CN112087422A - Outsourcing access control method based on attribute encryption in edge calculation - Google Patents

Abstract

The invention discloses an outsourcing access control method based on attribute encryption in edge computing, which encrypts user data participating in shared data behaviors in edge computing by adopting an attribute encryption method so as to protect the privacy of the data. According to the characteristics of wide distribution and considerable computing power of fog computing, the computing burden of a data owner and a consumer is reduced by adopting a method of outsourcing encryption and decryption to a fog server. The invention has the advantages that: compared with the existing encryption algorithm, the attribute encryption can protect the privacy information of the group users more simply and effectively, achieves fine-grained access control on data, and has practical feasibility. The method fully considers the problem of resource limitation of the mobile terminal in the edge computing environment, and has strong use value; the method partially hides the access strategy which possibly reveals sensitive information, and better protects the privacy information of the user.

Description

Outsourcing access control method based on attribute encryption in edge calculation

Technical Field

The invention belongs to the field of network communication, and particularly provides an outsourcing access control method based on attribute encryption in edge computing.

Background

Edge computing is widely used in modern social life, however untrusted edge devices may cause data security and privacy protection problems. Some encryption methods are therefore needed to protect the security of data, but general conventional encryption methods are not suitable for edge computing, because the receiving group tends to be dynamic in edge computing, much data is accessed by a group of users, can only be described by certain attributes, and data access does not need to be controlled according to each connection. On the other hand, the encryption and decryption of the existing encryption method are computationally expensive, and the mobile device usually has limited computing resources and cannot support highly complex encryption algorithms.

The attribute encryption is a research hotspot in the field of privacy protection at present, and compared with the existing encryption algorithm, the attribute encryption can protect the privacy information of group users more simply and effectively, realizes fine-grained access control on data, and has practical feasibility. The task of encrypting and decrypting highly complex computing data is outsourced to a fog server with stronger computing power, so that the mobile equipment can realize encryption and decryption only by simple computation. Meanwhile, in order to prevent some external observers or attackers from learning the sensitive information of the user through the access control policy in the attribute encryption, the access control policy is necessary to be hidden. Therefore, the access control method based on the attribute encryption in the edge calculation is beneficial to the security of shared data and the privacy of user information, and reduces the calculation burden of the user.

Disclosure of Invention

The invention provides an outsourcing access control method based on attribute encryption in edge computing, aiming at the problems of data security and privacy protection of edge equipment in the existing edge computing.

The technical scheme of the invention is as follows:

an outsourcing access control method based on attribute encryption in edge computing comprises the following steps:

step 1: the trusted authority initializes the whole system, including assigning corresponding roles to each user, generating parameters such as related public key, secret key and conversion secret key, and sending the parameters obtained by the trusted authority to each role in the system;

step 2: the data owner applies for an encryption request to the mist server closest to the mist server, carries out correctness verification and integration on a result returned by the mist server, and uploads an integrated ciphertext to the cloud server;

and step 3: and the data consumer applies for the ciphertext to the cloud server, sends the obtained ciphertext to the nearest fog server to apply for partial outsourcing decryption, performs correctness verification after obtaining partial decrypted ciphertext, and finally performs simple decryption to obtain the plaintext.

Further, an outsourcing access control method based on attribute encryption in edge computing, where the step 1 specifically is:

step 1-1: the trusted authority firstly selects the number of attributes in the system and selects a bilinear mapping D ═ P, G, GT, e, wherein P is the order of G and GT; then selecting three random generators g, h, u and an index alpha (alpha belongs to Zp); public key parameters are disclosed:

PK＝{D,e(g,g)α,g,h,u,H,L,KDF1}；

where H is the collision-resistant hash function, KDF1 is the key derivation function, and sets the master key: MSK ═ (PK, α);

step 1-2: the trusted authority chooses a random K +1 number (r, r)₁,···,r_k) E.g. Zp, from the master key MSK and a set of attributes S ═ a₁,···,A_n}, calculating K₀＝g^αu^r,K₁＝g^r，K_i,2＝g^ri，K_i，3＝(uh^Ai)^riAnd generating a private key:

