CN104135473B - A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy - Google Patents
A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy Download PDFInfo
- Publication number
- CN104135473B CN104135473B CN201410340380.3A CN201410340380A CN104135473B CN 104135473 B CN104135473 B CN 104135473B CN 201410340380 A CN201410340380 A CN 201410340380A CN 104135473 B CN104135473 B CN 104135473B
- Authority
- CN
- China
- Prior art keywords
- pkg
- gamma
- group
- ciphertext
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
A kind of method for realizing identity base broadcast enciphering by the attribute base encryption of Ciphertext policy, its step is as follows:Step 1:PKG input system safety coefficients, export initiation parameter;Step 2:PKG runs Generating Random Number, the random number for needed for Systematic selection;Step 3:PKG obtains public key and master key by computing;Step 4:Encryption side chooses random number and completes computing, output par, c ciphertext;Step 5:Encryption root is closed according to decrypted user identity set and calculates remainder ciphertext;Step 6:PKG runs Generating Random Number, obtains random parameter;Step 7:PKG is calculated private key SKID according to master key and user identity;Step 8:For satisfactory decryption side, K can be obtained according to private key and cryptogram computation;Step:9:Decrypted user according to K, by calculating exportable correct plaintext.The present invention substantially reduces construction cycle and system burden, can resist chosen ciphertext attacks, it is ensured that the security and validity of scheme.
Description
(1) technical field:
The present invention provides a kind of method for realizing identity base broadcast enciphering by the attribute base encryption of Ciphertext policy, that is, be referred to as
A kind of method that IBBE is realized by CP-ABE, the secret communication that it can be used in data-driven network belongs to close in information security
Code learns field.
(2) technical background:
In recent years it has been proposed that and devising many new data-driven networks, such as social networks, wireless sense network
Network, electronic health care network etc., a kind of this network more flexible mode for the collection of data is provided.It allows data by dividing
The terminal of cloth is collected, so that personal or group shares.For example, in electronic health care network, data center collects and stores up
The IMR of patient is deposited, is inquired about for doctor when going medical so as to patient.Some researchers, authoritative institution etc. are also possible to meeting
Use these data.The storage of digital document, treatment and easy to use, this causes these networks compared to traditional papery
The management system of file has obvious advantage.
In these emerging networks, the secret protection of data is a particularly important problem.For example, storage is in social activity
User's personal information in network is possible to be supplied business's abuse, in some instances it may even be possible to be leaked to offender.Once offender obtains
The information such as address, the phone of user were obtained, very serious consequence may be caused.Again for example, in electronic health care network, patient
Medical record information be unusual secret, only authorized individual or authoritative institution can access and obtain.Case history reveals event
Not exclusively about the question of morality of individual privacy, more likely to patient spirit and economically cause serious injury.
Privacy of user can be protected in order to find, data can be made to obtain the method for rationally utilizing again, there has been proposed many
Suitable for the encryption system of data-driven network, particularly public encryption system.The wide variety of public affairs in this network system
Key encryption system includes broadcast enciphering (Broadcast Encryption, BE), identity base encryption (Identity-Based
Encryption, IBE), identity base broadcast enciphering (Identity-Based Encryption, IBBE) and attribute base encryption
(Attribute-Based Encryption, ABE) etc..
In public-key cryptosystem, encryption and decryption use different keys respectively:Wherein encryption key (i.e. public key) is
Can be with disclosed, and decruption key (i.e. private key) only has decryption people oneself to know.The disclosure of encryption key is used so that key
Distribution and management are simpler than DSE arithmetic.Broadcast enciphering (Broadcast Encryption, BE) is one kind in uneasiness
To one group of cipher system of user's transmission encrypting information on all channel, in this system, system is indexed for user's distributing user
(User Index), then it can make sender choose any user index set carries out broadcast enciphering, only authorized user
Being capable of decrypting ciphertext.The concept of identity base encryption (Identity-Based Encryption, IBE) is creative by Shamir
Propose, in this public-key cryptography scheme, the identity id information of user (such as ID card No., telephone number and addresses of items of mail
Deng) directly as the public key of user, without being bound by digital certificate.Identity base broadcast enciphering (Identity-Based
Encryption, IBBE) it is that broadcast enciphering is combined with a kind of of identity base encryption, it can use the identity id information pair of user
Message encryption, and one group of user is broadcast to, user can decryption using private key corresponding with its ID.Attribute base is encrypted
(Attribute-Based Encryption, ABE) is a kind of extension of IBE, and it replaces identity with attribute as least unit,
Attribute base encryption (Key-Policy Attribute-Based Encryption, KP-ABE) and ciphertext including key strategy
Attribute base encryption (Ciphertext-Policy Attribute-Based Encryption, CP-ABE) of strategy, KP-ABE
Refer to ciphertext to be constructed by attribute set to construct key by access structure (Access Structure), when in attribute set
Attribute disclosure satisfy that this access structure can be decrypted;CP-ABE refers to ciphertext to be constructed by access structure and by property set
Close to construct key, could be decrypted when the attribute in attribute set disclosure satisfy that this access structure.Fig. 1 gives a kind of electronics
Access control tree in healthy network, access control policy therein is:
Doctor (Doctor) therein, nurse (Nurse) and operation (Surgery) represent the attribute of user, above-mentioned access
Control strategy is specifically described as:The doctor or nurse for being only responsible for operation can access.
(such as electronic health care network) realizes the visit of private data in these cryptographic systems are applied to data-driven network
When asking control, a very actual problem is occurred in that:Although the cipher system of many approved safes suffers from various
Advantage (such as regular length ciphertext/public key, efficient encryption/decryption procedures), but almost all of system is all each only
Erect meter.Due to there are different access control demands in an objective network, Security Officer has to use simultaneously
Various cipher systems adapt to different demands for security.It is negative which results in the exploitation cost for repeating and heavy system administration
Load.Such as the example in next group of electronic health care network from the point of view of us.
First typical scene for being to be used in electronic health care network IBBE:Patient prepares a consultation of doctors request broadcast
It is sent to doctor Alice, doctor Bob and doctor Carol.Whole process uses IBBE schemes, and patient is with the ID of doctor as public affairs
Key, is broadcast in network by message encryption and by ciphertext.Only ID can be to ciphertext for the doctor of Alice, Bob or Carol
It is decrypted, and knows the consultation of doctors demand of patient, but ID can not then know for the recipient of Mallory.
Second scene for being to be used in electronic health care network ABE:Patient wants his case history to be sent to his hand responsible
The doctor and nurse of art.Patient is entered case history with access structure " (Doctor OR Nurse) AND Surgery " with ABE schemes
, then directly be sent to ciphertext in electronic health care network by row encryption, and only attribute meets the recipient of access structure and could obtain
To the case history of patient.
It will be seen that both the above situation is closely similar.However, because two kinds of situations have used different password bodies
System, developer must respectively realize IBBE and ABE systems, so as to increased development effort.How by simply calling or
Same cipher function storehouse is encapsulated again to realize different cipher systems, becomes a considerable problem.
From the point of view of directly perceived, because the attribute base of Ciphertext policy encrypts (Ciphertext-Policy Attribute-Based
Encryption, CP-ABE) it is a kind of extension of IBE, while broadcast is also supported, so being replaced by by the user property in ABE
The user identity being changed in IBBE is as just can simply realize conversion.But almost all of CP-ABE systems are all initial
The change stage determines attribute, but identity can determine in encrypting stage or key generation phase in IBBE systems.This
Sample allows for efficiently being converted into for a problem.
Based on background above, we have invented a kind of by calling and encapsulating to existing function library again, using CP-ABE
The method that system realizes IBBE systems, and by the high efficiency and availability experimental results demonstrate our methods.
(3) content of the invention:
1st, purpose:
It is an object of the invention to provide a kind of method for realizing identity base broadcast enciphering by the attribute base encryption of Ciphertext policy,
The method that IBBE is realized by CP-ABE, the secret communication that can be used in data-driven network, it is to avoid the weight in development process
Return to work work, development effort is substantially reduced, while having the advantages that high security and high efficiency.
2nd, technical scheme:
Main mathematic sign and algorithmic translation:
1) bilinear mapIn the initialization module of the present invention program, by being input into safety coefficient
λ, operation algorithm g (1λ), the cyclic group that two exponent numbers are prime number p can be obtained
Bilinear map meets following three characteristics:
1. bilinear characteristics:For all of There are e (ga,hb)=e (g, h)abSet up;
2. non-degeneracy:At least there is an element g in group so that the e (g, g) after calculating existsThere is exponent number in group
p;
3. computability:In the presence of effective algorithm so that all ofThe value of e (u, v) can effectively be calculated;
2) hash algorithm:The impact resistant hash function used in the present invention possesses two spies substantially
Property:One-way and anti-collision;One-way refers to that can only derive output from hash function input, and can not be defeated from hash function
Go out and calculate input;Anti-collision refers to that while finding two different inputs its Hash result can not be made identical.
