CN106686010A - Multi-mechanism attribute-based encryption method supporting strategy dynamic updating - Google Patents

Multi-mechanism attribute-based encryption method supporting strategy dynamic updating Download PDF

Info

Publication number
CN106686010A
CN106686010A CN201710135786.1A CN201710135786A CN106686010A CN 106686010 A CN106686010 A CN 106686010A CN 201710135786 A CN201710135786 A CN 201710135786A CN 106686010 A CN106686010 A CN 106686010A
Authority
CN
China
Prior art keywords
attribute
user
key
calculate
dynamic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710135786.1A
Other languages
Chinese (zh)
Inventor
闫玺玺
刘媛
叶青
汤永利
李莹莹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Henan University of Technology
Original Assignee
Henan University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Henan University of Technology filed Critical Henan University of Technology
Priority to CN201710135786.1A priority Critical patent/CN106686010A/en
Publication of CN106686010A publication Critical patent/CN106686010A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a multi-mechanism attribute-based encryption method supporting strategy dynamic updating. The method comprises the seven steps of system initialization, attribute mechanism initialization, secret key generation, data encryption, decryption, dynamic updating secrete key generation and dynamic ciphertext updating. An anonymous secret key distributing protocol is introduced to generate a private key for a user, privacy of the user is effectively protected, and collusion attack of an attribute mechanism is resisted. In addition, a dynamic strategy updating algorithm is adopted, strategy updating of any type is supported, and calculation and communication overhead in traditional strategy updating is greatly reduced. The method is low in communication overhead, supports privacy protection and strategy updating and can be applied to a cloud storage environment.