SK＝(S,PK,K₀,K₁,{K_i,2,K_i,3}_i∈[1,k])；

step 1-3: trusted authority random selection

The transformation key TK is calculated according to the private key SK as follows:

K'₀＝g^α/τu^r/τ，K'₁＝g^r/τ，K'_i，2＝g^ri/τ，K'_i，3＝(uh^Ai)^ri/τ

when the system carries out outsourcing decryption, the TK is sent to a fog server which needs to carry out partial decryption tasks; and the recovery key is set as follows:

RK＝(TK,τ)

and sending to the data consumer for final decryption.

Further, an outsourcing access control method based on attribute encryption in edge computing, where the step 2 specifically is:

step 2-1: after the data owner sends the outsourced encryption request, the fog server F1, which is the closest two to the user, selects four random numbers x_i'，y_i'，λ_i'，s'∈Z_pC is calculated based on the public key parameter PK already published₀'＝g^s'，

The intermediate ciphertext IT1 is generated as follows:

IT1＝(s',C'₀,{x′_i,y′_i,λ'_i,C′_i,1,C′_i,2}_i∈[1,K])；

and sends IT1 to the data owner;

step 2-2: after the data owner sends the outsourced encryption request, the fog server F2, which is the closest two to the user, selects four random numbers x_i”，y_i”，λ_i”，s”∈Z_pC is calculated based on the public key parameter PK already published₀”＝g^s”，

The intermediate ciphertext IT2 is generated as follows:

IT2＝(s”,C″₀,{x″_i,y″_i,λ″_i,C″_i,1,C″_i,2}_i∈[1,K])；

and sends IT2 to the data owner;

step 2-3: after the data owner receives IT1 and IT2, IT1 and IT2 are integrated into an intermediate ciphertext IT as follows:

IT＝(s,C₀,{x_i,y_i,λ_i,C_i,1,C_i,2}_i∈[1,K])

then, v2 is randomly selected, vn belongs to Zp, and the vector is set

From the access structure (A, ρ, τ), compute

C_i，3＝b_i-λ_i，C_i，4＝τ_ρ(i)y_i-x_iy_i，C_i，5＝-y_iWhere A is a matrix of λ n, and ρ is A per row A_iAttribute name of mapping, τ ═ τ_ρ(1),...,τ_ρ(λ)I.e. the set of attribute values ρ (i); then, the SSk is calculated and set by using a key derivation function KDF1

d is the length of SSk; the complete ciphertext is finally obtained as follows:

and sends it to the cloud server.

Further, an outsourcing access control method based on attribute encryption in edge computing, where the step 3 specifically is:

step 3-1: the data consumer takes the ciphertext CT from the cloud server and sends the ciphertext CT to the nearest fog server F3 to apply for partial decryption; the fog server F3 recovers the encapsulated key by partial decryption using the transfer key TK obtained from the trusted authority:

setting a part of decrypted ciphertext and returning the ciphertext to the data consumer;

step 3-2: after the data consumer takes the partially decrypted ciphertext, the correctness verification and verification of the decryption outsourcing are carried out firstly

If yes, then using the recovery key to decrypt the data:

compared with the prior art, the invention has the technical advantages that:

1. the security of the data shared by the users is protected under the condition that the users do not spend high calculation amount and communication overhead;

2. by adopting a method of partially hiding the access control strategy, the data sharing with the data consumer is realized on the premise of not revealing sensitive information of the data owner;

3. compared with the existing attribute encryption outsourcing method, the method has better performance in the aspects of accuracy of outsourcing results and privacy protection of participants.

Drawings

FIG. 1 is a block diagram of the mechanism of the present invention.

FIG. 2 is a graph of time spent generating outsourced keys versus number of attributes.

FIG. 3 is a graph of the time spent in encrypting outsourced computations.

FIG. 4 is a graph of the time spent decrypting outsourced computations.

Fig. 5 is a graph of how long it takes for encryption computation at the user side.

Fig. 6 is a graph of how long decryption computation takes.

