CN108989037A - A kind of more authorization attribute base encryption methods, system, equipment and computer media - Google Patents

A kind of more authorization attribute base encryption methods, system, equipment and computer media Download PDF

Info

Publication number
CN108989037A
CN108989037A CN201811014009.2A CN201811014009A CN108989037A CN 108989037 A CN108989037 A CN 108989037A CN 201811014009 A CN201811014009 A CN 201811014009A CN 108989037 A CN108989037 A CN 108989037A
Authority
CN
China
Prior art keywords
key
encrypted
attribute
authorized organization
decryption side
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811014009.2A
Other languages
Chinese (zh)
Inventor
刘均
杨诗雨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Launch Technology Co Ltd
Original Assignee
Shenzhen Launch Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Launch Technology Co Ltd filed Critical Shenzhen Launch Technology Co Ltd
Priority to CN201811014009.2A priority Critical patent/CN108989037A/en
Publication of CN108989037A publication Critical patent/CN108989037A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3033Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test

Abstract

This application discloses a kind of more authorization attribute base encryption methods, system, equipment and computer medias, wherein this method comprises: obtaining the system common parameter and authorized organization's key that authorized organization generates;Cleartext information to be encrypted is obtained, determines the sets of authorizations in Attribute domain, encrypting plaintext information is treated based on system common parameter and sets of authorizations and is encrypted, encrypted cipher text information is obtained;Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access structure of decryption side, decruption key is generated based on identification information, access structure and authorized organization's key;It sends decruption key and obtains cleartext information to be encrypted so that decryption side is based on decruption key, encrypted cipher text information is decrypted in system common parameter to decryption side.A kind of more authorization attribute base encryption methods, system, equipment and computer readable storage medium disclosed in the present application, improve the safety of more authorization attribute base encryption methods.

Description

A kind of more authorization attribute base encryption methods, system, equipment and computer media
Technical field
This application involves more authorization attribute base encryption technology fields, add more specifically to a kind of more authorization attribute bases Decryption method, system, equipment and computer media.
Background technique
Nowadays, cloud computing technology is increasingly mature, and people's lives is made to become more convenient.Cloud computing technology is for we The open shared environment provided, while any desired resource can be downloaded.However, such a open In shared environment, the controllability of the safety and shared range that how to guarantee shared information is the problem that must be solved.
In order to guarantee the safety of shared information and the controllability of shared range, a kind of existing encryption method is that more authorizations belong to Property base encryption method.More authorization attribute base encryption methods namely multiple disjoint attributes are managed respectively using multiple authorized organizations Set, each authorized organization complete alone the work such as key distribution and attribute certification, without any association between authorized organization, mutually It is independent, both reduced the work load of authorized organization in this way, and the stability and safety of whole system had been also enhanced, as long as having one A authorized organization is honesty it is ensured that whole system is safe.
However, in a kind of existing more authorization attribute base encryption methods, decryption side needed when obtaining key by oneself Unique identity GID and access structure issue each encryption side, and can join together will be same for encryption side in this way The corresponding attribute set of GID, which collects, generates a file, this file contains all properties information of decryption side, once Encryption side is utilized by criminal, and the information of decryption side will be revealed, the privacy of decryption side be unable to get guarantee namely it is existing A kind of safety of more authorization attribute base encryption methods is lower.
In conclusion the safety for how improving a kind of existing more authorization attribute base encryption methods is current this field skill Art personnel's urgent problem to be solved.
Summary of the invention
The purpose of the application is to provide a kind of more authorization attribute base encryption methods, can solve how to mention to a certain extent A kind of the technical issues of high existing more authorization attribute base encryption methods.Present invention also provides a kind of more authorization attribute bases to encrypt System, equipment and computer readable storage medium.
To achieve the goals above, the application provides the following technical solutions:
A kind of more authorization attribute base encryption methods, comprising:
Obtain the system common parameter and authorized organization that authorized organization is generated based on the sizes values of security parameter and Attribute domain Key;
Obtain cleartext information to be encrypted, determine the sets of authorizations in the Attribute domain, based on the system common parameter and The sets of authorizations encrypts the cleartext information to be encrypted, obtains encrypted cipher text information;
Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access of decryption side Structure generates decruption key based on the identification information, the access structure and authorized organization's key;
The decruption key is sent to the decryption side, so that the decryption side belongs in the attribute set of the decryption side When the sets of authorizations, the encrypted cipher text information is decrypted based on the decruption key, the system common parameter, is obtained To the cleartext information to be encrypted.
It is preferably, described that identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, comprising:
Agreement, which is generated, based on Anonymity Key obtains identification information corresponding with the identity of decryption side.
Preferably, the acquisition authorized organization based on the sizes values of security parameter and Attribute domain generate system common parameter and The process of authorized organization's key, specifically includes:
Obtain the sizes values that the authorization generates formula, the security parameter and the Attribute domain based on system common parameter The system common parameter generated generates the big of formula, the security parameter and the Attribute domain based on authorized organization's key Authorized organization's key that small value generates;
The system common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates the system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIndicate the set of prime number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization with The pseudo-random function seed shared between j-th of authorized organization, N indicate the total number of the authorized organization; vk∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), to adjust With GEN_GP (1λ) algorithm carries out obtained Bilinear Groups parameter after operation to the security parameter, wherein | p |=λ, λ indicate institute State security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Respectively group G1And G2Generation member, and exist One from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2) ≠ 1, to the institute in Attribute domain U There are attribute, h1,h2,…,h|U|∈G1,When, hk,i∈G1
Preferably, described that the cleartext information to be encrypted is carried out based on the system common parameter and the sets of authorizations Encryption, obtains encrypted cipher text information, comprising:
Based on encrypted cipher text information calculation formula, the system common parameter, the sets of authorizations and described to be encrypted bright Literary information obtains the encrypted cipher text information;
The encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S
Wherein, C0、C1、CxIndicate the encrypted cipher text information, m indicates the cleartext information to be encrypted, s ∈ Zp, S table Show the sets of authorizations.
It is preferably, described that agreement acquisition identification information corresponding with the identity of decryption side is generated based on Anonymity Key, Include:
Agreement is generated based on Anonymity Key and obtains identification information corresponding with the identity of decryption side, wherein described to hide In name Key generation protocolH=g1, αkkjRkj, βk=skj, γkkj, Rkj∈Zp;When k > j, δkj=1, k When < j, δkj=-1;When k > j,K < j When,U indicates the identity;
It is described that decruption key is generated based on the identification information, the access structure and authorized organization's key, comprising:
It is obtained based on decruption key calculation formula, the identification information, the access structure and authorized organization's key The decruption key;
The decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mkk), indicate the access structure, MkFor l × n rank matrix, ρkFor one matrix Row be mapped to the function of attribute;yk,u=vkj∈{1,2…N}\kRkj, for the master key of authorized organization setting;ΓkIt indicates Matrix MkThe corresponding attribute set of all rows,Γk/ x indicates set ΓkRemove element x Resulting new set afterwards.
Preferably, the decryption side is based on the solution when the attribute set of the decryption side belongs to the sets of authorizations The encrypted cipher text information is decrypted in key, the system common parameter, obtains the mistake of the cleartext information to be encrypted Journey includes:
Judge whether the attribute set of the decryption side belongs to the sets of authorizations, if so, based on decryption formula to institute It states decruption key, the system common parameter and the encrypted cipher text information and obtains the cleartext information to be encrypted;
The decryption formula includes:
M=C0/Ys
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS The parameter that matter obtains;Δk∈Sk Ru=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj
A kind of more authorization attribute based encryption systems, comprising:
First obtains module, public for obtaining the system that authorized organization is generated based on the sizes values of security parameter and Attribute domain Parameter and authorized organization's key altogether;
Second obtains module, for obtaining cleartext information to be encrypted, determines the sets of authorizations in the Attribute domain, is based on institute It states system common parameter and the sets of authorizations to encrypt the cleartext information to be encrypted, obtains encrypted cipher text information;
Generation module is obtained for obtaining identification information corresponding with the identity of decryption side based on Key generation protocol The access structure of decryption side is taken, it is close to generate decryption based on the identification information, the access structure and authorized organization's key Key;
Sending module, for sending the decruption key to the decryption side, so that the decryption side is in the decryption side Attribute set when belonging to the sets of authorizations, based on the decruption key, the system common parameter to the encrypted cipher text Information is decrypted, and obtains the cleartext information to be encrypted.
Preferably, the generation module includes:
First acquisition unit obtains mark corresponding with the identity of decryption side for generating agreement based on Anonymity Key Information.
Preferably, the first acquisition module includes:
Second acquisition unit is based on system common parameter generation formula, the safety ginseng for obtaining the authorized organization The system common parameter that the sizes values of the several and described Attribute domain generate generates formula, the peace based on authorized organization's key The authorized organization key that the sizes values of population parameter and the Attribute domain generate;