Description

Many mechanical properties base encryption methods that a kind of support policy dynamic updates
Technical field
The present invention relates to cloud environment and field of cryptography, and in particular to many mechanical properties that a kind of support policy dynamic updates Base encryption method, the method supports that the dynamic of data storage scheme and access strategy under cloud environment updates the secret protection with user, can be used to count According to the data safety management of outer packet system, such as personal health case system.
Background technology
With the application of development and the cloud computing of internet, increasing people tends to storing data in high in the clouds, so And Jing often includes some sensitive informations in these data, in order to protect privacy of user, need to carry out sensitive privacy information Encryption.Attribute base encrypts (ABE, attribute based encryption) as a kind of emerging public key encryption skill Art, the identity of user is bound with a series of attribute, is set a property by the private key or ciphertext to user and is collected or access structure, Could decrypt when only property set and access structure match, it is achieved thereby that the communication of one-to-many and the fine granularity to file Access control, therefore it is more suitable for the encryption of high in the clouds data.
Traditional believable mechanism of ABE only one of which is managing all of attribute, but in actual applications, attribute is often Run by multiple organization managements.The ABE mechanism of single attribute mechanism can not meet the demand of large-scale distributed environment, attribute Authoritative institution is vulnerable to concentration and attacks, in addition, attribute authority (aa) mechanism needs to distribute key, work for all of user authentication attribute Overload, becomes the performance bottleneck of system.Many mechanism ABE undertake the different property set of management and distribution by multiple attribute mechanisms The task of key, system burden is little, and flexibility is high, can be very good to be applied to such as personal health case system, intelligent grid system System etc. needs the situation that multiple mechanisms are operated together, it is seen then that the research of many mechanical properties base encryption mechanisms has more using value.
User stores encryption data beyond the clouds in practical application, and the access strategy of setting is not unalterable, example Such as, in personal health case system, patient is placed on case history in Cloud Server, and the access strategy of setting is { the People's Hospital, doctor It is raw, division of cardiology }, only meeting the user of these three attributes can just access its case history, but when patient transfers from one hospital to another, only meet The user of { red cross hospital, doctor, division of cardiology } can access its case history, and this is accomplished by Cloud Server and there is support to change access The function of strategy.
The policy update technology of ciphertext and immature in attribute base encipherment scheme, is related to the unit structure ABE side of policy update , only by a believable organization management all properties, security is not high, it is impossible to meet practical application request for case.Many mechanism ABE Scheme improves the security of attribute management, but efficiency is not often high.It is therefore proposed that a kind of efficient support policy dynamic updates Many mechanical properties base encryption methods, any kind of policy update can be supported.
The content of the invention
The technical problem to be solved is to provide many mechanical properties bases encryption that a kind of support policy dynamic updates Method, supports any kind of policy update, reduces the communication during conventional measures update and computing cost problem, while protect using The privacy at family, resists the collusion attack of attribute mechanism.
To reach above-mentioned purpose, the present invention discloses many mechanical properties base encryption methods that a kind of support policy dynamic updates, Assume to have N number of attribute mechanism AA1,AA2,...,AAN, each attribute mechanism AAiControl one group of property setAnd each user possesses unique identity GID.The method comprising the steps of:
Step 1:System initialization, is performed by system, is input into security parameter 1λ, output system common parameter PP.
Step 2:Attribute chassis initialization, by attribute, mechanism performs, be input into common parameter PP, output attribute mechanism it is public and private Key is to (PKi,SKi)。
Step 3:Key is generated, and is completed with user mutual by mechanism, input common parameter PP, attribute mechanism private key SKi, use Family property set Au, export private key for user SKu
Step 4:Encryption, is performed by data owner, input common parameter PP, plaintext m, access structure (M, ρ), is exported close Literary C.
Step 5:Decryption, is performed by data consumer, input common parameter PP, private key for user SKu, ciphertext C, output is in plain text m。
Step 6:Dynamic more new key, is performed by data owner, is input into the encryption information that user retains, and output dynamic is more New key DKm
Step 7:Dynamic updates ciphertext, is performed by Cloud Server, dynamic more new key DKm of input, exports the ciphertext for updating C'。
Many mechanical properties base encryption methods that described support policy dynamic updates, the concrete step of step 1 system initialization Suddenly it is:
Step 1.1:Input security parameter λ, exports PP=(e, p, g, h, h1,G,GT), wherein G, GTIt is that two ranks are prime number The multiplication loop group of p, g, h, h1Be crowd G generation unit, e:G×G→GT
Step 1.2:Select hash function:H:{0,1}*→Zp, calculate u=H (GID).
Many mechanical properties base encryption methods that described support policy dynamic updates, the tool of step 2 attribute chassis initialization Body step is:
Step 2.1:Attribute mechanism AAiRandom selection αi∈Zp, calculate
Step 2.2:Attribute mechanism AAiEach attribute a that it is managedi,j∈Ai, randomly choose ti,j∈Zp, calculate
Step 2.3:Attribute mechanism AAiRandom selection βi∈Zp, calculateAnd definition one only can be by AAiWith AAjMeter The pseudo-random function PRF of calculationi,j(), andWherein sI, jIt is by mechanism AA for PRF seedsiWith AAjIt is logical Cross both sides' key and exchange a shared seed s that only both sides knowi,j, it is clear that si,j=sj,i
Mechanism AAiPrivate keyAuthority public key
Many mechanical properties base encryption methods that described support policy dynamic updates, the concrete steps that step 3 key is generated For:
Step 3.1:Definition Au is user property collection, user and attribute mechanism AAiInteraction, to ai,j∈Au∩Ai, mechanism AAi Random selection ri∈Zp, calculate
Step 3.2:Anonymity Key distribution protocol, as i > j, η are run between user and attribute mechanismi,j=1, can obtainAs i < j, ηi,j=-1, can obtain
Step 3.3:Calculate
Private key for user
Many mechanical properties base encryption methods that described support policy dynamic updates, what step 4 was encrypted concretely comprises the following steps:
Step 4.1:Data owner is encrypting plaintext m, sets access strategy A as (M, ρ), and M is the matrix of l × n, mapping ρ is by every a line M of MiWith each attribute mapping of encryption;
Step 4.2:Random selection s ∈ ZpAnd random vectorOrderRandom selection q1,...,ql∈Zp, calculateC1=gs
Step 4.3:For all of ai,j∈ A, calculateWherein i ∈ (1 ..., l).
Then ciphertext C={ C0,C1,(C2,i,C3,i)i(1 ..., l)}.Data owner retains encryption information
Many mechanical properties base encryption methods that described support policy dynamic updates, step 5 data deciphering is concretely comprised the following steps:
Step 5.1:Data consumer's input ciphertext C, user key SKuAnd attribute, if decryption person's attribute meets A, Calculate firstSoIts In
Step 5.2:If decryption person's attribute is unsatisfactory for A, return " mistake ".
Many mechanical properties base encryption methods that described support policy dynamic updates, step 6 dynamic more new key it is concrete Step is:
Step 6.1:Input New Policy (M', ρ ') (wherein M' is the matrix of l' × n', and ρ ' is new mapping) and old strategy (M, ρ), carries out new and old strategy contrast, exports line index information and is deposited into A1',A2',A3' in;
Step 6.2:Select a new random vectorAnd using s as its first input value, orderM'jThe jth row of representing matrix M', calculates more new key DK.
User is by dynamic more new keySend to Cloud Server.
Many mechanical properties base encryption methods that described support policy dynamic updates, step 7 dynamic updates the concrete of ciphertext Step is:Dynamic more new key DK of the cloud server to usermAfterwards,
Step 7.1:To j ∈ A1', calculateWherein qj'=qi
Step 7.2:To j ∈ A2', calculateWherein qj'=xjqi
Step 7.3:To j ∈ A3',
New ciphertext is C'={ C0,C1,(C'2,j,C'3, j)j∈(1,...,l')}。
Many mechanical properties base encryption methods that described support policy dynamic updates, Anonymity Key distribution association in step 3.2 Discussing step is:
Increase an extra element in key, make u ∈ ZpFor the privacy value of user, α, beta, gamma is mechanism's private key, g, g1, h is the generation unit of crowd G, and 2PC represents that both sides calculate safely agreement, and PoK represents the knowledge proof comprising privacy value.
Step 3.2.1:User selects ρ1∈Zp, attribute mechanism random selection τ, r ∈ Zp, and calculate x=(β+u) ρ1, both sides Perform safety and calculate agreement;
Step 3.2.2:Attribute mechanism calculatesX2=gατ, X3=h, by X1, X2, X3, PoK (α, τ, x, r), Give user;
Step 3.2.3:User randomly chooses ρ2∈Zp, calculateSend Y, PoK (ρ2) give attribute mechanism;
Step 3.2.4:Attribute mechanism calculates Z=Yγ/τ, Z is sent, PoK (τ, γ) gives user;
Step 3.2.5:User calculates
Many mechanical properties base encryption methods that described support policy dynamic updates, the step 6.1 also includes:Definition nρ(i),M、nρ(i),M'Number of attribute ρ (i) in matrix M, M', A are represented respectively1',A2' represent that ρ ' (j) has the rope of the j in M Fuse breath collection, and ρ (i)=ρ ' is (j),
Step 6.1.1:If nρ'(j),M'≤nρ'(j),M, then the index information of j is stored in into A1';
Step 6.1.2:If nρ'(j),M'> nρ'(j),M, then by nρ'(j),M'-nρ'(j),MLine index information j be stored in A2';
Step 6.1.3:A3' represent be ρ ' (j) never in M occur j index information collection.
Many mechanical properties base encryption methods that described support policy dynamic updates, the measured step rapid 6.2 also includes:For J ∈ [1, l'], are divided into three types.
Step 6.2.1:If (j, i) ∈ is A1', more new keyPut qj'=qi
Step 6.2.2:If (j, i) ∈ is A2', randomly choose xj,qj'∈Zp, more new key
Step 6.2.3:If (j, i) ∈ is A3', randomly choose qj'∈Zp, more new key
The present invention has advantages below and significant effect:
1) present invention adopts LSSS access strategies, introduces dynamic strategy more new algorithm, supports any kind of policy update, Ciphertext renewal is given Cloud Server and is completed, and reduces the workload of data owner, and is reduced logical during conventional measures update Letter and computing cost problem, more press close to cloud environment application.
2) present invention is that user distributes key using Anonymity Key distribution protocol, so as to protect the privacy of user, while supporting The collusion attack of family dependents of military personel in the liberated areas's property mechanism.
Description of the drawings
Tu1Shi Duo mechanisms attribute-based encryption system illustraton of model;
Fig. 2 is the algorithm flow chart of the present invention.Fig. 2 is it is characterized in that when data owner updates access strategy, only need More new key DK is generated according to the encryption information that it retainsm, ciphertext renewal is by Cloud Server execution.
Specific embodiment
With reference to embodiments the invention will be further described with accompanying drawing.
Assume that the present invention has N number of attribute mechanism AA1,AA2,...,AAN, each attribute mechanism AAiControl one group of property setAnd each user possesses unique identity GID;
Algorithm flow designed by the present invention is specific as follows:
Step 1:System initialization, is performed by system, is input into security parameter 1λ, output system common parameter PP.At the beginning of system Beginning concretely comprises the following steps:
Step 1.1:Input security parameter λ, exports PP=(e, p, g, h, h1,G,GT), wherein G, GTIt is that two ranks are prime number The multiplication loop group of p, g, h, h1Be crowd G generation unit, e:G×G→GT
Step 1.2:Select hash function:H:{0,1}*→Zp, calculate u=H (GID).
Step 2:Attribute chassis initialization, by attribute, mechanism performs, be input into common parameter PP, output attribute mechanism it is public and private Key is to (PKi,SKi), concretely comprise the following steps:
Step 2.1:Attribute mechanism AAiRandom selection αi∈Zp, calculate
Step 2.2:Attribute mechanism AAiEach attribute a that it is managedi,j∈Ai, randomly choose ti,j∈Zp, calculate
Step 2.3:Attribute mechanism AAiRandom selection βi∈Zp, calculateAnd definition one only can be by AAiWith AAjMeter The pseudo-random function PRF of calculationi,j(), andWherein si,jIt is by mechanism AA for PRF seedsiWith AAjIt is logical Cross both sides' key and exchange a shared seed s that only both sides knowi,j, it is clear that si,j=sj,i
Mechanism AAiPrivate keyAuthority public key
Step 3:Key is generated, and is completed with user mutual by mechanism, input common parameter PP, attribute mechanism private key SKi, use Family property set Au, export private key for user SKu, concretely comprise the following steps:
Step 3.1:Definition Au is user property collection, user and attribute mechanism AAiInteraction, to ai,j∈Au∩Ai, mechanism AAi Random selection ri∈Zp, calculate
Step 3.2:Anonymity Key distribution protocol, as i > j, η are run between user and attribute mechanismi,j=1, can obtainAs i < j, ηI, j=-1, can obtain
Step 3.3:Calculate
Private key for user
Anonymity Key distribution protocol step is in step 3.2:Increase an extra element in key, make u ∈ ZpFor The privacy value of user, α, beta, gamma be mechanism's private key, g, g1, h is the generation unit of crowd G, and 2PC represents that both sides calculate safely agreement, PoK Represent the knowledge proof comprising privacy value.
Step 3.2.1:User selects ρ1∈Zp, attribute mechanism random selection τ, r ∈ Zp, and calculate x=(β+u) ρ1, both sides Perform safety and calculate agreement;
Step 3.2.2:Attribute mechanism calculatesX2=g ατ, X3=h, by X1, X2, X3, PoK (α, τ, x, r), Give user;
Step 3.2.3:User randomly chooses ρ2∈Zp, calculateSend Y, PoK (ρ2) give attribute mechanism;
Step 3.2.4:Attribute mechanism calculates Z=Yγ/τ, Z is sent, PoK (τ, γ) gives user;
Step 3.2.5:User calculates
Step 4:Encryption, is performed by data owner, input common parameter PP, plaintext m, access structure (M, ρ), is exported close Literary C.Encryption is concretely comprised the following steps:
Step 4.1:Data owner is encrypting plaintext m, sets access strategy A as (M, ρ), and M is the matrix of l × n, mapping ρ is by every a line M of MiWith each attribute mapping of encryption;
Step 4.2:Random selection s ∈ ZpAnd random vectorOrderRandom selection q1,...,ql∈Zp, calculateC1=gs
Step 4.3:For all of aI, j∈ A, calculateWherein i ∈ (1 ..., l).
Then ciphertext C={ C0,C1,(C2,i,C3,i)i∈(1,...,l)}.Data owner retains encryption information
Step 5:Decryption, is performed by data consumer, input common parameter PP, private key for user SKu, ciphertext C, output is in plain text m.Concretely comprise the following steps:
Step 5.1:Data consumer's input ciphertext C, user key SKuAnd attribute, if decryption person's attribute meets A, Calculate firstSo Wherein
Step 5.2:If decryption person's attribute is unsatisfactory for A, return " mistake ".
Step 6:Dynamic more new key, is performed by data owner, is input into the encryption information that user retains, and output dynamic is more New key DKm.Concretely comprise the following steps:
Step 6.1:Input New Policy (M', ρ ') (wherein M' is the matrix of l' × n', and ρ ' is new mapping) and old strategy (M, ρ), carries out new and old strategy contrast, exports line index information and is deposited into A1',A2',A3' in;Define nρ(i),M、nρ(i),M' Number of attribute ρ (i) in matrix M, M', A are represented respectively1',A2' represent that ρ ' (j) has the index information collection of the j in M, and ρ (i)=ρ ' (j),
Step 6.1.1:If nρ'(j),M'≤nρ'(j),M, then the index information of j is stored in into A1';
Step 6.1.2:If nρ'(j),M'> nρ'(j),M, then by nρ'(j),M'-nρ'(j),MLine index information j be stored in A2';
Step 6.1.3:A3' represent be ρ ' (j) never in M occur j index information collection.
Step 6.2:Select a new random vectorAnd using s as its first input value, orderM'jThe jth row of representing matrix M', for j ∈ [1, l'], is divided into three types:
Step 6.2.1:If (j, i) ∈ is A1', more new keyPut qj'=qi
Step 6.2.2:If (j, i) ∈ is A2', randomly choose xj,qj'∈Zp, more new key
Step 6.2.3:If (j, i) ∈ is A3', randomly choose qj'∈Zp, more new key
User is by dynamic more new keySend to Cloud Server.
Step 7:Dynamic updates ciphertext, is performed by Cloud Server, dynamic more new key DKm of input, exports the ciphertext for updating C'.Concretely comprise the following steps:
Dynamic more new key DK of the cloud server to usermAfterwards,
Step 7.1:To j ∈ A1', calculateWherein qj'=qi
Step 7.2:To j ∈ A2', calculateWherein qj'=xjqi
Step 7.3:To j ∈ A3',
New ciphertext is C'={ C0,C1,(C'2,j,C'3,j)j∈(1,...,l')}。
In security, the program possesses the semantic peace met under master pattern under selection access structure and chosen -plain attact Entirely (IND-sAS-CPA).
Many mechanical properties base encryption methods that a kind of present invention support policy dynamic updates, using LSSS access strategies and hide Name key distribution protocol is designed, the characteristics of with any kind of policy update and protection privacy of user is supported, and user Key length and ciphertext length are less.
Embodiment described herein and accompanying drawing be intended for demonstrate purpose, with help reader understand this method principle and The thinking that inventor contributes for the application for promoting many mechanical properties bases to encrypt, and should be understood to be not limited to this tool The example and condition of body.In addition, all equivalents done according to spirit of the invention or extension, all should cover the present invention's In protection domain.

Claims (11)

1. many mechanical properties base encryption methods that a kind of support policy dynamic updates, it is characterised in that methods described includes:
Present invention assumes that having N number of attribute mechanism AA1,AA2,...,AAN, each attribute mechanism AAiControl one group of property setAnd each user possesses unique identity GID.
Step 1:System initialization, is performed by system, is input into security parameter 1λ, output system common parameter PP.
Step 2:Attribute chassis initialization, by attribute, mechanism performs, and is input into common parameter PP, the public private key pair of output attribute mechanism (PKi,SKi)。
Step 3:Key is generated, and is completed with user mutual by mechanism, input common parameter PP, attribute mechanism private key SKi, user category Property collection Au, export private key for user SKu
Step 4:Encryption, is performed by data owner, input common parameter PP, plaintext m, access structure (M, ρ), exports ciphertext C.
Step 5:Decryption, is performed by data consumer, input common parameter PP, private key for user SKu, ciphertext C, export plaintext m.
Step 6:Dynamic more new key, is performed by data owner, is input into the encryption information that user retains, the dynamic more Xinmi City of output Key DKm
Step 7:Dynamic updates ciphertext, is performed by Cloud Server, dynamic more new key DKm of input, exports ciphertext C' for updating.
2. method according to claim 1, it is characterised in that the concrete steps of step 1 system initialization in methods described For:
Step 1.1:Input security parameter λ, exports PP=(e, p, g, h, h1,G,GT), wherein G, GTIt is that two ranks are prime number p Multiplication loop group, g, h, h1Be crowd G generation unit, e:G×G→GT
Step 1.2:Select hash function:H:{0,1}*→Zp, calculate u=H (GID).
3. method according to claim 1, it is characterised in that step 2 attribute chassis initialization is concrete in methods described Step is:
Step 2.1:Attribute mechanism AAiRandom selection αi∈Zp, calculate
Step 2.2:Attribute mechanism AAiEach attribute a that it is managedi,j∈Ai, randomly choose ti,j∈Zp, calculate
Step 2.3:Attribute mechanism AAiRandom selection βi∈Zp, calculateAnd definition one only can be by AAiWith AAjCalculate Pseudo-random function PRFi,j(), andWherein si,jIt is by mechanism AA for PRF seedsiWith AAjBy double Square key exchanges a shared seed s that only both sides knowi,j, it is clear that si,j=sj,i
Mechanism AAiPrivate keyAuthority public key
4. method according to claim 1, it is characterised in that what step 3 key was generated in methods described concretely comprises the following steps:
Step 3.1:Define AuFor user property collection, user and attribute mechanism AAiInteraction, to ai,j∈Au∩Ai, mechanism AAiAt random Select ri∈Zp, calculate
Step 3.2:Anonymity Key distribution protocol, as i > j, η are run between user and attribute mechanismi,j=1, can obtainAs i < j, ηi,j=-1, can obtain
Step 3.3:Calculate
Private key for user
5. method according to claim 1, it is characterised in that step 4 encryption concretely comprises the following steps in methods described:
Step 4.1:Data owner is encrypting plaintext m, sets access strategy A as (M, ρ), and M is the matrix of l × n, maps ρ by M Every a line MiWith each attribute mapping of encryption;
Step 4.2:Random selection s ∈ ZpAnd random vectorOrderRandom selection q1,...,ql ∈Zp, calculateC1=gs
Step 4.3:For all of ai,j∈ A, calculateWherein i ∈ (1 ..., l).
Then ciphertext C={ C0,C1,(C2,i,C3,i)i∈(1,...,l)}.Data owner retains encryption information
6. method according to claim 1, it is characterised in that step 5 data deciphering is concretely comprised the following steps in methods described:
Step 5.1:Data consumer's input ciphertext C, user key SKuAnd attribute, if decryption person's attribute meets A, count first CalculateSoIts In
Step 5.2:If decryption person's attribute is unsatisfactory for A, return " mistake ".
7. method according to claim 1, it is characterised in that the concrete step of step 6 dynamic more new key in methods described Suddenly it is:
Step 6.1:Input New Policy (M', ρ ') (wherein M' for l' × n' matrix, ρ ' is new mapping) and it is old it is tactful (M, ρ), new and old strategy contrast is carried out, line index information is exported and is deposited into A1',A2',A3' in;
Step 6.2:Select a new random vectorAnd using s as its first input value, orderM'j The jth row of representing matrix M', calculates more new key DK.
User is by dynamic more new keySend to Cloud Server.
8. method according to claim 1, it is characterised in that step 7 dynamic updates the concrete step of ciphertext in methods described Suddenly it is:Dynamic more new key DK of the cloud server to usermAfterwards,
Step 7.1:To j ∈ A1', calculateWherein qj'=qi
Step 7.2:To j ∈ A2', calculateWherein qj'=xjqi
Step 7.3:To j ∈ A3',
New ciphertext is C'={ C0,C1,(C'2,j,C′3,j)j∈(1,...,l')}。
9. method according to claim 7, it is characterised in that Anonymity Key distribution protocol step is in the step 3.2:
Increase an extra element in key, make u ∈ ZpFor the privacy value of user, α, beta, gamma is mechanism's private key, g, g1, h is The generation unit of group G, 2PC represents that both sides calculate safely agreement, and PoK represents the knowledge proof comprising privacy value.
Step 3.2.1:User selects ρ1∈Zp, attribute mechanism random selection τ, r ∈ Zp, and calculate x=(β+u) ρ1, both sides' execution Safety calculates agreement;
Step 3.2.2:Attribute mechanism calculatesX2=gατ, X3=h, by X1, X2, X3, PoK (α, τ, x, r) is sent to User;
Step 3.2.3:User randomly chooses ρ2∈Zp, calculateSend Y, PoK (ρ2) give attribute mechanism;
Step 3.2.4:Attribute mechanism calculates Z=Yγ/τ, Z is sent, PoK (τ, γ) gives user;
Step 3.2.5:User calculates
10. method according to claim 7, it is characterised in that the step 6.1 also includes:Define nρ(i),M、nρ(i),M'Point Not Biao Shi number of attribute ρ (i) in matrix M, M', A1',A2' represent that ρ ' (j) has the index information collection of the j in M, and ρ (i) =ρ ' (j),
Step 6.1.1:If nρ'(j),M'≤nρ'(j),M, then the index information of j is stored in into A1';
Step 6.1.2:If nρ'(j),M'> nρ'(j),M, then by nρ'(j),M'-nρ'(j),MLine index information j be stored in A2';
Step 6.1.3:A3' represent be ρ ' (j) never in M occur j index information collection.
11. methods according to claim 7, it is characterised in that the measured step rapid 6.2 also includes:For j ∈ [1, l'], It is divided into three types.
Step 6.2.1:If (j, i) ∈ is A1', more new keyPut qj'=qi
Step 6.2.2:If (j, i) ∈ is A2', randomly choose xj,qj'∈Zp, more new key
Step 6.2.3:If (j, i) ∈ is A3', randomly choose qj'∈Zp, more new key
CN201710135786.1A 2017-03-08 2017-03-08 Multi-mechanism attribute-based encryption method supporting strategy dynamic updating Pending CN106686010A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710135786.1A CN106686010A (en) 2017-03-08 2017-03-08 Multi-mechanism attribute-based encryption method supporting strategy dynamic updating

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710135786.1A CN106686010A (en) 2017-03-08 2017-03-08 Multi-mechanism attribute-based encryption method supporting strategy dynamic updating

Publications (1)

Publication Number Publication Date
CN106686010A true CN106686010A (en) 2017-05-17

Family

ID=58828603

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710135786.1A Pending CN106686010A (en) 2017-03-08 2017-03-08 Multi-mechanism attribute-based encryption method supporting strategy dynamic updating

Country Status (1)

Country Link
CN (1) CN106686010A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682353A (en) * 2017-10-25 2018-02-09 西安邮电大学 A kind of health account access control system and method in electron medical treatment cloud
CN107682157A (en) * 2017-10-11 2018-02-09 河南理工大学 More mechanical properties base encryption methods based on LWE on a kind of new lattice
CN108063754A (en) * 2017-11-10 2018-05-22 西安电子科技大学 Towards the attribute base encryption method of wearable health monitoring equipment anonymization data
CN108337085A (en) * 2018-01-03 2018-07-27 西安电子科技大学 A kind of newer approximate adjacent retrieval construction method of support dynamic
CN108449174A (en) * 2018-02-09 2018-08-24 孔泽 The revocable encryption method and device of intelligent terminal in cloud computing application
CN111431898A (en) * 2020-03-23 2020-07-17 齐鲁工业大学 Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things
CN111431897A (en) * 2020-03-23 2020-07-17 齐鲁工业大学 Multi-attribute mechanism attribute-based encryption method with tracking function for cloud-assisted Internet of things
CN111901328A (en) * 2020-07-22 2020-11-06 电子科技大学 Attribute-based encryption method based on prime order group
CN113055168A (en) * 2021-03-29 2021-06-29 陕西师范大学 Ciphertext strategy attribute encryption method supporting strategy hiding and attribute updating

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101807991A (en) * 2009-02-18 2010-08-18 上海交通大学 Ciphertext policy attribute-based encryption system and method
US20110320809A1 (en) * 2010-06-23 2011-12-29 Motorola, Inc. Method and apparatus for key revocation in an attribute-based encryption scheme
CN103618729A (en) * 2013-09-03 2014-03-05 南京邮电大学 Multi-mechanism hierarchical attribute-based encryption method applied to cloud storage
CN106230590A (en) * 2016-07-22 2016-12-14 安徽大学 A kind of ciphertext policy ABE base encryption method of many authorized organizations

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101807991A (en) * 2009-02-18 2010-08-18 上海交通大学 Ciphertext policy attribute-based encryption system and method
US20110320809A1 (en) * 2010-06-23 2011-12-29 Motorola, Inc. Method and apparatus for key revocation in an attribute-based encryption scheme
CN103618729A (en) * 2013-09-03 2014-03-05 南京邮电大学 Multi-mechanism hierarchical attribute-based encryption method applied to cloud storage
CN106230590A (en) * 2016-07-22 2016-12-14 安徽大学 A kind of ciphertext policy ABE base encryption method of many authorized organizations

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HUILING QIAN: "《Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation》", 《INTERNATIONAL JOUNAL OF INFORMATION SECURITY》 *
ZUOBIN YING: "《Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating》", 《SCIENCE CHINA INFORMATION SCIENCE》 *

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682157A (en) * 2017-10-11 2018-02-09 河南理工大学 More mechanical properties base encryption methods based on LWE on a kind of new lattice
CN107682353B (en) * 2017-10-25 2018-09-04 西安邮电大学 A kind of health account access control method in electron medical treatment cloud
CN107682353A (en) * 2017-10-25 2018-02-09 西安邮电大学 A kind of health account access control system and method in electron medical treatment cloud
CN108063754A (en) * 2017-11-10 2018-05-22 西安电子科技大学 Towards the attribute base encryption method of wearable health monitoring equipment anonymization data
CN108063754B (en) * 2017-11-10 2020-11-13 西安电子科技大学 Attribute-based encryption method for anonymized data of wearable health monitoring equipment
CN108337085B (en) * 2018-01-03 2020-11-13 西安电子科技大学 Approximate neighbor search construction method supporting dynamic update
CN108337085A (en) * 2018-01-03 2018-07-27 西安电子科技大学 A kind of newer approximate adjacent retrieval construction method of support dynamic
CN108449174A (en) * 2018-02-09 2018-08-24 孔泽 The revocable encryption method and device of intelligent terminal in cloud computing application
CN108449174B (en) * 2018-02-09 2021-07-30 孔泽一 Revocable encryption method and device for intelligent terminal in cloud computing application
CN111431898A (en) * 2020-03-23 2020-07-17 齐鲁工业大学 Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things
CN111431897A (en) * 2020-03-23 2020-07-17 齐鲁工业大学 Multi-attribute mechanism attribute-based encryption method with tracking function for cloud-assisted Internet of things
CN111431898B (en) * 2020-03-23 2022-06-07 齐鲁工业大学 Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things
CN111901328A (en) * 2020-07-22 2020-11-06 电子科技大学 Attribute-based encryption method based on prime order group
CN113055168A (en) * 2021-03-29 2021-06-29 陕西师范大学 Ciphertext strategy attribute encryption method supporting strategy hiding and attribute updating
CN113055168B (en) * 2021-03-29 2022-06-24 陕西师范大学 Ciphertext strategy attribute encryption method supporting strategy hiding and attribute updating

Similar Documents

Publication Publication Date Title
CN106686010A (en) Multi-mechanism attribute-based encryption method supporting strategy dynamic updating
US11425171B2 (en) Method and system for cryptographic attribute-based access control supporting dynamic rules
CN103618728B (en) A kind of encryption attribute method at more mechanism centers
CN104521178B (en) The method and system of the multi-party cloud computing of safety
CN104486307B (en) A kind of fraction key management method based on homomorphic cryptography
Zaghloul et al. P-MOD: Secure privilege-based multilevel organizational data-sharing in cloud computing
CN111986755A (en) Data sharing system based on block chain and attribute-based encryption
CN106059763B (en) The properties base multi-mechanism hierarchical Ciphertext policy weight encryption method of cloud environment
CN108418784A (en) A kind of distributed cross-domain authorization and access control method based on properties secret
CN104135473B (en) A kind of method that identity base broadcast enciphering is realized by the attribute base encryption of Ciphertext policy
CN103618729A (en) Multi-mechanism hierarchical attribute-based encryption method applied to cloud storage
CN104158880B (en) User-end cloud data sharing solution
CN109117671A (en) A kind of encryption data sharing method, server and computer readable storage medium
CN108111540A (en) The hierarchical access control system and method for data sharing are supported in a kind of cloud storage
CN105959111A (en) Information security big-data resource access control system based on cloud computing and credible computing
CN108632030A (en) A kind of fine-grained access control method efficient and safe based on CP-ABE
CN107040374A (en) The attribute base data encryption method of user's Dynamic Revocation is supported under a kind of cloud storage environment
CN106612169A (en) Safe data sharing method in cloud environment
CN109740364A (en) The cipher text searching method based on attribute of controllable search permission
CN110086615A (en) A kind of more authorized party's ciphertext policy ABE base encryption methods of distribution that medium is obscured
Aluvalu et al. HASBE Access Control Model with Secure Key Distribution and Efficient Domain Hierarchy for Cloud Computing.
CN106656997A (en) Mobile social network based agent proxy re-encryption cross-domain friend-making privacy protection method
CN108880801A (en) The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice
CN108540280A (en) A kind of the secure data sharing method and system of resource high-efficiency
Sethia et al. CP-ABE for selective access with scalable revocation: A case study for mobile-based healthfolder.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170517