Detailed Description

The invention is further described with reference to the following figures and detailed description.

The invention designs an outsourcing access control method based on attribute encryption in edge calculation according to the technical characteristics of the edge calculation and the attribute encryption, and mainly solves the following two problems:

(1) when the data owner sends the ciphertext to the cloud server, the access control policy and the ciphertext are sent together, and other participants may deduce sensitive information of the data consumer attribute according to the access control policy, so that the data owner suffers from the problem of key information leakage.

(2) Existing attribute encryption outsourcing methods lack verifiable considerations for encryption and decryption outsourcing.

The main idea of the invention is as follows: and attribute encryption and edge calculation are combined to realize data security of shared data and privacy protection of participants.

Specifically, the outsourcing access control method based on attribute encryption in edge computing comprises the following steps:

step 1: the trusted authority initializes the whole system, including assigning corresponding roles to each user, generating parameters such as related public key, secret key and conversion secret key, and sending the parameters obtained by the trusted authority to each role in the system;

step 1-1: the trusted authority firstly selects the number of attributes in the system and selects a bilinear mapping D ═ P, G, GT, e, wherein P is the order of G and GT; then selecting three random generators g, h, u and an index alpha (alpha belongs to Zp); public key parameters are disclosed:

PK＝{D,e(g,g)α,g,h,u,H,L,KDF1}；

where H is the collision-resistant hash function, KDF1 is the key derivation function, and sets the master key: MSK ═ (PK, α);

step 1-2: the trusted authority chooses a random K +1 number (r, r)₁,···,r_k) E.g. Zp, from the master key MSK and a set of attributes S ═ a₁,···,A_n}, calculating K₀＝g^αu^r,K₁＝g^r，K_i,2＝g^ri，K_i，3＝(uh^Ai)^riAnd generating a private key:

SK＝(S,PK,K₀,K₁,{K_i,2,K_i,3}_i∈[1,k])；

step 1-3: trusted authority random selection

The transformation key TK is calculated according to the private key SK as follows:

K'₀＝g^α/τu^r/τ，K'₁＝g^r/τ，K'_i，2＝g^ri/τ，K'_i，3＝(uh^Ai)^ri/τ

when the system carries out outsourcing decryption, the TK is sent to a fog server which needs to carry out partial decryption tasks; and the recovery key is set as follows:

RK＝(TK,τ)

and sending to the data consumer for final decryption.

Step 2: the data owner applies for an encryption request to the mist server closest to the mist server, carries out correctness verification and integration on a result returned by the mist server, and uploads an integrated ciphertext to the cloud server;

step 2-1: after the data owner sends the outsourced encryption request, the fog server F1, which is the closest two to the user, selects four random numbers x_i'，y_i'，λ_i'，s'∈Z_pC is calculated based on the public key parameter PK already published₀'＝g^s'，

The intermediate ciphertext IT1 is generated as follows:

IT1＝(s',C'₀,{x′_i,y′_i,λ'_i,C′_i,1,C′_i,2}_i∈[1,K])；

and sends IT1 to the data owner;

step 2-2: after the data owner sends the outsourced encryption request, the fog server F2, which is the closest two to the user, selects four random numbers x_i”，y_i”，λ_i”，s”∈Z_pC is calculated based on the public key parameter PK already published₀”＝g^s”，

The intermediate ciphertext IT2 is generated as follows:

IT2＝(s”,C″₀,{x″_i,y″_i,λ″_i,C″_i,1,C″_i,2}_i∈[1,K])；

and sends IT2 to the data owner;

step 2-3: after the data owner receives IT1 and IT2, IT1 and IT2 are integrated into an intermediate ciphertext IT as follows:

IT＝(s,C₀,{x_i,y_i,λ_i,C_i,1,C_i,2}_i∈[1,K])

then, v2 is randomly selected, vn belongs to Zp, and the vector is set

From the access structure (A, ρ, τ), compute

C_i，3＝b_i-λ_i，C_i，4＝τ_ρ(i)y_i-x_iy_i，C_i，5＝-y_iWhere A is a matrix of λ n, and ρ is A per row A_iAttribute name of mapping, τ ═ τ_ρ(1),...,τ_ρ(λ)I.e. the set of attribute values ρ (i); then, the SSk is calculated and set by using a key derivation function KDF1

d is the length of SSk; the complete ciphertext is finally obtained as follows:

and sends it to the cloud server.

