CN104135473B - A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy - Google Patents

A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy Download PDF

Info

Publication number
CN104135473B
CN104135473B CN201410340380.3A CN201410340380A CN104135473B CN 104135473 B CN104135473 B CN 104135473B CN 201410340380 A CN201410340380 A CN 201410340380A CN 104135473 B CN104135473 B CN 104135473B
Authority
CN
China
Prior art keywords
pkg
gamma
group
ciphertext
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410340380.3A
Other languages
Chinese (zh)
Other versions
CN104135473A (en
Inventor
刘建伟
王志学
伍前红
刘巍然
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beihang University
Original Assignee
Beihang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beihang University filed Critical Beihang University
Priority to CN201410340380.3A priority Critical patent/CN104135473B/en
Publication of CN104135473A publication Critical patent/CN104135473A/en
Application granted granted Critical
Publication of CN104135473B publication Critical patent/CN104135473B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

A kind of method for realizing identity base broadcast enciphering by the attribute base encryption of Ciphertext policy, its step is as follows:Step 1:PKG input system safety coefficients, export initiation parameter;Step 2:PKG runs Generating Random Number, the random number for needed for Systematic selection;Step 3:PKG obtains public key and master key by computing;Step 4:Encryption side chooses random number and completes computing, output par, c ciphertext;Step 5:Encryption root is closed according to decrypted user identity set and calculates remainder ciphertext;Step 6:PKG runs Generating Random Number, obtains random parameter;Step 7:PKG is calculated private key SKID according to master key and user identity;Step 8:For satisfactory decryption side, K can be obtained according to private key and cryptogram computation;Step:9:Decrypted user according to K, by calculating exportable correct plaintext.The present invention substantially reduces construction cycle and system burden, can resist chosen ciphertext attacks, it is ensured that the security and validity of scheme.

Description

A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy
(1) technical field:
The present invention provides a kind of method for realizing identity base broadcast enciphering by the attribute base encryption of Ciphertext policy, that is, be referred to as A kind of method that IBBE is realized by CP-ABE, the secret communication that it can be used in data-driven network belongs to close in information security Code learns field.
(2) technical background:
In recent years it has been proposed that and devising many new data-driven networks, such as social networks, wireless sense network Network, electronic health care network etc., a kind of this network more flexible mode for the collection of data is provided.It allows data by dividing The terminal of cloth is collected, so that personal or group shares.For example, in electronic health care network, data center collects and stores up The IMR of patient is deposited, is inquired about for doctor when going medical so as to patient.Some researchers, authoritative institution etc. are also possible to meeting Use these data.The storage of digital document, treatment and easy to use, this causes these networks compared to traditional papery The management system of file has obvious advantage.
In these emerging networks, the secret protection of data is a particularly important problem.For example, storage is in social activity User's personal information in network is possible to be supplied business's abuse, in some instances it may even be possible to be leaked to offender.Once offender obtains The information such as address, the phone of user were obtained, very serious consequence may be caused.Again for example, in electronic health care network, patient Medical record information be unusual secret, only authorized individual or authoritative institution can access and obtain.Case history reveals event Not exclusively about the question of morality of individual privacy, more likely to patient spirit and economically cause serious injury.
Privacy of user can be protected in order to find, data can be made to obtain the method for rationally utilizing again, there has been proposed many Suitable for the encryption system of data-driven network, particularly public encryption system.The wide variety of public affairs in this network system Key encryption system includes broadcast enciphering (Broadcast Encryption, BE), identity base encryption (Identity-Based Encryption, IBE), identity base broadcast enciphering (Identity-Based Encryption, IBBE) and attribute base encryption (Attribute-Based Encryption, ABE) etc..
In public-key cryptosystem, encryption and decryption use different keys respectively:Wherein encryption key (i.e. public key) is Can be with disclosed, and decruption key (i.e. private key) only has decryption people oneself to know.The disclosure of encryption key is used so that key Distribution and management are simpler than DSE arithmetic.Broadcast enciphering (Broadcast Encryption, BE) is one kind in uneasiness To one group of cipher system of user's transmission encrypting information on all channel, in this system, system is indexed for user's distributing user (User Index), then it can make sender choose any user index set carries out broadcast enciphering, only authorized user Being capable of decrypting ciphertext.The concept of identity base encryption (Identity-Based Encryption, IBE) is creative by Shamir Propose, in this public-key cryptography scheme, the identity id information of user (such as ID card No., telephone number and addresses of items of mail Deng) directly as the public key of user, without being bound by digital certificate.Identity base broadcast enciphering (Identity-Based Encryption, IBBE) it is that broadcast enciphering is combined with a kind of of identity base encryption, it can use the identity id information pair of user Message encryption, and one group of user is broadcast to, user can decryption using private key corresponding with its ID.Attribute base is encrypted (Attribute-Based Encryption, ABE) is a kind of extension of IBE, and it replaces identity with attribute as least unit, Attribute base encryption (Key-Policy Attribute-Based Encryption, KP-ABE) and ciphertext including key strategy Attribute base encryption (Ciphertext-Policy Attribute-Based Encryption, CP-ABE) of strategy, KP-ABE Refer to ciphertext to be constructed by attribute set to construct key by access structure (Access Structure), when in attribute set Attribute disclosure satisfy that this access structure can be decrypted;CP-ABE refers to ciphertext to be constructed by access structure and by property set Close to construct key, could be decrypted when the attribute in attribute set disclosure satisfy that this access structure.Fig. 1 gives a kind of electronics Access control tree in healthy network, access control policy therein is:
Doctor (Doctor) therein, nurse (Nurse) and operation (Surgery) represent the attribute of user, above-mentioned access Control strategy is specifically described as:The doctor or nurse for being only responsible for operation can access.
(such as electronic health care network) realizes the visit of private data in these cryptographic systems are applied to data-driven network When asking control, a very actual problem is occurred in that:Although the cipher system of many approved safes suffers from various Advantage (such as regular length ciphertext/public key, efficient encryption/decryption procedures), but almost all of system is all each only Erect meter.Due to there are different access control demands in an objective network, Security Officer has to use simultaneously Various cipher systems adapt to different demands for security.It is negative which results in the exploitation cost for repeating and heavy system administration Load.Such as the example in next group of electronic health care network from the point of view of us.
First typical scene for being to be used in electronic health care network IBBE:Patient prepares a consultation of doctors request broadcast It is sent to doctor Alice, doctor Bob and doctor Carol.Whole process uses IBBE schemes, and patient is with the ID of doctor as public affairs Key, is broadcast in network by message encryption and by ciphertext.Only ID can be to ciphertext for the doctor of Alice, Bob or Carol It is decrypted, and knows the consultation of doctors demand of patient, but ID can not then know for the recipient of Mallory.
Second scene for being to be used in electronic health care network ABE:Patient wants his case history to be sent to his hand responsible The doctor and nurse of art.Patient is entered case history with access structure " (Doctor OR Nurse) AND Surgery " with ABE schemes , then directly be sent to ciphertext in electronic health care network by row encryption, and only attribute meets the recipient of access structure and could obtain To the case history of patient.
It will be seen that both the above situation is closely similar.However, because two kinds of situations have used different password bodies System, developer must respectively realize IBBE and ABE systems, so as to increased development effort.How by simply calling or Same cipher function storehouse is encapsulated again to realize different cipher systems, becomes a considerable problem.
From the point of view of directly perceived, because the attribute base of Ciphertext policy encrypts (Ciphertext-Policy Attribute-Based Encryption, CP-ABE) it is a kind of extension of IBE, while broadcast is also supported, so being replaced by by the user property in ABE The user identity being changed in IBBE is as just can simply realize conversion.But almost all of CP-ABE systems are all initial The change stage determines attribute, but identity can determine in encrypting stage or key generation phase in IBBE systems.This Sample allows for efficiently being converted into for a problem.
Based on background above, we have invented a kind of by calling and encapsulating to existing function library again, using CP-ABE The method that system realizes IBBE systems, and by the high efficiency and availability experimental results demonstrate our methods.
(3) content of the invention:
1st, purpose:
It is an object of the invention to provide a kind of method for realizing identity base broadcast enciphering by the attribute base encryption of Ciphertext policy, The method that IBBE is realized by CP-ABE, the secret communication that can be used in data-driven network, it is to avoid the weight in development process Return to work work, development effort is substantially reduced, while having the advantages that high security and high efficiency.
2nd, technical scheme:
Main mathematic sign and algorithmic translation:
1) bilinear mapIn the initialization module of the present invention program, by being input into safety coefficient λ, operation algorithm g (1λ), the cyclic group that two exponent numbers are prime number p can be obtained
Bilinear map meets following three characteristics:
1. bilinear characteristics:For all of There are e (ga,hb)=e (g, h)abSet up;
2. non-degeneracy:At least there is an element g in group so that the e (g, g) after calculating existsThere is exponent number in group p;
3. computability:In the presence of effective algorithm so that all ofThe value of e (u, v) can effectively be calculated;
2) hash algorithm:The impact resistant hash function used in the present invention possesses two spies substantially Property:One-way and anti-collision;One-way refers to that can only derive output from hash function input, and can not be defeated from hash function Go out and calculate input;Anti-collision refers to that while finding two different inputs its Hash result can not be made identical.
3) access control tree:In access control tree, leaf node represents attribute, and nonleaf node represents threshold value door.Each Nonleaf node makes num by its son node number and threshold definitionsxRepresent the son node number of x nodes, kxRepresent the threshold value of x nodes.When kxWhen=1, threshold value door is exactly OR gate (OR);Work as kx=numxWhen, threshold value door is exactly and door (AND).
This programme includes three entities, 1) private key generation center (Private Key Generator, PKG):With checking User identity, calculates generation, the mechanism of dispatch user private key functionality.2) data encryption side (Encrypting Party):Have The individual of encryption function or social framework;3) user (User):Individual or social framework with decryption function.
This programme includes four modules, respectively initialization module, encrypting module, private key generation module and deciphering module. As shown in Fig. 2 each module is according to " initialization module " → " encrypting module " → " private key generation module " → " deciphering module " order Perform.
A kind of method for realizing broadcast enciphering by the attribute base encryption of Ciphertext policy of the present invention, i.e., realize IBBE by CP-ABE Method, implementation step is as follows:
Module one:Initialization module
Private key generation center be PKG in this module using system security parameter λ as input, output public key PK and master are close Key MSK.Public key PK external disclosures, master key MSK is then taken care of by PKG.Implementing for the functions of modules is divided into three steps:
Step 1:PKG input system security parameter λ first, then run algorithm g (1λ), two exponent numbers of output are prime number p Group With a bilinear map computing
Step 2:PKG runs Generating Random Number, and random selection exponent number is p1'sA generation unit g in group, choosing Select a hash functionAnd Zp:Two element α in { 0,1 ..., p-1 } domain, β is used as Stochastic.
Step 3:PKG carries out following computing:
MSK=(β, gα)
PK is taken care of as master key as public key external disclosure, MSK by PKG.
Wherein, " operation algorithm g (1 described in step 1λ) ", its way is as follows:Security parameter λs of the PKG according to input Size, select suitable elliptic curve:Y2=X3+ aX+b (a and b are coefficients).Group is constituted according to the point on selected elliptic curve A kind of Function Mapping e is selected, by groupIn element be mapped to groupIn;Security parameter numerical value is bigger, selected Point on elliptic curve is also more, and group is also bigger.
Wherein, described in step 2 " Generating Random Number ", its way is as follows:According to ellipse selected in step 1 Curve:y2=x3+ ax+b, a value x of random selection independent variable x1, calculate the value y of correspondence dependent variable y1;If point (x1,y1) We are wanted in the group of mapping, then be successfully generated random element.If point (x1,y1) not in group, then continue to select the value of x, directly To finding the point appeared in group.Generating Random Number hereinafter is identical.
Wherein, " hash function described in step 2" represent:To be made up of binary number 0 and 1 Character be mapped to by hash function HIn group.
Module two:Encrypting module
Encryption side in this module using public key PK and message M to be encrypted and user identity set S to be received as Input, the ciphertext CT exported after encryption.The realization of the functions of modules is divided into two steps:
Step 4:Encryption side randomly chooses Zp:An element t in { 0,1 ..., p-1 } domain is completed as follows as index Computing:
C0=Me (g, g)αt
C1=ht
C2=gt
Step 5:ForCalculate:
CID=H (ID)t
Final ciphertext is output as:
Module three:Private key generation module
In this module, PKG corresponds to the private key of user identity ID using master key MSK and user identity ID as input SKIDIt is output.The private key SK for obtainingIDUser will be in a secure manner sent to.It is implemented as follows:
Step 6:PKG runs Generating Random Number, and Z is generated at randomp:Two element γ in { 0,1 ..., p-1 } domain, γ ' is used as index.
Step 7:PKG does following computing according to the MSK and upper step income index that are generated in module one:
Obtain the corresponding private key SK of IDID
Module four:Deciphering module
User in S can be decrypted as decryption side to ciphertext.The module with public key PK, the corresponding private of ID Key SKIDIt is input with ciphertext CT, output obtains message M, comprises the following steps that:
Step:8:For the decrypted user in S, by the private key SK of itselfIDIt is calculated as below first:
Step 9:K of the decrypted user according to obtained by upper step, by carrying out following computing, can calculate output message M:
By above-mentioned module and step, we complete the scheme that IBBE is realized by CP-ABE.By using existing CP- ABE kits, can conveniently realize the function of identity base broadcast enciphering, it is to avoid unnecessary development effort.
3rd, advantage and effect:
A kind of method for realizing identity base broadcast enciphering by the attribute base encryption of Ciphertext policy of the present invention, can be used for data drive Secret communication in dynamic network between user, its advantage and effect are:
1) present invention realizes the function of IBBE using existing CP-ABE encipherment schemes respectively so that developer is in face Can be realized using same instrument during to different encryption requirements, substantially reduce construction cycle and system burden.
2) present invention has passed through the safety analysis under approved safe model, can resist chosen ciphertext attacks, it is ensured that side The security of case;
3) by the present invention in that completing the realization of scheme with cpabe toolkit, it was demonstrated that the validity of scheme.
(4) illustrate:
A kind of access structure example in Fig. 1 electronic health care networks;
Fig. 2 the method for the invention is that the FB(flow block) of IBBE is realized by CP-ABE;
Fig. 3 the method for the invention is access structure used when CP-ABE realizes IBBE.
Symbol description is as follows in figure:
In Fig. 1, nonleaf node represents with circle, represents threshold value door (OR or AND i.e. in figure);Leaf node square frame Represent, represent user property (Doctor, Nurse or Surgery i.e. in figure).
In figure 3, circle (OR) represents OR gate, the ID in square frameiRepresent user identity ID.
(5) specific embodiment
As shown in Fig. 1-3, this programme includes four modules, respectively initialization module, encrypting module, private key generation module And deciphering module.As shown in figure 3, each module is according to " initialization module " → " encrypting module " → " private key generation module " → " solution Close module " order is performed.
A kind of method for realizing broadcast enciphering by the attribute base encryption of Ciphertext policy of the present invention, i.e., realize IBBE by CP-ABE Method, implementation step is as follows:
Module one:Initialization module
PKG, using system security parameter λ as input, exports public key PK and master key MSK in this module.Public key PK pairs Outer disclosure, master key MSK is then taken care of by PKG.Implementing for the functions of modules is divided into three steps:
Step 1:PKG input system security parameter λ first, then run algorithm g (1λ), two exponent numbers of output are prime number p Group With a bilinear map computing
Step 2:PKG runs Generating Random Number, and random selection exponent number is p1'sA generation unit g in group, choosing Select a hash functionAnd Zp:Two element α in { 0,1 ..., p-1 } domain, β is used as Stochastic.
Step 3:PKG carries out following computing:
MSK=(β, gα)
Wherein, used as public key parameter external disclosure, MSK is taken care of PK as master key by PKG.
Module two:Encrypting module
Encryption side in this module using public key PK and message M to be encrypted and user identity set S to be received as Input, the ciphertext CT exported after encryption.The realization of the functions of modules is divided into two steps:
Step 4:Encryption side randomly chooses Zp:An element t in { 0,1 ..., p-1 } domain is completed as follows as index Computing:
C0=Me (g, g)αt
C1=ht
C2=gt
Step 5:ForCalculate:
CID=H (ID)t
Final ciphertext is output as:
Module three:Private key generation module
In this module, PKG exports private key for user SK using master key MSK and ID as inputID.Implement It is as follows:
Step 6:PKG runs Generating Random Number, and Z is generated at randomp:Two element γ in { 0,1 ..., p-1 } domain, γ ' is used as index.
Step 7:PKG does following computing according to the MSK and upper step income index that are generated in module one:
Obtain the corresponding private key SK of IDID
Module four:Deciphering module
User in S can be decrypted as decryption side to ciphertext.The module with public key PK, the corresponding private of ID Key SKIDIt is input with ciphertext CT, output obtains message M, comprises the following steps that:
Step:8:For the decrypted user in S, by the private key SK of itselfIDIt is calculated as below first:
Step 9:K of the decrypted user according to obtained by upper step, by carrying out following computing, can calculate output message M:
By above-mentioned module and step, we complete the scheme that IBBE is realized by CP-ABE.

Claims (3)

1. a kind of attribute base by Ciphertext policy encrypts the method for realizing broadcast enciphering, it is characterised in that:It is as follows including step:
Step 1:PKG input system security parameter λ first, then run algorithmTwo exponent numbers of output are the group of prime number pWith a bilinear map computing
Step 2:PKG runs Generating Random Number, and random selection exponent number is p1'sA generation unit g in group, selection one Individual hash functionAnd Zp:Two element α in { 0,1 ..., p-1 } domain, β is used as Stochastic;
Step 3:PKG carries out following computing:
MSK=(β, gα)
PK is taken care of as master key as public key external disclosure, MSK by PKG;
Step 4:Encryption side randomly chooses Zp:An element t in { 0,1 ..., p-1 } domain completes following computing as index:
C0=Me (g, g)αt
C1=ht
C2=gt
Step 5:ForCalculate:
CID=H (ID)t
Final ciphertext is output as:
CT = ( C 0 , C 1 , C 2 , ∀ ID ∈ S : C ID = H ( ID ) t ) ;
Step 6:PKG runs Generating Random Number, and Z is generated at randomp:Two element γ, γ ' works in { 0,1 ..., p-1 } domain It is index;
Step 7:PKG does following computing according to the MSK and upper step income index of generation:
SK I D = ( ω = g α + γ β , D I D = g γ · H ( I D ) γ ′ , D I D ′ = g γ ′ )
Obtain the corresponding private key SK of IDID
Step:8:For the decrypted user in S, by the private key SK of itselfIDIt is calculated as below first:
K = e ( D , C 1 ) e ( D I D , C 2 ) e ( D I D , C I D ) = e ( g α + γ β , h s ) e ( g γ · H ( I D ) γ ′ , g t ) e ( g γ · H ( I D ) t ) ) = e ( g α + γ β , g β s ) e ( g γ , g s ) · e ( H ( I D ) γ ′ , g t ) e ( g γ · H ( I D ) t ) ) = e ( g , g ) ( α + γ ) t e ( g , g ) γ t = e ( g , g ) α t ;
Step 9:K of the decrypted user according to obtained by upper step, by carrying out following computing, calculates output message M:
C 0 K = M · e ( g , g ) α t e ( g , g ) α t = M ;
Wherein, " operation algorithm described in step 1", its way is as follows:PKG is big according to the security parameter λ's of input It is small, select elliptic curve:Y2=X3+ aX+b, a and b are coefficients;Group is constituted according to the point on selected elliptic curveChoosing A kind of Function Mapping e is selected, by groupIn element be mapped to groupIn;Security parameter numerical value is bigger, selected elliptic curve On point it is also more, group is also bigger.
2. a kind of attribute base by Ciphertext policy according to claim 1 encrypts the method for realizing broadcast enciphering, its feature It is:In step 2 described " Generating Random Number ", its way is as follows:According to elliptic curve selected in step 1:y2 =x3+ ax+b, a value x of random selection independent variable x1, calculate the value y of correspondence dependent variable y1;If point (x1,y1) wanting mapping Group in, then be successfully generated random element;If point (x1,y1) not in group, then continue to select the value of x, appeared in until finding Point in group.
3. a kind of attribute base by Ciphertext policy according to claim 1 encrypts the method for realizing broadcast enciphering, its feature It is:Described " hash function in step 2" represent:The character being made up of binary number 0 and 1 is led to Hash function H is crossed to be mapped toIn group.
CN201410340380.3A 2014-07-16 2014-07-16 A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy Active CN104135473B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410340380.3A CN104135473B (en) 2014-07-16 2014-07-16 A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410340380.3A CN104135473B (en) 2014-07-16 2014-07-16 A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy

Publications (2)

Publication Number Publication Date
CN104135473A CN104135473A (en) 2014-11-05
CN104135473B true CN104135473B (en) 2017-06-23

Family

ID=51807995

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410340380.3A Active CN104135473B (en) 2014-07-16 2014-07-16 A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy

Country Status (1)

Country Link
CN (1) CN104135473B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104519071B (en) 2015-01-12 2017-08-11 北京科技大学 It is a kind of that there is the group's encryption and decryption method and system for selecting and excluding function
CN104868963B (en) * 2015-05-11 2017-11-28 电子科技大学 A kind of broadcast encryption scheme based on multilinear pairing
CN105978869B (en) * 2016-05-06 2018-11-30 西安电子科技大学 A kind of identity-based broadcast encryption method that can be cross-domain in Information Network
CN109257165B (en) * 2017-07-12 2020-08-21 北京嘀嘀无限科技发展有限公司 Encryption and decryption method and encryption and decryption system for fine-grained mobile access
WO2019007298A1 (en) 2017-07-06 2019-01-10 Beijing DIDI Infinity Technology and Development Co., Ltd Systems and methods for data transmission
CN108898475B (en) * 2018-05-08 2021-04-06 众安信息技术服务有限公司 Attribute encryption-based alliance block chain credit implementation method and system
CN109067520B (en) * 2018-07-26 2020-06-05 北京航空航天大学 Revocable broadcast encryption method and system based on hierarchical identity
CN110458554B (en) * 2019-03-31 2022-03-22 西安电子科技大学 Identity-based data rapid transaction method on block chain
CN111917534B (en) * 2020-06-17 2023-12-15 深圳市风云实业有限公司 Multicast data transmission method for embedding ciphertext strategies in message
CN112733176B (en) * 2021-01-26 2023-07-11 中国人民解放军国防科技大学 Identification password encryption method based on global hash

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101807991A (en) * 2009-02-18 2010-08-18 上海交通大学 Ciphertext policy attribute-based encryption system and method
CN102624522A (en) * 2012-03-30 2012-08-01 华中科技大学 Key encryption method based on file attribution
CN103647644A (en) * 2013-12-26 2014-03-19 北京航空航天大学 Attribute-based encryption method for achieving hierarchical certification authority

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101807991A (en) * 2009-02-18 2010-08-18 上海交通大学 Ciphertext policy attribute-based encryption system and method
CN102624522A (en) * 2012-03-30 2012-08-01 华中科技大学 Key encryption method based on file attribution
CN103647644A (en) * 2013-12-26 2014-03-19 北京航空航天大学 Attribute-based encryption method for achieving hierarchical certification authority

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"Ciphertext-policy Attribute-Based Encryption";John Bethencourt, Amit Sahai, Brent Waters;《2007 IEEE Symposium on Security and Privacy(SP’07)》;20070604;第3.1节,4.2节,5.2节 *
"Experimental Performance Comparisions between (H)IBE Schemes over Composite-Order and Prime-Order Bilinear Groups";Weiran Liu, Xiao Liu, Qianhong Wu, Bo Qin;《Proceedings of 2014 11th International Bhurban Conference on Applied Sciences & Technology (IBCAST)》;20140327;第204-207页 *

Also Published As

Publication number Publication date
CN104135473A (en) 2014-11-05

Similar Documents

Publication Publication Date Title
CN104135473B (en) A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy
CN104038341B (en) A kind of cross-system of identity-based acts on behalf of re-encryption method
US11425171B2 (en) Method and system for cryptographic attribute-based access control supporting dynamic rules
CN103986574B (en) A kind of Tiered broadcast encryption method of identity-based
CN103891195B (en) Encryption and decryption based on hierarchical attribute
CN104168108B (en) It is a kind of to reveal the traceable attribute base mixed encryption method of key
CN103401839B (en) A kind of many authorization center encryption method based on attribute protection
Wei et al. Obtain confidentiality or/and authenticity in big data by ID-based generalized signcryption
CN104363215B (en) A kind of encryption method and system based on attribute
CN101977112B (en) Public key cipher encrypting and decrypting method based on neural network chaotic attractor
EP2285040A1 (en) Two-factor combined public key generation and authentication method
CN107078906A (en) Public key encryp
CN105763528B (en) The encryption device of diversity person's anonymity under a kind of mixed mechanism
CN107005408A (en) Public key encryption system
CN105071937A (en) Ciphertext poly attribute base encryption method having efficient attribute revocation capability
WO2005078991A1 (en) A method of multi- centric identity-based key management
CN108462575A (en) Upload data ciphering method based on no trusted party thresholding Hybrid Encryption
CN113141247B (en) Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium
CN106790259A (en) A kind of asymmetric across cryptographic system re-encryption, decryption method and system
CN111563733A (en) Ring signature privacy protection system and method for digital wallet
CN107086912A (en) Ciphertext conversion method, decryption method and system in a kind of heterogeneous storage system
Sethia et al. CP-ABE for selective access with scalable revocation: A case study for mobile-based healthfolder.
CN104993929B (en) A kind of attribute-based encryption system that system property is supported to extend and method
CN108989037A (en) A kind of more authorization attribute base encryption methods, system, equipment and computer media
Cagalaban et al. Towards a secure patient information access control in ubiquitous healthcare systems using identity-based signcryption

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant