CN106059765A - Digital virtual asset access control method based on attribute password under cloud environment - Google Patents

Abstract

The invention discloses a digital virtual asset access control method based on an attribute password under a cloud environment, and belongs to the technical field of information security. The method comprises the steps of system initialization, key generation, data encryption, outsourcing decryption, data decryption, outsourcing signature, request signature and request verification. By combining the attribute signature technology to the data access control technology based on attribute encryption, authorized access of digital virtual assets is realized, authorized modification is also realized, and the security of the digital virtual assets under the cloud environment is guaranteed. According to the method, most computing overhead of a user in the decryption and signature processes are outsourced to a cloud computing platform, so that the decryption and signature efficiency of the user is improved, the computing overhead of the user during signature and decryption is reduced, and the scheme can be applied to clients with limited resources.

Description

Digital virtual asset access control method based on attribute password in cloud environment

Technical Field

The invention belongs to the technical field of information security, and particularly relates to a digital virtual asset access control method based on an attribute password in a cloud environment.

Background

With the advent of cloud computing and the "internet +" era, more and more network digital services such as virtual currency, digital copyright, network games, network domain names and the like are integrated into the lives of people, and the economic form is promoted to be continuously evolved. The digital virtual asset is an intangible asset, refers to a right which can be dominated by a human and has value, is an expression form of the asset in a network virtual space, and has the physical essence that a series of serial numbers exist in a network, but has five characteristics of virtualization, adherence, reality, transaction and persistence. Virtualization is its essential property; the dependency index digital virtual assets have the characteristic of serious network dependency, and the generation, storage, transfer and consumption of the dependency index digital virtual assets can not leave the Internet; meanwhile, the digital virtual assets can meet various requirements of people and have use values, so that the digital virtual assets have transaction performance and sustainability. With the wide application of cloud computing and cloud storage technologies, storage and transaction of digital virtual assets are gradually migrated to cloud computing platforms. At present, most of research aiming at the digital virtual assets focuses on value evaluation and transaction of specific expression forms of the digital virtual assets, such as copyright evaluation, domain name evaluation, virtual currency transaction and the like, and the research direction of the security of the digital virtual assets in the whole circulation process of generation, storage, transfer and consumption of the digital virtual assets under a cloud computing platform is rarely involved. Due to the value of the digital virtual assets, the digital information in the network is very easy to copy, abuse and override, which causes great economic loss to all people and distributors of the digital virtual assets. Therefore, how to control reasonable access of digital virtual assets in a cloud environment and ensure the safety of the digital virtual assets in the whole asset life cycle is an important hotspot problem and a difficult problem.

In the prior art, an access control technology based on attribute encryption in a cloud environment is shown in fig. 1, and based on attribute encryption, only a user whose attribute satisfies a ciphertext access policy can access data, related entities include an attribute mechanism, a cloud computing platform, a data owner and an authorized user, and an implementation process includes the following three steps:

(1) and generating a key. The attribute mechanism is a credible key management mechanism, generates an attribute private key according to the attribute set of each user and distributes the attribute private key to the users.

(2) And (5) encrypting data. Before uploading data to a cloud computing platform, a data owner firstly makes a data access strategy, which defines conditions to be met when a user accesses the data and is generally in a tree structure. The data owner firstly encrypts data plaintext by using a symmetric key algorithm, then encrypts a symmetric key based on an access strategy, and then uploads the symmetric key to the cloud computing platform together.

(3) And (6) decrypting the data. And (3) after the user acquires the encrypted data from the cloud computing platform, if the attribute owned by the user meets the access strategy of the ciphertext, decrypting the symmetric key by using the attribute private key distributed in the step (1) to further decrypt the data plaintext, otherwise, decrypting the plaintext data.

Although the existing access control technology based on attribute encryption in the cloud environment can realize fine-grained access control of users on digital virtual assets in the cloud environment, users who fail to meet access policies cannot access the digital virtual assets. However, the legal user also involves modification of asset data in the process of using the data virtual asset, such as editing of copyright works, trading of currency assets, and the like, and the existing technology lacks dynamic access control on the modification behavior of the digital virtual asset and cannot limit the modification of the digital virtual asset of the user.

The problem that the decryption efficiency is low exists in the existing access control technology based on attribute encryption in the cloud environment. When decrypting the digital virtual asset data, the user spends a large amount of computing overhead for judging whether the attributes meet the access policy, and the number of the attributes in the data access policy is proportional to, so that the method is not suitable for the client with limited resources.

Disclosure of Invention

The invention combines the attribute signature technology on the basis of the attribute encryption technology, and requires that an asset owner not only establishes an access strategy but also establishes a strict modification strategy when uploading the digital virtual asset to a cloud computing platform. After the user modifies the authorized digital virtual assets, the user modifies the request by using the attribute signature, and the cloud computing platform receives the digital virtual asset data modified by the user after verifying that the attributes of the user meet the modification strategy.