And step 3: and the data consumer applies for the ciphertext to the cloud server, sends the obtained ciphertext to the nearest fog server to apply for partial outsourcing decryption, performs correctness verification after obtaining partial decrypted ciphertext, and finally performs simple decryption to obtain the plaintext.

Step 3-1: the data consumer takes the ciphertext CT from the cloud server and sends the ciphertext CT to the nearest fog server F3 to apply for partial decryption; the fog server F3 recovers the encapsulated key by partial decryption using the transfer key TK obtained from the trusted authority:

setting a part of decrypted ciphertext and returning the ciphertext to the data consumer;

step 3-2: after the data consumer takes the partially decrypted ciphertext, the correctness verification and verification of the decryption outsourcing are carried out firstly

If yes, then using the recovery key to decrypt the data:

the invention uses charm frame and PBC library to simulate the process shown in figure 1 in Ubuntu, and tests the performance of the proposed method. We set up 10 different access policies and the number of attribute values N is increased from 10 to 100, each instance is repeated 10 times and averaged. All examples were kept completely independent of each other during the experiment, time in seconds and milliseconds.

In order to embody the advantages of the PPAC (privacy access control) method provided by the invention, the conventional attribute encryption outsourcing method OABE (outsourcing ABE encryption) is compared. Only outsource decryption is performed in the OABE, and the outsource result is not verified for correctness.

Figure 2 shows the result of the time it takes to run the generation of the outsource key. As can be seen from the figure, as the number of system attribute values increases, the time taken to outsource the key also increases, and the trend is linear. The calculation amount of encryption and decryption is related to the number of attributes set by the system, as shown in fig. 3 and 4, the number of attributes is continuously increased, and the time spent on calculation is also continuously increased. The performance of the algorithm in the PPAC is evaluated by calculating the time spent on encryption and decryption at a user terminal, and the less time spent is better in terms of the experience of the user. Fig. 5 shows that the time spent by encryption computation at the user end increases almost linearly with the number of attributes, and our scheme is feasible at the user end with a slightly higher computation time than the original OABE scheme, which is caused by the additional computation cost of the verification function for verifying the correctness of the result returned by encryption.

Fig. 6 shows how the computation of encryption takes time at the user end, and it can be seen that our scheme is feasible at the user end in computation time, which is also slightly higher than the time taken by the original OABE scheme, and this occurs because the verification function for verifying the correctness of the result returned by decryption incurs some extra computation cost.

In conclusion: the PPAC provided by the invention can not only protect the safety of shared data and the privacy of users in edge calculation, but also reduce the calculation burden of the users to a great extent.

While the preferred embodiments of the present invention have been illustrated and described in detail, it is not intended to limit the invention to the exact details shown and described, and various equivalents (e.g., in number, shape, location, etc.) may be substituted for elements thereof without departing from the spirit and scope of the present invention.

Claims (4)

1. An outsourcing access control method based on attribute encryption in edge computing is characterized by comprising the following steps:

step 1: the trusted authority initializes the whole system, including assigning corresponding roles to each user, generating parameters such as related public key, secret key and conversion secret key, and sending the parameters obtained by the trusted authority to each role in the system;

step 2: the data owner applies for an encryption request to the mist server closest to the mist server, carries out correctness verification and integration on a result returned by the mist server, and uploads an integrated ciphertext to the cloud server;

and step 3: and the data consumer applies for the ciphertext to the cloud server, sends the obtained ciphertext to the nearest fog server to apply for partial outsourcing decryption, performs correctness verification after obtaining partial decrypted ciphertext, and finally performs simple decryption to obtain the plaintext.

