attribute base encryption methods provided by the embodiments of the present application
Describe in detail bright, details are not described herein.In addition, in above-mentioned technical proposal provided by the embodiments of the present application with correspond to technology in the prior art
The consistent part of scheme realization principle is simultaneously unspecified, in order to avoid excessively repeat.
It should also be noted that, herein, relational terms such as first and second and the like are used merely to one
Entity or operation are distinguished with another entity or operation, without necessarily requiring or implying between these entities or operation
There are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant are intended to contain
Lid non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
The foregoing description of the disclosed embodiments makes those skilled in the art can be realized or use the application.To this
A variety of modifications of a little embodiments will be apparent for a person skilled in the art, and the general principles defined herein can
Without departing from the spirit or scope of the application, to realize in other embodiments.Therefore, the application will not be limited
It is formed on the embodiments shown herein, and is to fit to consistent with the principles and novel features disclosed in this article widest
Range.
Claims (10)
1. a kind of more authorization attribute base encryption methods characterized by comprising
Obtain the system common parameter and authorized organization's key that authorized organization is generated based on the sizes values of security parameter and Attribute domain;
Cleartext information to be encrypted is obtained, determines the sets of authorizations in the Attribute domain, based on the system common parameter and described
Sets of authorizations encrypts the cleartext information to be encrypted, obtains encrypted cipher text information;
Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access knot of decryption side
Structure generates decruption key based on the identification information, the access structure and authorized organization's key;
The decruption key is sent to the decryption side so that the decryption side belong in the attribute set of the decryption side it is described
When sets of authorizations, the encrypted cipher text information is decrypted based on the decruption key, the system common parameter, obtains institute
State cleartext information to be encrypted.
2. the method according to claim 1, wherein the body obtained based on Key generation protocol with decryption side
Part identifies corresponding identification information, comprising:
Agreement, which is generated, based on Anonymity Key obtains identification information corresponding with the identity of decryption side.
3. according to the method described in claim 2, it is characterized in that, the acquisition authorized organization is based on security parameter and Attribute domain
Sizes values generate system common parameter and authorized organization's key process, specifically include:
Obtain the sizes values that the authorized organization generates formula, the security parameter and the Attribute domain based on system common parameter
The system common parameter generated generates the big of formula, the security parameter and the Attribute domain based on authorized organization's key
Authorized organization's key that small value generates;
The system common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates the system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIt indicates
The set of prime number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization and j-th
The pseudo-random function seed shared between the authorized organization, N indicate the total number of the authorized organization;vk∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), it is
Call GEN_GP (1λ) algorithm carries out obtained Bilinear Groups parameter after operation to the security parameter, wherein | p |=λ, λ are indicated
The security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Respectively group G1And G2Generation member, and deposit
At one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2) ≠ 1, to the institute in Attribute domain U
There are attribute, h1,h2,…,h|U|∈G1,When, hk,i∈G1。
4. according to the method described in claim 3, it is characterized in that, described be based on the system common parameter and the authorization set
Conjunction encrypts the cleartext information to be encrypted, obtains encrypted cipher text information, comprising:
Based on encrypted cipher text information calculation formula, the system common parameter, the sets of authorizations and the plaintext letter to be encrypted
Breath obtains the encrypted cipher text information;
The encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S;
Wherein, C0、C1、CxIndicate the encrypted cipher text information, m indicates the cleartext information to be encrypted, s ∈ Zp, S expression described in
Sets of authorizations.
5. according to the method described in claim 4, it is characterized in that, described generate agreement acquisition and decryption side based on Anonymity Key
The corresponding identification information of identity, comprising:
Agreement is generated based on Anonymity Key and obtains identification information corresponding with the identity of decryption side, wherein the anonymity is close
Key generates in agreementH=g1, αk=δkjRkj, βk=skj, γk=δkj, Rkj∈Zp;When k > j, δkj=1, k < j
When, δkj=-1;When k > j,When k < j,U indicates the identity;
It is described that decruption key is generated based on the identification information, the access structure and authorized organization's key, comprising:
It is obtained based on decruption key calculation formula, the identification information, the access structure and authorized organization's key described
Decruption key;
The decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mk,ρk), indicate the access structure, MkFor l × n rank matrix, ρkFor one matrix
Row be mapped to the function of attribute;yk,u=vk-Σj∈{1,2…N}\kRkj, for the master key of authorized organization setting;ΓkIt indicates
Matrix MkThe corresponding attribute set of all rows,Γk/ x indicates set ΓkRemove element x
Resulting new set afterwards.
6. according to the method described in claim 5, it is characterized in that, the decryption side belongs in the attribute set of the decryption side
When the sets of authorizations, the encrypted cipher text information is decrypted based on the decruption key, the system common parameter, is obtained
Process to the cleartext information to be encrypted includes:
Judge whether the attribute set of the decryption side belongs to the sets of authorizations, if so, based on decryption formula to the solution
Key, the system common parameter and the encrypted cipher text information obtain the cleartext information to be encrypted;
The decryption formula includes:
M=C0/Ys;
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;To be obtained according to LSSS reconstruction nature
The parameter arrived;Δk∈Sk;
Ru=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj。
7. a kind of more authorization attribute based encryption systems characterized by comprising
First obtains module, the public ginseng of system generated for obtaining authorized organization based on the sizes values of security parameter and Attribute domain
Several and authorized organization's key;
Second obtains module, for obtaining cleartext information to be encrypted, determines the sets of authorizations in the Attribute domain, is based on the system
System common parameter and the sets of authorizations encrypt the cleartext information to be encrypted, obtain encrypted cipher text information;
Generation module obtains solution for obtaining identification information corresponding with the identity of decryption side based on Key generation protocol
The access structure of close side generates decruption key based on the identification information, the access structure and authorized organization's key;
Sending module, for sending the decruption key to the decryption side, so that category of the decryption side in the decryption side
Property set when belonging to the sets of authorizations, based on the decruption key, the system common parameter to the encrypted cipher text information
It is decrypted, obtains the cleartext information to be encrypted.
8. system according to claim 7, which is characterized in that the generation module includes:
First acquisition unit obtains mark letter corresponding with the identity of decryption side for generating agreement based on Anonymity Key
Breath.
9. a kind of more authorization attribute bases encrypt equipment characterized by comprising
Memory, for storing computer program;
Processor realizes such as more authorization attribute bases as claimed in any one of claims 1 to 6 when for executing the computer program
The step of encryption method.
10. a kind of computer readable storage medium, which is characterized in that be stored with computer in the computer readable storage medium
Program is realized when the computer program is executed by processor as more authorization attribute bases as claimed in any one of claims 1 to 6 add
The step of decryption method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811014009.2A CN108989037A (en) | 2018-08-31 | 2018-08-31 | A kind of more authorization attribute base encryption methods, system, equipment and computer media |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811014009.2A CN108989037A (en) | 2018-08-31 | 2018-08-31 | A kind of more authorization attribute base encryption methods, system, equipment and computer media |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108989037A true CN108989037A (en) | 2018-12-11 |
Family
ID=64546817
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811014009.2A Pending CN108989037A (en) | 2018-08-31 | 2018-08-31 | A kind of more authorization attribute base encryption methods, system, equipment and computer media |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108989037A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109743162A (en) * | 2018-12-29 | 2019-05-10 | 西安电子科技大学 | A kind of operated using ideal lattice carries out the matched encryption method of identity attribute |
CN113742680A (en) * | 2021-11-02 | 2021-12-03 | 北京理工大学 | Traceable data encryption transmission method and system based on commercial password |
CN113890730A (en) * | 2021-09-23 | 2022-01-04 | 上海华兴数字科技有限公司 | Data transmission method and system |
CN117278271A (en) * | 2023-09-19 | 2023-12-22 | 淮北师范大学 | Attribute-based encrypted data transmission method and system |
CN117278271B (en) * | 2023-09-19 | 2024-05-10 | 淮北师范大学 | Attribute-based encrypted data transmission method and system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103401839A (en) * | 2013-07-02 | 2013-11-20 | 河海大学 | Attribute protection based multiple authorization center encryption method |
US20140281574A1 (en) * | 2013-03-15 | 2014-09-18 | David Webb | Multi-ring encryption approach to securing a payload using hardware modules |
-
2018
- 2018-08-31 CN CN201811014009.2A patent/CN108989037A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140281574A1 (en) * | 2013-03-15 | 2014-09-18 | David Webb | Multi-ring encryption approach to securing a payload using hardware modules |
CN103401839A (en) * | 2013-07-02 | 2013-11-20 | 河海大学 | Attribute protection based multiple authorization center encryption method |
Non-Patent Citations (1)
Title |
---|
杨诗雨: "多授权属性基加密的研究", 《CNKI中国硕士学位论文全文数据库信息科技辑》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109743162A (en) * | 2018-12-29 | 2019-05-10 | 西安电子科技大学 | A kind of operated using ideal lattice carries out the matched encryption method of identity attribute |
CN113890730A (en) * | 2021-09-23 | 2022-01-04 | 上海华兴数字科技有限公司 | Data transmission method and system |
CN113742680A (en) * | 2021-11-02 | 2021-12-03 | 北京理工大学 | Traceable data encryption transmission method and system based on commercial password |
CN117278271A (en) * | 2023-09-19 | 2023-12-22 | 淮北师范大学 | Attribute-based encrypted data transmission method and system |
CN117278271B (en) * | 2023-09-19 | 2024-05-10 | 淮北师范大学 | Attribute-based encrypted data transmission method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107483198B (en) | A kind of block catenary system supervised and method | |
Boneh et al. | Functional encryption: a new vision for public-key cryptography | |
Zhou et al. | TR-MABE: White-box traceable and revocable multi-authority attribute-based encryption and its applications to multi-level privacy-preserving e-healthcare cloud computing systems | |
Guo et al. | CP-ABE with constant-size keys for lightweight devices | |
CN103401839B (en) | A kind of many authorization center encryption method based on attribute protection | |
CN104363215B (en) | A kind of encryption method and system based on attribute | |
JP5562687B2 (en) | Securing communications sent by a first user to a second user | |
CN105100083B (en) | A kind of secret protection and support user's revocation based on encryption attribute method and system | |
CN109246096A (en) | Multi-functional fine-grained access control method suitable for cloud storage | |
CN103457725B (en) | Encryption method for multiple authorization centers | |
CN110011781A (en) | A kind of homomorphic cryptography method encrypting and support zero-knowledge proof for transaction amount | |
CN106161428B (en) | A kind of ciphertext can comparison of equalization encryption attribute method | |
CN104135473B (en) | A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy | |
CN105763528B (en) | The encryption device of diversity person's anonymity under a kind of mixed mechanism | |
Zhang et al. | Towards privacy protection and malicious behavior traceability in smart health | |
CN108989037A (en) | A kind of more authorization attribute base encryption methods, system, equipment and computer media | |
Yan et al. | Privacy-preserving multi-authority attribute-based encryption with dynamic policy updating in PHR | |
CN106656997A (en) | Mobile social network based agent proxy re-encryption cross-domain friend-making privacy protection method | |
Wang et al. | Efficient privacy preserving predicate encryption with fine-grained searchable capability for Cloud storage | |
CN108880801A (en) | The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice | |
Lan et al. | A New Security Cloud Storage Data Encryption Scheme Based on Identity Proxy Re-encryption. | |
Shao et al. | Privacy-preserving online/offline and outsourced multi-authority attribute-based encryption | |
CN109495244A (en) | Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys | |
Chaudhari et al. | On anonymous attribute based encryption | |
CN109039599A (en) | Support the attribute base encipher-decipher method and encrypting and deciphering system of blind Key Issuance |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181211 |