The system common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates the system common parameter;ASKkThe power agency key is awarded in expression;xk∈Zp, ZpIndicate the set of prime number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization with The pseudo-random function seed shared between j-th of authorized organization, N indicate the total number of the authorized organization;vk∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), it is Call GEN_GP (1λ) algorithm carries out obtained Bilinear Groups parameter after operation to the security parameter, wherein | p |=λ, λ are indicated The security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Respectively group G1And G2Generation member, and deposit At one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2) ≠ 1, in the Attribute domain U All properties, h1,h2,…,h|U|∈G1,When, hk,i∈G1
Preferably, the second acquisition module may include:
Second acquisition unit, for being based on encrypted cipher text information calculation formula, the system common parameter, the authorization set It closes and the cleartext information to be encrypted obtains the encrypted cipher text information;
The encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S
Wherein, C0、C1、CxIndicate the encrypted cipher text information, m indicates the cleartext information to be encrypted, s ∈ Zp, S table Show the sets of authorizations.
Preferably, the first acquisition unit may include:
First obtains subelement, obtains mark corresponding with the identity of decryption side for generating agreement based on Anonymity Key Know information, wherein the Anonymity Key generates in agreementH=g1, αkkjRkj, βk=skj, γkkj, Rkj ∈Zp;When k > j, δkjWhen=1, k < j, δkj=-1;When k > j,When k < j,U indicates the identity Mark;
The generation module may include:
Decryption unit, for being based on decruption key calculation formula, the identification information, the access structure and the authorization Agency key obtains decruption key;
The decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mkk), indicate the access structure, MkFor l × n rank matrix, ρkFor one matrix Row be mapped to the function of attribute;yk,u=vkj∈{1,2…N}\kRkj, for the master key of authorized organization setting;ΓkIt indicates Matrix MkThe corresponding attribute set of all rows,Γk/ x indicates set ΓkRemove element x Resulting new set afterwards.
Preferably, the decryption side is based on the decruption key, institute when the attribute set of decryption side belongs to sets of authorizations It states system common parameter the encrypted cipher text information is decrypted, the process for obtaining the cleartext information to be encrypted can wrap It includes:
Judge whether the attribute set of the decryption side belongs to the sets of authorizations, if so, based on decryption formula to institute It states decruption key, the system common parameter and the encrypted cipher text information and obtains the cleartext information to be encrypted;
The decryption formula includes:
M=C0/Ys
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;For according to LSSS reconstruction nature Obtained parameter;Δk∈Sk Ru =∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj
A kind of more authorization attribute base encryption equipment, comprising:
Memory, for storing computer program;
Processor realizes as above any more authorization attribute base encryption methods when for executing the computer program The step of.
A kind of computer readable storage medium is stored with computer program in the computer readable storage medium, described The step of as above any described more authorization attribute base encryption methods are realized when computer program is executed by processor.
A kind of more authorization attribute base encryption methods provided by the present application obtain authorized organization and are based on security parameter and Attribute domain Sizes values generate system common parameter and authorized organization's key;Cleartext information to be encrypted is obtained, determines awarding in Attribute domain Power set, treats encrypting plaintext information based on system common parameter and sets of authorizations and is encrypted, obtain encrypted cipher text information;Base Identification information corresponding with the identity of decryption side is obtained in Key generation protocol, the access structure of decryption side is obtained, is based on Identification information, access structure and authorized organization's key generate decruption key;Decruption key is sent to decryption side, so that decryption side exists When the attribute set of decryption side belongs to sets of authorizations, encrypted cipher text information is solved based on decruption key, system common parameter It is close, obtain cleartext information to be encrypted.In a kind of more authorization attribute base encryption methods provided by the present application, Key generation protocol is peace Complete two side calculates agreement, i.e., the safety that encryption side and decryption side participate in jointly calculates agreement, and encryption side is based on Key generation protocol Identification information corresponding with the identity of decryption side is obtained, since Key generation protocol is that communicating pair is not knowing other side's The agreement that still can be accordingly calculated based on the data of other side in the case where data, so encryption side can not know decryption side Identity in the case where, using decryption side identity complete generate decruption key operation, thus to a certain degree On avoid the occurrence of encryption side in the prior art the attribute set of decryption side get up to threaten by the identity of decryption side and decrypt The situation of the safety of side, improves a kind of safety of existing more authorization attribute base encryption methods to a certain extent.This Shen A kind of more authorization attribute based encryption systems, equipment and the computer readable storage medium that please be provided also solve relevant art and ask Topic.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this The embodiment of application for those of ordinary skill in the art without creative efforts, can also basis The attached drawing of offer obtains other attached drawings.
Fig. 1 is a kind of flow chart of more authorization attribute base encryption methods provided by the embodiments of the present application;
Fig. 2 is the calculation flow chart that Anonymity Key generates agreement;
Fig. 3 is a kind of structural schematic diagram of more authorization attribute based encryption systems provided by the embodiments of the present application;
Fig. 4 is the structural schematic diagram that a kind of more authorization attribute bases provided by the embodiments of the present application encrypt equipment;
Fig. 5 is another structural schematic diagram that a kind of more authorization attribute bases provided by the embodiments of the present application encrypt equipment.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall in the protection scope of this application.
In order to guarantee the safety of shared information and the controllability of shared range, a kind of existing encryption method is that more authorizations belong to Property base encryption method.More authorization attribute base encryption methods namely multiple disjoint attributes are managed respectively using multiple authorized organizations Set, each authorized organization complete alone the work such as key distribution and attribute certification, without any association between authorized organization, mutually It is independent, both reduced the work load of authorized organization in this way, and the stability and safety of whole system had been also enhanced, as long as having one A authorized organization is honesty it is ensured that whole system is safe.However, a kind of existing more authorization attribute bases add In decryption method, user, which needs oneself unique identity GID and access structure issuing each when obtaining key, to be awarded Mechanism is weighed, such authorized organization, which can join together to collect the corresponding attribute set of the same GID, generates a text Part, this file contains all properties information of user, once authorized organization is utilized by criminal, the information of user will Leakage, the privacy of user is unable to get guarantee namely a kind of safety of existing more authorization attribute base encryption methods is lower.And A kind of more authorization attribute base encryption methods provided by the present application have preferable safety.
Referring to Fig. 1, Fig. 1 is a kind of flow chart of more authorization attribute base encryption methods provided by the embodiments of the present application.
A kind of more authorization attribute base encryption methods provided by the embodiments of the present application, may include steps of:
Step S101: obtain system common parameter that authorized organization is generated based on the sizes values of security parameter and Attribute domain with Authorized organization's key.
It is understood that in a kind of more authorization attribute base encryption methods provided by the embodiments of the present application each step it is dynamic Making executing subject is encryption side, and related encryption side refers to being responsible for the side that cleartext information to be encrypted is encrypted, It can be specially to be responsible for server, the computer etc. that cleartext information to be encrypted is encrypted.Belong to involved in the application Property domain be a series of attributes combination, specific attribute classification can determines according to actual conditions, by decryption side be student for, Then the attribute in Attribute domain may include: grade, student number, school's title, class, age, achievement etc..
In practical application, authorized organization generates system common parameter and authorization based on the sizes values of security parameter and Attribute domain The process of agency key can be with are as follows:
Authorized organization is public based on the sizes values generation system that system common parameter generates formula, security parameter and Attribute domain Parameter, the sizes values for generating formula, security parameter and Attribute domain based on authorized organization's key generate authorized organization's key;
System common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIndicate element The set of number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate that k-th of authorized organization awards with j-th The pseudo-random function seed shared between power mechanism, the total number of N expression authorized organization, and Attribute domain are divided into N number of non-intersecting Set, managed respectively by different authorized organization,The attribute set that k-th of authorized organization is managed is indicated, by N number of category Property compound mapping be 1 to the unique integral between n;vk ∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), to call GEN_GP (1λ) algorithm to the security parameter carry out operation The Bilinear Groups parameter obtained afterwards, GEN_GP (1λ) in algorithm, | p |=λ, λ indicate that the security parameter, e () indicate double Linear right, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Respectively group G1And G2Generation member, and there are one From G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→GTIt is right for a bilinear map And a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2) ≠ 1, to all properties in Attribute domain U, h1, h2,…,h|U|∈G1,When, hk,i∈G1
The concept of Bilinear map is as follows: setting G0And G1It is the group of prime number p for rank, element g is G0Generation member, map e:G0 ×G0→G1.Meet following three property: bilinearity (Bilinearity), e (ga,hb)=e (g, h)ab, wherein g, h ∈ G0, a, b∈Zp;Non-degeneracy (Non-degeneracy), e (g, g) ≠ 1,1 is G1Identical element;Computability (Computability), rightE (P, Q) is computable.If mapping meets e (ga,gb)=e (g, g)ab =e (gb,ga), then mapping e is that symmetrically, otherwise, e is asymmetric mapping.
Step S102: obtaining cleartext information to be encrypted, determines the sets of authorizations in Attribute domain, based on system common parameter and Sets of authorizations is treated encrypting plaintext information and is encrypted, and encrypted cipher text information is obtained.
In practical application, decryption side can based on encrypted cipher text information calculation formula, system common parameter, sets of authorizations and Cleartext information to be encrypted obtains encrypted cipher text information;
Encrypted cipher text information calculation formula can be with are as follows:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S
Wherein, C0、C1、CxIndicate encrypted cipher text information, m indicates cleartext information to be encrypted, s ∈ Zp, S expression authorization set It closes, the concrete meaning about each parameter please refers to the associated description in step S102, and details are not described herein.
Step S103: identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains solution The access structure of close side generates decruption key based on identification information, access structure and authorized organization's key.
Key generation protocol refers to: in distributed environment, mutually independent two participants Q and L hold secret respectively Close x and y inputs respective secret x and y, common calculating target function f (x, y)=(f by executing an interaction protocol1(x, Y), f2(x, y)), last Q and L respectively obtain the output valve f1 (x, y) and f2 (x, y) of function, in this process each participation Information relevant to the secret that other participants hold that person will not obtain namely Q do not know that any information relevant with y, L Any information relevant to x will not be known, accordingly even when Q and L both sides mutual mistrust also can be carried out communication.It is generated and is assisted by key It is found that by Key generation protocol, decryption side can be obtained in the case where not knowing the identity of decryption side for the description of view Identification information corresponding with the identity of decryption side is decrypted so as to avoid encryption root according to the identity collection of decryption side together The all properties of side, avoid encryption side to the security threat of decryption side.
In practical application, the type of Key generation protocol can be determined flexibly according to actual needs, for example it can be peace Complete two side calculates the Anonymity Key in agreement and generates agreement etc., in order to improve computational efficiency, based on Key generation protocol obtain with The corresponding identification information of the identity of decryption side, can be with specifically: generates agreement based on Anonymity Key and obtains and decryption side The corresponding identification information of identity.Wherein, decryption side need to call N-1 Anonymity Key to generate agreement, and Anonymity Key generates association In viewH=g1, αkkjRkj, βk=skj, γkkj, Rkj∈Zp;When k > j, δkjWhen=1, k < j, δkj=-1;When k > j,When k < j,u Indicate identity.
Referring to Fig. 2, Fig. 2 is the calculation flow chart that Anonymity Key generates agreement.Decryption side provides (u, ρ1), encryption side mentions For private key cc, β, γ, encryption side is using 2PC to (u, ρ1), α, β, γ carry out operation obtainDecryption side In conjunction withIt is rightOperation is carried out, ρ is obtained2RZp, then obtain Encryption side is based on Y, PoK (ρ2) rightOperation is carried out, is obtainedDecryption side is based onIt is rightOperation is carried out, is obtainedWherein, PoK indicates that zero-knowledge proof, u indicate the identity of decryption side.Specifically In application scenarios, in order to further ensure the safety of identity, an anti-conspiracy hash function H:{ 0,1 can be defined }*→ Zp, operation is carried out to identity (GID), obtains H (GID), at this time u=H (GID).Meaning about other parameters please refers to Anonymity Key generates the related definition of agreement in the prior art, and details are not described herein by the application.
Access structure involved in the application refers to: for entity sets { p1,p2,...,pn,If working as B ∈ A andWhen, haveSo just claim setBe it is dull, an access structure is if it exists {p1,p2,...,pnNon-empty dullness subset A, i.e.,So the collection in A is claimed to be combined into sets of authorizations, no The collection belonged in A is combined into unauthorized set.
Optionally, decruption key is generated based on identification information, access structure and authorized organization's key, it can be with specifically: base Decruption key is obtained in decruption key calculation formula, identification information, access structure and authorized organization's key;
Decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row, Ak=(Mkk), indicate access structure, MkFor l × n rank matrix, ρkThe row of matrix is mapped to for one the function of attribute; yk,u=vkj∈{1,2…N}\kRkj, for the master key of authorized organization's setting;ΓkRepresenting matrix MkThe corresponding property set of all rows It closes,Γk/ x indicates set ΓkResulting new set after removal element x.
Step S104: decruption key is sent to decryption side, so that decryption side belongs to authorization set in the attribute set of decryption side When conjunction, encrypted cipher text information is decrypted based on decruption key, system common parameter, obtains cleartext information to be encrypted.
In practical application, by taking student as an example, it is assumed that sets of authorizations is electronic information profession, 1301 classes of communication, then for adopting The encrypted cipher text information encrypted with the sets of authorizations, attribute set include that electronic information profession and 1301 classes of each student have There is the permission that encrypted cipher text information is decrypted, distributes authentication secret without being individually for each student, simplify whole A decryption process.
In practical application, decryption side is public based on decruption key, system when the attribute set of decryption side belongs to sets of authorizations Encrypted cipher text information is decrypted in parameter altogether, and the process for obtaining cleartext information to be encrypted can be with specifically:
Decryption side judges whether the attribute set of decryption side belongs to sets of authorizations, if so, based on decryption formula to decryption Key, system common parameter and encrypted cipher text information obtain cleartext information to be encrypted;
Decrypting formula includes:
M=C0/Ys
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS The parameter that matter obtains;Δk∈Sk Ru=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj
By the calculating process of decryption formula it is found that due to first multiply accordingly to decruption key and encrypted cipher text information Method operation, so that for single decryption side, it is final only to calculate two Bilinear map operations, decryption efficiency is improved, it is real Fast decryption is showed.
LSSS reconstruction nature is explained as follows: setting Π as a LSSS, corresponding access structure is A, and S ∈ A is authorization set It closes, separatelyThe set of row relevant to the attribute in S in representing matrix.If { λiBe , then there are a series of constants in effective sharing of secret SSo thatWherein, { wiCan be multinomial Formula is found in the time.
A kind of more authorization attribute base encryption methods provided by the present application obtain authorized organization and are based on security parameter and Attribute domain Sizes values generate system common parameter and authorized organization's key;Cleartext information to be encrypted is obtained, determines awarding in Attribute domain Power set, treats encrypting plaintext information based on system common parameter and sets of authorizations and is encrypted, obtain encrypted cipher text information;Base Identification information corresponding with the identity of decryption side is obtained in Key generation protocol, the access structure of decryption side is obtained, is based on Identification information, access structure and authorized organization's key generate decruption key;Decruption key is sent to decryption side, so that decryption side exists When the attribute set of decryption side belongs to sets of authorizations, encrypted cipher text information is solved based on decruption key, system common parameter It is close, obtain cleartext information to be encrypted.In a kind of more authorization attribute base encryption methods provided by the present application, Key generation protocol is peace Complete two side calculates agreement, i.e., the safety that encryption side and decryption side participate in jointly calculates agreement, and encryption side is based on Key generation protocol Identification information corresponding with the identity of decryption side is obtained, since Key generation protocol is that communicating pair is not knowing other side's The agreement that still can be accordingly calculated based on the data of other side in the case where data, so encryption side can not know decryption side Identity in the case where, using decryption side identity complete generate decruption key operation, thus to a certain degree On avoid the occurrence of encryption side in the prior art the attribute set of decryption side get up to threaten by the identity of decryption side and decrypt The situation of the safety of side, improves a kind of safety of existing more authorization attribute base encryption methods to a certain extent.
It is more with one kind provided by the embodiments of the present application present invention also provides a kind of more authorization attribute based encryption systems The correspondence effect that authorization attribute base encryption method has.Referring to Fig. 3, Fig. 3 is a kind of more authorizations provided by the embodiments of the present application The structural schematic diagram of attribute-based encryption system.
A kind of more authorization attribute based encryption systems provided by the embodiments of the present application may include:
First obtains module 101, is for obtaining authorized organization based on what the sizes values of security parameter and Attribute domain generated System common parameter and authorized organization's key;
Second obtains module 102, for obtaining cleartext information to be encrypted, determines the sets of authorizations in Attribute domain, based on being System common parameter and sets of authorizations are treated encrypting plaintext information and are encrypted, and encrypted cipher text information is obtained;
Generation module 103, for obtaining identification information corresponding with the identity of decryption side based on Key generation protocol, The access structure for obtaining decryption side generates decruption key based on identification information, access structure and authorized organization's key;
Sending module 104, for sending decruption key to decryption side, so that decryption side belongs in the attribute set of decryption side When sets of authorizations, encrypted cipher text information is decrypted based on decruption key, system common parameter, obtains plaintext letter to be encrypted Breath.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, generation module may include:
First acquisition unit obtains mark corresponding with the identity of decryption side for generating agreement based on Anonymity Key Information.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, the first acquisition module may include:
Second acquisition unit is based on system common parameter generation formula, security parameter and attribute for obtaining authorized organization The system common parameter that the sizes values in domain generate generates the size of formula, security parameter and Attribute domain based on authorized organization's key It is worth the authorized organization's key generated;
System common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIndicate element The set of number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization and j-th of authorization machine The pseudo-random function seed shared between structure, N indicate the total number of authorized organization;vk ∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), to call GEN_GP (1λ) algorithm to security parameter carry out operation after The Bilinear Groups parameter arrived, wherein | p |=λ, λ indicate security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2 Respectively group G1And G2Generation member, and there are one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2 →GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1, g2) ≠ 1, to all properties in Attribute domain U, h1,h2,…,h|U|∈G1,When, hk,i∈G1
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, the second acquisition module may include:
Second acquisition unit, for based on encrypted cipher text information calculation formula, system common parameter, sets of authorizations and to be added Close cleartext information obtains encrypted cipher text information;
Encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S
Wherein, C0、C1、CxIndicate encrypted cipher text information, m indicates cleartext information to be encrypted, s ∈ Zp, S expression authorization set It closes.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, first acquisition unit may include:
First obtains subelement, obtains mark corresponding with the identity of decryption side for generating agreement based on Anonymity Key Know information, wherein Anonymity Key generates in agreementH=g1, αkkjRkj, βk=skj, γkkj, Rkj∈Zp; When k > j, δkjWhen=1, k < j, δkj=-1;When k > j, When k < j,U indicates identity;
Generation module may include:
Decryption unit, for being obtained based on decruption key calculation formula, identification information, access structure and authorized organization's key Decruption key;
Decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mkk), indicate access structure, MkFor l × n rank matrix, ρkFor a row matrix It is mapped to the function of attribute;yk,u=vkj∈{1,2…N}\kRkj, for the master key of authorized organization's setting;ΓkRepresenting matrix MkInstitute There is the corresponding attribute set of row,Γk/ x indicates set ΓkIt is resulting after removal element x New set.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, attribute set of the decryption side in decryption side When belonging to sets of authorizations, encrypted cipher text information is decrypted based on decruption key, system common parameter, obtains plaintext to be encrypted The process of information may include:
Judge whether the attribute set of decryption side belongs to sets of authorizations, if so, based on decryption formula to decruption key, be System common parameter and encrypted cipher text information obtain cleartext information to be encrypted;
Decrypting formula includes:
M=C0/Ys
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS The parameter that matter obtains;Δk∈Sk Ru =∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj
Present invention also provides a kind of more authorization attribute base encryption equipment and computer readable storage mediums, all have this The correspondence effect that a kind of more authorization attribute base encryption methods that application embodiment provides have.Referring to Fig. 4, Fig. 4 is the application A kind of structural schematic diagram for more authorization attribute base encryption equipment that embodiment provides.
A kind of more authorization attribute bases provided by the embodiments of the present application encrypt equipment, may include: memory 201, for depositing Store up computer program;Processor 202 realizes following steps when for executing the computer program stored in memory 201:
Obtain the system common parameter and authorized organization that authorized organization is generated based on the sizes values of security parameter and Attribute domain Key;
Cleartext information to be encrypted is obtained, determines the sets of authorizations in Attribute domain, is based on system common parameter and sets of authorizations It treats encrypting plaintext information to be encrypted, obtains encrypted cipher text information;
Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access of decryption side Structure generates decruption key based on identification information, access structure and authorized organization's key;
Decruption key is sent to decryption side, so that decryption side is based on when the attribute set of decryption side belongs to sets of authorizations Encrypted cipher text information is decrypted in decruption key, system common parameter, obtains cleartext information to be encrypted.
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201 The computer subprogram of storage, is also implemented as follows step: the identity of agreement acquisition and decryption side is generated based on Anonymity Key Identify corresponding identification information.
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201 The computer subprogram of storage is also implemented as follows step: obtaining authorized organization and is based on system common parameter generation formula, peace The sizes values of population parameter and Attribute domain generate system common parameter, based on authorized organization's key generate formula, security parameter and Authorized organization's key that the sizes values of Attribute domain generate;
System common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIndicate element The set of number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization and j-th of authorization machine The pseudo-random function seed shared between structure, N indicate the total number of authorized organization;vk ∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), to call GEN_GP (1λ) algorithm to security parameter carry out operation after The Bilinear Groups parameter arrived, wherein | p |=λ, λ indicate security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2 Respectively group G1And G2Generation member, and there are one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2 →GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1, g2) ≠ 1, to all properties in Attribute domain U, h1,h2,…,h|U|∈G1,When, hk,i∈G1
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201 The computer subprogram of storage, is also implemented as follows step: based on encrypted cipher text information calculation formula, system common parameter, Sets of authorizations and cleartext information to be encrypted obtain encrypted cipher text information;
Encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S
Wherein, C0、C1、CxIndicate encrypted cipher text information, m indicates cleartext information to be encrypted, s ∈ Zp, S expression authorization set It closes.
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201 The computer subprogram of storage, is also implemented as follows step: the identity of agreement acquisition and decryption side is generated based on Anonymity Key Identify corresponding identification information, wherein Anonymity Key generates in agreementH=g1, αkkjRkj, βk=skj, γkkj, Rkj∈Zp;When k > j, δkjWhen=1, k < j,k When > j,When k < j,U indicates identity Mark;
Decruption key is obtained based on decruption key calculation formula, identification information, access structure and authorized organization's key;Decryption Cipher key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mkk), indicate access structure, MkFor l × n rank matrix, ρkFor a row matrix It is mapped to the function of attribute;yk,u=vkj∈{1,2…N}\kRkj, for the master key of authorized organization's setting;ΓkRepresenting matrix MkInstitute There is the corresponding attribute set of row,Γk/ x indicates set ΓkIt is resulting after removal element x New set.
In a kind of more authorization attribute base encryption equipment provided by the embodiments of the present application, processor 202 is executed in memory 201 The computer subprogram of storage, be also implemented as follows step: the side of judgement judges whether the attribute set of decryption side belongs to authorization Set is believed if so, obtaining plaintext to be encrypted to decruption key, system common parameter and encrypted cipher text information based on decryption formula Breath;Decrypting formula includes:
M=C0/Ys
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS The parameter that matter obtains;Δk∈Sk Ru=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj
Referring to Fig. 5, can also include: in the more authorization attribute bases encryption equipment of another kind provided by the embodiments of the present application with The input port 203 that processor 202 connects is used for transmission the extraneous order inputted to processor 202;It is connect with processor 202 Display unit 204, the processing result for video-stream processor 202 is to the external world;The communication module 205 being connect with processor 202, For realizing more authorization attribute bases encryption equipment and extraneous communication.Display unit 202 can make for display panel, laser scanning Display etc.;Communication mode used by communication module 205 includes but is not limited to mobile high definition chained technology (HML), general Universal serial bus (USB), high-definition media interface (HDMI), be wirelessly connected: adopting wireless fidelity technology (WiFi), Bluetooth Communication Technology, The low-power consumption bluetooth communication technology, the communication technology based on IEEE802.11s.
A kind of computer readable storage medium provided by the embodiments of the present application is stored with meter in computer readable storage medium Calculation machine program, realizes following steps when computer program is executed by processor:
Obtain the system common parameter and authorized organization that authorized organization is generated based on the sizes values of security parameter and Attribute domain Key;
Cleartext information to be encrypted is obtained, determines the sets of authorizations in Attribute domain, is based on system common parameter and sets of authorizations It treats encrypting plaintext information to be encrypted, obtains encrypted cipher text information;
Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access of decryption side Structure generates decruption key based on identification information, access structure and authorized organization's key;
Decruption key is sent to decryption side, so that decryption side is based on when the attribute set of decryption side belongs to sets of authorizations Encrypted cipher text information is decrypted in decruption key, system common parameter, obtains cleartext information to be encrypted.
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium Computer subprogram, computer subprogram realize following steps when being executed by processor: generating agreement based on Anonymity Key and obtain Identification information corresponding with the identity of decryption side.
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium Computer subprogram, computer subprogram realize following steps when being executed by processor: it is public based on system to obtain authorized organization Parameter generates the system common parameter that the sizes values of formula, security parameter and Attribute domain generate, and is generated based on authorized organization's key Authorized organization's key that the sizes values of formula, security parameter and Attribute domain generate;
System common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIndicate element The set of number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization and j-th of authorization machine The pseudo-random function seed shared between structure, N indicate the total number of authorized organization;vk∈ Zp;GP=(e (), p, g1,g2,G1,G2,GT), to call GEN_GP (1λ) algorithm to security parameter carry out operation after obtain Bilinear Groups parameter, wherein | p |=λ, λ indicate security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Point It Wei not group G1And G2Generation member, and there are one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→ GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2) ≠ 1, to all properties in Attribute domain U, h1,h2,…,h|U|∈G1,When, hk,i∈G1
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium Computer subprogram, computer subprogram realize following steps when being executed by processor: based on encrypted cipher text information calculation formula, System common parameter, sets of authorizations and cleartext information to be encrypted obtain encrypted cipher text information;
Encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S
Wherein, C0、C1、CxIndicate encrypted cipher text information, m indicates cleartext information to be encrypted, s ∈ Zp, S expression authorization set It closes.
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium Computer subprogram, computer subprogram realize following steps when being executed by processor: generating agreement based on Anonymity Key and obtain Identification information corresponding with the identity of decryption side, wherein Anonymity Key generates in agreementH=g1, αkkjRkj, βk=skj, γkkj, Rkj∈Zp;When k > j, δkjWhen=1, k < j, δkj=-1;K > j When,When k < j,U indicates identity mark Know;
Decruption key is obtained based on decruption key calculation formula, identification information, access structure and authorized organization's key;Decryption Cipher key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mkk), indicate access structure, MkFor l × n rank matrix, ρkFor a row matrix It is mapped to the function of attribute;yk,u=vkj∈{1,2…N}\kRkj, for the master key of authorized organization's setting;ΓkRepresenting matrix MkInstitute There is the corresponding attribute set of row,Γk/ x indicates set ΓkIt is resulting after removal element x New set.
In a kind of computer readable storage medium provided by the embodiments of the present application, it is stored in computer readable storage medium Computer subprogram, computer subprogram realize following steps when being executed by processor: judgement side judges the property set of decryption side It closes and whether belongs to sets of authorizations, if so, being obtained based on decryption formula to decruption key, system common parameter and encrypted cipher text information To cleartext information to be encrypted;Decrypting formula includes:
M=C0/Ys
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;It is reconstitution according to LSSS The parameter that matter obtains;Δk∈Sk Ru =∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj
Computer readable storage medium involved in the application includes random access memory (RAM), memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field Any other form of storage medium well known to interior.
In a kind of more authorization attribute based encryption systems provided by the embodiments of the present application, equipment and computer readable storage medium The explanation of relevant portion refers to the detailed of corresponding part in a kind of more authorization attribute base encryption methods provided by the embodiments of the present application Describe in detail bright, details are not described herein.In addition, in above-mentioned technical proposal provided by the embodiments of the present application with correspond to technology in the prior art The consistent part of scheme realization principle is simultaneously unspecified, in order to avoid excessively repeat.
It should also be noted that, herein, relational terms such as first and second and the like are used merely to one Entity or operation are distinguished with another entity or operation, without necessarily requiring or implying between these entities or operation There are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant are intended to contain Lid non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that There is also other identical elements in process, method, article or equipment including the element.
The foregoing description of the disclosed embodiments makes those skilled in the art can be realized or use the application.To this A variety of modifications of a little embodiments will be apparent for a person skilled in the art, and the general principles defined herein can Without departing from the spirit or scope of the application, to realize in other embodiments.Therefore, the application will not be limited It is formed on the embodiments shown herein, and is to fit to consistent with the principles and novel features disclosed in this article widest Range.

Claims (10)

1. a kind of more authorization attribute base encryption methods characterized by comprising
Obtain the system common parameter and authorized organization's key that authorized organization is generated based on the sizes values of security parameter and Attribute domain;
Cleartext information to be encrypted is obtained, determines the sets of authorizations in the Attribute domain, based on the system common parameter and described Sets of authorizations encrypts the cleartext information to be encrypted, obtains encrypted cipher text information;
Identification information corresponding with the identity of decryption side is obtained based on Key generation protocol, obtains the access knot of decryption side Structure generates decruption key based on the identification information, the access structure and authorized organization's key;
The decruption key is sent to the decryption side so that the decryption side belong in the attribute set of the decryption side it is described When sets of authorizations, the encrypted cipher text information is decrypted based on the decruption key, the system common parameter, obtains institute State cleartext information to be encrypted.
2. the method according to claim 1, wherein the body obtained based on Key generation protocol with decryption side Part identifies corresponding identification information, comprising:
Agreement, which is generated, based on Anonymity Key obtains identification information corresponding with the identity of decryption side.
3. according to the method described in claim 2, it is characterized in that, the acquisition authorized organization is based on security parameter and Attribute domain Sizes values generate system common parameter and authorized organization's key process, specifically include:
Obtain the sizes values that the authorized organization generates formula, the security parameter and the Attribute domain based on system common parameter The system common parameter generated generates the big of formula, the security parameter and the Attribute domain based on authorized organization's key Authorized organization's key that small value generates;
The system common parameter generates formula
MPK={ Y, { yk}k∈[1,2,…N],{hk,i}k∈[1,2,…N]};
Authorized organization's key generates formula
ASKk={ xk,{skj}j∈{1,2…N}\{k}};
Wherein, MPK indicates the system common parameter;ASKkIndicate authorized organization's key;xk∈Zp, ZpIt indicates The set of prime number p;skj∈Zp, j ∈ { 1,2 ... N } k, k ∈ { 1,2 ... N }, skjIndicate k-th of authorized organization and j-th The pseudo-random function seed shared between the authorized organization, N indicate the total number of the authorized organization;vk∈Zp;GP=(e (), p, g1,g2,G1,G2,GT), it is Call GEN_GP (1λ) algorithm carries out obtained Bilinear Groups parameter after operation to the security parameter, wherein | p |=λ, λ are indicated The security parameter, G1And G2It is the multiplicative cyclic group of prime number p, g for rank1And g2Respectively group G1And G2Generation member, and deposit At one from G2To G1Computable isomorphism ψ, meet ψ (g2)=g1, e:G1×G2→GTIt is right for a bilinear mapAnd a, b ∈ Zp, it is all satisfied e (ma,hb)=e (m, h)abAnd e (g1,g2) ≠ 1, to the institute in Attribute domain U There are attribute, h1,h2,…,h|U|∈G1,When, hk,i∈G1
4. according to the method described in claim 3, it is characterized in that, described be based on the system common parameter and the authorization set Conjunction encrypts the cleartext information to be encrypted, obtains encrypted cipher text information, comprising:
Based on encrypted cipher text information calculation formula, the system common parameter, the sets of authorizations and the plaintext letter to be encrypted Breath obtains the encrypted cipher text information;
The encrypted cipher text information calculation formula includes:
C0=mYs,C1=g2 s,{Cx=hx s}x∈S
Wherein, C0、C1、CxIndicate the encrypted cipher text information, m indicates the cleartext information to be encrypted, s ∈ Zp, S expression described in Sets of authorizations.
5. according to the method described in claim 4, it is characterized in that, described generate agreement acquisition and decryption side based on Anonymity Key The corresponding identification information of identity, comprising:
Agreement is generated based on Anonymity Key and obtains identification information corresponding with the identity of decryption side, wherein the anonymity is close Key generates in agreementH=g1, αkkjRkj, βk=skj, γkkj, Rkj∈Zp;When k > j, δkj=1, k < j When, δkj=-1;When k > j,When k < j,U indicates the identity;
It is described that decruption key is generated based on the identification information, the access structure and authorized organization's key, comprising:
It is obtained based on decruption key calculation formula, the identification information, the access structure and authorized organization's key described Decruption key;
The decruption key calculation formula includes:
Wherein, rk,1,…rk,l∈Zp, i ∈ [1, l],Mk,iRepresenting matrix MkThe i-th row,Ak=(Mkk), indicate the access structure, MkFor l × n rank matrix, ρkFor one matrix Row be mapped to the function of attribute;yk,u=vkj∈{1,2…N}\kRkj, for the master key of authorized organization setting;ΓkIt indicates Matrix MkThe corresponding attribute set of all rows,Γk/ x indicates set ΓkRemove element x Resulting new set afterwards.
6. according to the method described in claim 5, it is characterized in that, the decryption side belongs in the attribute set of the decryption side When the sets of authorizations, the encrypted cipher text information is decrypted based on the decruption key, the system common parameter, is obtained Process to the cleartext information to be encrypted includes:
Judge whether the attribute set of the decryption side belongs to the sets of authorizations, if so, based on decryption formula to the solution Key, the system common parameter and the encrypted cipher text information obtain the cleartext information to be encrypted;
The decryption formula includes:
M=C0/Ys
Wherein,
Ik=i | ρk(i)∈Sk};Indicate reconstruction coefficients;To be obtained according to LSSS reconstruction nature The parameter arrived;Δk∈Sk Ru=∑(k,j)∈{1,2,…,N}×{{1,2,…,N}\{k}}Rkj
7. a kind of more authorization attribute based encryption systems characterized by comprising
First obtains module, the public ginseng of system generated for obtaining authorized organization based on the sizes values of security parameter and Attribute domain Several and authorized organization's key;
Second obtains module, for obtaining cleartext information to be encrypted, determines the sets of authorizations in the Attribute domain, is based on the system System common parameter and the sets of authorizations encrypt the cleartext information to be encrypted, obtain encrypted cipher text information;
Generation module obtains solution for obtaining identification information corresponding with the identity of decryption side based on Key generation protocol The access structure of close side generates decruption key based on the identification information, the access structure and authorized organization's key;
Sending module, for sending the decruption key to the decryption side, so that category of the decryption side in the decryption side Property set when belonging to the sets of authorizations, based on the decruption key, the system common parameter to the encrypted cipher text information It is decrypted, obtains the cleartext information to be encrypted.
8. system according to claim 7, which is characterized in that the generation module includes:
First acquisition unit obtains mark letter corresponding with the identity of decryption side for generating agreement based on Anonymity Key Breath.
9. a kind of more authorization attribute bases encrypt equipment characterized by comprising
Memory, for storing computer program;
Processor realizes such as more authorization attribute bases as claimed in any one of claims 1 to 6 when for executing the computer program The step of encryption method.
10. a kind of computer readable storage medium, which is characterized in that be stored with computer in the computer readable storage medium Program is realized when the computer program is executed by processor as more authorization attribute bases as claimed in any one of claims 1 to 6 add The step of decryption method.
CN201811014009.2A 2018-08-31 2018-08-31 A kind of more authorization attribute base encryption methods, system, equipment and computer media Pending CN108989037A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811014009.2A CN108989037A (en) 2018-08-31 2018-08-31 A kind of more authorization attribute base encryption methods, system, equipment and computer media

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811014009.2A CN108989037A (en) 2018-08-31 2018-08-31 A kind of more authorization attribute base encryption methods, system, equipment and computer media

Publications (1)

Publication Number Publication Date
CN108989037A true CN108989037A (en) 2018-12-11

Family

ID=64546817

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811014009.2A Pending CN108989037A (en) 2018-08-31 2018-08-31 A kind of more authorization attribute base encryption methods, system, equipment and computer media

Country Status (1)

Country Link
CN (1) CN108989037A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109743162A (en) * 2018-12-29 2019-05-10 西安电子科技大学 A kind of operated using ideal lattice carries out the matched encryption method of identity attribute
CN113742680A (en) * 2021-11-02 2021-12-03 北京理工大学 Traceable data encryption transmission method and system based on commercial password
CN113890730A (en) * 2021-09-23 2022-01-04 上海华兴数字科技有限公司 Data transmission method and system
CN117278271A (en) * 2023-09-19 2023-12-22 淮北师范大学 Attribute-based encrypted data transmission method and system
CN117278271B (en) * 2023-09-19 2024-05-10 淮北师范大学 Attribute-based encrypted data transmission method and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103401839A (en) * 2013-07-02 2013-11-20 河海大学 Attribute protection based multiple authorization center encryption method
US20140281574A1 (en) * 2013-03-15 2014-09-18 David Webb Multi-ring encryption approach to securing a payload using hardware modules

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140281574A1 (en) * 2013-03-15 2014-09-18 David Webb Multi-ring encryption approach to securing a payload using hardware modules
CN103401839A (en) * 2013-07-02 2013-11-20 河海大学 Attribute protection based multiple authorization center encryption method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
杨诗雨: "多授权属性基加密的研究", 《CNKI中国硕士学位论文全文数据库信息科技辑》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109743162A (en) * 2018-12-29 2019-05-10 西安电子科技大学 A kind of operated using ideal lattice carries out the matched encryption method of identity attribute
CN113890730A (en) * 2021-09-23 2022-01-04 上海华兴数字科技有限公司 Data transmission method and system
CN113742680A (en) * 2021-11-02 2021-12-03 北京理工大学 Traceable data encryption transmission method and system based on commercial password
CN117278271A (en) * 2023-09-19 2023-12-22 淮北师范大学 Attribute-based encrypted data transmission method and system
CN117278271B (en) * 2023-09-19 2024-05-10 淮北师范大学 Attribute-based encrypted data transmission method and system

Similar Documents

Publication Publication Date Title
CN107483198B (en) A kind of block catenary system supervised and method
Boneh et al. Functional encryption: a new vision for public-key cryptography
Zhou et al. TR-MABE: White-box traceable and revocable multi-authority attribute-based encryption and its applications to multi-level privacy-preserving e-healthcare cloud computing systems
Guo et al. CP-ABE with constant-size keys for lightweight devices
CN103401839B (en) A kind of many authorization center encryption method based on attribute protection
CN104363215B (en) A kind of encryption method and system based on attribute
JP5562687B2 (en) Securing communications sent by a first user to a second user
CN105100083B (en) A kind of secret protection and support user&#39;s revocation based on encryption attribute method and system
CN109246096A (en) Multi-functional fine-grained access control method suitable for cloud storage
CN103457725B (en) Encryption method for multiple authorization centers
CN110011781A (en) A kind of homomorphic cryptography method encrypting and support zero-knowledge proof for transaction amount
CN106161428B (en) A kind of ciphertext can comparison of equalization encryption attribute method
CN104135473B (en) A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy
CN105763528B (en) The encryption device of diversity person&#39;s anonymity under a kind of mixed mechanism
Zhang et al. Towards privacy protection and malicious behavior traceability in smart health
CN108989037A (en) A kind of more authorization attribute base encryption methods, system, equipment and computer media
Yan et al. Privacy-preserving multi-authority attribute-based encryption with dynamic policy updating in PHR
CN106656997A (en) Mobile social network based agent proxy re-encryption cross-domain friend-making privacy protection method
Wang et al. Efficient privacy preserving predicate encryption with fine-grained searchable capability for Cloud storage
CN108880801A (en) The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice
Lan et al. A New Security Cloud Storage Data Encryption Scheme Based on Identity Proxy Re-encryption.
Shao et al. Privacy-preserving online/offline and outsourced multi-authority attribute-based encryption
CN109495244A (en) Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys
Chaudhari et al. On anonymous attribute based encryption
CN109039599A (en) Support the attribute base encipher-decipher method and encrypting and deciphering system of blind Key Issuance

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181211