2. The outsourcing access control method based on attribute encryption in edge computing according to claim 1, wherein the step 1 specifically comprises:

step 1-1: the trusted authority firstly selects the number of attributes in the system and selects a bilinear mapping D ═ P, G, GT, e, wherein P is the order of G and GT; then selecting three random generators g, h, u and an index alpha (alpha belongs to Zp); public key parameters are disclosed:

PK＝{D,e(g,g)α,g,h,u,H,L,KDF1}；

where H is the collision-resistant hash function, KDF1 is the key derivation function, and sets the master key: MSK ═ (PK, α);

step 1-2: the trusted authority chooses a random K +1 number (r, r)₁,···,r_k) E.g. Zp, from the master key MSK and a set of attributes S ═ a₁,···,A_n}, calculating K₀＝g^αu^r,K₁＝g^r，K_i,2＝g^ri，K_i，3＝(uh^Ai)^riAnd generating a private key:

SK＝(S,PK,K₀,K₁,{K_i,2,K_i,3}_i∈[1,k])；

step 1-3: trusted authority random selection

The transformation key TK is calculated according to the private key SK as follows:

K'₀＝g^α/τu^r/τ，K'₁＝g^r/τ，K'_i，2＝g^ri/τ，K'_i，3＝(uh^Ai)^ri/τ

when the system carries out outsourcing decryption, the TK is sent to a fog server which needs to carry out partial decryption tasks; and the recovery key is set as follows:

RK＝(TK,τ)

and sending to the data consumer for final decryption.

3. The outsourcing access control method based on attribute encryption in edge computing according to claim 1, wherein the step 2 specifically comprises:

step 2-1: after the data owner sends the outsourced encryption request, the fog server F1, which is the closest two to the user, selects four random numbers x_i'，y_i'，λ_i'，s'∈Z_pC is calculated based on the public key parameter PK already published₀'＝g^s'，

The intermediate ciphertext IT1 is generated as follows:

IT1＝(s',C'₀,{x'_i,y'_i,λ'_i,C'_i,1,C'_i,2}_i∈[1,K])；

and sends IT1 to the data owner;

step 2-2: after the data owner sends the outsourced encryption request, the fog server F2, which is the closest two to the user, selects four random numbers x_i”，y_i”，λ_i”，s”∈Z_pC is calculated based on the public key parameter PK already published₀”＝g^s”，

The intermediate ciphertext IT2 is generated as follows:

IT2＝(s”,C”₀,{x”_i,y”_i,λ”_i,C”_i,1,C”_i,2}_i∈[1,K])；

and sends IT2 to the data owner;

step 2-3: after the data owner receives IT1 and IT2, IT1 and IT2 are integrated into an intermediate ciphertext IT as follows:

IT＝(s,C₀,{x_i,y_i,λ_i,C_i,1,C_i,2}_i∈[1,K])

then, v2 is randomly selected, vn belongs to Zp, and the vector is set

From the access structure (A, ρ, τ), compute

C_i，3＝b_i-λ_i，C_i，4＝τ_ρ(i)y_i-x_iy_i，C_i，5＝-y_iWhere A is a matrix of λ n, and ρ is A per row A_iAttribute name of mapping, τ ═ τ_ρ(1),...,τ_ρ(λ)I.e. the set of attribute values ρ (i); then, the SSk is calculated and set by using a key derivation function KDF1

d is the length of SSk; the complete ciphertext is finally obtained as follows:

and sends it to the cloud server.

4. The outsourcing access control method based on attribute encryption in edge computing according to claim 1, wherein the step 3 specifically includes:

step 3-1: the data consumer takes the ciphertext CT from the cloud server and sends the ciphertext CT to the nearest fog server F3 to apply for partial decryption; the fog server F3 recovers the encapsulated key by partial decryption using the transfer key TK obtained from the trusted authority:

setting a part of decrypted ciphertext and returning the ciphertext to the data consumer;

step 3-2: after the data consumer takes the partially decrypted ciphertext, the correctness verification and verification of the decryption outsourcing are carried out firstly

If yes, then using the recovery key to decrypt the data:

Images