3) access control tree:In access control tree, leaf node represents attribute, and nonleaf node represents threshold value door.Each
Nonleaf node makes num by its son node number and threshold definitionsxRepresent the son node number of x nodes, kxRepresent the threshold value of x nodes.When
kxWhen=1, threshold value door is exactly OR gate (OR);Work as kx=numxWhen, threshold value door is exactly and door (AND).
This programme includes three entities, 1) private key generation center (Private Key Generator, PKG):With checking
User identity, calculates generation, the mechanism of dispatch user private key functionality.2) data encryption side (Encrypting Party):Have
The individual of encryption function or social framework;3) user (User):Individual or social framework with decryption function.
This programme includes four modules, respectively initialization module, encrypting module, private key generation module and deciphering module.
As shown in Fig. 2 each module is according to " initialization module " → " encrypting module " → " private key generation module " → " deciphering module " order
Perform.
A kind of method for realizing broadcast enciphering by the attribute base encryption of Ciphertext policy of the present invention, i.e., realize IBBE by CP-ABE
Method, implementation step is as follows:
Module one:Initialization module
Private key generation center be PKG in this module using system security parameter λ as input, output public key PK and master are close
Key MSK.Public key PK external disclosures, master key MSK is then taken care of by PKG.Implementing for the functions of modules is divided into three steps:
Step 1:PKG input system security parameter λ first, then run algorithm g (1λ), two exponent numbers of output are prime number p
Group With a bilinear map computing
Step 2:PKG runs Generating Random Number, and random selection exponent number is p1'sA generation unit g in group, choosing
Select a hash functionAnd Zp:Two element α in { 0,1 ..., p-1 } domain, β is used as Stochastic.
Step 3:PKG carries out following computing:
MSK=(β, gα)
PK is taken care of as master key as public key external disclosure, MSK by PKG.
Wherein, " operation algorithm g (1 described in step 1λ) ", its way is as follows:Security parameter λs of the PKG according to input
Size, select suitable elliptic curve:Y2=X3+ aX+b (a and b are coefficients).Group is constituted according to the point on selected elliptic curve A kind of Function Mapping e is selected, by groupIn element be mapped to groupIn;Security parameter numerical value is bigger, selected
Point on elliptic curve is also more, and group is also bigger.
Wherein, described in step 2 " Generating Random Number ", its way is as follows:According to ellipse selected in step 1
Curve:y2=x3+ ax+b, a value x of random selection independent variable x1, calculate the value y of correspondence dependent variable y1;If point (x1,y1)
We are wanted in the group of mapping, then be successfully generated random element.If point (x1,y1) not in group, then continue to select the value of x, directly
To finding the point appeared in group.Generating Random Number hereinafter is identical.
Wherein, " hash function described in step 2" represent:To be made up of binary number 0 and 1
Character be mapped to by hash function HIn group.
Module two:Encrypting module
Encryption side in this module using public key PK and message M to be encrypted and user identity set S to be received as
Input, the ciphertext CT exported after encryption.The realization of the functions of modules is divided into two steps:
Step 4:Encryption side randomly chooses Zp:An element t in { 0,1 ..., p-1 } domain is completed as follows as index
Computing:
C0=Me (g, g)αt
C1=ht
C2=gt
Step 5:ForCalculate:
CID=H (ID)t
Final ciphertext is output as:
Module three:Private key generation module
In this module, PKG corresponds to the private key of user identity ID using master key MSK and user identity ID as input
SKIDIt is output.The private key SK for obtainingIDUser will be in a secure manner sent to.It is implemented as follows:
Step 6:PKG runs Generating Random Number, and Z is generated at randomp:Two element γ in { 0,1 ..., p-1 } domain,
γ ' is used as index.
