CN114039790A - Block chain-based fine-grained cloud storage security access control method - Google Patents

Block chain-based fine-grained cloud storage security access control method Download PDF

Info

Publication number
CN114039790A
CN114039790A CN202111396561.4A CN202111396561A CN114039790A CN 114039790 A CN114039790 A CN 114039790A CN 202111396561 A CN202111396561 A CN 202111396561A CN 114039790 A CN114039790 A CN 114039790A
Authority
CN
China
Prior art keywords
block chain
key
ciphertext
data
cloud storage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111396561.4A
Other languages
Chinese (zh)
Other versions
CN114039790B (en
Inventor
熊安萍
代明月
蒋溢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Post and Telecommunications
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN202111396561.4A priority Critical patent/CN114039790B/en
Publication of CN114039790A publication Critical patent/CN114039790A/en
Application granted granted Critical
Publication of CN114039790B publication Critical patent/CN114039790B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Abstract

The invention belongs to the technical field of cloud storage, access control and block chains, and particularly relates to a block chain-based fine-grained cloud storage security access control method, which comprises the following steps: initializing a secure data sharing model based on a block chain; encrypting a possessed plaintext by a data owner, and uploading an encrypted ciphertext to a cloud storage server; a data requester sends a request for registering and acquiring a private key to a blockchain; the block chain generates a private key for the data requester according to the request information and distributes the private key to each data requester through a secure channel; the data requester sends a data request to the cloud storage server, the cloud storage server verifies the validity of the request, and if the request is legal, the ciphertext is sent to the data requester and is decrypted; if the password is illegal, the cloud storage server refuses to send the ciphertext; according to the invention, decentralized key management is realized through the block chain, and potential safety hazards brought by semi-trusted cloud service providers are avoided.