The invention provides a digital virtual asset access control method based on an attribute password in a cloud environment, which adopts the attribute encryption and attribute signature technology to control the authorized access and modification of a digital virtual asset and ensure the safety of the digital virtual asset in the life cycles of uploading, storing, accessing, modifying and the like. Meanwhile, in order to reduce the computing overhead of authorized users in the processes of safely decrypting the virtual assets and modifying the virtual assets, partial computing is outsourced to the cloud computing platform. The method comprises the following concrete steps:

firstly, initializing a system; the attribute authority generates and secretly stores a system public key PK and a system master key MK.

Secondly, generating a secret key; and the attribute mechanism distributes the attribute private key SK to the user, and the user generates the attribute secret key AK and sends the attribute secret key AK to the cloud computing platform.

Thirdly, encrypting data; and constructing an access strategy number T by the asset owner, constructing a ciphertext CT and uploading the ciphertext CT to the cloud computing platform.

Step four, outsourcing decryption; after obtaining the ciphertext from the cloud computing platform, the user sends a decryption request to the cloud computing platform; and the cloud computing platform sends the partially decrypted ciphertext to the user.

Fifthly, decrypting the data; after receiving the ciphertext subjected to outsourcing decryption by the cloud computing platform, the user uses the attribute private key SK to calculate a data key DK, and uses the data key DK to decrypt a data plaintext M.

Sixthly, outsourcing a signature;

step seven, requesting a signature;

and step eight, requesting verification.

Compared with the data access control scheme based on attribute encryption in the existing cloud environment, the method has the advantages that:

(1) the invention combines the attribute signature technology in the data access control technology based on the attribute encryption, not only realizes the authorized access to the digital virtual assets, but also realizes the authorized modification, and ensures the safety of the digital virtual assets in the cloud computing environment.

(2) According to the invention, most of the computing overhead of the user in the decryption and signature processes is outsourced to the cloud computing platform, so that the decryption and signature efficiency of the user side is improved, the computing overhead of the user in the signature and decryption processes is reduced, and the scheme can be suitable for the client side with limited resources.

Drawings

FIG. 1 is a schematic diagram of a prior art system for access control based on attribute encryption in a cloud environment;

FIG. 2 is a schematic diagram of a system for controlling access to a data virtual asset based on an attribute password in a cloud environment.

Detailed Description

The present invention will be described in further detail with reference to the accompanying drawings and examples.

The invention provides a data virtual asset access control method based on an attribute password in a cloud environment, and related entities comprise: the system comprises an attribute authority, a cloud computing platform, an asset owner and an authorized user, wherein the attribute authority is a trusted third party and is used for establishing a system public key and a system master key, as shown in FIG. 2; meanwhile, the attribute mechanism distributes attributes for the user, generates an attribute private key and provides the attribute private key for the authorized user. The system public key is provided to the property owner. The cloud computing platform is a semi-trusted third party for storing and managing digital virtual assets uploaded by asset owners. In addition, the cloud computing platform executes partial decryption and signature operations for the user, and meanwhile judges whether the user meets a ciphertext modification strategy. The asset owner is an owner of the digital virtual asset, an access strategy and a modification strategy of the asset data are defined at the same time, and the digital virtual asset (namely encrypted data) is encrypted by using the access strategy and then uploaded to the cloud computing platform. And the authorized user can access and modify the data on the cloud computing platform according to the attribute private key. If the attribute of the user meets the access strategy of the ciphertext, the key of the encrypted data can be recovered, and the data key is used for decrypting the digital virtual asset plaintext. After the user modifies the data, if the attribute of the user meets the modification strategy of the ciphertext, the cloud computing platform receives the digital virtual asset modified by the user.

The algorithm involved in the present invention is given the following definition:

(1) setup (K) the attribute authority inputs the security parameters K and outputs the system public key PK and the system master key MK.

(2) KeyGen (MK, S) attribute mechanism inputs system master key MK, attribute set S of user and outputs attribute private key SK of user. And the user generates an attribute key AK based on the SK and sends the AK to the cloud computing platform for storage.

(3) Encrypt (PK, M, T, P) asset owner enters system public key PK, data plaintext M, access policy tree T, modify policy P. The asset owner first encrypts M using a random data key DK, then encrypts DK using an access policy tree T based on an attribute encryption algorithm, and finally outputs a ciphertext CT.

(4) PartDec (CT, AK). the cloud computing platform inputs the ciphertext CT and the attribute key AK of the user, and if the attribute in the AK meets the access strategy T of the ciphertext, the partially decrypted ciphertext CT is output_P。

(5)Decrypt(CT_PSK) ciphertext CT decrypted by a user input part_PAnd an attribute private key SK, firstly recovering DK, and then decrypting the digital virtual asset plaintext M by using the DK.

(6) PartSign (PK, Q, P, AK). cloud computing platform inputs system public key PK, modifies request Q, modifies policy tree P, attribute key AK of user, and outputs partial signature ST of request_PAnd a global key GK.

(7)Sign(ST_PSK) user input partial signature ST_PThe attribute private key SK outputs the entire signature ST of the request.

(8) And inputting a modification request Q, a signature ST and a global key GK by the cloud computing platform, if the attribute of the user meets a modification strategy tree P, successfully verifying the signature to allow the user to modify the data, and otherwise, failing to Verify the signature.

The invention provides a data virtual asset access control method based on an attribute password in a cloud environment, which comprises the following specific implementation processes:

first, the system initializes.

The attribute mechanism runs the Setup algorithm to construct a bilinear group with the order of prime number pNote the bookIs g, the corresponding bilinear mapping isDefining a hash functionRandom selection For a prime p-order cyclic group, the public key PK of the publishing system is as follows:

$PK=(\hat{e}{\left(g,g\right)}^{\mathrm{\α}},g^{\mathrm{\β}})$

then, the attribute authority generates the system master key MK as follows and holds it secret.

MK＝(g^α,β)

Secondly, generating a secret key;

the attribute mechanism runs the KeyGen algorithm and selects randomlyThen gives each attribute a of the user_j∈ S random selectionThe attribute private key SK of the user is generated as follows:

$SK=(D=g^{(\mathrm{\α}+\mathrm{\γ})/\mathrm{\β}},{\{D_j=g^{\mathrm{\γ}}{H}_1{\left(j\right)}^{{\mathrm{\γ}}_j},D_j^{\′}=g^{{\mathrm{\γ}}_j},D_j^{\′\′}=H_1{\left(j\right)}^{\mathrm{\β}}\}}_{j\∈S})$

the attribute authority then distributes the SK securely to the user, who randomly selectsThe attribute key AK is generated as follows:

$AK={\{{\tilde{D}}_j={\left(D_j\right)}^{\mathrm{\δ}},{\tilde{D}}_j^{\′}={\left(D_j^{\′}\right)}^{\mathrm{\δ}},D_j^{\′\′}\}}_{j\∈S}$

and finally, the user secretly saves the D and sends the attribute key AK to the cloud computing platform.

Thirdly, encrypting data;

the property owner runs the Encrypt algorithm and randomly selects the data keyBased on the symmetric encryption algorithm SEnc (), data plaintext M is encrypted by using DK, and then DK is encrypted by using the access policy tree T.

First, an access policy tree T is constructed, and a k is defined for each node x on the access policy tree T in a top-down manner_xPolynomial p of degree 1_xAnd is andrandom selectionFor the root node R of the access policy tree T, let p_R(0) S. Define function parent (x) return parent of x, index (x) return sequence number of node x, attr (x) return attribute value represented by leaf node x. For other nodes x of the access policy tree T, p is defined_x(0)＝p_parent(x)(index (x)), and selecting random parameters to complete p_xThe definition of (1). And setting Y to represent a set of attributes corresponding to leaf child nodes in the access policy tree T, and setting P to be a modification policy tree. Finally, the asset owner constructs the ciphertext CT (i.e., the encrypted data) and uploads to the cloud computing platform.

$CT=(T,P,E={\mathrm{SEnc}}_{DK}\left(M\right),\tilde{C}=DK\·\hat{e}{\left(g,g\right)}^{\mathrm{\α}s},$

$C=g^{\mathrm{\β}s},{\{C_y=g^{p_y\left(0\right)},C_y^{\′}=H_1{\left({\mathrm{attr}}_y\right)}^{p_y\left(0\right)}\}}_{y\∈Y})$

Step four, outsourcing decryption;

and after obtaining the ciphertext from the cloud computing platform, the user sends a decryption request to the cloud computing platform. The cloud computing platform runs a PartDec algorithm, a decryption process is realized by adopting a recursive algorithm, a recursive algorithm DecryptNode (CT, AK, x) is defined, and a ciphertext CT, an attribute key AK of a user and each node x in an access policy tree T are input.

If x is a leaf node, let i-attr_x。

If attribute Y of leaf node x_x∈ S, calculated as follows:

$\begin{array}{c}DecryptNode(CT,AK,x)=\frac{\hat{e}({\tilde{D}}_i,C_x)}{\hat{e}({\tilde{D}}_i^{\′},C_x^{\′})}\\ =\frac{\hat{e}({\left(D_i\right)}^{\mathrm{\δ}},C_x)}{\hat{e}({\left(D_i^{\′}\right)}^{\mathrm{\δ}},C_x^{\′})}\\ =\frac{\hat{e}(g^{\mathrm{\γ}\mathrm{\δ}}{H}_1{\left(i\right)}^{{\mathrm{\γ}}_i\mathrm{\δ}},g^{p_x\left(0\right)})}{\hat{e}(g^{{\mathrm{\γ}}_i\mathrm{\δ}},H_1{\left(i\right)}^{p_x\left(0\right)})}\\ =\hat{e}{(g,g)}^{{\mathrm{\γ\δp}}_x\left(0\right)}\end{array}$

if it is notThen, DecryptNode (CT, AK, x) is defined as ⊥.

If x is not a leaf node, the DecryptNode algorithm is run until the root node: all child nodes z of x run the DecryptNode (CT, AK, z) algorithm and save the calculation result in F_z. Order S_xIs any k_xA set of nodes z and satisfies DecryptNode (CT, AK, z), the calculation result F of DecryptNode (CT, AK, x)_xThe following were used:

$\begin{array}{c}{F}_x=\underset{z\∈S_x}{\mathrm{\Π}}{F}_z^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)},{\mathrm{where}}_{i=index\left(z\right)}^{S_x^{\′}=\{index\left(z\right):z\∈S_x\}}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δp}}_z\left(0\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δp}}_{parent\left(z\right)}\left(index\right(z\left)\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δp}}_x\left(i\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\hat{e}{(g,g)}^{{\mathrm{\γ\δp}}_x\left(0\right)}\end{array}$

wherein,lagrange coefficients.

Thus, if the user's attributes satisfy the access policy tree T, the decryption is as follows:

$A=DecryptNode(CT,AK,R)=\hat{e}{(g,g)}^{\mathrm{\γ}\mathrm{\δ}s}$

the cloud computing platform decrypts the part of the ciphertextAnd sending the data to the user.

Fifthly, decrypting the data;

after receiving the ciphertext decrypted by outsourcing of the cloud computing platform, the user operates a Decrypt algorithm, and calculates DK by using an attribute private key SK as follows:

$\begin{array}{c}\tilde{C}/\left(\hat{e}\right(C,D)/{\left(A\right)}^{1/\mathrm{\δ}})\\ =DK\·\hat{e}{(g,g)}^{\mathrm{\α}s}/\left(\hat{e}\right(g^{\mathrm{\β}s},g^{(\mathrm{\α}+\mathrm{\γ})/\mathrm{\β}})/{\left(\hat{e}{\left(g,g\right)}^{\mathrm{\γ}\mathrm{\δ}s}\right)}^{1/\mathrm{\δ}})\\ =DK\·\hat{e}{(g,g)}^{\mathrm{\α}s}/\hat{e}{(g,g)}^{s\mathrm{\α}}\\ =DK\end{array}$

finally, the user decrypts the data plaintext M by using DK based on a symmetric decryption algorithm SDec ():

M＝SDec_DK(E)

sixthly, outsourcing a signature;

when a user needs to modify data assets stored in the cloud computing platform, the user generates a modification request and signs the request by using the attribute private key and the modification policy. Firstly, a user generates a modification request Q and sends the modification request Q to a cloud computing platform, the cloud computing platform runs a PartSign algorithm, and a k is defined for each node x on a modification strategy tree P in a top-down mode_x-1 th order polynomial q_xAnd followMachine selectionFor modifying the root node R of the policy tree, set q_R(0) T. For other nodes x on the modification policy tree, q is specified_x(0)＝q_parent(x)(index (x)) and randomly selecting other coefficients to complete q_xThe definition of (1). Setting W to represent a set of attributes corresponding to leaf nodes in the modification policy tree P, and generating a global key GK by the cloud computing platform as follows:

$GK={\{K_i=g^{q_i\left(0\right)},K_i^{\′}=H_1{\left({\mathrm{attr}}_i\right)}^{q_i\left(0\right)}\}}_{i\∈W}$

then, the cloud computing platform randomly selectsThe generation is as follows:

${\tilde{S}}_0=H_2{\left(Q\right)}^{\mathrm{\μ}},S_0=g^{\mathrm{\β}\mathrm{\μ}}$

then, for each attribute i ∈ W in the modification policy tree P, the cloud computing platform randomly selectsThe attribute key AK for the user is used as calculated as follows:

${\{S_i={\tilde{D}}_i{H}_1{\left(i\right)}^{t_i}=g^{\mathrm{\γ}\mathrm{\δ}}{H}_1{\left(i\right)}^{{\mathrm{\γ}}_i\mathrm{\δ}+t_i},S_i^{\′}={\tilde{D}}_i^{\′}{g}^{t_i}=g^{{\mathrm{\γ}}_i\mathrm{\δ}+t_i}\}}_{i\∈S\∩W}$

${\{S_i=H_1{\left(i\right)}^{t_i},S_i^{\′}=g^{t_i}\}}_{i\∈W/S\∩W}$

finally, the cloud computing platform generates a partial signature ST_PAnd sent to the user.

${\mathrm{ST}}_P=(Q,{\tilde{S}}_0,S_0,{\{S_i,S_i^{\′}\}}_{i\∈W})$

Step seven, requesting a signature;

after receiving the partial signature of the cloud computing platform, the user runs a Sign algorithm and uses an attribute private key SK to calculate as follows:

$\tilde{S}={\tilde{S}}_0\·{\left(D\right)}^{\mathrm{\δ}}=H_2{\left(Q\right)}^{\mathrm{\μ}}\·g^{(\mathrm{\α}+\mathrm{\γ})\mathrm{\δ}/\mathrm{\β}},S=S_0,S^{\′}=\hat{e}{(g,g)}^{\mathrm{\α}(1-\mathrm{\δ})}$

the signature ST of the user-generated request is as follows:

$ST=(Q,\tilde{S},S,S^{\′},{\{S_i,S_i^{\′}\}}_{i\∈W})$

and step eight, requesting verification.

And after receiving the modification request and the signature ST, the cloud computing platform runs a Verify algorithm to Verify the validity of the signature. The verification process is realized by adopting a recursive algorithm, a recursive algorithm VerifyNode (ST, GK, x) is defined, a signature ST, a global key GK and a node x in a modification strategy tree P are input.

If x is a leaf node, let i-attr_x。

If attribute W of leaf node x_x∈ S ∩ W, calculated as follows:

$\begin{array}{c}VerifyNode(ST,GK,x)=\frac{\hat{e}(S_i,K_x)}{\hat{e}(S_i^{\′},K_x^{\′})}\\ =\frac{\hat{e}(g^{\mathrm{\γ}\mathrm{\δ}}{H}_1{\left(i\right)}^{{\mathrm{\γ}}_i\mathrm{\δ}+t_i},g^{q_x\left(0\right)})}{\hat{e}(g^{{\mathrm{\γ}}_i\mathrm{\δ}+t_i},H_1{\left(i\right)}^{q_x\left(0\right)})}\\ =\hat{e}{(g,g)}^{{\mathrm{\γ\δq}}_x\left(0\right)}\end{array}$

if W is_x∈ W/S ∩ W, calculated as follows:

$\begin{array}{c}VerifyNode(ST,GK,x)=\frac{\hat{e}(S_i,K_x)}{\hat{e}(S_i^{\′},K_x^{\′})}\\ =\frac{\hat{e}(H_1{\left(i\right)}^{t_i},g^{q_x\left(0\right)})}{\hat{e}(g^{t_i},H_1{\left(i\right)}^{q_x\left(0\right)})}\\ =1\end{array}$

if x is not a leaf node, running the VerifyNode algorithm until the root node: all x child nodes z, run the VerifyNode (ST, GK, z) algorithm and save the result in G_zThen VerifyNode (ST, GK, x) is calculated as follows:

$\begin{array}{c}{G}_x=\underset{z\∈S_x}{\mathrm{\Π}}{G}_z^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)},{\mathrm{where}}_{i=index\left(z\right)}^{S_x^{\′}=\{index\left(z\right):z\∈S_x\}}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δq}}_z\left(0\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δq}}_{parent\left(z\right)}\left(index\right(z\left)\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δq}}_x\left(i\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\hat{e}{(g,g)}^{{\mathrm{\γ\δq}}_x\left(0\right)}\end{array}$

wherein,lagrange coefficients.

If the user's attributes satisfy the modification policy tree P, the calculation is as follows:

$I=VerifyNode(ST,GK,R)=\hat{e}{(g,g)}^{\mathrm{\γ}\mathrm{\δ}t}$

finally, the cloud computing platform verifies whether the following equation holds:

$\frac{\hat{e}(g^{\mathrm{\β}},\tilde{S})\·S^{\′}}{\hat{e}\left(H_2\right(Q),S)\·{\left(I\right)}^{1/t}}=\hat{e}{(g,g)}^{\mathrm{\α}}$

if the verification result is positive, the signature verification of the user is successful, the digital virtual asset data modified by the user can be accepted and stored, otherwise, the cloud computing platform rejects the modification request of the user.

Claims (7)

1. A digital virtual asset access control method based on attribute passwords in a cloud environment is characterized in that: the concrete implementation steps are as follows,

firstly, initializing a system; the attribute mechanism generates and secretly stores a system public key PK and a system master key MK, and specifically comprises the following steps:

the attribute mechanism runs the Setup algorithm to construct a bilinear group with the order of prime number pNote the bookIs g, the corresponding bilinear mapping isDefining a hash functionRandom selection For a prime p-order cyclic group, the public key PK of the publishing system is as follows:

$PK=(\hat{e}{\left(g,g\right)}^{\mathrm{\α}},g^{\mathrm{\β}})$

then, the attribute mechanism generates a system master key MK and stores the system master key MK in a secret manner;

MK＝(g^α,β)；

secondly, generating a secret key; the attribute mechanism distributes the attribute private key SK to the user, the user generates the attribute secret key AK and sends the attribute secret key AK to the cloud computing platform, and the method specifically comprises the following steps:

the attribute mechanism runs the KeyGen algorithm and selects randomlyThen gives each attribute a of the user_j∈ S random selectionThe attribute private key SK of the user is generated as follows:

$\mathrm{SK}=(D=g^{(\mathrm{\α}+\mathrm{\γ})/\mathrm{\β}},{\{D_j=g^{\mathrm{\γ}}{H}_1{\left(j\right)}^{{\mathrm{\γ}}_j},D_j^{\′}=g^{{\mathrm{\γ}}_j},D_j^{\′\′}=H_1{\left(j\right)}^{\mathrm{\β}}\}}_{j\∈S})$

the attribute authority then distributes the SK securely to the user, who randomly selectsThe attribute key AK is generated as follows:

$AK={\{{\tilde{D}}_j={\left(D_j\right)}^{\mathrm{\δ}},{\tilde{D}}_j^{\′}={\left(D_j^{\′}\right)}^{\mathrm{\δ}},D_j^{\′\′}\}}_{j\∈S}$

finally, the user secretly stores the D and sends the attribute key AK to the cloud computing platform;

thirdly, encrypting data; the asset owner constructs an access policy tree T, constructs a ciphertext CT and uploads the ciphertext CT to a cloud computing platform;

step four, outsourcing decryption; after obtaining the ciphertext from the cloud computing platform, the user sends a decryption request to the cloud computing platform; the cloud computing platform sends the partially decrypted ciphertext to a user;

fifthly, decrypting the data; after receiving the ciphertext subjected to outsourcing decryption by the cloud computing platform, the user uses the attribute private key SK to calculate a data key DK, and uses the data key DK to decrypt a data plaintext M;

sixthly, outsourcing a signature;

step seven, requesting a signature;

and step eight, requesting verification.

2. The method for controlling access to the digital virtual asset based on the attribute password in the cloud environment according to claim 1, wherein: the data encryption in the third step is specifically that,

the property owner runs the Encrypt algorithm and randomly selects the data keyEncrypting a data plaintext M by using DK based on a symmetric encryption algorithm SEnc () and then encrypting the DK by using an access policy tree T;

first, an access policy tree T is constructed, and a k is defined for each node x on the access policy tree T in a top-down manner_xPolynomial p of degree 1_xAnd randomly selectFor the root node R of the access policy tree T, let p_R(0) S; defining function parent (x) return parent of x, index (x) return sequence number of node x, attr (x) return attribute value represented by leaf node x; for other nodes x of the access policy tree T, p is defined_x(0)＝p_parent(x)(index (x)), and selecting random parameters to complete p_xThe definition of (1); corresponding to leaf nodes in the access policy tree T by YA collection of attributes, P being a modification policy tree; finally, the asset owner constructs a ciphertext CT and uploads the ciphertext CT to the cloud computing platform;

$\begin{array}{c}CT=(T,P,E={\mathrm{SEnc}}_{DK}\left(M\right),\tilde{C}=DK\·\hat{e}{\left(g,g\right)}^{\mathrm{\α}s},\\ C=g^{\mathrm{\β}s},{\left\{C_y=g^{p_y\left(0\right)},C_y^{\′}=H_1{\left({\mathrm{attr}}_y\right)}^{p_y\left(0\right)}\right\}}_{y\∈Y})\end{array}.$

3. the method for controlling access to the digital virtual asset based on the attribute password in the cloud environment according to claim 1 or 2, wherein: the outsourcing decryption described in the fourth step is specifically,

the cloud computing platform runs a PartDec algorithm, a decryption process is realized by adopting a recursive algorithm, a recursive algorithm DecryptNode (CT, AK, x) is defined, and a ciphertext CT, an attribute key AK of a user and each node x in an access policy tree T are input;

if x is a leaf node, let i-attr_x；

If attribute Y of leaf node x_x∈ S, calculated as follows:

$\begin{array}{c}DecryptNode\left(CT,AK,x\right)=\frac{\hat{e}\left({\tilde{D}}_i,C_x\right)}{\hat{e}\left({\tilde{D}}_i^{\′},C_x^{\′}\right)}\\ =\frac{\hat{e}\left({\left(D_i\right)}^{\mathrm{\δ}},C_x\right)}{\hat{e}\left({\left(D_i^{\′}\right)}^{\mathrm{\δ}},C_x^{\′}\right)}\\ =\frac{\hat{e}\left(g^{\mathrm{\γ}\mathrm{\δ}}{H}_1{\left(i\right)}^{{\mathrm{\γ}}_i\mathrm{\δ}},g^{p_x\left(0\right)}\right)}{\hat{e}\left(g^{{\mathrm{\γ}}_i\mathrm{\δ}},H_1{\left(i\right)}^{p_x\left(0\right)}\right)}\\ =\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δp}}_x\left(0\right)}\end{array}$

if it is notDefine DecryptNode (CT, AK, x) ═ ⊥;

if x is not a leaf node, the DecryptNode algorithm is run until the root node: all child nodes z of x run the DecryptNode (CT, AK, z) algorithm and save the calculation result in F_z(ii) a Order S_xIs any k_xA set of nodes z and satisfies DecryptNode (CT, AK, z), the calculation result F of DecryptNode (CT, AK, x)_xThe following were used:

$\begin{array}{c}{F}_x=\underset{z\∈S_x}{\mathrm{\Π}}{F}_z^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)},{\mathrm{where}}_{i=index\left(z\right)}^{S_x^{\′}=\left\{index\left(z\right):z\∈S_x\right\}}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δp}}_z\left(0\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δp}}_{parent\left(z\right)}\left(index\left(z\right)\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δp}}_x\left(i\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δp}}_x\left(0\right)}\end{array}$

wherein,is the Lagrange coefficient;

thus, if the user's attributes satisfy the access policy tree T, the decryption is as follows:

$A=DecryptNode(CT,AK,R)=\hat{e}{(g,g)}^{\mathrm{\γ}\mathrm{\δ}s}$

the cloud computing platform decrypts the part of the ciphertextAnd sending the data to the user.

4. The method for controlling access to the digital virtual asset based on the attribute password in the cloud environment according to claim 1 or 2, wherein: and the data decryption in the fifth step is specifically,

after receiving the ciphertext decrypted by outsourcing of the cloud computing platform, the user operates a Decrypt algorithm, and calculates DK by using an attribute private key SK as follows:

$\begin{array}{c}\tilde{C}/\left(\hat{e}\left(C,D\right)/{\left(A\right)}^{1/\mathrm{\δ}}\right)\\ =DK\·\hat{e}{\left(g,g\right)}^{\mathrm{\α}s}/\left(\hat{e}\left(g^{\mathrm{\β}s},g^{\left(\mathrm{\α}+\mathrm{\γ}\right)/\mathrm{\β}}\right)/{\left(\hat{e}{\left(g,g\right)}^{\mathrm{\γ}\mathrm{\δ}s}\right)}^{1/\mathrm{\δ}}\right)\\ =DK\·\hat{e}{\left(g,g\right)}^{\mathrm{\α}s}/\hat{e}{\left(g,g\right)}^{s\mathrm{\α}}\\ =DK\end{array}$

finally, the user decrypts the data plaintext M by using DK based on a symmetric decryption algorithm SDec ():

M＝SDec_DK(E)。

5. the method for controlling access to the digital virtual asset based on the attribute password in the cloud environment according to claim 1 or 2, wherein: the outsourcing signature in the sixth step is specifically,

when a user needs to modify data assets stored in a cloud computing platform, the user generates a modification request and uses an attribute private key and a modification strategy signature request; firstly, a user generates a modification request Q and sends the modification request Q to a cloud computing platform, the cloud computing platform runs a PartSign algorithm, and a k is defined for each node x on a modification strategy tree P in a top-down mode_x-1 th order polynomial q_xAnd randomly selectFor modifying the root node R of the policy tree, set q_R(0) T; for other nodes x on the modification policy tree, q is specified_x(0)＝q_parent(x)(index (x)) and randomly selecting other coefficients to complete q_xThe definition of (1); setting W to represent a set of attributes corresponding to leaf nodes in the modification policy tree P, and generating a global key GK by the cloud computing platform as follows:

$GK={\{K_i=g^{q_i\left(0\right)},K_i^{\′}=H_1{\left({\mathrm{attr}}_i\right)}^{q_i\left(0\right)}\}}_{i\∈W}$

then, the cloud computing platform randomly selectsThe generation is as follows:

${\tilde{S}}_0=H_2{\left(Q\right)}^{\mathrm{\μ}},S_0=g^{\mathrm{\β}\mathrm{\μ}}$

then, for each attribute i ∈ W in the modification policy tree P, the cloud computing platform randomly selectsThe attribute key AK for the user is used as calculated as follows:

${\{S_i={\tilde{D}}_i{H}_1{\left(i\right)}^{t_i}=g^{\mathrm{\γ}\mathrm{\δ}}{H}_1{\left(i\right)}^{{\mathrm{\γ}}_i\mathrm{\δ}+t_i},S_i^{\′}={\tilde{D}}_i^{\′}{g}^{t_i}=g^{{\mathrm{\γ}}_i\mathrm{\δ}+t_i}\}}_{i\∈S\∩W}$

${\{S_i=H_1{\left(i\right)}^{t_i},S_i^{\′}=g^{t_i}\}}_{i\∈W/S\∩W}$

finally, the cloud computing platform generates a partial signature ST_PAnd sending to the user;

${\mathrm{ST}}_P=(Q,{\tilde{S}}_0,S_0,{\{S_i,S_i^{\′}\}}_{i\∈W}).$

6. the method for controlling access to the digital virtual asset based on the attribute password in the cloud environment according to claim 1 or 2, wherein: the request signature described in the seventh step is specifically,

after receiving the partial signature of the cloud computing platform, the user runs a Sign algorithm and uses an attribute private key SK to calculate as follows:

$\tilde{S}={\tilde{S}}_0\·{\left(D\right)}^{\mathrm{\δ}}=H_2{\left(Q\right)}^{\mathrm{\μ}}\·g^{(\mathrm{\α}+\mathrm{\γ})\mathrm{\δ}/\mathrm{\β}},S=S_0,S^{\′}=\hat{e}{(g,g)}^{\mathrm{\α}(1-\mathrm{\δ})}$

the signature ST of the user-generated request is as follows:

$ST=(Q,\tilde{S},S,S^{\′},{\{S_i,S_i^{\′}\}}_{i\∈W}).$

7. the method for controlling access to the digital virtual asset based on the attribute password in the cloud environment according to claim 1 or 2, wherein: the request verification in the eighth step is, specifically,

after receiving the modification request and the signature ST, the cloud computing platform runs a Verify algorithm to Verify the validity of the signature; the verification process is realized by adopting a recursive algorithm, a recursive algorithm VerifyNode (ST, GK, x) is defined, and a signature ST, a global key GK and a node x in a modification strategy tree P are input;

if x is a leaf node, let i-attr_x；

If attribute W of leaf node x_x∈ S ∩ W, calculated as follows:

$\begin{array}{c}VerifyNode\left(ST,GK,x\right)=\frac{\hat{e}\left(S_i,K_x\right)}{\hat{e}\left(S_i^{\′},K_x^{\′}\right)}\\ =\frac{\hat{e}\left(g^{\mathrm{\γ}\mathrm{\δ}}{H}_1{\left(i\right)}^{{\mathrm{\γ}}_i\mathrm{\δ}+t_i},g^{q_x\left(0\right)}\right)}{\hat{e}\left(g^{{\mathrm{\γ}}_i\mathrm{\δ}+t_i},H_1{\left(i\right)}^{q_x\left(0\right)}\right)}\\ =\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δq}}_x\left(0\right)}\end{array}$

if W is_x∈ W/S ∩ W, calculated as follows:

$\begin{array}{c}VerifyNode\left(ST,GK,x\right)=\frac{\hat{e}\left(S_i,K_x\right)}{\hat{e}\left(S_i^{\′},K_x^{\′}\right)}\\ =\frac{\hat{e}\left(H_1{\left(i\right)}^{t_i},g^{q_x\left(0\right)}\right)}{\hat{e}\left(g^{t_i},H_1{\left(i\right)}^{q_x\left(0\right)}\right)}\\ =1\end{array}$

if x is not a leaf node, running the VerifyNode algorithm until the root node: all x child nodes z, run the VerifyNode (ST, GK, z) algorithm and save the result in G_zThen VerifyNode (ST, GK, x) is calculated as follows:

$\begin{array}{c}{G}_x=\underset{z\∈S_x}{\mathrm{\Π}}{G}_z^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)},{\mathrm{where}}_{i=index\left(z\right)}^{S_x^{\′}=\left\{index\left(z\right):z\∈S_x\right\}}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δq}}_z\left(0\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δq}}_{parent\left(z\right)}\left(index\left(z\right)\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\underset{z\∈S_x}{\mathrm{\Π}}{\left(\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δq}}_x\left(i\right)}\right)}^{{\mathrm{\Δ}}_{i,S_x^{\′}}\left(0\right)}\\ =\hat{e}{\left(g,g\right)}^{{\mathrm{\γ\δq}}_x\left(0\right)}\end{array}$

wherein,is the Lagrange coefficient;

if the user's attributes satisfy the modification policy tree P, the calculation is as follows:

$I=VerifyNode(ST,GK,R)=\hat{e}{(g,g)}^{\mathrm{\γ}\mathrm{\δ}t}$

finally, the cloud computing platform verifies whether the following equation holds:

$\frac{\hat{e}(g^{\mathrm{\β}},\tilde{S})\·S^{\′}}{\hat{e}\left(H_2\right(Q),S)\·{\left(I\right)}^{1/t}}=\hat{e}{(g,g)}^{\mathrm{\α}}$

if the digital virtual asset data is not the same as the digital virtual asset data, the cloud computing platform refuses the modification request of the user.