CN106686010A - Multi-mechanism attribute-based encryption method supporting strategy dynamic updating - Google Patents
Multi-mechanism attribute-based encryption method supporting strategy dynamic updating Download PDFInfo
- Publication number
- CN106686010A CN106686010A CN201710135786.1A CN201710135786A CN106686010A CN 106686010 A CN106686010 A CN 106686010A CN 201710135786 A CN201710135786 A CN 201710135786A CN 106686010 A CN106686010 A CN 106686010A
- Authority
- CN
- China
- Prior art keywords
- attribute
- user
- key
- calculate
- dynamic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a multi-mechanism attribute-based encryption method supporting strategy dynamic updating. The method comprises the seven steps of system initialization, attribute mechanism initialization, secret key generation, data encryption, decryption, dynamic updating secrete key generation and dynamic ciphertext updating. An anonymous secret key distributing protocol is introduced to generate a private key for a user, privacy of the user is effectively protected, and collusion attack of an attribute mechanism is resisted. In addition, a dynamic strategy updating algorithm is adopted, strategy updating of any type is supported, and calculation and communication overhead in traditional strategy updating is greatly reduced. The method is low in communication overhead, supports privacy protection and strategy updating and can be applied to a cloud storage environment.
Description
Technical field
The present invention relates to cloud environment and field of cryptography, and in particular to many mechanical properties that a kind of support policy dynamic updates
Base encryption method, the method supports that the dynamic of data storage scheme and access strategy under cloud environment updates the secret protection with user, can be used to count
According to the data safety management of outer packet system, such as personal health case system.
Background technology
With the application of development and the cloud computing of internet, increasing people tends to storing data in high in the clouds, so
And Jing often includes some sensitive informations in these data, in order to protect privacy of user, need to carry out sensitive privacy information
Encryption.Attribute base encrypts (ABE, attribute based encryption) as a kind of emerging public key encryption skill
Art, the identity of user is bound with a series of attribute, is set a property by the private key or ciphertext to user and is collected or access structure,
Could decrypt when only property set and access structure match, it is achieved thereby that the communication of one-to-many and the fine granularity to file
Access control, therefore it is more suitable for the encryption of high in the clouds data.
Traditional believable mechanism of ABE only one of which is managing all of attribute, but in actual applications, attribute is often
Run by multiple organization managements.The ABE mechanism of single attribute mechanism can not meet the demand of large-scale distributed environment, attribute
Authoritative institution is vulnerable to concentration and attacks, in addition, attribute authority (aa) mechanism needs to distribute key, work for all of user authentication attribute
Overload, becomes the performance bottleneck of system.Many mechanism ABE undertake the different property set of management and distribution by multiple attribute mechanisms
The task of key, system burden is little, and flexibility is high, can be very good to be applied to such as personal health case system, intelligent grid system
System etc. needs the situation that multiple mechanisms are operated together, it is seen then that the research of many mechanical properties base encryption mechanisms has more using value.
User stores encryption data beyond the clouds in practical application, and the access strategy of setting is not unalterable, example
Such as, in personal health case system, patient is placed on case history in Cloud Server, and the access strategy of setting is { the People's Hospital, doctor
It is raw, division of cardiology }, only meeting the user of these three attributes can just access its case history, but when patient transfers from one hospital to another, only meet
The user of { red cross hospital, doctor, division of cardiology } can access its case history, and this is accomplished by Cloud Server and there is support to change access
The function of strategy.
The policy update technology of ciphertext and immature in attribute base encipherment scheme, is related to the unit structure ABE side of policy update
, only by a believable organization management all properties, security is not high, it is impossible to meet practical application request for case.Many mechanism ABE
Scheme improves the security of attribute management, but efficiency is not often high.It is therefore proposed that a kind of efficient support policy dynamic updates
Many mechanical properties base encryption methods, any kind of policy update can be supported.
The content of the invention
The technical problem to be solved is to provide many mechanical properties bases encryption that a kind of support policy dynamic updates
Method, supports any kind of policy update, reduces the communication during conventional measures update and computing cost problem, while protect using
The privacy at family, resists the collusion attack of attribute mechanism.
To reach above-mentioned purpose, the present invention discloses many mechanical properties base encryption methods that a kind of support policy dynamic updates,
Assume to have N number of attribute mechanism AA1,AA2,...,AAN, each attribute mechanism AAiControl one group of property setAnd each user possesses unique identity GID.The method comprising the steps of:
Step 1:System initialization, is performed by system, is input into security parameter 1λ, output system common parameter PP.
Step 2:Attribute chassis initialization, by attribute, mechanism performs, be input into common parameter PP, output attribute mechanism it is public and private
Key is to (PKi,SKi)。
Step 3:Key is generated, and is completed with user mutual by mechanism, input common parameter PP, attribute mechanism private key SKi, use
Family property set Au, export private key for user SKu。
Step 4:Encryption, is performed by data owner, input common parameter PP, plaintext m, access structure (M, ρ), is exported close
Literary C.
Step 5:Decryption, is performed by data consumer, input common parameter PP, private key for user SKu, ciphertext C, output is in plain text
m。
Step 6:Dynamic more new key, is performed by data owner, is input into the encryption information that user retains, and output dynamic is more
New key DKm。
Step 7:Dynamic updates ciphertext, is performed by Cloud Server, dynamic more new key DKm of input, exports the ciphertext for updating
C'。
Many mechanical properties base encryption methods that described support policy dynamic updates, the concrete step of step 1 system initialization
Suddenly it is:
Step 1.1:Input security parameter λ, exports PP=(e, p, g, h, h1,G,GT), wherein G, GTIt is that two ranks are prime number
The multiplication loop group of p, g, h, h1Be crowd G generation unit, e:G×G→GT;
Step 1.2:Select hash function:H:{0,1}*→Zp, calculate u=H (GID).
Many mechanical properties base encryption methods that described support policy dynamic updates, the tool of step 2 attribute chassis initialization
Body step is:
Step 2.1:Attribute mechanism AAiRandom selection αi∈Zp, calculate
Step 2.2:Attribute mechanism AAiEach attribute a that it is managedi,j∈Ai, randomly choose ti,j∈Zp, calculate
Step 2.3:Attribute mechanism AAiRandom selection βi∈Zp, calculateAnd definition one only can be by AAiWith AAjMeter
The pseudo-random function PRF of calculationi,j(), andWherein sI, jIt is by mechanism AA for PRF seedsiWith AAjIt is logical
Cross both sides' key and exchange a shared seed s that only both sides knowi,j, it is clear that si,j=sj,i。
Mechanism AAiPrivate keyAuthority public key
Many mechanical properties base encryption methods that described support policy dynamic updates, the concrete steps that step 3 key is generated
For:
Step 3.1:Definition Au is user property collection, user and attribute mechanism AAiInteraction, to ai,j∈Au∩Ai, mechanism AAi
Random selection ri∈Zp, calculate
Step 3.2:Anonymity Key distribution protocol, as i > j, η are run between user and attribute mechanismi,j=1, can obtainAs i < j, ηi,j=-1, can obtain
Step 3.3:Calculate
Private key for user
Many mechanical properties base encryption methods that described support policy dynamic updates, what step 4 was encrypted concretely comprises the following steps:
Step 4.1:Data owner is encrypting plaintext m, sets access strategy A as (M, ρ), and M is the matrix of l × n, mapping
ρ is by every a line M of MiWith each attribute mapping of encryption;
Step 4.2:Random selection s ∈ ZpAnd random vectorOrderRandom selection
q1,...,ql∈Zp, calculateC1=gs;
Step 4.3:For all of ai,j∈ A, calculateWherein i ∈ (1 ..., l).
Then ciphertext C={ C0,C1,(C2,i,C3,i)i∈(1 ..., l)}.Data owner retains encryption information
Many mechanical properties base encryption methods that described support policy dynamic updates, step 5 data deciphering is concretely comprised the following steps:
Step 5.1:Data consumer's input ciphertext C, user key SKuAnd attribute, if decryption person's attribute meets A,
Calculate firstSoIts
In
Step 5.2:If decryption person's attribute is unsatisfactory for A, return " mistake ".
Many mechanical properties base encryption methods that described support policy dynamic updates, step 6 dynamic more new key it is concrete
Step is:
Step 6.1:Input New Policy (M', ρ ') (wherein M' is the matrix of l' × n', and ρ ' is new mapping) and old strategy
(M, ρ), carries out new and old strategy contrast, exports line index information and is deposited into A1',A2',A3' in;
Step 6.2:Select a new random vectorAnd using s as its first input value, orderM'jThe jth row of representing matrix M', calculates more new key DK.
User is by dynamic more new keySend to Cloud Server.
Many mechanical properties base encryption methods that described support policy dynamic updates, step 7 dynamic updates the concrete of ciphertext
Step is:Dynamic more new key DK of the cloud server to usermAfterwards,
Step 7.1:To j ∈ A1', calculateWherein qj'=qi;
Step 7.2:To j ∈ A2', calculateWherein qj'=xjqi;
Step 7.3:To j ∈ A3',
New ciphertext is C'={ C0,C1,(C'2,j,C'3, j)j∈(1,...,l')}。
Many mechanical properties base encryption methods that described support policy dynamic updates, Anonymity Key distribution association in step 3.2
Discussing step is:
Increase an extra element in key, make u ∈ ZpFor the privacy value of user, α, beta, gamma is mechanism's private key, g,
g1, h is the generation unit of crowd G, and 2PC represents that both sides calculate safely agreement, and PoK represents the knowledge proof comprising privacy value.
Step 3.2.1:User selects ρ1∈Zp, attribute mechanism random selection τ, r ∈ Zp, and calculate x=(β+u) ρ1, both sides
Perform safety and calculate agreement;
Step 3.2.2:Attribute mechanism calculatesX2=gατ, X3=hrτ, by X1, X2, X3, PoK (α, τ, x, r),
Give user;
Step 3.2.3:User randomly chooses ρ2∈Zp, calculateSend Y, PoK (ρ2) give attribute mechanism;
Step 3.2.4:Attribute mechanism calculates Z=Yγ/τ, Z is sent, PoK (τ, γ) gives user;
Step 3.2.5:User calculates
Many mechanical properties base encryption methods that described support policy dynamic updates, the step 6.1 also includes:Definition
nρ(i),M、nρ(i),M'Number of attribute ρ (i) in matrix M, M', A are represented respectively1',A2' represent that ρ ' (j) has the rope of the j in M
Fuse breath collection, and ρ (i)=ρ ' is (j),
Step 6.1.1:If nρ'(j),M'≤nρ'(j),M, then the index information of j is stored in into A1';
Step 6.1.2:If nρ'(j),M'> nρ'(j),M, then by nρ'(j),M'-nρ'(j),MLine index information j be stored in A2';
Step 6.1.3:A3' represent be ρ ' (j) never in M occur j index information collection.
Many mechanical properties base encryption methods that described support policy dynamic updates, the measured step rapid 6.2 also includes:For
J ∈ [1, l'], are divided into three types.
Step 6.2.1:If (j, i) ∈ is A1', more new keyPut qj'=qi;
Step 6.2.2:If (j, i) ∈ is A2', randomly choose xj,qj'∈Zp, more new key
Step 6.2.3:If (j, i) ∈ is A3', randomly choose qj'∈Zp, more new key
The present invention has advantages below and significant effect:
1) present invention adopts LSSS access strategies, introduces dynamic strategy more new algorithm, supports any kind of policy update,
Ciphertext renewal is given Cloud Server and is completed, and reduces the workload of data owner, and is reduced logical during conventional measures update
Letter and computing cost problem, more press close to cloud environment application.
2) present invention is that user distributes key using Anonymity Key distribution protocol, so as to protect the privacy of user, while supporting
The collusion attack of family dependents of military personel in the liberated areas's property mechanism.
Description of the drawings
Tu1Shi Duo mechanisms attribute-based encryption system illustraton of model;
Fig. 2 is the algorithm flow chart of the present invention.Fig. 2 is it is characterized in that when data owner updates access strategy, only need
More new key DK is generated according to the encryption information that it retainsm, ciphertext renewal is by Cloud Server execution.
Specific embodiment
With reference to embodiments the invention will be further described with accompanying drawing.
Assume that the present invention has N number of attribute mechanism AA1,AA2,...,AAN, each attribute mechanism AAiControl one group of property setAnd each user possesses unique identity GID;
Algorithm flow designed by the present invention is specific as follows:
Step 1:System initialization, is performed by system, is input into security parameter 1λ, output system common parameter PP.At the beginning of system
Beginning concretely comprises the following steps:
Step 1.1:Input security parameter λ, exports PP=(e, p, g, h, h1,G,GT), wherein G, GTIt is that two ranks are prime number
The multiplication loop group of p, g, h, h1Be crowd G generation unit, e:G×G→GT;
Step 1.2:Select hash function:H:{0,1}*→Zp, calculate u=H (GID).
Step 2:Attribute chassis initialization, by attribute, mechanism performs, be input into common parameter PP, output attribute mechanism it is public and private
Key is to (PKi,SKi), concretely comprise the following steps:
Step 2.1:Attribute mechanism AAiRandom selection αi∈Zp, calculate
Step 2.2:Attribute mechanism AAiEach attribute a that it is managedi,j∈Ai, randomly choose ti,j∈Zp, calculate
Step 2.3:Attribute mechanism AAiRandom selection βi∈Zp, calculateAnd definition one only can be by AAiWith AAjMeter
The pseudo-random function PRF of calculationi,j(), andWherein si,jIt is by mechanism AA for PRF seedsiWith AAjIt is logical
Cross both sides' key and exchange a shared seed s that only both sides knowi,j, it is clear that si,j=sj,i。
Mechanism AAiPrivate keyAuthority public key
Step 3:Key is generated, and is completed with user mutual by mechanism, input common parameter PP, attribute mechanism private key SKi, use
Family property set Au, export private key for user SKu, concretely comprise the following steps:
Step 3.1:Definition Au is user property collection, user and attribute mechanism AAiInteraction, to ai,j∈Au∩Ai, mechanism AAi
Random selection ri∈Zp, calculate
Step 3.2:Anonymity Key distribution protocol, as i > j, η are run between user and attribute mechanismi,j=1, can obtainAs i < j, ηI, j=-1, can obtain
Step 3.3:Calculate
Private key for user
Anonymity Key distribution protocol step is in step 3.2:Increase an extra element in key, make u ∈ ZpFor
The privacy value of user, α, beta, gamma be mechanism's private key, g, g1, h is the generation unit of crowd G, and 2PC represents that both sides calculate safely agreement, PoK
Represent the knowledge proof comprising privacy value.
Step 3.2.1:User selects ρ1∈Zp, attribute mechanism random selection τ, r ∈ Zp, and calculate x=(β+u) ρ1, both sides
Perform safety and calculate agreement;
Step 3.2.2:Attribute mechanism calculatesX2=g ατ, X3=hrτ, by X1, X2, X3, PoK (α, τ, x, r),
Give user;
Step 3.2.3:User randomly chooses ρ2∈Zp, calculateSend Y, PoK (ρ2) give attribute mechanism;
Step 3.2.4:Attribute mechanism calculates Z=Yγ/τ, Z is sent, PoK (τ, γ) gives user;
Step 3.2.5:User calculates
Step 4:Encryption, is performed by data owner, input common parameter PP, plaintext m, access structure (M, ρ), is exported close
Literary C.Encryption is concretely comprised the following steps:
Step 4.1:Data owner is encrypting plaintext m, sets access strategy A as (M, ρ), and M is the matrix of l × n, mapping
ρ is by every a line M of MiWith each attribute mapping of encryption;
Step 4.2:Random selection s ∈ ZpAnd random vectorOrderRandom selection
q1,...,ql∈Zp, calculateC1=gs;
Step 4.3:For all of aI, j∈ A, calculateWherein i ∈ (1 ..., l).
Then ciphertext C={ C0,C1,(C2,i,C3,i)i∈(1,...,l)}.Data owner retains encryption information
Step 5:Decryption, is performed by data consumer, input common parameter PP, private key for user SKu, ciphertext C, output is in plain text
m.Concretely comprise the following steps:
Step 5.1:Data consumer's input ciphertext C, user key SKuAnd attribute, if decryption person's attribute meets A,
Calculate firstSo
Wherein
Step 5.2:If decryption person's attribute is unsatisfactory for A, return " mistake ".
Step 6:Dynamic more new key, is performed by data owner, is input into the encryption information that user retains, and output dynamic is more
New key DKm.Concretely comprise the following steps:
Step 6.1:Input New Policy (M', ρ ') (wherein M' is the matrix of l' × n', and ρ ' is new mapping) and old strategy
(M, ρ), carries out new and old strategy contrast, exports line index information and is deposited into A1',A2',A3' in;Define nρ(i),M、nρ(i),M'
Number of attribute ρ (i) in matrix M, M', A are represented respectively1',A2' represent that ρ ' (j) has the index information collection of the j in M, and ρ
(i)=ρ ' (j),
Step 6.1.1:If nρ'(j),M'≤nρ'(j),M, then the index information of j is stored in into A1';
Step 6.1.2:If nρ'(j),M'> nρ'(j),M, then by nρ'(j),M'-nρ'(j),MLine index information j be stored in A2';
Step 6.1.3:A3' represent be ρ ' (j) never in M occur j index information collection.
Step 6.2:Select a new random vectorAnd using s as its first input value, orderM'jThe jth row of representing matrix M', for j ∈ [1, l'], is divided into three types:
Step 6.2.1:If (j, i) ∈ is A1', more new keyPut qj'=qi;
Step 6.2.2:If (j, i) ∈ is A2', randomly choose xj,qj'∈Zp, more new key
Step 6.2.3:If (j, i) ∈ is A3', randomly choose qj'∈Zp, more new key
User is by dynamic more new keySend to Cloud Server.
Step 7:Dynamic updates ciphertext, is performed by Cloud Server, dynamic more new key DKm of input, exports the ciphertext for updating
C'.Concretely comprise the following steps:
Dynamic more new key DK of the cloud server to usermAfterwards,
Step 7.1:To j ∈ A1', calculateWherein qj'=qi;
Step 7.2:To j ∈ A2', calculateWherein qj'=xjqi;
Step 7.3:To j ∈ A3',
New ciphertext is C'={ C0,C1,(C'2,j,C'3,j)j∈(1,...,l')}。
In security, the program possesses the semantic peace met under master pattern under selection access structure and chosen -plain attact
Entirely (IND-sAS-CPA).
Many mechanical properties base encryption methods that a kind of present invention support policy dynamic updates, using LSSS access strategies and hide
Name key distribution protocol is designed, the characteristics of with any kind of policy update and protection privacy of user is supported, and user
Key length and ciphertext length are less.
Embodiment described herein and accompanying drawing be intended for demonstrate purpose, with help reader understand this method principle and
The thinking that inventor contributes for the application for promoting many mechanical properties bases to encrypt, and should be understood to be not limited to this tool
The example and condition of body.In addition, all equivalents done according to spirit of the invention or extension, all should cover the present invention's
In protection domain.
Claims (11)
1. many mechanical properties base encryption methods that a kind of support policy dynamic updates, it is characterised in that methods described includes:
Present invention assumes that having N number of attribute mechanism AA1,AA2,...,AAN, each attribute mechanism AAiControl one group of property setAnd each user possesses unique identity GID.
Step 1:System initialization, is performed by system, is input into security parameter 1λ, output system common parameter PP.
Step 2:Attribute chassis initialization, by attribute, mechanism performs, and is input into common parameter PP, the public private key pair of output attribute mechanism
(PKi,SKi)。
Step 3:Key is generated, and is completed with user mutual by mechanism, input common parameter PP, attribute mechanism private key SKi, user category
Property collection Au, export private key for user SKu。
Step 4:Encryption, is performed by data owner, input common parameter PP, plaintext m, access structure (M, ρ), exports ciphertext C.
Step 5:Decryption, is performed by data consumer, input common parameter PP, private key for user SKu, ciphertext C, export plaintext m.
Step 6:Dynamic more new key, is performed by data owner, is input into the encryption information that user retains, the dynamic more Xinmi City of output
Key DKm。
Step 7:Dynamic updates ciphertext, is performed by Cloud Server, dynamic more new key DKm of input, exports ciphertext C' for updating.
2. method according to claim 1, it is characterised in that the concrete steps of step 1 system initialization in methods described
For:
Step 1.1:Input security parameter λ, exports PP=(e, p, g, h, h1,G,GT), wherein G, GTIt is that two ranks are prime number p
Multiplication loop group, g, h, h1Be crowd G generation unit, e:G×G→GT;
Step 1.2:Select hash function:H:{0,1}*→Zp, calculate u=H (GID).
3. method according to claim 1, it is characterised in that step 2 attribute chassis initialization is concrete in methods described
Step is:
Step 2.1:Attribute mechanism AAiRandom selection αi∈Zp, calculate
Step 2.2:Attribute mechanism AAiEach attribute a that it is managedi,j∈Ai, randomly choose ti,j∈Zp, calculate
Step 2.3:Attribute mechanism AAiRandom selection βi∈Zp, calculateAnd definition one only can be by AAiWith AAjCalculate
Pseudo-random function PRFi,j(), andWherein si,jIt is by mechanism AA for PRF seedsiWith AAjBy double
Square key exchanges a shared seed s that only both sides knowi,j, it is clear that si,j=sj,i。
Mechanism AAiPrivate keyAuthority public key
4. method according to claim 1, it is characterised in that what step 3 key was generated in methods described concretely comprises the following steps:
Step 3.1:Define AuFor user property collection, user and attribute mechanism AAiInteraction, to ai,j∈Au∩Ai, mechanism AAiAt random
Select ri∈Zp, calculate
Step 3.2:Anonymity Key distribution protocol, as i > j, η are run between user and attribute mechanismi,j=1, can obtainAs i < j, ηi,j=-1, can obtain
Step 3.3:Calculate
Private key for user
5. method according to claim 1, it is characterised in that step 4 encryption concretely comprises the following steps in methods described:
Step 4.1:Data owner is encrypting plaintext m, sets access strategy A as (M, ρ), and M is the matrix of l × n, maps ρ by M
Every a line MiWith each attribute mapping of encryption;
Step 4.2:Random selection s ∈ ZpAnd random vectorOrderRandom selection q1,...,ql
∈Zp, calculateC1=gs;
Step 4.3:For all of ai,j∈ A, calculateWherein i ∈ (1 ..., l).
Then ciphertext C={ C0,C1,(C2,i,C3,i)i∈(1,...,l)}.Data owner retains encryption information
6. method according to claim 1, it is characterised in that step 5 data deciphering is concretely comprised the following steps in methods described:
Step 5.1:Data consumer's input ciphertext C, user key SKuAnd attribute, if decryption person's attribute meets A, count first
CalculateSoIts
In
Step 5.2:If decryption person's attribute is unsatisfactory for A, return " mistake ".
7. method according to claim 1, it is characterised in that the concrete step of step 6 dynamic more new key in methods described
Suddenly it is:
Step 6.1:Input New Policy (M', ρ ') (wherein M' for l' × n' matrix, ρ ' is new mapping) and it is old it is tactful (M,
ρ), new and old strategy contrast is carried out, line index information is exported and is deposited into A1',A2',A3' in;
Step 6.2:Select a new random vectorAnd using s as its first input value, orderM'j
The jth row of representing matrix M', calculates more new key DK.
User is by dynamic more new keySend to Cloud Server.
8. method according to claim 1, it is characterised in that step 7 dynamic updates the concrete step of ciphertext in methods described
Suddenly it is:Dynamic more new key DK of the cloud server to usermAfterwards,
Step 7.1:To j ∈ A1', calculateWherein qj'=qi;
Step 7.2:To j ∈ A2', calculateWherein qj'=xjqi;
Step 7.3:To j ∈ A3',
New ciphertext is C'={ C0,C1,(C'2,j,C′3,j)j∈(1,...,l')}。
9. method according to claim 7, it is characterised in that Anonymity Key distribution protocol step is in the step 3.2:
Increase an extra element in key, make u ∈ ZpFor the privacy value of user, α, beta, gamma is mechanism's private key, g, g1, h is
The generation unit of group G, 2PC represents that both sides calculate safely agreement, and PoK represents the knowledge proof comprising privacy value.
Step 3.2.1:User selects ρ1∈Zp, attribute mechanism random selection τ, r ∈ Zp, and calculate x=(β+u) ρ1, both sides' execution
Safety calculates agreement;
Step 3.2.2:Attribute mechanism calculatesX2=gατ, X3=hrτ, by X1, X2, X3, PoK (α, τ, x, r) is sent to
User;
Step 3.2.3:User randomly chooses ρ2∈Zp, calculateSend Y, PoK (ρ2) give attribute mechanism;
Step 3.2.4:Attribute mechanism calculates Z=Yγ/τ, Z is sent, PoK (τ, γ) gives user;
Step 3.2.5:User calculates
10. method according to claim 7, it is characterised in that the step 6.1 also includes:Define nρ(i),M、nρ(i),M'Point
Not Biao Shi number of attribute ρ (i) in matrix M, M', A1',A2' represent that ρ ' (j) has the index information collection of the j in M, and ρ (i)
=ρ ' (j),
Step 6.1.1:If nρ'(j),M'≤nρ'(j),M, then the index information of j is stored in into A1';
Step 6.1.2:If nρ'(j),M'> nρ'(j),M, then by nρ'(j),M'-nρ'(j),MLine index information j be stored in A2';
Step 6.1.3:A3' represent be ρ ' (j) never in M occur j index information collection.
11. methods according to claim 7, it is characterised in that the measured step rapid 6.2 also includes:For j ∈ [1, l'],
It is divided into three types.
Step 6.2.1:If (j, i) ∈ is A1', more new keyPut qj'=qi;
Step 6.2.2:If (j, i) ∈ is A2', randomly choose xj,qj'∈Zp, more new key
Step 6.2.3:If (j, i) ∈ is A3', randomly choose qj'∈Zp, more new key
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710135786.1A CN106686010A (en) | 2017-03-08 | 2017-03-08 | Multi-mechanism attribute-based encryption method supporting strategy dynamic updating |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710135786.1A CN106686010A (en) | 2017-03-08 | 2017-03-08 | Multi-mechanism attribute-based encryption method supporting strategy dynamic updating |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106686010A true CN106686010A (en) | 2017-05-17 |
Family
ID=58828603
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710135786.1A Pending CN106686010A (en) | 2017-03-08 | 2017-03-08 | Multi-mechanism attribute-based encryption method supporting strategy dynamic updating |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106686010A (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107682353A (en) * | 2017-10-25 | 2018-02-09 | 西安邮电大学 | A kind of health account access control system and method in electron medical treatment cloud |
CN107682157A (en) * | 2017-10-11 | 2018-02-09 | 河南理工大学 | More mechanical properties base encryption methods based on LWE on a kind of new lattice |
CN108063754A (en) * | 2017-11-10 | 2018-05-22 | 西安电子科技大学 | Towards the attribute base encryption method of wearable health monitoring equipment anonymization data |
CN108337085A (en) * | 2018-01-03 | 2018-07-27 | 西安电子科技大学 | A kind of newer approximate adjacent retrieval construction method of support dynamic |
CN108449174A (en) * | 2018-02-09 | 2018-08-24 | 孔泽 | The revocable encryption method and device of intelligent terminal in cloud computing application |
CN111431898A (en) * | 2020-03-23 | 2020-07-17 | 齐鲁工业大学 | Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things |
CN111431897A (en) * | 2020-03-23 | 2020-07-17 | 齐鲁工业大学 | Multi-attribute mechanism attribute-based encryption method with tracking function for cloud-assisted Internet of things |
CN111901328A (en) * | 2020-07-22 | 2020-11-06 | 电子科技大学 | Attribute-based encryption method based on prime order group |
CN113055168A (en) * | 2021-03-29 | 2021-06-29 | 陕西师范大学 | Ciphertext strategy attribute encryption method supporting strategy hiding and attribute updating |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101807991A (en) * | 2009-02-18 | 2010-08-18 | 上海交通大学 | Ciphertext policy attribute-based encryption system and method |
US20110320809A1 (en) * | 2010-06-23 | 2011-12-29 | Motorola, Inc. | Method and apparatus for key revocation in an attribute-based encryption scheme |
CN103618729A (en) * | 2013-09-03 | 2014-03-05 | 南京邮电大学 | Multi-mechanism hierarchical attribute-based encryption method applied to cloud storage |
CN106230590A (en) * | 2016-07-22 | 2016-12-14 | 安徽大学 | A kind of ciphertext policy ABE base encryption method of many authorized organizations |
-
2017
- 2017-03-08 CN CN201710135786.1A patent/CN106686010A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101807991A (en) * | 2009-02-18 | 2010-08-18 | 上海交通大学 | Ciphertext policy attribute-based encryption system and method |
US20110320809A1 (en) * | 2010-06-23 | 2011-12-29 | Motorola, Inc. | Method and apparatus for key revocation in an attribute-based encryption scheme |
CN103618729A (en) * | 2013-09-03 | 2014-03-05 | 南京邮电大学 | Multi-mechanism hierarchical attribute-based encryption method applied to cloud storage |
CN106230590A (en) * | 2016-07-22 | 2016-12-14 | 安徽大学 | A kind of ciphertext policy ABE base encryption method of many authorized organizations |
Non-Patent Citations (2)
Title |
---|
HUILING QIAN: "《Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation》", 《INTERNATIONAL JOUNAL OF INFORMATION SECURITY》 * |
ZUOBIN YING: "《Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating》", 《SCIENCE CHINA INFORMATION SCIENCE》 * |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107682157A (en) * | 2017-10-11 | 2018-02-09 | 河南理工大学 | More mechanical properties base encryption methods based on LWE on a kind of new lattice |
CN107682353B (en) * | 2017-10-25 | 2018-09-04 | 西安邮电大学 | A kind of health account access control method in electron medical treatment cloud |
CN107682353A (en) * | 2017-10-25 | 2018-02-09 | 西安邮电大学 | A kind of health account access control system and method in electron medical treatment cloud |
CN108063754A (en) * | 2017-11-10 | 2018-05-22 | 西安电子科技大学 | Towards the attribute base encryption method of wearable health monitoring equipment anonymization data |
CN108063754B (en) * | 2017-11-10 | 2020-11-13 | 西安电子科技大学 | Attribute-based encryption method for anonymized data of wearable health monitoring equipment |
CN108337085B (en) * | 2018-01-03 | 2020-11-13 | 西安电子科技大学 | Approximate neighbor search construction method supporting dynamic update |
CN108337085A (en) * | 2018-01-03 | 2018-07-27 | 西安电子科技大学 | A kind of newer approximate adjacent retrieval construction method of support dynamic |
CN108449174A (en) * | 2018-02-09 | 2018-08-24 | 孔泽 | The revocable encryption method and device of intelligent terminal in cloud computing application |
CN108449174B (en) * | 2018-02-09 | 2021-07-30 | 孔泽一 | Revocable encryption method and device for intelligent terminal in cloud computing application |
CN111431898A (en) * | 2020-03-23 | 2020-07-17 | 齐鲁工业大学 | Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things |
CN111431897A (en) * | 2020-03-23 | 2020-07-17 | 齐鲁工业大学 | Multi-attribute mechanism attribute-based encryption method with tracking function for cloud-assisted Internet of things |
CN111431898B (en) * | 2020-03-23 | 2022-06-07 | 齐鲁工业大学 | Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things |
CN111901328A (en) * | 2020-07-22 | 2020-11-06 | 电子科技大学 | Attribute-based encryption method based on prime order group |
CN113055168A (en) * | 2021-03-29 | 2021-06-29 | 陕西师范大学 | Ciphertext strategy attribute encryption method supporting strategy hiding and attribute updating |
CN113055168B (en) * | 2021-03-29 | 2022-06-24 | 陕西师范大学 | Ciphertext strategy attribute encryption method supporting strategy hiding and attribute updating |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106686010A (en) | Multi-mechanism attribute-based encryption method supporting strategy dynamic updating | |
US11425171B2 (en) | Method and system for cryptographic attribute-based access control supporting dynamic rules | |
CN103618728B (en) | A kind of encryption attribute method at more mechanism centers | |
CN104521178B (en) | The method and system of the multi-party cloud computing of safety | |
CN104486307B (en) | A kind of fraction key management method based on homomorphic cryptography | |
Zaghloul et al. | P-MOD: Secure privilege-based multilevel organizational data-sharing in cloud computing | |
CN111986755A (en) | Data sharing system based on block chain and attribute-based encryption | |
CN106059763B (en) | The properties base multi-mechanism hierarchical Ciphertext policy weight encryption method of cloud environment | |
CN108418784A (en) | A kind of distributed cross-domain authorization and access control method based on properties secret | |
CN104135473B (en) | A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy | |
CN103618729A (en) | Multi-mechanism hierarchical attribute-based encryption method applied to cloud storage | |
CN104158880B (en) | User-end cloud data sharing solution | |
CN109117671A (en) | A kind of encryption data sharing method, server and computer readable storage medium | |
CN108111540A (en) | The hierarchical access control system and method for data sharing are supported in a kind of cloud storage | |
CN105959111A (en) | Information security big-data resource access control system based on cloud computing and credible computing | |
CN108632030A (en) | A kind of fine-grained access control method efficient and safe based on CP-ABE | |
CN107040374A (en) | The attribute base data encryption method of user's Dynamic Revocation is supported under a kind of cloud storage environment | |
CN106612169A (en) | Safe data sharing method in cloud environment | |
CN109740364A (en) | The cipher text searching method based on attribute of controllable search permission | |
CN110086615A (en) | A kind of more authorized party's ciphertext policy ABE base encryption methods of distribution that medium is obscured | |
Aluvalu et al. | HASBE Access Control Model with Secure Key Distribution and Efficient Domain Hierarchy for Cloud Computing. | |
CN106656997A (en) | Mobile social network based agent proxy re-encryption cross-domain friend-making privacy protection method | |
CN108880801A (en) | The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice | |
CN108540280A (en) | A kind of the secure data sharing method and system of resource high-efficiency | |
Sethia et al. | CP-ABE for selective access with scalable revocation: A case study for mobile-based healthfolder. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170517 |