Description

Block chain-based fine-grained cloud storage security access control method
Technical Field
The invention belongs to the technical field of cloud storage, access control and block chains, and particularly relates to a fine-grained cloud storage security access control method based on a block chain.
Background
The cloud storage service is widely used due to the characteristics of convenience in use, low cost and the like, however, data stored in the cloud may be peeped, modified or damaged by an illegal user or a cloud computing provider, and how to ensure that the cloud storage data is safely shared is a significant challenge. Encrypting user data and realizing access control of the data are effective methods for ensuring data security and secure sharing in cloud storage. The ciphertext policy attribute based encryption (CP-ABE) technology is considered as the most potential cryptographic technology for realizing secure storage and sharing of data in an untrusted cloud storage environment, and has the following advantages:
the data owner determines the access strategy of the data and embeds the access strategy into the ciphertext. Data can be correctly decrypted as long as the user attribute meets the access policy in the ciphertext, so that one document can be safely shared to a plurality of different users only by encrypting once, and one user only needs to possess one secret key to access a plurality of different data ciphertexts.
However, in the conventional cloud security storage scheme based on the attribute encryption technology, the following two problems exist: 1) one attribute authority needs to distribute keys for all users, however, a single attribute authority attribute cryptosystem cannot meet the requirement of large-scale distributed application on cooperation of different organizations, all attributes in the attribute authority management system need to issue keys for user authentication attributes, and the workload is large, which becomes a performance bottleneck of the system. Meanwhile, this attribute authority is vulnerable to centralized attacks, and a single point of failure may cause a system crash. 2) The key change and permission revocation problems need to be considered for meeting the requirements of fine-grained access control. The current research has two modes of 'complete revocation' and 'direct revocation', and both revocation schemes have no good expansibility and cannot realize fine-grained change.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a block chain-based fine-grained cloud storage security access control method, which comprises the following steps:
s1: initializing a secure data sharing model based on a block chain; the safety data sharing model based on the block chain consists of a cloud storage server CSP, a data owner DO and a data requester DU;
s2: the DO encrypts the encryption key ck according to the key parameters distributed by the block chain, the self access strategy tree and the attribute-based encryption technology to generate a key ciphertext CT, and symmetrically encrypts the plaintext M to generate a ciphertext EckM, cipher text CT and EckM is uploaded into CSP;
s3: the DU sends a request for registering and obtaining a private key to the block chain; the block chain performs block registration according to the information of the DUs, generates a private key and distributes the generated private key to each DU through a secure channel;
s4: the DU sends a data request to the CSP after receiving the private key, the CSP verifies the validity of the request, if the request is legal, the secret key cryptograph CT and the cryptograph E are sentckM is sent to DU; after receiving the ciphertext, the DU decrypts the ciphertext by using the held private key; if not, the CSP refuses to send the ciphertext.
Preferably, the data owner DO is responsible for defining the access policy and encrypting the data; the data requester DU has a set of attributes, and if the set of attributes meets the access strategy, the DU can decrypt the ciphertext and acquire data; the cloud storage server CSP is used for storing the encrypted data and legally verifying the DU.
Preferably, initializing the secure data sharing model based on the block chain includes:
s11: the DO sends the identifier uid of the DO, the attribute set Lambda corresponding to the strategy and the secret corresponding to the set to the block chain, and deploys an intelligent contract in the block chain;
s12: and returning the intelligent contract address by the block chain, randomly generating a public key parameter PK and a master key MSK by an initialization algorithm Setup (alpha, beta), and distributing the public key parameter PK and the master key MSK to the DO.
Preferably, the process of encrypting the data by the DO includes:
s21: a data owner randomly generates a symmetric key ck, and symmetric encryption processing is carried out on a plaintext by adopting the symmetric key;
s22: the data owner executes an encryption algorithm according to the access strategy T and the model public key parameter PK, and encrypts an encryption key ck to generate a ciphertext CT;
s23: and the data owner uploads the ciphertext and the secret key ciphertext to the cloud storage server CSP through the secure channel.
Further, the process of performing symmetric encryption processing on the plaintext by using the symmetric key includes: AES symmetric encryption is carried out on the obtained plaintext M by adopting a symmetric key ck to obtain an encrypted ciphertext EckM; the formula for encryption is:
AESEncrypt(ck,M)→EckM
where ck denotes the symmetric key and M denotes the plaintext.
Further, the access policy T is: if the attribute set gamma satisfies the access structure, the root node T of the access structure tree T of the attribute setx(γ) ═ 1; if the node x in the attribute set gamma is a non-leaf node, then T of all the child nodes x' of the node x is calculatedx′(γ); if at least kxAll child nodes return 1, then Tx(γ) returning to 1; if x is a leaf node and λxE is gamma, then Tx(γ) returns to 1, where λxRepresenting attributes associated with leaf node x of the tree.
Further, the access structure is: defining an access structure tree, each non-leaf node of the structure tree being represented as a threshold gate, the number of children nodes of each node x of the tree being numxSetting a threshold k of the nodexAnd k is not less than 0x≤numx(ii) a Each leaf node x of the tree is represented as an attribute, and the number of the child nodes of each node is from 1 to num; lambda [ alpha ]xRepresents attributes associated with leaf node x of the tree; parent (x) represents the parent of node x of the tree; in the assigned access structure, its index value is uniquely assigned to the node under access.
Preferably, the process of sending the registration and private key acquisition request to the block chain by the DU includes:
s31: DU identifies itself uid, attribute set S and user public key PKuidBy registering the algorithm Register (uid, S, PK)uid) Sending registration information to a block chain and acquiring a private key request;
s32: the block chain performs registration verification on the user by executing a verification algorithm Verify (uid, S), performs hash processing on user information by adopting a storage algorithm Store (S, uid), and stores the processed information in the block;
s33: the block chain generates a private key SK through a key generation algorithm KeyGen (MSK, S, uid) according to the user attribute set S, and uses a user public key PKuidThe SK and the block address hashAddr are encrypted and distributed to the DUs.
Preferably, the process of verifying the validity of the request by the cloud storage server includes:
s41: the DU sends a data downloading request to the cloud storage server CSP and sends self information uid, an attribute set S and a block address hashAddr;
s42: the CSP performs hash processing on the user information, and sends a request to the block chain to request hash data in the user block;
s43: returning data information by the block chain;
s44: the CSP compares the two sets of data, and if the two sets of data are the same, the cloud server compares the ciphertext EckM and the key ciphertext CT are sent to DU; if not, sending rejection information;
s45: if the DU attribute meets the strategy, the DU can be decrypted by the private key SK to obtain data.
Preferably, when the DU sends a registration request to the block chain, the block chain verifies whether the attribute of the DU is revoked, and when the attribute of the DU is revoked, the block chain randomly generates a re-encryption key, encrypts the re-encryption key by using a linear secret sharing scheme, and sends a key ciphertext to the CSP; the CSP obtains a re-encryption key by decrypting the ciphertext, re-encrypts the key ciphertext CT by using the re-encryption key, and notifies the block chain to update the block; and the DU sends the request for obtaining the private key to the block chain again, and the block chain sends the updated private key to the DU of the data requester through the secure channel.
Preferably, the process of decrypting the ciphertext by using the held private key after the data requestor receives the ciphertext includes: if the attribute set of the data requester meets the access control structure, inputting a ciphertext CT, a private key SK and a system public key PK which imply an access control strategy; calculating a symmetric encryption key ck according to the ciphertext CT, the private key SK and the system public key PK, and aligning the text by using the symmetric encryption key ckPiece cipher text EckAnd decrypting the M to obtain a plaintext M.
According to the invention, decentralized key management is realized through the block chain, potential safety hazards brought by semi-trusted cloud service providers are avoided, the characteristics of large cloud storage space and strong computing performance are fully utilized, the block chain is prevented from being too bulky, the management control right of data owner for continuously holding the data is ensured, and one-to-many fine-grained access control is realized.
Drawings
Fig. 1 is a system model diagram of a fine-grained cloud storage security access control scheme based on a block chain technology according to an embodiment of the present invention;
FIG. 2 is an overall flow chart of an embodiment of the present invention;
FIG. 3 is a flow chart of data requestor registration and key generation according to an embodiment of the present invention;
fig. 4 is a flowchart of re-encryption according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A block chain-based fine-grained cloud storage security access control method, as shown in fig. 2, includes:
s1: initializing a secure data sharing model based on a block chain; the safety data sharing model based on the block chain consists of a cloud storage server CSP, a data owner DO and a data requester DU;
s2: the DO encrypts the encryption key ck according to the key parameters distributed by the block chain, the self access strategy tree and the attribute-based encryption technology to generate a key ciphertext CT, and symmetrically encrypts the plaintext M to generate a ciphertext EckM, cipher text CT and EckM is uploaded into CSP;
s3: the DU sends a request for registering and obtaining a private key to the block chain; the block chain performs block registration according to the information of the DUs, generates a private key and distributes the generated private key to each DU through a secure channel;
s4: the DU sends a data request to the CSP after receiving the private key, the CSP verifies the validity of the request, if the request is legal, the secret key cryptograph CT and the cryptograph E are sentckM is sent to DU; after receiving the ciphertext, the DU decrypts the ciphertext by using the held private key; if not, the CSP refuses to send the ciphertext.
A specific embodiment of a block chaining technology-based fine-grained cloud storage security access control method, as shown in fig. 1, the method includes: data owner, data requestor, blockchain, and cloud server. The data provider is responsible for defining access policies and encrypting data; the data requester has a group of attributes, and if the attribute group meets the access policy, the data requester can decrypt the ciphertext and acquire data; the cloud storage service provider is responsible for storing the encrypted data and carrying out legal verification on the data requester; the block chain is used as an authorization and key management center and is responsible for distributing keys for data requesters; they cooperate with each other to perform the functions of each stage.
The data owner DO is responsible for defining the access policy and encrypting the data; the data requester DU has a set of attributes, and if the set of attributes meets the access strategy, the DU can decrypt the ciphertext and acquire data; the cloud storage server CSP is used for storing the encrypted data and legally verifying the DU; the block chain serves as a decentralized key management center and is responsible for distributing keys for DUs.
Initializing the secure data sharing model based on the block chain comprises: the data owner DO deploys the intelligent contracts on the blockchain; the block chain initializes and distributes the model public key parameters PK and the master key MSK. Namely, initializing the secure data sharing model based on the block chain comprises the following steps:
step 1, the DO sends a self identification uid, an attribute set Lambda corresponding to a strategy and a secret corresponding to the set, and an intelligent contract is deployed in a block chain;
step 2, returning the intelligent contract address by the block chain, and following the intelligent contract address by an algorithm Setup (alpha, beta)The machine generates and distributes a public key parameter PK and a master key MSK. Selecting a bilinear group G with a p-order generator G, and setting U as a set of users, namely U-U1,u2,…,un}. Selecting random elements
Figure BDA0003370154600000061
Wherein g is1=gα,g2=gβFurthermore, two polynomials h (x) and q (x) of degree n are chosen randomly. And q (0) ═ β.
Setup(α,β)→(PK,MSK)
PK=(G,g,g2,α,gq(x),gh(x)(0≤x≤n));MSK=(β,g1)
Wherein G represents a generator, G represents a bilinear group, p represents the order of the bilinear group, U represents a user set, and U represents a user setnRepresents the data in the user set and,
Figure BDA0003370154600000062
representing an integer field of order p, alpha, beta
Figure BDA0003370154600000063
Two random indices generated above, gαDenotes a generator with α as an index, gβRepresenting a generator with beta as an exponent, Setup representing a system initialization algorithm, PK representing a model public key parameter, MSK representing a master key, g2Is gβ,gq(x)Representing a generator with q (x) as an index, q (x) representing a polynomial with degree n, gh (x)Representing a generator with h (x) as an index, h (x) representing a polynomial with degree n, g1Is gα
The bilinear map includes: let G1,G2Is a cyclic group of order P, where P is a prime number. If mapping e: G1×G1→G2The following properties are satisfied:
1. bilinear (Bilinear), i.e. when e (g)a,hb)=e(g,h)abFor all G, h ∈ G1And all a, b ∈ ZpMapping e to G1×G1→G2Has bilinear property;
2. non-Degenerate (On-Degeneric), i.e. mapping e not G1×G2All elements of (2) map to G2On the unit cell of (a). Then, if P is G1E (P, P) is G2A generator of (2);
3. computable (Computable). For any P, Q ∈ G1There is an efficient algorithm to compute e (P, Q). Wherein G is1To add group, G2Is a multiplicative group.
The process of encrypting the data by the data owner DO includes:
s21: DO randomly generates a symmetric key ck, and symmetrically encrypts a plaintext M by adopting the symmetric key ck to generate a ciphertext EckM;
The process of carrying out symmetric encryption processing on the plaintext by adopting the symmetric key comprises the following steps:
AESEncrypt(ck,M)→EckM
wherein, AESEncrypt represents that AES symmetric encryption algorithm is used for encryption, ck represents a symmetric key, M represents a plaintext, EckM denotes an encrypted ciphertext.
S22: the DO executes an attribute-based encryption algorithm Encrypt (PK, Lambda, ck) based on the ciphertext on the encryption key ck according to the access strategy T and the public key parameter PK to generate a ciphertext CT; the Encrypt represents an attribute-based encryption algorithm based on a ciphertext, and the Λ represents an attribute set corresponding to a strategy; the process of encrypting comprises inputting system public parameters PK, plaintext M and access structure T, outputting ciphertext CT, and the algorithm of encrypting is as follows:
Encrypt(PK,M,T)→CT
the attribute set lambda setting process comprises the following steps: let all attribute sets P of n participants be { P ═ P1,P2,…,PnThe attribute set Λ of each participant DU is a non-empty subset of the full set P, i.e. one
Figure BDA0003370154600000071
Access Structure (denoted T).
Figure BDA0003370154600000072
Is 2PA non-empty subset of, wherein 2PIs the set of all subsets of P, then T is a non-empty set consisting of several subsets of P; for any set of attributes of several participants, if B, C e P, then there is B e T,
Figure BDA0003370154600000073
then T is said to be monotonic; here T is an access structure on participant P. And if C belongs to T, D is an authorized set of T, and otherwise, the D is an unauthorized set.
The access policy T is: defining T as an access structure tree, wherein the non-leaf nodes of each tree represent threshold gates; if numxIs the number of children of node x, and kxExpressed as its threshold value, then 0 ≦ kx≤numx(ii) a Each leaf node x of the tree is represented as an attribute and its threshold kx=1;λxRepresents attributes associated with leaf node x of the tree; parent (x) represents the parent of node x of the tree; the number of the child nodes of each node is from 1 to num; index (x) returns a number associated with node x, whose index value is uniquely assigned to the node under access in the specified access structure;
Txto access the root node of the structure tree T, if a set of attribute sets γ satisfies the access structure, then Tx(γ) ═ 1; calculating Tx(γ): if x is a non-leaf node, calculating T of all child nodes x' of the node xx′(γ); if at least kxAll child nodes return 1, then Tx(γ) returning to 1; if x is a leaf node and λxE is gamma, then TxAnd (gamma) returns to 1.
First, a polynomial q is selected for each node x in the access structurexThe polynomial is selected for each node starting from the root node R, from top to bottom. Polynomial q for each node x in the access structure treexOrder of dxAnd threshold value kxIn relation to (2)Is dx=kx-1. Next, a random number is selected starting from the root node R of the tree
Figure BDA0003370154600000084
For the root node R, there is qR(0) For polynomial q ═ sRAt other dRThe values of the points are chosen entirely randomly. For other nodes x continuing down, let qx(0)=qparent(x)(index (x)), likewise other dxThe values of the points are also randomly selected.
Let Y be the set of all leaf nodes of the access structure T, and CT be the ciphertext marked by the access structure T. The algorithm performs as follows:
Figure BDA0003370154600000081
wherein q isR(0) Denotes the value of a polynomial in which the element of the root node R is 0, and s denotes
Figure BDA0003370154600000082
Another random number, q, generated abovex(0) Represents the value of a polynomial with the element of node x being 0, qparent(x)A polynomial representing the parent element node of node x, index (x) representing a number associated with node x, whose index value is uniquely assigned to the node under access in the specified access structure, and index (x) returning the number of node x; c' represents the first part of the ciphertext, e (g, g)α·sDenotes a bilinear map on a cyclic group with a product of alpha and s as an exponent and g as a generator, C denotes a second part of the ciphertext, q(s) denotes a polynomial C' with s as an element denotes a third part of the ciphertext, CyRepresenting the first portion of ciphertext represented on each leaf node,
Figure BDA0003370154600000083
is represented by qy(0) Is a generator of an exponent, qy(0) Represents a value of a polynomial, C 'when the element of the node y is 0'yRepresenting the second represented on each leaf nodePartial ciphertext, attr (y), represents the attribute corresponding to the return leaf node.
S23: DO sends the ciphertext E through the secure channelckM and the key ciphertext CT are uploaded into the CSP.
The process of sending the registration and private key acquisition request to the blockchain by the data requestor DU includes:
s31: DU identifies itself uid, attribute set S and user public key PKuidBy registering the algorithm Register (uid, S, PK)uid) Sending registration information to a block chain and acquiring a private key request;
s32: the block chain performs registration authentication on the user by executing an authentication algorithm Verify (uid, S), and performs hash processing on the user information by executing a storage algorithm Store (S, uid) and stores the user information on the block. And executing Verify (uid, S) for verifying whether the user is registered, and if not, submitting the identity uid and the attribute set S of the user and storing through Store (S, uid).
The hash processing is to take data of any length as input, and then obtain an output value of a fixed length through a hash algorithm, wherein the output value is a hash value which is a data compression mapping relation. It is simply a function of compressing a message of arbitrary length to a message digest of some fixed length. The method is mainly used for verifying the integrity of the data, namely judging whether the data is tampered.
S33: the block chain generates a private key SK through a key generation algorithm KeyGen (MSK, S, uid) according to the user attribute set S, and uses a user public key PKuidThe SK and the block address hashAddr are encrypted and distributed to the DUs.
Further, the step S43 specifically includes the following steps:
inputting an attribute set lambda and a master key MSK, and outputting a user private key SK associated with the attribute set. Selecting random numbers
Figure BDA0003370154600000091
(each user has a unique parameter r) and a random number is chosen for each attribute j e Λ
Figure BDA0003370154600000092
Figure BDA0003370154600000093
The process of verifying the validity of the request by the cloud storage server comprises the following steps:
s41: the data requester DU sends a data downloading request to the cloud storage server CSP and sends self information uid, an attribute set S and a block address hashAddr;
s42: the CSP performs hash processing on the user information, and sends a request to the block chain to request hash data in the user block;
s43: returning data information by the block chain;
s44: the CSP compares the two sets of data, and if the two sets of data are the same, the cloud server compares the ciphertext EckM and the key ciphertext CT are sent to DU; if not, sending rejection information;
s45: if the DU attribute meets the strategy, the DU can be decrypted by the private key SK to obtain data.
Further, the step S45 specifically includes the following steps:
for algorithm, a recursive operation DecryptNode (CT, SK, x) is defined, whose input parameter is CT, SK and a node x of T, and whose output parameter is group
Figure BDA0003370154600000105
One value of (c) or ≠ t. If x is a leaf node of T, let i ═ attr (x), then there is:
Figure BDA0003370154600000101
Figure BDA0003370154600000102
if x is a non-leaf node, a recursive operation is performed. The specific operation process of the DecryptNode (CT, SK, x) is as follows: all for node xChild node z, continues to execute DecryptNode (CT, SK, z). Let there be a random size kxSet of nodes SxAnd S isxAll the nodes in (1) are child nodes of x, and the recursion continues; otherwise, return to Fz═ t. Then, let i ═ index (x), S'x={index(z)|z∈SxDefine Δi,SIs a Lagrange coefficient, wherein
Figure BDA0003370154600000106
S is
Figure BDA0003370154600000107
A set of elements of (1). Then satisfy
Figure BDA0003370154600000103
In addition, calculating:
Figure BDA0003370154600000104
Figure BDA0003370154600000111
if the access policy is satisfied, the contents of the non-leaf nodes (including the secrets of each non-leaf node) can be found by the Lagrangian formula, and all of them will be calculated
Figure BDA0003370154600000115
And the decryption algorithm only needs to call the value of the function at the root node R. Thus, if and only if the private key associated with the user attribute set satisfies the access tree associated with the ciphertext, then a calculation may be performed:
Figure BDA0003370154600000112
the process of the data requester DU attribute revocation and re-requesting a new private key includes:
s51: when the DU has attribute revocation, it sends attribute revocation request to the block chain, and re-executes registration algorithm Register (uid, S', PK)uid);
S52: block chain randomly generates a re-encryption key KλIs a reaction of KλExecuting the Linear secret encryption Algorithm LSSSEncrypt (K) in a Linear secret sharing schemeλ) Will KλEncrypting and sending to the CSP;
s53: after the CSP is decrypted, a re-encryption algorithm ReEncrypt (CT, K) is carried outλ) And after finishing, sending re-encryption finishing information to the block chain.
Step S53 specifically includes the ciphertext generated by the CSP decrypting the block chain to obtain the user group GyAnd its corresponding re-encryption key
Figure BDA0003370154600000116
And encrypting the ciphertext CT and outputting a re-encrypted ciphertext CT'. For each group GyE.g. G, all have a random re-encryption key
Figure BDA0003370154600000117
ReEncrypt(CT,Kλ)→CT′
Figure BDA0003370154600000113
Figure BDA0003370154600000114
S54: the block chain executes a storage algorithm Restore (S', uid) again to update the hash value of the DU attribute information into the block; and executes the algorithm LSSSEncrypt (K) according to the user attributes and the linear secret sharing schemeλS) encryption KλAnd transmits the encryption information to the DU.
Step S54 first the blockchain will set up an LSSS matrix for the users in the U set, which can be used to set up the LSSS matrix for the users in the U set
Figure BDA0003370154600000127
In the matrix, each row manages a secret key, and the LSSSKey is used for distributing the attribute group keyjAnd (4) showing. The set of lssskeys in the matrix is referred to as a linear shared key. Namely:
s541: encrypt the re-encryption parameters (LSSSKey, γ, PK).
In a user u set
Figure BDA0003370154600000128
Encrypting the key LSSSKey, and selecting a random value
Figure BDA0003370154600000129
And (3) outputting a ciphertext:
Figure BDA0003370154600000121
s542 and secret key generation
Figure BDA00033701546000001210
For active users, there are:
Figure BDA0003370154600000122
for passive users, there are:
Figure BDA0003370154600000123
s55: and if the DU wants to acquire data, then executing a block chain-based fine-grained cloud storage security access control method.
The process of decrypting the ciphertext by using the held private key after the data requestor receives the ciphertext comprises the following steps:
for the active user, the decryption is as follows:
Figure BDA0003370154600000124
for passive users, the decryption is as follows:
Figure BDA0003370154600000125
the decryption key is:
Figure BDA0003370154600000126
the user generates a new SK' by decrypting the key LSSSKey:
Figure BDA0003370154600000131
Decrypt(CT′,SK′,PK)→M
and inputting the ciphertext CT, the private key SK and the public parameter PK and outputting a plaintext M. If the re-encrypted file is still satisfied, the original plaintext message M needs to be solved, and the following operations are only required:
Figure BDA0003370154600000132
as shown in fig. 3, the attribute key acquisition phase is used to distribute the attribute key to the data requester. A data requester sends a registration and attribute key acquisition request to a block chain, firstly, the block chain detects whether a user is registered, if not, the block chain receives the registration request when generating a block, and stores a hash value of user information in the block; if the hash value is registered, judging whether the hash value is the same as the hash value stored in the block, and if so, using an intelligent contract to generate an attribute key; otherwise, if not the same, the blockchain will generate a re-encryption key for it.
As shown in fig. 4, the re-encryption phase is used for fine-grained access control after the data requester attribute is revoked. The data requester sends a request for updating the block information and the attribute key to the block chain, the block chain randomly generates a re-encryption key for the block chain, the re-encryption key is encrypted by using a linear secret sharing scheme, the complete encryption matrix and the secret are sent to the cloud storage service provider through the secure channel, and the cloud storage service provider performs re-encryption. And after the re-encryption of the cloud storage service provider is finished, the cloud storage service provider sends end information to the block chain. The block chain sends the encryption matrix and the secret matrix corresponding to the attribute of the encryption matrix according to the user attribute. And then, the data requester sends a data request to the cloud storage service provider, the cloud storage service provider verifies the validity of the data request, the ciphertext is returned after the verification is successful, and otherwise, the ciphertext information is refused to be sent.
An intelligent contract is a special protocol that includes program code functions that interact with other contracts, make decisions, store data, and transfer ethernet tokens, and provides the conditions for validation and execution of the contract, allowing trusted transactions to be conducted without third parties, which are traceable and irreversible, and the implementation of attribute-based access control, user rights validation, etc. in the system is independent of the intelligent contract.
The above-mentioned embodiments, which further illustrate the objects, technical solutions and advantages of the present invention, should be understood that the above-mentioned embodiments are only preferred embodiments of the present invention, and should not be construed as limiting the present invention, and any modifications, equivalents, improvements, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (9)

1. A block chain-based fine-grained cloud storage security access control method is characterized by comprising the following steps:
s1: initializing a secure data sharing model based on a block chain; the safety data sharing model based on the block chain consists of a cloud storage server CSP, a data owner DO and a data requester DU;
s2: DO according to secret key parameters distributed by the block chain, self access strategy tree and attribute baseThe encryption technology encrypts the encryption key ck to generate a key ciphertext CT, and symmetrically encrypts the plaintext M to generate a ciphertext EckM, cipher text CT and EckM is uploaded into CSP;
s3: the DU sends a request for registering and obtaining a private key to the block chain; the block chain performs block registration according to the information of the DUs, generates a private key and distributes the generated private key to each DU through a secure channel;
s4: the DU sends a data request to the CSP after receiving the private key, the CSP verifies the validity of the request, if the request is legal, the secret key cryptograph CT and the cryptograph E are sentckM is sent to DU; after receiving the ciphertext, the DU decrypts the ciphertext by using the held private key; if not, the CSP refuses to send the ciphertext.
2. The method for controlling fine-grained cloud storage security access based on the blockchain according to claim 1, wherein initializing the secure data sharing model based on the blockchain comprises:
s11: the DO sends the identifier uid of the DO, the attribute set Lambda corresponding to the strategy and the secret corresponding to the set to the block chain, and deploys an intelligent contract in the block chain;
s12: and returning the intelligent contract address by the block chain, randomly generating a public key parameter PK and a master key MSK by an initialization algorithm Setup (alpha, beta), and distributing the public key parameter PK and the master key MSK to the DO.
3. The block chain-based fine-grained cloud storage security access control method according to claim 1, wherein the process of encrypting data by the DO comprises:
s21: DO randomly generates a symmetric key ck, and symmetrically encrypts a plaintext M by adopting the symmetric key ck to generate a ciphertext EckM;
S22: the DO executes an attribute-based encryption algorithm Encrypt (PK, Lambda, ck) based on the ciphertext on the encryption key ck according to the access strategy T and the public key parameter PK to generate a ciphertext CT; the Encrypt represents an attribute-based encryption algorithm based on a ciphertext, and the Λ represents an attribute set corresponding to a strategy;
s23: DO sends the ciphertext E through the secure channelckM and the key ciphertext CT are uploaded into the CSP.
4. The block chain-based fine-grained cloud storage security access control method according to claim 3, wherein the set access policy T is as follows: if the attribute set gamma satisfies the access structure, the root node T of the access structure tree T of the attribute setx(γ) ═ 1; if the node x in the attribute set gamma is a non-leaf node, then T of all the child nodes x' of the node x is calculatedx′(γ); if at least kxAll child nodes return 1, then Tx(γ) returning to 1; if x is a leaf node and λxE is gamma, then Tx(γ) returns to 1, where λxRepresenting attributes associated with leaf node x of the tree.
5. The block chain-based fine-grained cloud storage security access control method according to claim 4, wherein the access structure is: defining an access structure tree, each non-leaf node of the structure tree being represented as a threshold gate, the number of children nodes of each node x of the tree being numxSetting a threshold k of the nodexAnd k is not less than 0x≤numx(ii) a Each leaf node x of the tree is represented as an attribute, and the number of the child nodes of each node is from 1 to num; lambda [ alpha ]xRepresents attributes associated with leaf node x of the tree; parent (x) represents the parent of node x of the tree; in the assigned access structure, its index value is uniquely assigned to the node under access.
6. The method as claimed in claim 1, wherein the process of sending the request for registering and obtaining the private key to the blockchain by the DU includes:
s31: DU identifies itself uid, attribute set S and user public key PKuidBy registering the algorithm Register (uid, S, PK)uid) Sending registration information to a block chain and acquiring a private key request;
s32: the block chain performs registration verification on the user by executing a verification algorithm Verify (uid, S), performs hash processing on user information by adopting a storage algorithm Store (S, uid), and stores the processed information in the block;
s33: the block chain generates a private key SK through a key generation algorithm KeyGen (MSK, S, uid) according to the user attribute set S, and uses a user public key PKuidThe SK and the block address hashAddr are encrypted and distributed to the DUs.
7. The block chain-based fine-grained cloud storage security access control method according to claim 1, wherein the process of verifying the validity of the request by the cloud storage server comprises:
s41: the DU sends a data downloading request to the cloud storage server CSP and sends self information uid, an attribute set S and a block address hashAddr;
s42: the CSP performs hash processing on the user information, and sends a request to the block chain to request hash data in the user block;
s43: returning data information by the block chain;
s44: the CSP compares the two sets of data, and if the two sets of data are the same, the cloud server compares the ciphertext EckM and the key ciphertext CT are sent to DU; if not, sending rejection information;
s45: if the DU attribute meets the strategy, the DU can be decrypted by the private key SK to obtain data.
8. The fine-grained cloud storage security access control method based on the block chain as claimed in claim 1, wherein when the DU sends a registration request to the block chain, the block chain verifies whether the attribute of the DU is revoked, and when the attribute of the DU is revoked, the block chain randomly generates a re-encryption key, encrypts the re-encryption key by using a linear secret sharing scheme, and sends a cipher key ciphertext to the CSP; the CSP obtains a re-encryption key by decrypting the ciphertext, re-encrypts the key ciphertext CT by using the re-encryption key, and notifies the block chain to update the block; and the DU sends the request for obtaining the private key to the block chain again, and the block chain sends the updated private key to the DU of the data requester through the secure channel.
9. The block chain-based fine-grained cloud storage security access control method according to claim 1, wherein the process of decrypting the ciphertext by using the held private key after the data requester receives the ciphertext comprises: if the attribute set of the data requester meets the access control structure, inputting a ciphertext CT, a private key SK and a system public key PK which imply an access control strategy; calculating a symmetric encryption key ck according to the ciphertext CT, the private key SK and the system public key PK, and adopting the symmetric encryption key ck to encrypt the file ciphertext EckAnd decrypting the M to obtain a plaintext M.
CN202111396561.4A 2021-11-23 2021-11-23 Fine-grained cloud storage security access control method based on blockchain Active CN114039790B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111396561.4A CN114039790B (en) 2021-11-23 2021-11-23 Fine-grained cloud storage security access control method based on blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111396561.4A CN114039790B (en) 2021-11-23 2021-11-23 Fine-grained cloud storage security access control method based on blockchain

Publications (2)

Publication Number Publication Date
CN114039790A true CN114039790A (en) 2022-02-11
CN114039790B CN114039790B (en) 2023-07-18

Family

ID=80138579

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111396561.4A Active CN114039790B (en) 2021-11-23 2021-11-23 Fine-grained cloud storage security access control method based on blockchain

Country Status (1)

Country Link
CN (1) CN114039790B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114567639A (en) * 2022-03-03 2022-05-31 临沂大学 Lightweight access control system and method based on block chain
CN114785599A (en) * 2022-04-24 2022-07-22 江苏大学 Block chain fine-grained access control method for remote medical diagnosis application, terminal equipment and server
CN115001730A (en) * 2022-03-02 2022-09-02 上海交通大学 Role attribute-based access control system and method in distributed scene
CN115714669A (en) * 2022-10-20 2023-02-24 云南师范大学 Private data cross-domain sharing method based on PURH-CP-ABE under block chain
CN115834130A (en) * 2022-10-25 2023-03-21 西安电子科技大学 Attribute-based encryption method for realizing partial strategy hiding
CN116707850A (en) * 2022-09-29 2023-09-05 荣耀终端有限公司 Data processing method, data access method and device
CN117081803A (en) * 2023-08-17 2023-11-17 云南财经大学 Internet of things ciphertext access control method based on blockchain
CN117097566A (en) * 2023-10-18 2023-11-21 江西农业大学 Weighted attribute proxy re-encryption information fine granularity access control system and method
CN116707850B (en) * 2022-09-29 2024-05-14 荣耀终端有限公司 Data processing method, data access method and device

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090080658A1 (en) * 2007-07-13 2009-03-26 Brent Waters Method and apparatus for encrypting data for fine-grained access control
CN110099043A (en) * 2019-03-24 2019-08-06 西安电子科技大学 The hiding more authorization center access control methods of support policy, cloud storage system
CN110493347A (en) * 2019-08-26 2019-11-22 重庆邮电大学 Data access control method and system in large-scale cloud storage based on block chain
CN111130757A (en) * 2019-12-31 2020-05-08 华中科技大学 Multi-cloud CP-ABE access control method based on block chain
US20200322142A1 (en) * 2019-04-05 2020-10-08 Arizona Board Of Regents On Behalf Of Arizona State University Method and Apparatus for Achieving Fine-Grained Access Control with Discretionary User Revocation Over Cloud Data
CN112019591A (en) * 2020-07-09 2020-12-01 南京邮电大学 Cloud data sharing method based on block chain
CN112073479A (en) * 2020-08-26 2020-12-11 重庆邮电大学 Method and system for controlling de-centering data access based on block chain
CN112532588A (en) * 2020-11-06 2021-03-19 北京工业大学 Policy hidden type data access control method based on block chain

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090080658A1 (en) * 2007-07-13 2009-03-26 Brent Waters Method and apparatus for encrypting data for fine-grained access control
CN110099043A (en) * 2019-03-24 2019-08-06 西安电子科技大学 The hiding more authorization center access control methods of support policy, cloud storage system
US20200322142A1 (en) * 2019-04-05 2020-10-08 Arizona Board Of Regents On Behalf Of Arizona State University Method and Apparatus for Achieving Fine-Grained Access Control with Discretionary User Revocation Over Cloud Data
CN110493347A (en) * 2019-08-26 2019-11-22 重庆邮电大学 Data access control method and system in large-scale cloud storage based on block chain
CN111130757A (en) * 2019-12-31 2020-05-08 华中科技大学 Multi-cloud CP-ABE access control method based on block chain
CN112019591A (en) * 2020-07-09 2020-12-01 南京邮电大学 Cloud data sharing method based on block chain
CN112073479A (en) * 2020-08-26 2020-12-11 重庆邮电大学 Method and system for controlling de-centering data access based on block chain
CN112532588A (en) * 2020-11-06 2021-03-19 北京工业大学 Policy hidden type data access control method based on block chain

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
XIAOJIE NIU: "Fine-Grained Access Control Scheme Based on Cloud Storage", 《IEEEXPLORE》 *
卿勇;孙伟;熊虎;赵洋;: "云计算中可撤销存储的外包加解密CP-ABE方案", 信息网络安全, no. 06 *
王谦;熊书明;: "一种面向移动云存储的可验证访问控制方案", 计算机工程, no. 05 *
程思嘉;张昌宏;潘帅卿;: "基于CP-ABE算法的云存储数据访问控制方案设计", 信息网络安全, no. 02 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115001730B (en) * 2022-03-02 2023-09-05 上海交通大学 Access control system and method based on role attribute in distributed scene
CN115001730A (en) * 2022-03-02 2022-09-02 上海交通大学 Role attribute-based access control system and method in distributed scene
CN114567639A (en) * 2022-03-03 2022-05-31 临沂大学 Lightweight access control system and method based on block chain
CN114567639B (en) * 2022-03-03 2023-08-18 临沂大学 Lightweight access control system and method based on blockchain
CN114785599A (en) * 2022-04-24 2022-07-22 江苏大学 Block chain fine-grained access control method for remote medical diagnosis application, terminal equipment and server
CN116707850B (en) * 2022-09-29 2024-05-14 荣耀终端有限公司 Data processing method, data access method and device
CN116707850A (en) * 2022-09-29 2023-09-05 荣耀终端有限公司 Data processing method, data access method and device
CN115714669A (en) * 2022-10-20 2023-02-24 云南师范大学 Private data cross-domain sharing method based on PURH-CP-ABE under block chain
CN115714669B (en) * 2022-10-20 2024-02-06 云南师范大学 Private data cross-domain sharing method based on PURH-CP-ABE under blockchain
CN115834130A (en) * 2022-10-25 2023-03-21 西安电子科技大学 Attribute-based encryption method for realizing partial strategy hiding
CN117081803A (en) * 2023-08-17 2023-11-17 云南财经大学 Internet of things ciphertext access control method based on blockchain
CN117097566A (en) * 2023-10-18 2023-11-21 江西农业大学 Weighted attribute proxy re-encryption information fine granularity access control system and method
CN117097566B (en) * 2023-10-18 2024-01-26 江西农业大学 Weighted attribute proxy re-encryption information fine granularity access control system and method

Also Published As

Publication number Publication date
CN114039790B (en) 2023-07-18

Similar Documents

Publication Publication Date Title
CN111191288B (en) Block chain data access right control method based on proxy re-encryption
CN110099043B (en) Multi-authorization-center access control method supporting policy hiding and cloud storage system
CN109040045B (en) Cloud storage access control method based on ciphertext policy attribute-based encryption
CN112019591B (en) Cloud data sharing method based on block chain
CN114039790B (en) Fine-grained cloud storage security access control method based on blockchain
US10803194B2 (en) System and a method for management of confidential data
Das et al. Multiauthority CP-ABE-based access control model for IoT-enabled healthcare infrastructure
CN108881314B (en) Privacy protection method and system based on CP-ABE ciphertext under fog computing environment
Guo et al. TABE-DAC: Efficient traceable attribute-based encryption scheme with dynamic access control based on blockchain
Deng et al. Ciphertext-policy attribute-based signcryption with verifiable outsourced designcryption for sharing personal health records
CN111130757A (en) Multi-cloud CP-ABE access control method based on block chain
CN113918981B (en) Attribute-based encryption method and system
CN104901942A (en) Distributed access control method for attribute-based encryption
CN114065265A (en) Fine-grained cloud storage access control method, system and equipment based on block chain technology
CN112383391B (en) Data security protection method based on data attribute authorization, storage medium and terminal
CN114036539A (en) Safety auditable Internet of things data sharing system and method based on block chain
Ming et al. Efficient revocable multi-authority attribute-based encryption for cloud storage
CN110933033A (en) Cross-domain access control method for multiple Internet of things domains in smart city environment
WO2017061950A1 (en) Data security system and method for operation thereof
Tiwari et al. SecCloudSharing: Secure data sharing in public cloud using ciphertext‐policy attribute‐based proxy re‐encryption with revocation
CN105721146B (en) A kind of big data sharing method towards cloud storage based on SMC
Liu et al. Dynamic attribute-based access control in cloud storage systems
Chaudhary et al. RMA-CPABE: A multi-authority CPABE scheme with reduced ciphertext size for IoT devices
Sammy et al. An efficient blockchain based data access with modified hierarchical attribute access structure with CP-ABE using ECC scheme for patient health record
CN108763944B (en) Multi-center large-attribute domain attribute-based encryption method capable of being safely revoked in fog computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant