WO2018165835A1 - Cloud ciphertext access control method and system - Google Patents

Cloud ciphertext access control method and system Download PDF

Info

Publication number
WO2018165835A1
WO2018165835A1 PCT/CN2017/076545 CN2017076545W WO2018165835A1 WO 2018165835 A1 WO2018165835 A1 WO 2018165835A1 CN 2017076545 W CN2017076545 W CN 2017076545W WO 2018165835 A1 WO2018165835 A1 WO 2018165835A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
ciphertext
access
file
cloud server
Prior art date
Application number
PCT/CN2017/076545
Other languages
French (fr)
Chinese (zh)
Inventor
刘宏伟
朱平
张鹏
陈泽虹
Original Assignee
深圳大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳大学 filed Critical 深圳大学
Priority to PCT/CN2017/076545 priority Critical patent/WO2018165835A1/en
Publication of WO2018165835A1 publication Critical patent/WO2018165835A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the invention belongs to the field of cloud computing, and in particular relates to a cloud ciphertext access control method and device.
  • Cloud computing links a large number of storage, computing, and software resources to provide computing, storage, and application services to users. Because cloud computing has a large amount of resources and is open, it often becomes the focus of hacker attacks. Therefore, the threat of security is a severe test for cloud computing.
  • the cloud computing and the user are in two different security domains, and the user is concerned that the data stored on the cloud server is illegally accessed, lost, tampered with or forged. Therefore, the data uploaded by the user to the cloud server is stored in the cipher text on the cloud server, thereby preventing illegal access of data.
  • the encryption and decryption of the existing ciphertext are very complicated. When the user requests access to the encrypted data through the terminal, a large amount of decryption operations are required to acquire the data, which results in occupying a large amount of memory resources in the terminal, thereby causing slow decryption. ,low efficiency.
  • the present invention provides a cloud ciphertext access control method and system, which aims to solve the problem of occupying a large amount of memory resources of the terminal due to a large number of decryption operations generated during the decryption process, thereby causing slow decoding speed and low efficiency.
  • the invention provides a cloud ciphertext access control method, comprising:
  • the cloud server When the user requests access to the encrypted file from the cloud server, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree structure in the key ciphertext. If yes, requesting, by the accessing end, a local key in the conversion key, and decrypting the key ciphertext according to the local key, to decrypt the intermediate ciphertext, and the intermediate ciphertext and Transmitting a file ciphertext corresponding to the file to the access terminal;
  • the present invention provides a cloud ciphertext access control system, including: a cloud server and an access terminal;
  • the cloud server is configured to: when the user requests access to the encrypted file from the cloud server, the user obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user meets the key ciphertext. Access tree structure, if yes, requesting the access terminal to obtain a local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, The intermediate ciphertext and the file ciphertext corresponding to the file are forwarded to the access end;
  • the access end is configured to receive the intermediate ciphertext, and use the stored private key to the intermediate cipher
  • the text is decrypted to decrypt the plaintext key
  • the file ciphertext is decrypted according to the plaintext key to decrypt the file.
  • the cloud ciphertext access control method and system when the user requests access to the encrypted file from the cloud server through the access terminal, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the The access tree structure in the key ciphertext, if yes, requesting the access terminal to obtain the local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, The intermediate ciphertext and the file ciphertext corresponding to the file are forwarded to the access terminal, and the access terminal receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and Decrypting the ciphertext according to the plaintext key to decrypt the file, so that only the privileged user can decrypt the file, ensuring the security of the data, and the cloud server decrypts the ciphertext according to the local key. Undertake part of the decryption
  • FIG. 1 is a schematic flowchart of an implementation process of a cloud ciphertext access control method according to first and second embodiments of the present invention
  • FIG. 2 is a schematic structural diagram of a cloud ciphertext access control system according to a third embodiment of the present invention.
  • FIG. 3 is a schematic structural diagram of a cloud ciphertext access control system according to a fourth embodiment of the present invention.
  • FIG. 4 is a schematic diagram of four physical devices in a cloud ciphertext access control system according to an embodiment of the present invention.
  • FIG. 1 is a schematic flowchart of an implementation process of a cloud ciphertext access control method according to a first embodiment of the present invention.
  • the cloud ciphertext access control method shown in FIG. 1 mainly includes the following steps:
  • the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree structure in the key ciphertext, and if so, And requesting, by the access terminal, the local key in the conversion key, and decrypting the key ciphertext according to the local key, to decrypt the intermediate ciphertext, and encrypting the intermediate ciphertext and the file corresponding to the file
  • the text is forwarded to the access terminal.
  • the user is a data visitor who needs to access the encrypted file from the cloud server.
  • the user sends an access request to the cloud server by using the access terminal, where the access terminal can be a computer, a mobile phone, a smart TV, a tablet computer, etc., which supports interaction with the cloud server and can read data.
  • the access terminal can be a computer, a mobile phone, a smart TV, a tablet computer, etc., which supports interaction with the cloud server and can read data.
  • the encrypted file is encrypted and stored on the cloud server.
  • the user's attribute is used to divide users who access different levels of encrypted files. For example, a level of three encrypted files is available: low-level, intermediate, and advanced. If the attribute of the user is attribute A, the user of attribute A can access advanced. The encrypted file; if the attribute of the user is attribute B, the user of attribute B can access the intermediate encrypted file; if the attribute of the user is attribute C, the user of attribute C can access the encrypted file of the lower level.
  • Each attribute can correspond to one level or multiple levels.
  • the access tree structure is a data access structure.
  • the cloud server determines whether the user has the right to access the file by determining whether the attribute of the user satisfies the level in the access tree structure.
  • the key ciphertext is the ciphertext of the key that encrypts the file.
  • the local key is a part of the key of the conversion key, and the local key is uploaded by the user to the cloud server, and the cloud server decrypts the key ciphertext according to the local key, and only the intermediate ciphertext can be decrypted.
  • the file cannot be decrypted directly, which can effectively ensure the security of the data.
  • the cloud server undertakes part of the decryption operation, which improves the decryption speed and efficiency.
  • the access end receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and decrypt the ciphertext according to the plaintext key to decrypt the ciphertext.
  • the plaintext key is a decryption key corresponding to the key that encrypts the file.
  • the cloud server when the user requests access to the encrypted file from the cloud server, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree in the key ciphertext.
  • a cloud ciphertext access control method provided by a second embodiment of the present invention mainly includes the following steps:
  • the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree structure in the key ciphertext, and if so, And requesting, by the access terminal, the local key in the conversion key, and decrypting the key ciphertext according to the local key, to decrypt the intermediate ciphertext, and encrypting the intermediate ciphertext and the file corresponding to the file
  • the text is forwarded to the access terminal.
  • the user is a data visitor who needs to access the encrypted file from the cloud server.
  • the user sends an access request to the cloud server by using the access terminal, where the access terminal can be a computer, a mobile phone, a smart TV, a tablet computer, etc., which supports interaction with the cloud server and can read data.
  • the access terminal can be a computer, a mobile phone, a smart TV, a tablet computer, etc., which supports interaction with the cloud server and can read data.
  • the encrypted file is encrypted and stored on the cloud server.
  • the user's attributes are used to divide users who access different levels of encrypted files, for example, to have a level of three encrypted files: Low-level, intermediate, and advanced. If the attribute of the user is attribute A, the user of attribute A can access the advanced encrypted file; if the attribute of the user is attribute B, the user of attribute B can access the intermediate encrypted file; The attribute is attribute C, and the user of attribute C can access the low-level encrypted file.
  • Each attribute can correspond to one level or multiple levels.
  • the access tree structure is a data access structure.
  • the cloud server determines whether the user has the right to access the file by determining whether the attribute of the user satisfies the level in the access tree structure. If the attribute of the user does not satisfy the access tree structure in the key ciphertext, the user will not be able to access the file, that is, the user does not have permission to access.
  • the key ciphertext is the ciphertext of the key that encrypts the file.
  • the local key is a part of the key of the conversion key, and the local key is uploaded by the user to the cloud server, and the cloud server decrypts the key ciphertext according to the local key, and only the intermediate ciphertext can be decrypted.
  • the file cannot be decrypted directly, which can effectively ensure the security of the data.
  • the cloud server undertakes part of the decryption operation, which improves the decryption speed and efficiency.
  • the access end receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and decrypt the ciphertext according to the plaintext key to decrypt the ciphertext.
  • the cloud server obtains the key ciphertext corresponding to the file, specifically:
  • the Key Authority constructs a bilinear group G 0 whose selection order is a prime number p, and a generator element is g;
  • Two random numbers ⁇ , ⁇ Z p are selected , and according to the two random numbers ⁇ , ⁇ , the sub-public key and the bilinear group respectively generate a system main private key And system master public key
  • the key authority sets a user attribute set S for each user, where S is a subset of L;
  • Two random numbers r, z ⁇ Z p are selected .
  • the private key SK (z, TK).
  • the cloud server obtains the key ciphertext corresponding to the file, specifically:
  • the data owner (DO, data owner) encrypts the file according to the preset application key ck by a symmetric encryption algorithm to generate the file ciphertext E ck (M), where M represents the file;
  • the application key ck is encrypted by the access tree structure T and the system main public key to obtain the key ciphertext CT, wherein the key ciphertext CT is:
  • X is a set of attributes corresponding to leaf nodes in the access tree structure T;
  • the key ciphertext CT and the file ciphertext are uploaded to the cloud server.
  • the symmetric encryption algorithm refers to an encryption algorithm that uses the same key for the encryption process and the decryption process, that is, the encryption key can be derived from the decryption key, and the decryption key can also be derived from the encryption key. Therefore, the application key is the same as the plaintext key.
  • requesting the access terminal to obtain the local key in the conversion key, and decrypting the key ciphertext according to the local key, to decrypt the intermediate ciphertext is specifically:
  • the intermediate ciphertext is decrypted according to the stored private key to decrypt the plaintext key
  • the ciphertext of the file is decrypted according to the plaintext key, so as to decrypt the file as follows:
  • the access terminal decrypts the file ciphertext E ck (M) by the plaintext key ck to decrypt the file M.
  • DecryptNode(CT, TK, x) ⁇ .
  • the private key SK is pre-delivered to each user by the key authority according to the attributes of the user.
  • the method further includes:
  • each non-revoked user receives the update key UK x' sent by the key authority, and the access end of each non-revoked user updates the stored private key SK to:
  • the cloud server receives the update key UK x' sent by the key authority and updates the key ciphertext CT to:
  • the above key update process includes three parts: one is that the key authority generates an update key; the other is that the non-revoked user updates the private key stored by itself; and the third is that the cloud server updates the ciphertext.
  • the key authority, the non-revoked user, and the cloud server are only updated with the genus.
  • the sex x' has an associated key and ciphertext, so that the update occupies less resources, and when the user identity changes, the key and ciphertext can also be updated in time to ensure data security.
  • the cloud server when the user requests access to the encrypted file from the cloud server, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree in the key ciphertext.
  • the cloud server decrypts the ciphertext according to the local key, and undertakes part of the decryption operation, reducing the amount of decryption operation of the access end. Decryption high speed and efficiency, thereby increasing the speed of the access terminal to access encrypted files.
  • FIG. 2 is a schematic structural diagram of a cloud ciphertext access control system according to a third embodiment of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown.
  • the cloud ciphertext access control system illustrated in FIG. 2 may be the execution body of the cloud ciphertext access control method provided by the foregoing embodiment shown in FIG.
  • the cloud ciphertext access control system illustrated in FIG. 2 mainly includes: a cloud server 201 and an access terminal 202.
  • the above functional modules are described in detail as follows:
  • the cloud server 201 is configured to: when the user requests access to the encrypted file from the cloud server 201, the user obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree in the key ciphertext. Structure, if yes, requesting the access terminal 202 to acquire a local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, the intermediate ciphertext and the The file ciphertext corresponding to the file is forwarded to the access terminal 202.
  • the user is a data visitor who needs to access the encrypted file from the cloud server 201.
  • the user sends an access request to the cloud server 201 by using the access terminal 202.
  • the access terminal 202 can be a terminal that supports data exchange with the cloud server, such as a computer, a mobile phone, a smart TV, a tablet computer, and the like.
  • the encrypted file is data that is encrypted and stored on the cloud server 201.
  • the user's attribute is used to divide users who access different levels of encrypted files. For example, a level of three encrypted files is available: low-level, intermediate, and advanced. If the attribute of the user is attribute A, the user of attribute A can access advanced. The encrypted file; if the attribute of the user is attribute B, the user of attribute B can access the intermediate encrypted file; if the attribute of the user is attribute C, the user of attribute C can access the encrypted file of the lower level. Each attribute can correspond to one level or multiple levels.
  • the access tree structure is a data access structure.
  • the cloud server 201 determines whether the user has the right to access the file by determining whether the attribute of the user satisfies the level in the access tree structure.
  • the key ciphertext is the ciphertext of the key that encrypts the file.
  • the local key is a part of the key of the conversion key.
  • the cloud server 201 decrypts the key ciphertext according to the local key, and can only decrypt the intermediate ciphertext, and cannot directly decrypt the file, thereby effectively ensuring the data.
  • the security while the cloud server undertakes part of the decryption operation, improving the decryption speed and efficiency.
  • the access end 202 is configured to receive the intermediate ciphertext and use the stored private key to the intermediate ciphertext Decrypting to decrypt the plaintext key and decrypting the ciphertext according to the plaintext key to decrypt the file.
  • the plaintext key is a decryption key corresponding to the key that encrypts the file.
  • the cloud server 201 when the user requests the cloud server 201 to access the encrypted file through the access terminal, the cloud server 201 obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the key ciphertext.
  • Accessing the tree structure if yes, requesting the access terminal 202 to acquire the local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, and the intermediate ciphertext
  • the file ciphertext corresponding to the file is forwarded to the access terminal 202, and the access terminal 202 receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and according to the
  • the plaintext key decrypts the ciphertext of the file to decrypt the file, so that only the user with authority can decrypt the file, ensuring the security of the data, and the cloud server decrypts the ciphertext according to the local key.
  • Part of the decryption operation reduces the amount of decryption operations on the access side, improves the decryption speed and efficiency, and increases the speed at which the access end accesses the encrypted file.
  • FIG. 3 is a schematic structural diagram of a cloud ciphertext access control system according to a fourth embodiment of the present invention.
  • the cloud ciphertext access control system illustrated in FIG. 3 may be the execution body of the cloud ciphertext access control method provided by the foregoing embodiment shown in FIG.
  • the cloud ciphertext access control system illustrated in FIG. 3 mainly includes: a key authority 301, a data owner 302, a cloud server 303, and an access terminal 304.
  • the above functional modules are described in detail as follows:
  • the key authority 301 is used to perform the following steps:
  • Two random numbers r, z ⁇ Z p are selected .
  • the private key SK (z, TK).
  • the data owner 302 is configured to perform the following steps:
  • the file is encrypted according to a preset application key ck and encrypted by a symmetric encryption algorithm to generate the file ciphertext E ck (M), where M represents the file;
  • the application key ck is encrypted by the access tree structure T and the system main public key to obtain the key ciphertext CT, wherein the key ciphertext CT is:
  • X is a set of attributes corresponding to leaf nodes in the access tree structure T;
  • the key ciphertext CT and the file ciphertext are uploaded to the cloud server 303.
  • the symmetric encryption algorithm refers to an encryption algorithm that uses the same key for the encryption process and the decryption process, that is, the encryption key can be derived from the decryption key, and the decryption key can also be derived from the encryption key. Therefore, the application key is the same as the plaintext key.
  • the cloud server 303 is configured to: when the user requests the cloud server 303 to access the encrypted file through the accessing end 304, obtain the key ciphertext corresponding to the file, and determine whether the attribute of the user satisfies the access tree in the key ciphertext. Structure, if yes, requesting the access terminal 304 to obtain a local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, the intermediate ciphertext and the The file ciphertext corresponding to the file is forwarded to the access terminal 304.
  • the cloud server 303 is further configured to perform the following steps:
  • the accessing end 304 is configured to receive the intermediate ciphertext, and decrypt the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and decrypt the ciphertext according to the plaintext key. Decrypt the file.
  • the access terminal 304 is further configured to decrypt the file ciphertext E ck (M) by using the plaintext key ck to decrypt the file M.
  • the private key SK is pre-delivered to each user by the key authority according to the attributes of the user.
  • the key authority 301 is further configured to: when the attribute x' of the undo user ⁇ is revoked, select a random number v x′ * ⁇ Z p (v x′ * ⁇ v x′ ), and corresponding the attribute x′
  • the replaced attribute version key VK * x' updates the system master public key to And sending the update key UK x' to the access end 304 of each non-revoked user and the cloud server 303, where
  • the access end 304 of each non-revoked user is further configured to receive the update key UK x' sent by the key authority 301, and the access end 304 of each non-revoked user updates the stored private key SK to:
  • the cloud server 303 is further configured to receive the update key UK x' sent by the key authority 301, and update the key ciphertext CT to:
  • FIG. 4 is a schematic diagram of four physical devices in a cloud ciphertext access control system.
  • the cloud server 303 when the user requests the cloud server 303 to access the encrypted file through the accessing end 304, the cloud server 303 obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the key ciphertext.
  • the access tree structure if yes, requesting the access terminal 304 to obtain the local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, and the intermediate secret And the file ciphertext corresponding to the file is forwarded to the accessing end 304, the accessing end 304 receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the The plaintext key, and decrypting the ciphertext according to the plaintext key, to decrypt the file, so that only the user with authority can decrypt the file, ensuring the security of the data, and the cloud server is based on the local key pair.
  • the ciphertext performs the decryption operation, undertakes part of the decryption operation, reduces the decryption operation amount of the access end, improves the decryption speed and efficiency, and increases the speed at which the access end accesses the encrypted file.
  • the disclosed systems, devices, and methods may be implemented in other ways.
  • the device embodiments described above are merely illustrative.
  • the division of the modules is only a logical function division.
  • there may be another division manner for example, multiple modules or components may be combined or Can be integrated into another system, or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication link shown or discussed may be an indirect coupling or communication link through some interface, device or module, and may be electrical, mechanical or otherwise.
  • the modules described as separate components may or may not be physically separated.
  • the components displayed as modules may or may not be physical modules, that is, may be located in one place, or may be distributed to multiple network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional module in each embodiment of the present invention may be integrated into one processing module, or each module may exist physically separately, or two or more modules may be integrated into one module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • the integrated modules if implemented in the form of software functional modules and sold or used as separate products, may be stored in a computer readable storage medium.
  • the technical solution of the present invention which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium.
  • a number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

Disclosed in the present invention are a cloud ciphertext access control method and system, the method comprising: when a user makes a request to a cloud server by means of an access end to access an encrypted file, the cloud server acquires a key cipher text corresponding to the file and determines whether the attributes of the user satisfy an access tree structure in the key cipher text; if yes, the cloud server makes a request to the access end to acquire a local key in a transformation key, decrypts the key cipher text according to the local key to obtain an intermediate cipher text, and sends the intermediate cipher text and a file cipher text corresponding to the file to the access end; and the access end receives the intermediate cipher text, decrypts the intermediate cipher text according to a stored private key to obtain a plaintext key, and decrypts the file cipher text according to the plaintext key so as to obtain the file. Thus, the security of data is ensured. Moreover, the cloud server undertakes part of decryption operation, and the decryption speed and efficiency are improved.

Description

云密文访问控制方法及系统Cloud ciphertext access control method and system 技术领域Technical field
本发明属于云计算领域,尤其涉及一种云密文访问控制方法及装置。The invention belongs to the field of cloud computing, and in particular relates to a cloud ciphertext access control method and device.
背景技术Background technique
云计算(cloud computing)将大量的存储资源、计算资源和软件资源链接在一起,向用户提供计算、存储以及应用服务。由于云计算存储有大量资源且为开放性,往往成为黑客攻击的焦点,故安全性的威胁是云计算面临的严峻的考验。Cloud computing links a large number of storage, computing, and software resources to provide computing, storage, and application services to users. Because cloud computing has a large amount of resources and is open, it often becomes the focus of hacker attacks. Therefore, the threat of security is a severe test for cloud computing.
由于数据拥有者与物理拥有者的分离,云计算与用户处于两个不同的安全域,用户担心存储在云服务器上的数据被非法访问、丢失、篡改或伪造。所以用户上传到云服务器上的数据,均以密文的形式存储在该云服务器上,进而可以避免数据的非法访问。但是现有密文的加密和解密都非常复杂,当用户通过终端请求访问加密的数据时,需要经过大量的解密运算才能够获取数据,导致占用该终端中大量的内存资源,进而造成解密速度慢,效率低。Due to the separation of the data owner from the physical owner, the cloud computing and the user are in two different security domains, and the user is worried that the data stored on the cloud server is illegally accessed, lost, tampered with or forged. Therefore, the data uploaded by the user to the cloud server is stored in the cipher text on the cloud server, thereby preventing illegal access of data. However, the encryption and decryption of the existing ciphertext are very complicated. When the user requests access to the encrypted data through the terminal, a large amount of decryption operations are required to acquire the data, which results in occupying a large amount of memory resources in the terminal, thereby causing slow decryption. ,low efficiency.
发明内容Summary of the invention
本发明提供一种云密文访问控制方法及系统,旨在解决由于在解密过程中产生大量的解密运算导致的占用该终端大量内存资源,进而造成解密速度慢,效率低的问题。The present invention provides a cloud ciphertext access control method and system, which aims to solve the problem of occupying a large amount of memory resources of the terminal due to a large number of decryption operations generated during the decryption process, thereby causing slow decoding speed and low efficiency.
本发明提供了一种云密文访问控制方法,包括:The invention provides a cloud ciphertext access control method, comprising:
当用户通过访问端向云服务器请求访问加密的文件时,所述云服务器获取所述文件对应的密钥密文,并判断所述用户的属性是否满足所述密钥密文中的访问树结构,若是,则向所述访问端请求获取转换密钥中的局部密钥,以及依据所述局部密钥对所述密钥密文进行解密,以解密出中间密文,将所述中间密文和所述文件对应的文件密文转发给所述访问端;When the user requests access to the encrypted file from the cloud server, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree structure in the key ciphertext. If yes, requesting, by the accessing end, a local key in the conversion key, and decrypting the key ciphertext according to the local key, to decrypt the intermediate ciphertext, and the intermediate ciphertext and Transmitting a file ciphertext corresponding to the file to the access terminal;
所述访问端接收所述中间密文,并依据已存储的私钥对所述中间密文进行解密,以解密出明文密钥,以及依据所述明文密钥对所述文件密文进行解密,以解密出所述文件。Receiving, by the accessing end, the intermediate ciphertext, decrypting the intermediate ciphertext according to the stored private key, decrypting the plaintext key, and decrypting the ciphertext according to the plaintext key, To decrypt the file.
本发明提供了一种云密文访问控制系统,包括:云服务器和访问端;The present invention provides a cloud ciphertext access control system, including: a cloud server and an access terminal;
所述云服务器,用于当用户通过访问端向所述云服务器请求访问加密的文件时,获取所述文件对应的密钥密文,并判断所述用户的属性是否满足所述密钥密文中的访问树结构,若是,则向所述访问端请求获取转换密钥中的局部密钥,以及依据所述局部密钥对所述密钥密文进行解密,以解密出中间密文,将所述中间密文和所述文件对应的文件密文转发给所述访问端;The cloud server is configured to: when the user requests access to the encrypted file from the cloud server, the user obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user meets the key ciphertext. Access tree structure, if yes, requesting the access terminal to obtain a local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, The intermediate ciphertext and the file ciphertext corresponding to the file are forwarded to the access end;
所述访问端,用于接收所述中间密文,并依据已存储的私钥对所述中间密 文进行解密,以解密出明文密钥,以及依据所述明文密钥对所述文件密文进行解密,以解密出所述文件。The access end is configured to receive the intermediate ciphertext, and use the stored private key to the intermediate cipher The text is decrypted to decrypt the plaintext key, and the file ciphertext is decrypted according to the plaintext key to decrypt the file.
本发明提供的云密文访问控制方法及系统,当用户通过访问端向云服务器请求访问加密的文件时,该云服务器获取该文件对应的密钥密文,并判断该用户的属性是否满足该密钥密文中的访问树结构,若是,则向该访问端请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文,将该中间密文和该文件对应的文件密文转发给该访问端,该访问端接收该中间密文,并依据已存储的私钥对该中间密文进行解密,以解密出明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件,这样仅有权限的用户可以解密出文件,确保了数据的安全性,云服务器依据局部密钥对密文进行解密运算,承担了部分的解密运算,减少了访问端的解密运算量,提高了解密速度和效率,从而增加了访问端访问加密的文件的速度。The cloud ciphertext access control method and system provided by the present invention, when the user requests access to the encrypted file from the cloud server through the access terminal, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the The access tree structure in the key ciphertext, if yes, requesting the access terminal to obtain the local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, The intermediate ciphertext and the file ciphertext corresponding to the file are forwarded to the access terminal, and the access terminal receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and Decrypting the ciphertext according to the plaintext key to decrypt the file, so that only the privileged user can decrypt the file, ensuring the security of the data, and the cloud server decrypts the ciphertext according to the local key. Undertake part of the decryption operation, reduce the amount of decryption operations on the access side, improve the decryption speed and efficiency, thereby increasing the speed at which the access end accesses the encrypted file. .
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is some embodiments of the invention.
图1是本发明第一、二实施例提供的云密文访问控制方法的实现流程示意图;1 is a schematic flowchart of an implementation process of a cloud ciphertext access control method according to first and second embodiments of the present invention;
图2是本发明第三实施例提供的云密文访问控制系统的结构示意图;2 is a schematic structural diagram of a cloud ciphertext access control system according to a third embodiment of the present invention;
图3是本发明第四实施例提供的云密文访问控制系统的结构示意图;3 is a schematic structural diagram of a cloud ciphertext access control system according to a fourth embodiment of the present invention;
图4是本发明实施例提供的云密文访问控制系统中四个实体设备的示意图。4 is a schematic diagram of four physical devices in a cloud ciphertext access control system according to an embodiment of the present invention.
具体实施方式detailed description
为使得本发明的发明目的、特征、优点能够更加的明显和易懂,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而非全部实施例。基于本发明中的实施例,本领域技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described in conjunction with the drawings in the embodiments of the present invention. The embodiments are merely a part of the embodiments of the invention, and not all of the embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
请参阅图1,图1为本发明第一实施例提供云密文访问控制方法的实现流程示意图,图1所示的云密文访问控制方法,主要包括以下步骤:Referring to FIG. 1 , FIG. 1 is a schematic flowchart of an implementation process of a cloud ciphertext access control method according to a first embodiment of the present invention. The cloud ciphertext access control method shown in FIG. 1 mainly includes the following steps:
S101、当用户通过访问端向云服务器请求访问加密的文件时,该云服务器获取该文件对应的密钥密文,并判断该用户的属性是否满足该密钥密文中的访问树结构,若是,则向该访问端请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文,将该中间密文和该文件对应的文件密文转发给该访问端。S101. When the user requests access to the encrypted file from the cloud server by using the access terminal, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree structure in the key ciphertext, and if so, And requesting, by the access terminal, the local key in the conversion key, and decrypting the key ciphertext according to the local key, to decrypt the intermediate ciphertext, and encrypting the intermediate ciphertext and the file corresponding to the file The text is forwarded to the access terminal.
该用户为需要从云服务器中访问加密的文件的数据访问者。该用户使用访问端向该云服务器发送访问请求,该访问端可以是计算机、手机、智能电视、平板电脑等支持与该云服务器交互,并能够读取数据的终端。 The user is a data visitor who needs to access the encrypted file from the cloud server. The user sends an access request to the cloud server by using the access terminal, where the access terminal can be a computer, a mobile phone, a smart TV, a tablet computer, etc., which supports interaction with the cloud server and can read data.
该加密的文件为经过加密后并存储于云服务器上的数据。该用户的属性用于划分访问不同等级的加密的文件的用户,例如,设共有三个加密文件的等级:低级、中级和高级,若用户的属性为属性A,则属性A的用户能够访问高级的加密的文件;若用户的属性为属性B,则属性B的用户能够访问中级的加密的文件;若用户的属性为属性C,则属性C的用户能够访问低级的加密的文件。每一属性可以对应一个等级,也可以对应多个等级。该访问树结构是一种数据访问结构。云服务器通过判断用户的属性是否满足该访问树结构中的等级,确定该用户是否有权限访问该文件。The encrypted file is encrypted and stored on the cloud server. The user's attribute is used to divide users who access different levels of encrypted files. For example, a level of three encrypted files is available: low-level, intermediate, and advanced. If the attribute of the user is attribute A, the user of attribute A can access advanced. The encrypted file; if the attribute of the user is attribute B, the user of attribute B can access the intermediate encrypted file; if the attribute of the user is attribute C, the user of attribute C can access the encrypted file of the lower level. Each attribute can correspond to one level or multiple levels. The access tree structure is a data access structure. The cloud server determines whether the user has the right to access the file by determining whether the attribute of the user satisfies the level in the access tree structure.
该密钥密文为加密该文件的密钥的密文。该局部密钥为该转换密钥中一部分的密钥,该局部密钥是由用户上传给该云服务器,该云服务器依据该局部密钥解密该密钥密文,只能解密出中间密文,不能直接解密出文件,可以有效地确保数据的安全性,同时云服务器承担部分的解密运算,提高了解密速度和效率。The key ciphertext is the ciphertext of the key that encrypts the file. The local key is a part of the key of the conversion key, and the local key is uploaded by the user to the cloud server, and the cloud server decrypts the key ciphertext according to the local key, and only the intermediate ciphertext can be decrypted. The file cannot be decrypted directly, which can effectively ensure the security of the data. At the same time, the cloud server undertakes part of the decryption operation, which improves the decryption speed and efficiency.
S102、该访问端接收该中间密文,并依据已存储的私钥对该中间密文进行解密,以解密出明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件。S102. The access end receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and decrypt the ciphertext according to the plaintext key to decrypt the ciphertext. The document.
该明文密钥为与加密该文件的密钥对应的解密密钥。The plaintext key is a decryption key corresponding to the key that encrypts the file.
本发明实施例中,当用户通过访问端向云服务器请求访问加密的文件时,该云服务器获取该文件对应的密钥密文,并判断该用户的属性是否满足该密钥密文中的访问树结构,若是,则向该访问端请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文,将该中间密文和该文件对应的文件密文转发给该访问端,该访问端接收该中间密文,并依据已存储的私钥对该中间密文进行解密,以解密出明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件,这样仅具有权限的用户可以解密出文件,确保了数据的安全性,同时云服务器依据局部密钥对密文进行解密运算,承担了部分的解密运算,减少了访问端的解密运算量,提高了解密速度和效率,从而增加了访问端访问加密的文件的速度。In the embodiment of the present invention, when the user requests access to the encrypted file from the cloud server, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree in the key ciphertext. Structure, if yes, requesting the access terminal to obtain a local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, the intermediate ciphertext and the file The corresponding file ciphertext is forwarded to the access terminal, and the access terminal receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and according to the plaintext key The file ciphertext is decrypted to decrypt the file, so that only the user with authority can decrypt the file, ensuring the security of the data, and the cloud server decrypts the ciphertext according to the local key, and undertakes part of the decryption operation. , reducing the amount of decryption operations on the access side, improving the decryption speed and efficiency, thereby increasing the speed at which the access end accesses the encrypted file.
同样参阅图1,本发明第二实施例提供的云密文访问控制方法,主要包括以下步骤:Referring to FIG. 1 , a cloud ciphertext access control method provided by a second embodiment of the present invention mainly includes the following steps:
S101、当用户通过访问端向云服务器请求访问加密的文件时,该云服务器获取该文件对应的密钥密文,并判断该用户的属性是否满足该密钥密文中的访问树结构,若是,则向该访问端请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文,将该中间密文和该文件对应的文件密文转发给该访问端。S101. When the user requests access to the encrypted file from the cloud server by using the access terminal, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree structure in the key ciphertext, and if so, And requesting, by the access terminal, the local key in the conversion key, and decrypting the key ciphertext according to the local key, to decrypt the intermediate ciphertext, and encrypting the intermediate ciphertext and the file corresponding to the file The text is forwarded to the access terminal.
该用户为需要从云服务器中访问加密的文件的数据访问者。该用户使用访问端向该云服务器发送访问请求,该访问端可以是计算机、手机、智能电视、平板电脑等支持与该云服务器交互,并能够读取数据的终端。The user is a data visitor who needs to access the encrypted file from the cloud server. The user sends an access request to the cloud server by using the access terminal, where the access terminal can be a computer, a mobile phone, a smart TV, a tablet computer, etc., which supports interaction with the cloud server and can read data.
该加密的文件为经过加密后并存储于云服务器上的数据。该用户的属性用于划分访问不同等级的加密的文件的用户,例如,设共有三个加密文件的等级: 低级、中级和高级,若用户的属性为属性A,则属性A的用户能够访问高级的加密的文件;若用户的属性为属性B,则属性B的用户能够访问中级的加密的文件;若用户的属性为属性C,则属性C的用户能够访问低级的加密的文件。每一属性可以对应一个等级,也可以对应多个等级。该访问树结构是一种数据访问结构。云服务器通过判断用户的属性是否满足该访问树结构中的等级,确定该用户是否有权限访问该文件。若该用户的属性不满足该密钥密文中的访问树结构,则该用户将不能访问该文件,即该用户没有权限访问。The encrypted file is encrypted and stored on the cloud server. The user's attributes are used to divide users who access different levels of encrypted files, for example, to have a level of three encrypted files: Low-level, intermediate, and advanced. If the attribute of the user is attribute A, the user of attribute A can access the advanced encrypted file; if the attribute of the user is attribute B, the user of attribute B can access the intermediate encrypted file; The attribute is attribute C, and the user of attribute C can access the low-level encrypted file. Each attribute can correspond to one level or multiple levels. The access tree structure is a data access structure. The cloud server determines whether the user has the right to access the file by determining whether the attribute of the user satisfies the level in the access tree structure. If the attribute of the user does not satisfy the access tree structure in the key ciphertext, the user will not be able to access the file, that is, the user does not have permission to access.
该密钥密文为加密该文件的密钥的密文。该局部密钥为该转换密钥中一部分的密钥,该局部密钥是由用户上传给该云服务器,该云服务器依据该局部密钥解密该密钥密文,只能解密出中间密文,不能直接解密出文件,可以有效地确保数据的安全性,同时云服务器承担部分的解密运算,提高了解密速度和效率。The key ciphertext is the ciphertext of the key that encrypts the file. The local key is a part of the key of the conversion key, and the local key is uploaded by the user to the cloud server, and the cloud server decrypts the key ciphertext according to the local key, and only the intermediate ciphertext can be decrypted. The file cannot be decrypted directly, which can effectively ensure the security of the data. At the same time, the cloud server undertakes part of the decryption operation, which improves the decryption speed and efficiency.
S102、该访问端接收该中间密文,并依据已存储的私钥对该中间密文进行解密,以解密出明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件。S102. The access end receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and decrypt the ciphertext according to the plaintext key to decrypt the ciphertext. The document.
进一步地,当用户通过访问端向该云服务器请求访问加密的文件时,该云服务器获取该文件对应的密钥密文之前,具体为:Further, when the user requests access to the encrypted file from the cloud server by using the access terminal, the cloud server obtains the key ciphertext corresponding to the file, specifically:
密钥权威机构(KA,Key Authority)构建选择阶为素数p,和生成元为g的双线性群G0The Key Authority (KA, Key Authority) constructs a bilinear group G 0 whose selection order is a prime number p, and a generator element is g;
定义全局属性集合L=(a1,a2,…,am}以及安全等级k,其中j属于1到m;Defining a global attribute set L = (a 1 , a 2 , ..., a m } and a security level k, where j belongs to 1 to m;
选取随机数vj∈Zp,并将该随机数vj作为属性版本密钥VKj=vj,并依据该属性版本密钥生成子公钥
Figure PCTCN2017076545-appb-000001
其中Zp为有限域;Selecting the random number v j ∈Z p and using the random number v j as the attribute version key VK j =v j , and generating the sub public key according to the attribute version key
Figure PCTCN2017076545-appb-000001
Where Z p is a finite field;
选取两个随机数α,β∈Zp,并依据该两个随机数α、β,该子公钥和该双线性群,分别生成系统主私钥
Figure PCTCN2017076545-appb-000002
和系统主公钥
Figure PCTCN2017076545-appb-000003
 Two random numbers α, β∈Z p are selected , and according to the two random numbers α, β, the sub-public key and the bilinear group respectively generate a system main private key
Figure PCTCN2017076545-appb-000002
And system master public key
Figure PCTCN2017076545-appb-000003
假设系统有m个属性L=(a1,a2,…,am}。设G0是一个阶为素数p的双线性群,g是G0的生成元,e:G0×G0→GT表示双线性映射。哈希函数H:{0,1}*→G0。其中L中每一属性均对应一个属性版本密钥。Suppose the system has m attributes L = (a 1 , a 2 , ..., a m }. Let G 0 be a bilinear group with a prime p, g is a generator of G 0 , e: G 0 × G 0 → G T represents a bilinear map. The hash function H: {0, 1} * → G 0 , where each attribute in L corresponds to an attribute version key.
系统初始化之后,密钥权威机构对每一用户设置用户属性集S,其中S为L的子集;After the system is initialized, the key authority sets a user attribute set S for each user, where S is a subset of L;
选取两个随机数r,z∈Zp,依据该两个随机数r,z,该系统主私钥和该用户属性集S,分别生成该转换密钥TK={D=g(α+r)/β
Figure PCTCN2017076545-appb-000004
和该私钥SK=(z,TK)。Two random numbers r, z ∈ Z p are selected . According to the two random numbers r, z, the system main private key and the user attribute set S respectively generate the conversion key TK={D=g (α+r ) / β ,
Figure PCTCN2017076545-appb-000004
And the private key SK = (z, TK).
进一步地,当用户通过访问端向该云服务器请求访问加密的文件时,该云服务器获取该文件对应的密钥密文之前,具体为:Further, when the user requests access to the encrypted file from the cloud server by using the access terminal, the cloud server obtains the key ciphertext corresponding to the file, specifically:
数据属主(DO,data owner)依据预置应用密钥ck,并通过对称加密算法对该文件进行加密,生成该文件密文Eck(M),其中M表示该文件; The data owner (DO, data owner) encrypts the file according to the preset application key ck by a symmetric encryption algorithm to generate the file ciphertext E ck (M), where M represents the file;
为该访问树结构T中的每一节点x选取一个多项式qxSelecting a polynomial q x for each node x in the access tree structure T;
设置该每一节点x对应的多项式qx中阶dx比各节点对应的门限值kx少1,其中kx=dx+1;Each set of the polynomial corresponding to the node x Q x D x corresponds to the order of the nodes than the threshold value K x at least 1, where k x = d x +1;
从根节点R起,选取随机数s∈Zp,并设置qR(0)=s,以及选择dR个节点定义多项式qRFrom the root node R, select the random number s∈Z p , and set q R (0)=s, and select d R nodes to define the polynomial q R ;
为每一个非根节点x设置qx(0)=qpartent(x)(index(x)),并选择dx个节点定义多项式qxSet q x (0)=q partent(x) (index(x)) for each non-root node x and select d x nodes to define the polynomial q x .
通过该访问树结构T和该系统主公钥对该应用密钥ck进行加密,得到该密钥密文CT,其中该密钥密文CT为:The application key ck is encrypted by the access tree structure T and the system main public key to obtain the key ciphertext CT, wherein the key ciphertext CT is:
Figure PCTCN2017076545-appb-000005
Figure PCTCN2017076545-appb-000005
其中,X是该访问树结构T中叶子节点对应的属性的集合;Where X is a set of attributes corresponding to leaf nodes in the access tree structure T;
将该密钥密文CT和该文件密文上传至该云服务器。The key ciphertext CT and the file ciphertext are uploaded to the cloud server.
该对称加密算法是指加密过程和解密过程使用相同的密钥的加密算法,即加密密钥能够从解密密钥中推算出来,同时解密密钥也可以从加密密钥中推算出来。故该应用密钥与该明文密钥相同。The symmetric encryption algorithm refers to an encryption algorithm that uses the same key for the encryption process and the decryption process, that is, the encryption key can be derived from the decryption key, and the decryption key can also be derived from the encryption key. Therefore, the application key is the same as the plaintext key.
进一步地,向该访问端请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文具体为:Further, requesting the access terminal to obtain the local key in the conversion key, and decrypting the key ciphertext according to the local key, to decrypt the intermediate ciphertext is specifically:
该云服务器接收该访问端发送的该转换密钥中的局部密钥,其中该转换密钥中的局部密钥
Figure PCTCN2017076545-appb-000006
Receiving, by the cloud server, a local key in the conversion key sent by the access terminal, where the local key in the conversion key
Figure PCTCN2017076545-appb-000006
预先定义递归运算DecryptNode(CT,TK′,x),其中,若节点x为该访问树结构T中的叶子节点,设aj=att(x)且aj∈S,则
Figure PCTCN2017076545-appb-000007
Figure PCTCN2017076545-appb-000008
 Pre-define the recursive operation DecryptNode(CT, TK', x), wherein if node x is a leaf node in the access tree structure T, let a j =att(x) and a j ∈S, then
Figure PCTCN2017076545-appb-000007
Figure PCTCN2017076545-appb-000008
若x不是该访问树结构T中的叶子节点,且为该节点x中所有子节点n,设置Fn=DecryptNode(CT,TK′,n),则
Figure PCTCN2017076545-appb-000009
If x is not a leaf node in the access tree structure T, and all child nodes n in the node x are set, F n =DecryptNode(CT, TK', n), then
Figure PCTCN2017076545-appb-000009
其中,j=index(n),Sx′={index(n):n∈Sx};Where j=index(n), S x '={index(n):n∈S x };
通过所述访问树结构T中根节点R对应的函数DecryptNode(CT,TK′,R)进行运算,算出所述中间密文T={A,B},其中,Calculating the intermediate ciphertext T={A, B} by performing a function of the function DecryptNode (CT, TK', R) corresponding to the root node R in the access tree structure T, where
FR=DecryptNode(CT,TK′,R) F R =DecryptNode(CT,TK',R)
设A=FR=e(g,g)rs/z
Figure PCTCN2017076545-appb-000010
Let A=F R =e(g,g) rs/z ,
Figure PCTCN2017076545-appb-000010
则该依据已存储的私钥对该中间密文进行解密,以解密出明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件具体为:Then, the intermediate ciphertext is decrypted according to the stored private key to decrypt the plaintext key, and the ciphertext of the file is decrypted according to the plaintext key, so as to decrypt the file as follows:
所述访问端依据所述私钥SK和接收到的所述中间密文T={A,B},解密出所述明文密钥ck,其中
Figure PCTCN2017076545-appb-000011
The access terminal decrypts the plaintext key ck according to the private key SK and the received intermediate ciphertext T={A, B}, wherein
Figure PCTCN2017076545-appb-000011
该访问端通过该明文密钥ck对该文件密文Eck(M)进行解密,解密出该文件M。The access terminal decrypts the file ciphertext E ck (M) by the plaintext key ck to decrypt the file M.
若节点x为该访问树结构T中的叶子节点,且
Figure PCTCN2017076545-appb-000012
则DecryptNode(CT,TK,x)=⊥。If the node x is a leaf node in the access tree structure T, and
Figure PCTCN2017076545-appb-000012
Then DecryptNode(CT, TK, x) = ⊥.
若x不是该访问树结构T中的叶子节点,令Sx为任意的kx个子节点n构成的集合,则Fn≠⊥,若该集合不存在,则Fn=⊥。If x is not a leaf node in the access tree structure T, and S x is a set of arbitrary k x child nodes n, then F n ≠⊥, if the set does not exist, F n = ⊥.
该私钥SK是由该密钥权威机构依据用户的属性预先下发给各用户。The private key SK is pre-delivered to each user by the key authority according to the attributes of the user.
进一步地,该方法还包括:Further, the method further includes:
当撤销用户μ的属性x′被撤销时,该密钥权威机构选取随机数vx′ *∈Zp(vx′ *≠vx′),并将该属性x′对应的属性版本密钥VKx′=vx′更换为属性版本密钥VKx′ *,令VKx′ *=vx′ *,以及依据VKx′ *生成更新密钥为UKx′,依据更换后的属性版本密钥VKx′ *更新该系统主公钥为
Figure PCTCN2017076545-appb-000013
并将该更新密钥UKx′发送给每一非撤销用户的访问端和该云服务器,其中,When the attribute x' of the undo user μ is revoked, the key authority selects the random number v x' * ∈Z p (v x' * ≠v x' ) and attributes the attribute version key corresponding to the attribute x' VK x' =v x' is replaced with the attribute version key VK x' * , VK x' * = v x' * , and the update key is generated according to VK x' * is UK x' , according to the replaced attribute version Key VK x' * update the system's master public key to
Figure PCTCN2017076545-appb-000013
And sending the update key UK x' to the access end of each non-revoked user and the cloud server, wherein
Figure PCTCN2017076545-appb-000014
Figure PCTCN2017076545-appb-000014
该每一非撤销用户的访问端接收该密钥权威机构发送的该更新密钥UKx′,各非撤销用户的访问端将已存储的该私钥SK更新为:The access end of each non-revoked user receives the update key UK x' sent by the key authority, and the access end of each non-revoked user updates the stored private key SK to:
Figure PCTCN2017076545-appb-000015
Figure PCTCN2017076545-appb-000015
该云服务器接收该密钥权威机构发送的该更新密钥UKx′,并将该密钥密文CT更新为:The cloud server receives the update key UK x' sent by the key authority and updates the key ciphertext CT to:
Figure PCTCN2017076545-appb-000016
Figure PCTCN2017076545-appb-000016
上述密钥更新过程中包括三个部分:一是该密钥权威机构生成更新密钥;二是非撤销用户更新自身存储的私钥;三是该云服务器更新密文。The above key update process includes three parts: one is that the key authority generates an update key; the other is that the non-revoked user updates the private key stored by itself; and the third is that the cloud server updates the ciphertext.
需要说明的是,该密钥权威机构、非撤销用户以及该云服务器只更新与属 性x′有关联的密钥和密文,这样更新所占的资源少,同时在用户身份变更时,也可以及时的更新密钥和密文,以确保数据的安全性。It should be noted that the key authority, the non-revoked user, and the cloud server are only updated with the genus. The sex x' has an associated key and ciphertext, so that the update occupies less resources, and when the user identity changes, the key and ciphertext can also be updated in time to ensure data security.
本发明实施例中,当用户通过访问端向云服务器请求访问加密的文件时,该云服务器获取该文件对应的密钥密文,并判断该用户的属性是否满足该密钥密文中的访问树结构,若是,则向该访问端请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文,将该中间密文和该文件对应的文件密文转发给该访问端,该访问端接收该中间密文,并依据已存储的私钥对该中间密文进行解密,以解密出明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件,同时当有用户被撤销时,密钥权威机构、访问端以及云服务器更新密钥或者密文,这样仅具有权限的用户可以解密出文件,确保了数据的安全性,同时云服务器依据局部密钥对密文进行解密运算,承担了部分的解密运算,减少了访问端的解密运算量,提高了解密速度和效率,从而增加了访问端访问加密的文件的速度。In the embodiment of the present invention, when the user requests access to the encrypted file from the cloud server, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree in the key ciphertext. Structure, if yes, requesting the access terminal to obtain a local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, the intermediate ciphertext and the file The corresponding file ciphertext is forwarded to the access terminal, and the access terminal receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and according to the plaintext key The file ciphertext is decrypted to decrypt the file, and when a user is revoked, the key authority, the access end, and the cloud server update the key or ciphertext, so that only the authorized user can decrypt the file, ensuring that the file is secured. The security of the data, at the same time, the cloud server decrypts the ciphertext according to the local key, and undertakes part of the decryption operation, reducing the amount of decryption operation of the access end. Decryption high speed and efficiency, thereby increasing the speed of the access terminal to access encrypted files.
请参阅图2,图2是本发明第三实施例提供的云密文访问控制系统的结构示意图,为了便于说明,仅示出了与本发明实施例相关的部分。图2示例的云密文访问控制系统可以是前述图1所示实施例提供的云密文访问控制方法的执行主体。图2示例的云密文访问控制系统,主要包括:云服务器201和访问端202。以上各功能模块详细说明如下:Referring to FIG. 2, FIG. 2 is a schematic structural diagram of a cloud ciphertext access control system according to a third embodiment of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown. The cloud ciphertext access control system illustrated in FIG. 2 may be the execution body of the cloud ciphertext access control method provided by the foregoing embodiment shown in FIG. The cloud ciphertext access control system illustrated in FIG. 2 mainly includes: a cloud server 201 and an access terminal 202. The above functional modules are described in detail as follows:
该云服务器201,用于当用户通过访问端向该云服务器201请求访问加密的文件时,获取该文件对应的密钥密文,并判断该用户的属性是否满足该密钥密文中的访问树结构,若是,则向该访问端202请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文,将该中间密文和该文件对应的文件密文转发给该访问端202。The cloud server 201 is configured to: when the user requests access to the encrypted file from the cloud server 201, the user obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree in the key ciphertext. Structure, if yes, requesting the access terminal 202 to acquire a local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, the intermediate ciphertext and the The file ciphertext corresponding to the file is forwarded to the access terminal 202.
该用户为需要从云服务器201中访问加密的文件的数据访问者。该用户使用访问端202向该云服务器201发送访问请求,该访问端202可以是计算机、手机、智能电视、平板电脑等支持与该云服务器交互,并能够读取数据的终端。The user is a data visitor who needs to access the encrypted file from the cloud server 201. The user sends an access request to the cloud server 201 by using the access terminal 202. The access terminal 202 can be a terminal that supports data exchange with the cloud server, such as a computer, a mobile phone, a smart TV, a tablet computer, and the like.
该加密的文件为经过加密后并存储于云服务器201上的数据。该用户的属性用于划分访问不同等级的加密的文件的用户,例如,设共有三个加密文件的等级:低级、中级和高级,若用户的属性为属性A,则属性A的用户能够访问高级的加密的文件;若用户的属性为属性B,则属性B的用户能够访问中级的加密的文件;若用户的属性为属性C,则属性C的用户能够访问低级的加密的文件。每一属性可以对应一个等级,也可以对应多个等级。该访问树结构是一种数据访问结构。云服务器201通过判断用户的属性是否满足该访问树结构中的等级,确定该用户是否有权限访问该文件。The encrypted file is data that is encrypted and stored on the cloud server 201. The user's attribute is used to divide users who access different levels of encrypted files. For example, a level of three encrypted files is available: low-level, intermediate, and advanced. If the attribute of the user is attribute A, the user of attribute A can access advanced. The encrypted file; if the attribute of the user is attribute B, the user of attribute B can access the intermediate encrypted file; if the attribute of the user is attribute C, the user of attribute C can access the encrypted file of the lower level. Each attribute can correspond to one level or multiple levels. The access tree structure is a data access structure. The cloud server 201 determines whether the user has the right to access the file by determining whether the attribute of the user satisfies the level in the access tree structure.
该密钥密文为加密该文件的密钥的密文。该局部密钥为该转换密钥中一部分的密钥,该云服务器201依据该局部密钥解密该密钥密文,只能解密出中间密文,不能直接解密出文件,可以有效地确保数据的安全性,同时云服务器承担部分的解密运算,提高了解密速度和效率。The key ciphertext is the ciphertext of the key that encrypts the file. The local key is a part of the key of the conversion key. The cloud server 201 decrypts the key ciphertext according to the local key, and can only decrypt the intermediate ciphertext, and cannot directly decrypt the file, thereby effectively ensuring the data. The security, while the cloud server undertakes part of the decryption operation, improving the decryption speed and efficiency.
该访问端202,用于接收该中间密文,并依据已存储的私钥对该中间密文 进行解密,以解密出明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件。The access end 202 is configured to receive the intermediate ciphertext and use the stored private key to the intermediate ciphertext Decrypting to decrypt the plaintext key and decrypting the ciphertext according to the plaintext key to decrypt the file.
该明文密钥为与加密该文件的密钥对应的解密密钥。The plaintext key is a decryption key corresponding to the key that encrypts the file.
本实施例未尽之细节,请参阅前述图1所示实施例的描述,此处不再赘述。For details of the embodiment, please refer to the description of the embodiment shown in FIG. 1 , and details are not described herein again.
本发明实施例中,该云服务器201当用户通过访问端向云服务器201请求访问加密的文件时,获取该文件对应的密钥密文,并判断该用户的属性是否满足该密钥密文中的访问树结构,若是,则向该访问端202请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文,将该中间密文和该文件对应的文件密文转发给该访问端202,该访问端202接收该中间密文,并依据已存储的私钥对该中间密文进行解密,以解密出明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件,这样仅具有权限的用户可以解密出文件,确保了数据的安全性,同时云服务器依据局部密钥对密文进行解密运算,承担了部分的解密运算,减少了访问端的解密运算量,提高了解密速度和效率,从而增加了访问端访问加密的文件的速度。In the embodiment of the present invention, when the user requests the cloud server 201 to access the encrypted file through the access terminal, the cloud server 201 obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the key ciphertext. Accessing the tree structure, if yes, requesting the access terminal 202 to acquire the local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, and the intermediate ciphertext The file ciphertext corresponding to the file is forwarded to the access terminal 202, and the access terminal 202 receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and according to the The plaintext key decrypts the ciphertext of the file to decrypt the file, so that only the user with authority can decrypt the file, ensuring the security of the data, and the cloud server decrypts the ciphertext according to the local key. Part of the decryption operation reduces the amount of decryption operations on the access side, improves the decryption speed and efficiency, and increases the speed at which the access end accesses the encrypted file.
请参阅图3,图3为本发明第四实施例提供的云密文访问控制系统的结构示意图,为了便于说明,仅示出了与本发明实施例相关的部分。图3示例的云密文访问控制系统可以是前述图1所示实施例提供的云密文访问控制方法的执行主体。图3示例的云密文访问控制系统,主要包括:密钥权威机构301、数据属主302、云服务器303和访问端304。以上各功能模块详细说明如下:Referring to FIG. 3, FIG. 3 is a schematic structural diagram of a cloud ciphertext access control system according to a fourth embodiment of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown. The cloud ciphertext access control system illustrated in FIG. 3 may be the execution body of the cloud ciphertext access control method provided by the foregoing embodiment shown in FIG. The cloud ciphertext access control system illustrated in FIG. 3 mainly includes: a key authority 301, a data owner 302, a cloud server 303, and an access terminal 304. The above functional modules are described in detail as follows:
密钥权威机构301用于执行以下步骤:The key authority 301 is used to perform the following steps:
构建选择阶为素数p,和生成元g的双线性群G0Constructing a selection order of prime p, and generating a bilinear group G 0 of elements g;
定义全局属性集合L=(a1,a2,…,am}以及安全等级k,其中j属于1到m;Defining a global attribute set L = (a 1 , a 2 , ..., a m } and a security level k, where j belongs to 1 to m;
选取随机数vj∈Zp,并将该随机数vj作为属性版本密钥VKj=vj,并依据该属性版本密钥生成子公钥
Figure PCTCN2017076545-appb-000017
其中Zp为有限域;Selecting the random number v j ∈Z p and using the random number v j as the attribute version key VK j =v j , and generating the sub public key according to the attribute version key
Figure PCTCN2017076545-appb-000017
Where Z p is a finite field;
选取两个随机数α,β∈Zp,并依据该两个随机数α、β,该子公钥和该双线性群,分别生成系统主私钥MSK={β,gα,{MSKj=VKj|aj∈L}},和系统主公钥
Figure PCTCN2017076545-appb-000018
 Two random numbers α, β∈Z p are selected , and according to the two random numbers α, β, the sub-public key and the bilinear group respectively generate the system main private key MSK={β, g α , {MSK j =VK j |a j ∈L}}, and the system master public key
Figure PCTCN2017076545-appb-000018
对每一用户设置用户属性集S,其中S为L的子集;Setting a user attribute set S for each user, where S is a subset of L;
选取两个随机数r,z∈Zp,依据该两个随机数r,z,该系统主私钥和该用户属性集S,分别生成该转换密钥TK={D=g(α+r)/β
Figure PCTCN2017076545-appb-000019
和该私钥SK=(z,TK)。Two random numbers r, z ∈ Z p are selected . According to the two random numbers r, z, the system main private key and the user attribute set S respectively generate the conversion key TK={D=g (α+r ) / β ,
Figure PCTCN2017076545-appb-000019
And the private key SK = (z, TK).
进一步地,数据属主302,用于执行以下步骤:Further, the data owner 302 is configured to perform the following steps:
依据预置应用密钥ck,并通过对称加密算法对该文件进行加密,生成该文件密文Eck(M),其中M表示该文件;The file is encrypted according to a preset application key ck and encrypted by a symmetric encryption algorithm to generate the file ciphertext E ck (M), where M represents the file;
为该访问树结构T中的每一节点x选取一个多项式qxSelecting a polynomial q x for each node x in the access tree structure T;
设置该每一节点x对应的多项式qx中阶dx比各节点对应的门限值kx少1,其中kx=dx+1; Each set of the polynomial corresponding to the node x Q x D x corresponds to the order of the nodes than the threshold value K x at least 1, where k x = d x +1;
从根节点R起,选取随机数s∈Zp,并设置qR(0)=s,以及选择dR个节点定义多项式qRFrom the root node R, select the random number s∈Z p , and set q R (0)=s, and select d R nodes to define the polynomial q R ;
为每一个非根节点x设置qx(0)=qpartent(x)(index(x)),并选择dx个节点定义多项式qxSet q x (0)=q partent(x) (index(x)) for each non-root node x and select d x nodes to define the polynomial q x .
通过该访问树结构T和该系统主公钥对该应用密钥ck进行加密,得到该密钥密文CT,其中该密钥密文CT为:The application key ck is encrypted by the access tree structure T and the system main public key to obtain the key ciphertext CT, wherein the key ciphertext CT is:
Figure PCTCN2017076545-appb-000020
Figure PCTCN2017076545-appb-000020
其中,X是该访问树结构T中叶子节点对应的属性的集合;Where X is a set of attributes corresponding to leaf nodes in the access tree structure T;
将该密钥密文CT和该文件密文上传至该云服务器303。The key ciphertext CT and the file ciphertext are uploaded to the cloud server 303.
该对称加密算法是指加密过程和解密过程使用相同的密钥的加密算法,即加密密钥能够从解密密钥中推算出来,同时解密密钥也可以从加密密钥中推算出来。故该应用密钥与该明文密钥相同。The symmetric encryption algorithm refers to an encryption algorithm that uses the same key for the encryption process and the decryption process, that is, the encryption key can be derived from the decryption key, and the decryption key can also be derived from the encryption key. Therefore, the application key is the same as the plaintext key.
该云服务器303,用于当用户通过访问端304向云服务器303请求访问加密的文件时,获取该文件对应的密钥密文,并判断该用户的属性是否满足该密钥密文中的访问树结构,若是,则向该访问端304请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文,将该中间密文和该文件对应的文件密文转发给该访问端304。The cloud server 303 is configured to: when the user requests the cloud server 303 to access the encrypted file through the accessing end 304, obtain the key ciphertext corresponding to the file, and determine whether the attribute of the user satisfies the access tree in the key ciphertext. Structure, if yes, requesting the access terminal 304 to obtain a local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, the intermediate ciphertext and the The file ciphertext corresponding to the file is forwarded to the access terminal 304.
进一步地,该云服务器303还用于执行以下步骤:Further, the cloud server 303 is further configured to perform the following steps:
接收该访问端304发送的该转换密钥中的局部密钥,其中该转换密钥中的局部密钥
Figure PCTCN2017076545-appb-000021
Receiving a local key in the conversion key sent by the access terminal 304, wherein the local key in the conversion key
Figure PCTCN2017076545-appb-000021
预先定义递归运算DecryptNode(CT,TK′,x),其中,若节点x为该访问树结构T中的叶子节点,设aj=att(x)且aj∈S,则
Figure PCTCN2017076545-appb-000022
Figure PCTCN2017076545-appb-000023
Pre-define the recursive operation DecryptNode(CT, TK', x), wherein if node x is a leaf node in the access tree structure T, let a j =att(x) and a j ∈S, then
Figure PCTCN2017076545-appb-000022
Figure PCTCN2017076545-appb-000023
若x不是该访问树结构T中的叶子节点,且为该节点x中所有子节点n,设置Fn=DecryptNode(CT,TK′,n),则
Figure PCTCN2017076545-appb-000024
If x is not a leaf node in the access tree structure T, and all child nodes n in the node x are set, F n =DecryptNode(CT, TK', n), then
Figure PCTCN2017076545-appb-000024
其中,j=index(n),Sx′={index(n):n∈Sx};Where j=index(n), S x '={index(n):n∈S x };
通过该访问树结构T中根节点R对应的函数DecryptNode(CT,TK′,R)进行运算,算出所述中间密文T={A,B},其中, Calculating the intermediate ciphertext T={A, B} by calculating a function DecryptNode(CT, TK', R) corresponding to the root node R in the access tree structure T, wherein
设A=FR=e(g,g)rs/z
Figure PCTCN2017076545-appb-000025
Let A=F R =e(g,g) rs/z ,
Figure PCTCN2017076545-appb-000025
该访问端304,用于接收该中间密文,并依据已存储的私钥对该中间密文进行解密,以解密出明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件。The accessing end 304 is configured to receive the intermediate ciphertext, and decrypt the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and decrypt the ciphertext according to the plaintext key. Decrypt the file.
进一步地,该访问端304,还用于依据该私钥SK和接收到的该中间密文T={A,B},解密出该明文密钥ck,其中,
Figure PCTCN2017076545-appb-000026
Further, the accessing end 304 is further configured to decrypt the plaintext key ck according to the private key SK and the received intermediate ciphertext T={A, B}, where
Figure PCTCN2017076545-appb-000026
该访问端304,还用于通过该明文密钥ck对该文件密文Eck(M)进行解密,解密出该文件M。The access terminal 304 is further configured to decrypt the file ciphertext E ck (M) by using the plaintext key ck to decrypt the file M.
该私钥SK是由该密钥权威机构依据用户的属性预先下发给各用户。The private key SK is pre-delivered to each user by the key authority according to the attributes of the user.
该密钥权威机构301,还用于当撤销用户μ的属性x′被撤销时,选取随机数vx′ *∈Zp(vx′ *≠vx′),并将该属性x′对应的属性版本密钥VKx′=vx′更换为属性版本密钥VKx′ *,令VKx′ *=vx′ *,以及依据VKx′ *生成更新密钥为UKx′,依据更换后的属性版本密钥VK* x′更新该系统主公钥为
Figure PCTCN2017076545-appb-000027
并将该更新密钥UKx′发送给每一非撤销用户的访问端304和该云服务器303,其中,The key authority 301 is further configured to: when the attribute x' of the undo user μ is revoked, select a random number v x′ * ∈Z p (v x′ * ≠v x′ ), and corresponding the attribute x′ The attribute version key VK x' = v x ' is replaced with the attribute version key VK x' * , VK x' * = v x ' * , and the update key is generated according to VK x' * is UK x' , based on The replaced attribute version key VK * x' updates the system master public key to
Figure PCTCN2017076545-appb-000027
And sending the update key UK x' to the access end 304 of each non-revoked user and the cloud server 303, where
Figure PCTCN2017076545-appb-000028
Figure PCTCN2017076545-appb-000028
该每一非撤销用户的访问端304,还用于接收该密钥权威机构301发送的该更新密钥UKx′,各非撤销用户的访问端304将已存储的该私钥SK更新为:The access end 304 of each non-revoked user is further configured to receive the update key UK x' sent by the key authority 301, and the access end 304 of each non-revoked user updates the stored private key SK to:
Figure PCTCN2017076545-appb-000029
Figure PCTCN2017076545-appb-000029
该云服务器303,还用于接收该密钥权威机构301发送的该更新密钥UKx′,并将该密钥密文CT更新为:The cloud server 303 is further configured to receive the update key UK x' sent by the key authority 301, and update the key ciphertext CT to:
Figure PCTCN2017076545-appb-000030
Figure PCTCN2017076545-appb-000030
如图4所示,图4为云密文访问控制系统中四个实体设备的示意图。As shown in FIG. 4, FIG. 4 is a schematic diagram of four physical devices in a cloud ciphertext access control system.
本实施例未尽之细节,请参阅前述图1所示实施例的描述,此处不再赘述。For details of the embodiment, please refer to the description of the embodiment shown in FIG. 1 , and details are not described herein again.
本发明实施例中,当用户通过访问端304向云服务器303请求访问加密的文件时,该云服务器303获取该文件对应的密钥密文,并判断该用户的属性是否满足该密钥密文中的访问树结构,若是,则向该访问端304请求获取转换密钥中的局部密钥,以及依据该局部密钥对该密钥密文进行解密,以解密出中间密文,将该中间密文和该文件对应的文件密文转发给该访问端304,该访问端304接收该中间密文,并依据已存储的私钥对该中间密文进行解密,以解密出 明文密钥,以及依据该明文密钥对该文件密文进行解密,以解密出该文件,这样仅具有权限的用户可以解密出文件,确保了数据的安全性,同时云服务器依据局部密钥对密文进行解密运算,承担了部分的解密运算,减少了访问端的解密运算量,提高了解密速度和效率,从而增加了访问端访问加密的文件的速度。In the embodiment of the present invention, when the user requests the cloud server 303 to access the encrypted file through the accessing end 304, the cloud server 303 obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the key ciphertext. The access tree structure, if yes, requesting the access terminal 304 to obtain the local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, and the intermediate secret And the file ciphertext corresponding to the file is forwarded to the accessing end 304, the accessing end 304 receives the intermediate ciphertext, and decrypts the intermediate ciphertext according to the stored private key to decrypt the The plaintext key, and decrypting the ciphertext according to the plaintext key, to decrypt the file, so that only the user with authority can decrypt the file, ensuring the security of the data, and the cloud server is based on the local key pair. The ciphertext performs the decryption operation, undertakes part of the decryption operation, reduces the decryption operation amount of the access end, improves the decryption speed and efficiency, and increases the speed at which the access end accesses the encrypted file.
在本申请所提供的多个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述模块的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个模块或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信链接可以是通过一些接口,装置或模块的间接耦合或通信链接,可以是电性,机械或其它的形式。In the various embodiments provided herein, it should be understood that the disclosed systems, devices, and methods may be implemented in other ways. For example, the device embodiments described above are merely illustrative. For example, the division of the modules is only a logical function division. In actual implementation, there may be another division manner, for example, multiple modules or components may be combined or Can be integrated into another system, or some features can be ignored or not executed. In addition, the mutual coupling or direct coupling or communication link shown or discussed may be an indirect coupling or communication link through some interface, device or module, and may be electrical, mechanical or otherwise.
所述作为分离部件说明的模块可以是或者也可以不是物理上分开的,作为模块显示的部件可以是或者也可以不是物理模块,即可以位于一个地方,或者也可以分布到多个网络模块上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。The modules described as separate components may or may not be physically separated. The components displayed as modules may or may not be physical modules, that is, may be located in one place, or may be distributed to multiple network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
另外,在本发明各个实施例中的各功能模块可以集成在一个处理模块中,也可以是各个模块单独物理存在,也可以两个或两个以上模块集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。In addition, each functional module in each embodiment of the present invention may be integrated into one processing module, or each module may exist physically separately, or two or more modules may be integrated into one module. The above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
所述集成的模块如果以软件功能模块的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,RandomAccess Memory)、磁碟或者光盘等各种可以存储程序代码的介质。The integrated modules, if implemented in the form of software functional modules and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium. A number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention. The foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes.
需要说明的是,对于前述的各方法实施例,为了简便描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为依据本发明,某些步骤可以采用其它顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定都是本发明所必须的。It should be noted that, for the foregoing method embodiments, for the sake of brevity, they are all described as a series of action combinations, but those skilled in the art should understand that the present invention is not limited by the described action sequence. Because certain steps may be performed in other sequences or concurrently in accordance with the present invention. In the following, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其它实施例的相关描述。In the above embodiments, the descriptions of the various embodiments are all focused, and the parts that are not detailed in a certain embodiment can be referred to the related descriptions of other embodiments.
以上为对本发明所提供的云密文访问控制方法及系统的描述,对于本领域的技术人员,依据本发明实施例的思想,在具体实施方式及应用范围上均会有改变之处,综上,本说明书内容不应理解为对本发明的限制。 The above is a description of the cloud ciphertext access control method and system provided by the present invention. For those skilled in the art, according to the idea of the embodiment of the present invention, there will be changes in specific implementation modes and application scopes. The contents of this specification are not to be construed as limiting the invention.

Claims (10)

  1. 一种云密文访问控制方法,其特征在于,包括:A cloud ciphertext access control method, comprising:
    当用户通过访问端向云服务器请求访问加密的文件时,所述云服务器获取所述文件对应的密钥密文,并判断所述用户的属性是否满足所述密钥密文中的访问树结构,若是,则向所述访问端请求获取转换密钥中的局部密钥,以及依据所述局部密钥对所述密钥密文进行解密,以解密出中间密文,将所述中间密文和所述文件对应的文件密文转发给所述访问端;When the user requests access to the encrypted file from the cloud server, the cloud server obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user satisfies the access tree structure in the key ciphertext. If yes, requesting, by the accessing end, a local key in the conversion key, and decrypting the key ciphertext according to the local key, to decrypt the intermediate ciphertext, and the intermediate ciphertext and Transmitting a file ciphertext corresponding to the file to the access terminal;
    所述访问端接收所述中间密文,并依据已存储的私钥对所述中间密文进行解密,以解密出明文密钥,以及依据所述明文密钥对所述文件密文进行解密,以解密出所述文件。Receiving, by the accessing end, the intermediate ciphertext, decrypting the intermediate ciphertext according to the stored private key, decrypting the plaintext key, and decrypting the ciphertext according to the plaintext key, To decrypt the file.
  2. 根据权利要求1所述的方法,其特征在于,所述当用户通过访问端向所述云服务器请求访问加密的文件时,所述云服务器获取所述文件对应的密钥密文之前还包括:The method according to claim 1, wherein when the user requests access to the encrypted file from the cloud server by using the access terminal, the cloud server further includes:
    密钥权威机构构建选择阶为素数p,和生成元为g的双线性群G0The key authority constructs a selection order of prime p, and a bilinear group G 0 whose generator is g;
    定义全局属性集合L={a1,a2,...,am}以及安全等级k;Defining a global attribute set L={a 1 , a 2 , . . . , a m } and a security level k;
    选取随机数vj∈Zp,并将所述随机数vj作为属性版本密钥VKj=vj,并依据所述属性版本密钥生成子公钥
    Figure PCTCN2017076545-appb-100001
    其中Zp为有限域;    Selecting a random number v j ∈Z p , and using the random number v j as an attribute version key VK j =v j , and generating a sub-public key according to the attribute version key
    Figure PCTCN2017076545-appb-100001
    Where Z p is a finite field;
    选取两个随机数α,β∈Zp,并依据所述两个随机数α、β,所述子公钥和所述双线性群,分别生成系统主私钥MSK={β,gα,{MSKj=VKj|aj∈L}},和系统主公钥
    Figure PCTCN2017076545-appb-100002
    Two random numbers α, β∈Z p are selected , and according to the two random numbers α, β, the sub-public key and the bilinear group, respectively generate a system master private key MSK={β, g α , {MSK j =VK j |a j ∈L}}, and the system master public key
    Figure PCTCN2017076545-appb-100002
    对每一用户设置用户属性集S,其中S为L的子集;Setting a user attribute set S for each user, where S is a subset of L;
    选取两个随机数r,z∈Zp,依据所述两个随机数r,z,所述系统主私钥和所述用户属性集S,分别生成所述转换密钥
    Figure PCTCN2017076545-appb-100003
    和所述私钥SK=(z,TK)。    Selecting two random numbers r, z ∈ Z p , respectively, according to the two random numbers r, z, the system master private key and the user attribute set S, respectively generating the conversion key
    Figure PCTCN2017076545-appb-100003
    And the private key SK = (z, TK).
  3. 根据权利要求2所述的方法,其特征在于,所述当用户通过访问端向所述云服务器请求访问加密的文件时,所述云服务器获取所述文件对应的密钥密文之前还包括:The method according to claim 2, wherein when the user requests access to the encrypted file from the cloud server through the access end, the cloud server further includes:
    数据属主依据预置应用密钥ck,并通过对称加密算法对所述文件进行加密,生成所述文件密文Eck(M),其中M表示所述文件;The data owner encrypts the file according to a preset application key ck and generates a file ciphertext E ck (M) by using a symmetric encryption algorithm, where M represents the file;
    为所述访问树结构T中的每一节点x选取一个多项式qxSelecting a polynomial q x for each node x in the access tree structure T;
    设置所述每一节点x对应的多项式qx中阶dx比各节点对应的门限值kx少1,其中kx=dx+1;X provided corresponding to each of the nodes in order polynomial Q x D x ratio of each node corresponding to the threshold value K x at least 1, where k x = d x +1;
    从根节点R起,选取随机数s∈Zp,并设置qR(0)=s,以及选择dR个节点定义多项式qRFrom the root node R, select the random number s∈Z p , and set q R (0)=s, and select d R nodes to define the polynomial q R ;
    为每一个非根节点x设置qx(0)=qpartent(x)(index(x)),并选择dx个节点定义多项式qxSet q x (0)=q partent(x) (index(x)) for each non-root node x and select d x nodes to define the polynomial q x .
    通过所述访问树结构T和所述系统主公钥对所述应用密钥ck进行加密,得 到所述密钥密文CT,其中所述密钥密文CT为:Encrypting the application key ck by using the access tree structure T and the system master public key Go to the key ciphertext CT, wherein the key ciphertext CT is:
    Figure PCTCN2017076545-appb-100004
    Figure PCTCN2017076545-appb-100004
    其中,X是所述访问树结构T中叶子节点对应的属性的集合;Where X is a set of attributes corresponding to leaf nodes in the access tree structure T;
    将所述密钥密文CT和所述文件密文上传至所述云服务器。Uploading the key ciphertext CT and the file ciphertext to the cloud server.
  4. 根据权利要求3所述的方法,其特征在于,所述向所述访问端请求获取转换密钥中的局部密钥,以及依据所述局部密钥对所述密钥密文进行解密,以解密出中间密文包括:The method according to claim 3, wherein the requesting to the access terminal to acquire a local key in a conversion key, and decrypting the key ciphertext according to the local key to decrypt The intermediate ciphertext includes:
    所述云服务器接收所述访问端发送的所述转换密钥中的局部密钥,其中所述转换密钥中的局部密钥
    Figure PCTCN2017076545-appb-100005
    Receiving, by the cloud server, a local key in the conversion key sent by the access terminal, where the local key in the conversion key
    Figure PCTCN2017076545-appb-100005
    预先定义递归运算Decrypt Node(CT,TK′,x),其中,若节点x为所述访问树结构T中的叶子节点,设aj=att(x)且aj∈S,则
    Figure PCTCN2017076545-appb-100006
    Figure PCTCN2017076545-appb-100007
    Pre-defining the recursive operation Decrypt Node (CT, TK', x), wherein if the node x is a leaf node in the access tree structure T, let a j =att(x) and a j ∈S, then
    Figure PCTCN2017076545-appb-100006
    Figure PCTCN2017076545-appb-100007
    若x不是所述访问树结构T中的叶子节点,且为所述节点x中所有子节点n,设置Fn=DecryptNode(CT,TK′,n),则
    Figure PCTCN2017076545-appb-100008
    If x is not a leaf node in the access tree structure T and is all child nodes n in the node x, setting F n =DecryptNode(CT, TK', n), then
    Figure PCTCN2017076545-appb-100008
    其中,j=index(n),Sx′={index(n):n∈Sx};Where j=index(n), S x '={index(n):n∈S x };
    通过所述访问树结构T中根节点R对应的函数DecryptNode(CT,TK′,R)进行运算,算出所述中间密文T={A,B},其中,Calculating the intermediate ciphertext T={A, B} by performing a function of the function DecryptNode (CT, TK', R) corresponding to the root node R in the access tree structure T, where
    Figure PCTCN2017076545-appb-100009
    Figure PCTCN2017076545-appb-100009
    设A=FR=e(g,g)rs/z
    Figure PCTCN2017076545-appb-100010
    Let A=F R =e(g,g) rs/z ,
    Figure PCTCN2017076545-appb-100010
    则所述依据已存储的私钥对所述中间密文进行解密,以解密出明文密钥,以及依据所述明文密钥对所述文件密文进行解密,以解密出所述文件包括:Then, the intermediate ciphertext is decrypted according to the stored private key to decrypt the plaintext key, and the ciphertext is decrypted according to the plaintext key, to decrypt the file, including:
    所述访问端依据所述私钥SK和接收到的所述中间密文T={A,B},解密出The access end decrypts according to the private key SK and the received intermediate ciphertext T={A, B}
    所述明文密钥ck,其中
    Figure PCTCN2017076545-appb-100011
    The plaintext key ck, wherein
    Figure PCTCN2017076545-appb-100011
    所述访问端通过所述明文密钥ck对所述文件密文Eck(M)进行解密,解密出所述文件M。 The access terminal decrypts the file ciphertext E ck (M) by using the plaintext key ck to decrypt the file M.
  5. 根据权利要求4所述的方法,其特征在于,所述方法还包括:The method of claim 4, wherein the method further comprises:
    当撤销用户μ的属性x′被撤销时,所述密钥权威机构选取随机数vx′ *∈Zp(vx′ *≠vx′),并将所述属性x′对应的属性版本密钥VKx′=vx′更换为属性版本密钥VKx′ *,令VKx′ *=vx′ *,以及依据VK* x′生成更新密钥为UKx′,依据更换后的所述属性版本密钥VKx′ *更新所述系统主公钥为
    Figure PCTCN2017076545-appb-100012
    并将所述更新密钥UKx′发送给每一非撤销用户的访问端和所述云服务器,其中,    When the attribute x' of the revoked user μ is revoked, the key authority selects the random number v x' * ∈Z p (v x' * ≠v x' ) and attributes the attribute corresponding to the attribute x' The key VK x' = v x ' is replaced with the attribute version key VK x' * , VK x' * = v x ' * , and the update key generated according to VK * x' is UK x' , according to the replacement The attribute version key VK x' * updates the system master public key to
    Figure PCTCN2017076545-appb-100012
    And sending the update key UK x' to the access end of each non-revoked user and the cloud server, where
    Figure PCTCN2017076545-appb-100013
    Figure PCTCN2017076545-appb-100013
    所述每一非撤销用户的访问端接收所述密钥权威机构发送的所述更新密钥UKx′,各非撤销用户的访问端将已存储的所述私钥更新为:The access end of each non-revoked user receives the update key UK x' sent by the key authority, and the access end of each non-revoked user updates the stored private key to:
    Figure PCTCN2017076545-appb-100014
    Figure PCTCN2017076545-appb-100014
    所述云服务器接收所述密钥权威机构发送的所述更新密钥UKx′,并将所述密钥密文更新为:Receiving, by the cloud server, the update key UK x' sent by the key authority, and updating the key ciphertext to:
    Figure PCTCN2017076545-appb-100015
    Figure PCTCN2017076545-appb-100015
  6. 一种云密文访问控制系统,其特征在于,所述系统包括:云服务器和访问端;A cloud ciphertext access control system, comprising: a cloud server and an access terminal;
    所述云服务器,用于当用户通过访问端向所述云服务器请求访问加密的文件时,获取所述文件对应的密钥密文,并判断所述用户的属性是否满足所述密钥密文中的访问树结构,若是,则向所述访问端请求获取转换密钥中的局部密钥,以及依据所述局部密钥对所述密钥密文进行解密,以解密出中间密文,将所述中间密文和所述文件对应的文件密文转发给所述访问端;The cloud server is configured to: when the user requests access to the encrypted file from the cloud server, the user obtains the key ciphertext corresponding to the file, and determines whether the attribute of the user meets the key ciphertext. Access tree structure, if yes, requesting the access terminal to obtain a local key in the conversion key, and decrypting the key ciphertext according to the local key to decrypt the intermediate ciphertext, The intermediate ciphertext and the file ciphertext corresponding to the file are forwarded to the access end;
    所述访问端,用于接收所述中间密文,并依据已存储的私钥对所述中间密文进行解密,以解密出明文密钥,以及依据所述明文密钥对所述文件密文进行解密,以解密出所述文件。The access end is configured to receive the intermediate ciphertext, and decrypt the intermediate ciphertext according to the stored private key to decrypt the plaintext key, and pair the ciphertext according to the plaintext key Decryption is performed to decrypt the file.
  7. 根据权利要求5所述的装置,其特征在于,所述系统还包括:密钥权威机构;The apparatus according to claim 5, wherein said system further comprises: a key authority;
    所述密钥权威机构,用于执行以下步骤:The key authority is configured to perform the following steps:
    构建选择阶为素数p,和生成元为g的双线性群G0Constructing a selection order of prime p, and generating a bilinear group G 0 of g;
    定义全局属性集合L={a1,a2,...,am}以及安全等级k;Defining a global attribute set L={a 1 , a 2 , . . . , a m } and a security level k;
    选取一个随机数vj∈Zp,并将所述随机数vj作为属性版本密钥VKj=vj,并依据所述属性版本密钥生成子公钥
    Figure PCTCN2017076545-appb-100016
    其中Zp为有限域;    Selecting a random number v j ∈Z p , and using the random number v j as the attribute version key VK j =v j , and generating a sub-public key according to the attribute version key
    Figure PCTCN2017076545-appb-100016
    Where Z p is a finite field;
    选取两个随机数α,β∈Zp,并依据所述两个随机数α,β∈Zp、所述子公钥和所述双线性群,分别生成系统主私钥MSK={β,gα,{MSKj=VKj|aj∈L}},和系统主公钥
    Figure PCTCN2017076545-appb-100017
    Selecting two random numbers α, β∈Z p , and generating a system master private key MSK={β according to the two random numbers α, β∈Z p , the sub-public key and the bilinear group respectively , g α , {MSK j =VK j |a j ∈L}}, and the system master public key
    Figure PCTCN2017076545-appb-100017
    对每一用户设置用户属性集S,其中S为L的子集; Setting a user attribute set S for each user, where S is a subset of L;
    选取两个随机数r,z∈Zp,依据所述两个随机数r,z,所述系统主私钥和所述用户属性集S,分别生成所述转换密钥
    Figure PCTCN2017076545-appb-100018
    和所述私钥SK=(z,TK)。    Selecting two random numbers r, z ∈ Z p , respectively, according to the two random numbers r, z, the system master private key and the user attribute set S, respectively generating the conversion key
    Figure PCTCN2017076545-appb-100018
    And the private key SK = (z, TK).
  8. 根据权利要求7所述的装置,其特征在于,所述系统还包括:数据属主;The apparatus according to claim 7, wherein said system further comprises: a data owner;
    所述数据属主,用于执行以下步骤:The data is the master and is used to perform the following steps:
    依据预置应用密钥ck,并通过对称加密算法对所述文件进行加密,生成所述文件密文Eck(M),其中M表示所述文件;Generating the file ciphertext E ck (M) according to a preset application key ck and encrypting the file by a symmetric encryption algorithm, where M represents the file;
    为所述访问树结构T中的每一节点x选取一个多项式qxSelecting a polynomial q x for each node x in the access tree structure T;
    设置所述每一节点x对应的多项式qx中阶dx比各节点对应的门限值kx少1,其中kx=dx+1;X provided corresponding to each of the nodes in order polynomial Q x D x ratio of each node corresponding to the threshold value K x at least 1, where k x = d x +1;
    从根节点R起,选取随机数s∈Zp,并设置qR(0)=s,以及选择dR个节点定义多项式qRFrom the root node R, select the random number s∈Z p , and set q R (0)=s, and select d R nodes to define the polynomial q R ;
    为每一个非根节点x设置qx(0)=qpartent(x)(index(x)),并选择dx个节点定义多项式qxSet q x (0)=q partent(x) (index(x)) for each non-root node x and select d x nodes to define the polynomial q x .
    通过所述访问树结构T和所述系统主公钥对所述应用密钥ck进行加密,得到所述密钥密文CT,其中所述密钥密文CT为:Encrypting the application key ck by using the access tree structure T and the system master public key to obtain the key ciphertext CT, wherein the key ciphertext CT is:
    Figure PCTCN2017076545-appb-100019
    Figure PCTCN2017076545-appb-100019
    其中,X是所述访问树结构T中叶子节点对应的属性的集合;Where X is a set of attributes corresponding to leaf nodes in the access tree structure T;
    将所述密钥密文CT和所述文件密文上传至所述云服务器。Uploading the key ciphertext CT and the file ciphertext to the cloud server.
  9. 根据权利要求8所述的装置,其特征在于,The device of claim 8 wherein:
    所述云服务器,还用于执行以下步骤:The cloud server is further configured to perform the following steps:
    接收所述访问端发送的所述转换密钥中的局部密钥,其中所述转换密钥中的局部密钥
    Figure PCTCN2017076545-appb-100020
    Receiving a local key in the conversion key sent by the access terminal, where the local key in the conversion key
    Figure PCTCN2017076545-appb-100020
    预先定义递归运算DecryptNode(CT,TK′,x),其中,若节点x为所述访问树结构T中的叶子节点,设aj=att(x)且aj∈S,则
    Figure PCTCN2017076545-appb-100021
    Recursive operation DecryptNode(CT, TK', x) is defined in which, if node x is a leaf node in the access tree structure T, let a j =att(x) and a j ∈S, then
    Figure PCTCN2017076545-appb-100021
    若x不是所述访问树结构T中的叶子节点,且为所述节点x中所有子节点n,设置Fn=DecryptNode(CT,TK′,n),则
    Figure PCTCN2017076545-appb-100022
    If x is not a leaf node in the access tree structure T and is all child nodes n in the node x, setting F n =DecryptNode(CT, TK', n), then
    Figure PCTCN2017076545-appb-100022
    Figure PCTCN2017076545-appb-100023
    Figure PCTCN2017076545-appb-100023
    其中,j=index(n),Sx′={index(n):n∈Sx};Where j=index(n), S x '={index(n):n∈S x };
    通过所述访问树结构T中根节点R对应的函数DecryptNode(CT,TK′,R)进行运算,算出所述中间密文T={A,B},其中,Calculating the intermediate ciphertext T={A, B} by performing a function of the function DecryptNode (CT, TK', R) corresponding to the root node R in the access tree structure T, where
    Figure PCTCN2017076545-appb-100024
    Figure PCTCN2017076545-appb-100024
    设A=FR=e(g,g)rs/z
    Figure PCTCN2017076545-appb-100025
    Let A=F R =e(g,g) rs/z ,
    Figure PCTCN2017076545-appb-100025
    则所述访问端,还用于依据所述私钥SK和接收到的所述中间密文T={A,B},解密出所述明文密钥ck,其中,
    Figure PCTCN2017076545-appb-100026
    以及,通过所述明文密钥ck对所述文件密文Eck(M)进行解密,解密出所述文件M。    The accessing end is further configured to decrypt the plaintext key ck according to the private key SK and the received intermediate ciphertext T={A, B}, where
    Figure PCTCN2017076545-appb-100026
    And decrypting the file ciphertext E ck (M) by the plaintext key ck to decrypt the file M.
  10. 根据权利要求9所述的装置,其特征在于,The device of claim 9 wherein:
    所述密钥权威机构,还用于当撤销用户μ的属性x′被撤销时,选取随机数vx′ *∈Zp(vx′ *≠vx′),并将所述属性x′对应的属性版本密钥VKx′=vx′更换为属性版本密钥VKx′ *,令VKx′ *=vx′ *,以及依据VKx′ *生成更新密钥为UKx′,依据更换后的属性版本密钥VKx′ *更新所述系统主公钥为
    Figure PCTCN2017076545-appb-100027
    并将所述更新密钥UKx′发送给每一非撤销用户的访问端和所述云服务器,其中,    The key authority is further configured to: when the attribute x' of the undo user μ is revoked, select a random number v x′ * ∈Z p (v x′ * ≠v x′ ), and the attribute x′ The corresponding attribute version key VK x' = v x ' is replaced with the attribute version key VK x' * , VK x' * = v x ' * , and the update key is generated for UK x' according to VK x' * , Updating the system master public key according to the replaced attribute version key VK x' *
    Figure PCTCN2017076545-appb-100027
    And sending the update key UK x' to the access end of each non-revoked user and the cloud server, where
    Figure PCTCN2017076545-appb-100028
    Figure PCTCN2017076545-appb-100028
    所述访问端,还用于接收所述密钥权威机构发送的所述更新密钥UKx′,将已存储的所述私钥更新为:The access terminal is further configured to receive the update key UK x′ sent by the key authority, and update the stored private key to:
    Figure PCTCN2017076545-appb-100029
    Figure PCTCN2017076545-appb-100029
    所述云服务器,还用于接收所述密钥权威机构发送的所述更新密钥UKx′,并将所述密钥密文更新为:The cloud server is further configured to receive the update key UK x′ sent by the key authority, and update the key ciphertext to:
    Figure PCTCN2017076545-appb-100030
    Figure PCTCN2017076545-appb-100030
PCT/CN2017/076545 2017-03-14 2017-03-14 Cloud ciphertext access control method and system WO2018165835A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/076545 WO2018165835A1 (en) 2017-03-14 2017-03-14 Cloud ciphertext access control method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/076545 WO2018165835A1 (en) 2017-03-14 2017-03-14 Cloud ciphertext access control method and system

Publications (1)

Publication Number Publication Date
WO2018165835A1 true WO2018165835A1 (en) 2018-09-20

Family

ID=63522836

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/076545 WO2018165835A1 (en) 2017-03-14 2017-03-14 Cloud ciphertext access control method and system

Country Status (1)

Country Link
WO (1) WO2018165835A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109474423A (en) * 2018-12-10 2019-03-15 平安科技(深圳)有限公司 Data encryption/decryption method, server and storage medium
CN109872142A (en) * 2019-02-21 2019-06-11 缀初网络技术(上海)有限公司 A kind of digital asset method of commerce and its storage medium based on trusted third party
CN114362924A (en) * 2020-09-29 2022-04-15 湖南大学 CP-ABE-based system and method for supporting flexible revocation and verifiable ciphertext authorization
CN114584318A (en) * 2022-03-07 2022-06-03 亿咖通(湖北)技术有限公司 Access control method of certificate and secret key, electronic equipment and storage medium
CN114944963A (en) * 2022-07-12 2022-08-26 数字江西科技有限公司 Government affair data opening method and system
CN115688149A (en) * 2023-01-03 2023-02-03 大熊集团有限公司 Encrypted data access method and system
CN117220897A (en) * 2023-03-17 2023-12-12 山西大学 Traceable and revocable attribute-based encryption method with complete policy hiding

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104486315A (en) * 2014-12-08 2015-04-01 北京航空航天大学 Revocable key external package decryption method based on content attributes
CN104901942A (en) * 2015-03-10 2015-09-09 重庆邮电大学 Distributed access control method for attribute-based encryption
CN105141574A (en) * 2015-06-12 2015-12-09 深圳大学 Cloud storage cipher text access control system based on table attributes
CN106230590A (en) * 2016-07-22 2016-12-14 安徽大学 A kind of ciphertext policy ABE base encryption method of many authorized organizations
CN106357395A (en) * 2016-09-13 2017-01-25 深圳大学 Outsourcing access control method and system aiming at fog computing

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104486315A (en) * 2014-12-08 2015-04-01 北京航空航天大学 Revocable key external package decryption method based on content attributes
CN104901942A (en) * 2015-03-10 2015-09-09 重庆邮电大学 Distributed access control method for attribute-based encryption
CN105141574A (en) * 2015-06-12 2015-12-09 深圳大学 Cloud storage cipher text access control system based on table attributes
CN106230590A (en) * 2016-07-22 2016-12-14 安徽大学 A kind of ciphertext policy ABE base encryption method of many authorized organizations
CN106357395A (en) * 2016-09-13 2017-01-25 深圳大学 Outsourcing access control method and system aiming at fog computing

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
GREEN, M. ET AL.: "Outsourcing the Decryption of ABE Ciphertexts", PROCEEDINGS OF THE USENIX SECURITY SYMPOSIUM, 31 December 2011 (2011-12-31), XP055538598 *
WANG, SHULAN ET AL.: "A Compact and Outsourced Access Control Scheme in Cloud Computing", JOURNAL OF SIGNAL PROCESSING, vol. 31, no. 10, 31 October 2015 (2015-10-31), pages 1224 - 1230 *
YANG, KAN ET AL.: "DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems", IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, vol. 8, no. 11, 30 November 2013 (2013-11-30), pages 1791 - 1796, XP032441059 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109474423A (en) * 2018-12-10 2019-03-15 平安科技(深圳)有限公司 Data encryption/decryption method, server and storage medium
CN109474423B (en) * 2018-12-10 2022-10-21 平安科技(深圳)有限公司 Data encryption and decryption method, server and storage medium
CN109872142A (en) * 2019-02-21 2019-06-11 缀初网络技术(上海)有限公司 A kind of digital asset method of commerce and its storage medium based on trusted third party
CN109872142B (en) * 2019-02-21 2023-04-11 派欧云计算(上海)有限公司 Digital asset transaction method based on trusted third party and storage medium thereof
CN114362924A (en) * 2020-09-29 2022-04-15 湖南大学 CP-ABE-based system and method for supporting flexible revocation and verifiable ciphertext authorization
CN114584318A (en) * 2022-03-07 2022-06-03 亿咖通(湖北)技术有限公司 Access control method of certificate and secret key, electronic equipment and storage medium
CN114584318B (en) * 2022-03-07 2023-08-11 亿咖通(湖北)技术有限公司 Certificate and key access control method, electronic equipment and storage medium
CN114944963A (en) * 2022-07-12 2022-08-26 数字江西科技有限公司 Government affair data opening method and system
CN115688149A (en) * 2023-01-03 2023-02-03 大熊集团有限公司 Encrypted data access method and system
CN117220897A (en) * 2023-03-17 2023-12-12 山西大学 Traceable and revocable attribute-based encryption method with complete policy hiding

Similar Documents

Publication Publication Date Title
WO2018165835A1 (en) Cloud ciphertext access control method and system
US9646168B2 (en) Data access control method in cloud
CN106104562B (en) System and method for securely storing and recovering confidential data
US9767299B2 (en) Secure cloud data sharing
WO2019214070A1 (en) Encryption method for user communication on block chain, apparatus, terminal device and storage medium
WO2016197680A1 (en) Access control system for cloud storage service platform and access control method therefor
US9485096B2 (en) Encryption / decryption of data with non-persistent, non-shared passkey
WO2018045568A1 (en) Access control method oriented to cloud storage service platform and system thereof
WO2022105505A1 (en) Data processing method and apparatus applied to blockchain system
WO2016197770A1 (en) Access control system and access control method thereof for cloud storage service platform
US10938792B2 (en) Layered encryption for end to end communication
WO2016197769A1 (en) Cloud storage ciphertext access control system based on table attributes
CN105100083B (en) A kind of secret protection and support user's revocation based on encryption attribute method and system
CN108833393A (en) A kind of revocable data sharing method calculated based on mist
CN106790037B (en) User mode encrypted instant messaging method and system
CN113569271B (en) Threshold proxy re-encryption method based on attribute condition
CN103731432A (en) Multi-user supported searchable encryption system and method
KR101615137B1 (en) Data access method based on attributed
CN110650010A (en) Method, device and equipment for generating and using private key in asymmetric key
KR102050887B1 (en) METHOD AND SYSTEM FOR DATA SHARING FOR INTERNET OF THINGS(IoT) MANAGEMENT IN CLOUD COMPUTING
CN105933345B (en) It is a kind of that outsourcing attribute base encryption method can verify that based on linear privacy sharing
US20160112413A1 (en) Method for controlling security of cloud storage
WO2019214069A1 (en) Method and apparatus for encrypted user communication on blockchain, and terminal device and storage medium
CN106888213B (en) Cloud ciphertext access control method and system
CN113411323B (en) Medical record data access control system and method based on attribute encryption

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17901195

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 06.12.2019)

122 Ep: pct application non-entry in european phase

Ref document number: 17901195

Country of ref document: EP

Kind code of ref document: A1