Step 7:PKG does following computing according to the MSK and upper step income index that are generated in module one:
Obtain the corresponding private key SK of IDID。
Module four:Deciphering module
User in S can be decrypted as decryption side to ciphertext.The module with public key PK, the corresponding private of ID
Key SKIDIt is input with ciphertext CT, output obtains message M, comprises the following steps that:
Step:8:For the decrypted user in S, by the private key SK of itselfIDIt is calculated as below first:
Step 9:K of the decrypted user according to obtained by upper step, by carrying out following computing, can calculate output message M:
By above-mentioned module and step, we complete the scheme that IBBE is realized by CP-ABE.By using existing CP-
ABE kits, can conveniently realize the function of identity base broadcast enciphering, it is to avoid unnecessary development effort.
3rd, advantage and effect:
A kind of method for realizing identity base broadcast enciphering by the attribute base encryption of Ciphertext policy of the present invention, can be used for data drive
Secret communication in dynamic network between user, its advantage and effect are:
1) present invention realizes the function of IBBE using existing CP-ABE encipherment schemes respectively so that developer is in face
Can be realized using same instrument during to different encryption requirements, substantially reduce construction cycle and system burden.
2) present invention has passed through the safety analysis under approved safe model, can resist chosen ciphertext attacks, it is ensured that side
The security of case;
3) by the present invention in that completing the realization of scheme with cpabe toolkit, it was demonstrated that the validity of scheme.
(4) illustrate:
A kind of access structure example in Fig. 1 electronic health care networks;
Fig. 2 the method for the invention is that the FB(flow block) of IBBE is realized by CP-ABE;
Fig. 3 the method for the invention is access structure used when CP-ABE realizes IBBE.
Symbol description is as follows in figure:
In Fig. 1, nonleaf node represents with circle, represents threshold value door (OR or AND i.e. in figure);Leaf node square frame
Represent, represent user property (Doctor, Nurse or Surgery i.e. in figure).
In figure 3, circle (OR) represents OR gate, the ID in square frameiRepresent user identity ID.
(5) specific embodiment
As shown in Fig. 1-3, this programme includes four modules, respectively initialization module, encrypting module, private key generation module
And deciphering module.As shown in figure 3, each module is according to " initialization module " → " encrypting module " → " private key generation module " → " solution
Close module " order is performed.
A kind of method for realizing broadcast enciphering by the attribute base encryption of Ciphertext policy of the present invention, i.e., realize IBBE by CP-ABE
Method, implementation step is as follows:
Module one:Initialization module
PKG, using system security parameter λ as input, exports public key PK and master key MSK in this module.Public key PK pairs
Outer disclosure, master key MSK is then taken care of by PKG.Implementing for the functions of modules is divided into three steps:
Step 1:PKG input system security parameter λ first, then run algorithm g (1λ), two exponent numbers of output are prime number p
Group With a bilinear map computing
Step 2:PKG runs Generating Random Number, and random selection exponent number is p1'sA generation unit g in group, choosing
Select a hash functionAnd Zp:Two element α in { 0,1 ..., p-1 } domain, β is used as Stochastic.
Step 3:PKG carries out following computing:
MSK=(β, gα)
Wherein, used as public key parameter external disclosure, MSK is taken care of PK as master key by PKG.
Module two:Encrypting module
Encryption side in this module using public key PK and message M to be encrypted and user identity set S to be received as
Input, the ciphertext CT exported after encryption.The realization of the functions of modules is divided into two steps:
Step 4:Encryption side randomly chooses Zp:An element t in { 0,1 ..., p-1 } domain is completed as follows as index
Computing:
C0=Me (g, g)αt
C1=ht
C2=gt
Step 5:ForCalculate:
CID=H (ID)t
Final ciphertext is output as:
Module three:Private key generation module
In this module, PKG exports private key for user SK using master key MSK and ID as inputID.Implement
It is as follows:
Step 6:PKG runs Generating Random Number, and Z is generated at randomp:Two element γ in { 0,1 ..., p-1 } domain,
γ ' is used as index.
Step 7:PKG does following computing according to the MSK and upper step income index that are generated in module one:
Obtain the corresponding private key SK of IDID。
Module four:Deciphering module
User in S can be decrypted as decryption side to ciphertext.The module with public key PK, the corresponding private of ID
Key SKIDIt is input with ciphertext CT, output obtains message M, comprises the following steps that:
Step:8:For the decrypted user in S, by the private key SK of itselfIDIt is calculated as below first:
Step 9:K of the decrypted user according to obtained by upper step, by carrying out following computing, can calculate output message M:
By above-mentioned module and step, we complete the scheme that IBBE is realized by CP-ABE.
Claims (3)
1. a kind of attribute base by Ciphertext policy encrypts the method for realizing broadcast enciphering, it is characterised in that:It is as follows including step:
Step 1:PKG input system security parameter λ first, then run algorithmTwo exponent numbers of output are the group of prime number pWith a bilinear map computing
Step 2:PKG runs Generating Random Number, and random selection exponent number is p1'sA generation unit g in group, selection one
Individual hash functionAnd Zp:Two element α in { 0,1 ..., p-1 } domain, β is used as Stochastic;
Step 3:PKG carries out following computing:
MSK=(β, gα)
PK is taken care of as master key as public key external disclosure, MSK by PKG;
Step 4:Encryption side randomly chooses Zp:An element t in { 0,1 ..., p-1 } domain completes following computing as index:
C0=Me (g, g)αt
C1=ht
C2=gt;
Step 5:ForCalculate:
CID=H (ID)t
Final ciphertext is output as:
Step 6:PKG runs Generating Random Number, and Z is generated at randomp:Two element γ, γ ' works in { 0,1 ..., p-1 } domain
It is index;
Step 7:PKG does following computing according to the MSK and upper step income index of generation:
Obtain the corresponding private key SK of IDID;
Step:8:For the decrypted user in S, by the private key SK of itselfIDIt is calculated as below first:
Step 9:K of the decrypted user according to obtained by upper step, by carrying out following computing, calculates output message M:
Wherein, " operation algorithm described in step 1", its way is as follows:PKG is big according to the security parameter λ's of input
It is small, select elliptic curve:Y2=X3+ aX+b, a and b are coefficients;Group is constituted according to the point on selected elliptic curveChoosing
A kind of Function Mapping e is selected, by groupIn element be mapped to groupIn;Security parameter numerical value is bigger, selected elliptic curve
On point it is also more, group is also bigger.
2. a kind of attribute base by Ciphertext policy according to claim 1 encrypts the method for realizing broadcast enciphering, its feature
It is:In step 2 described " Generating Random Number ", its way is as follows:According to elliptic curve selected in step 1:y2
=x3+ ax+b, a value x of random selection independent variable x1, calculate the value y of correspondence dependent variable y1;If point (x1,y1) wanting mapping
Group in, then be successfully generated random element;If point (x1,y1) not in group, then continue to select the value of x, appeared in until finding
Point in group.
3. a kind of attribute base by Ciphertext policy according to claim 1 encrypts the method for realizing broadcast enciphering, its feature
It is:Described " hash function in step 2" represent:The character being made up of binary number 0 and 1 is led to
Hash function H is crossed to be mapped toIn group.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410340380.3A CN104135473B (en) | 2014-07-16 | 2014-07-16 | A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410340380.3A CN104135473B (en) | 2014-07-16 | 2014-07-16 | A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104135473A CN104135473A (en) | 2014-11-05 |
CN104135473B true CN104135473B (en) | 2017-06-23 |
Family
ID=51807995
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410340380.3A Active CN104135473B (en) | 2014-07-16 | 2014-07-16 | A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104135473B (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104519071B (en) | 2015-01-12 | 2017-08-11 | 北京科技大学 | It is a kind of that there is the group's encryption and decryption method and system for selecting and excluding function |
CN104868963B (en) * | 2015-05-11 | 2017-11-28 | 电子科技大学 | A kind of broadcast encryption scheme based on multilinear pairing |
CN105978869B (en) * | 2016-05-06 | 2018-11-30 | 西安电子科技大学 | A kind of identity-based broadcast encryption method that can be cross-domain in Information Network |
CN109257165B (en) * | 2017-07-12 | 2020-08-21 | 北京嘀嘀无限科技发展有限公司 | Encryption and decryption method and encryption and decryption system for fine-grained mobile access |
WO2019007298A1 (en) | 2017-07-06 | 2019-01-10 | Beijing DIDI Infinity Technology and Development Co., Ltd | Systems and methods for data transmission |
CN108898475B (en) * | 2018-05-08 | 2021-04-06 | 众安信息技术服务有限公司 | Attribute encryption-based alliance block chain credit implementation method and system |
CN109067520B (en) * | 2018-07-26 | 2020-06-05 | 北京航空航天大学 | Revocable broadcast encryption method and system based on hierarchical identity |
CN110458554B (en) * | 2019-03-31 | 2022-03-22 | 西安电子科技大学 | Identity-based data rapid transaction method on block chain |
CN111917534B (en) * | 2020-06-17 | 2023-12-15 | 深圳市风云实业有限公司 | Multicast data transmission method for embedding ciphertext strategies in message |
CN112733176B (en) * | 2021-01-26 | 2023-07-11 | 中国人民解放军国防科技大学 | Identification password encryption method based on global hash |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101807991A (en) * | 2009-02-18 | 2010-08-18 | 上海交通大学 | Ciphertext policy attribute-based encryption system and method |
CN102624522A (en) * | 2012-03-30 | 2012-08-01 | 华中科技大学 | Key encryption method based on file attribution |
CN103647644A (en) * | 2013-12-26 | 2014-03-19 | 北京航空航天大学 | Attribute-based encryption method for achieving hierarchical certification authority |
-
2014
- 2014-07-16 CN CN201410340380.3A patent/CN104135473B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101807991A (en) * | 2009-02-18 | 2010-08-18 | 上海交通大学 | Ciphertext policy attribute-based encryption system and method |
CN102624522A (en) * | 2012-03-30 | 2012-08-01 | 华中科技大学 | Key encryption method based on file attribution |
CN103647644A (en) * | 2013-12-26 | 2014-03-19 | 北京航空航天大学 | Attribute-based encryption method for achieving hierarchical certification authority |
Non-Patent Citations (2)
Title |
---|
"Ciphertext-policy Attribute-Based Encryption";John Bethencourt, Amit Sahai, Brent Waters;《2007 IEEE Symposium on Security and Privacy(SP’07)》;20070604;第3.1节,4.2节,5.2节 * |
"Experimental Performance Comparisions between (H)IBE Schemes over Composite-Order and Prime-Order Bilinear Groups";Weiran Liu, Xiao Liu, Qianhong Wu, Bo Qin;《Proceedings of 2014 11th International Bhurban Conference on Applied Sciences & Technology (IBCAST)》;20140327;第204-207页 * |
Also Published As
Publication number | Publication date |
---|---|
CN104135473A (en) | 2014-11-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104135473B (en) | A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy | |
CN104038341B (en) | A kind of cross-system of identity-based acts on behalf of re-encryption method | |
US11425171B2 (en) | Method and system for cryptographic attribute-based access control supporting dynamic rules | |
CN103986574B (en) | A kind of Tiered broadcast encryption method of identity-based | |
CN103891195B (en) | Encryption and decryption based on hierarchical attribute | |
CN104168108B (en) | It is a kind of to reveal the traceable attribute base mixed encryption method of key | |
CN103401839B (en) | A kind of many authorization center encryption method based on attribute protection | |
Wei et al. | Obtain confidentiality or/and authenticity in big data by ID-based generalized signcryption | |
CN104363215B (en) | A kind of encryption method and system based on attribute | |
CN101977112B (en) | Public key cipher encrypting and decrypting method based on neural network chaotic attractor | |
EP2285040A1 (en) | Two-factor combined public key generation and authentication method | |
CN107078906A (en) | Public key encryp | |
CN105763528B (en) | The encryption device of diversity person's anonymity under a kind of mixed mechanism | |
CN107005408A (en) | Public key encryption system | |
CN105071937A (en) | Ciphertext poly attribute base encryption method having efficient attribute revocation capability | |
WO2005078991A1 (en) | A method of multi- centric identity-based key management | |
CN108462575A (en) | Upload data ciphering method based on no trusted party thresholding Hybrid Encryption | |
CN113141247B (en) | Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium | |
CN106790259A (en) | A kind of asymmetric across cryptographic system re-encryption, decryption method and system | |
CN111563733A (en) | Ring signature privacy protection system and method for digital wallet | |
CN107086912A (en) | Ciphertext conversion method, decryption method and system in a kind of heterogeneous storage system | |
Sethia et al. | CP-ABE for selective access with scalable revocation: A case study for mobile-based healthfolder. | |
CN104993929B (en) | A kind of attribute-based encryption system that system property is supported to extend and method | |
CN108989037A (en) | A kind of more authorization attribute base encryption methods, system, equipment and computer media | |
Cagalaban et al. | Towards a secure patient information access control in ubiquitous healthcare systems using identity-based signcryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |