CN106790185B - CP-ABE-based method and device for safely accessing authority dynamic update centralized information - Google Patents

CP-ABE-based method and device for safely accessing authority dynamic update centralized information Download PDF

Info

Publication number
CN106790185B
CN106790185B CN201611257108.4A CN201611257108A CN106790185B CN 106790185 B CN106790185 B CN 106790185B CN 201611257108 A CN201611257108 A CN 201611257108A CN 106790185 B CN106790185 B CN 106790185B
Authority
CN
China
Prior art keywords
key
information
attribute
authority
abe
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611257108.4A
Other languages
Chinese (zh)
Other versions
CN106790185A (en
Inventor
韩子龙
张帆
周志远
熊浩
曾闽棋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Forward Industrial Co Ltd
Original Assignee
Shenzhen Forward Industrial Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Forward Industrial Co Ltd filed Critical Shenzhen Forward Industrial Co Ltd
Priority to CN201611257108.4A priority Critical patent/CN106790185B/en
Publication of CN106790185A publication Critical patent/CN106790185A/en
Application granted granted Critical
Publication of CN106790185B publication Critical patent/CN106790185B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a CP-ABE-based method and a device for dynamically updating centralized information security access of authority, wherein the method comprises the steps of initializing user identity information, a trusted communication function and CP-ABE and deploying a centralized information security control point; maintaining the authority of an application encryptor and a decryptor, establishing a user encryption authority attribute range, and generating and sending an authority attribute private key corresponding to the identity ID; according to the authority attribute private key, a secure transmission channel of an encryptor, a decryptor and a centralized information security control point is constructed; submitting plaintext data to be encrypted and a decryption method to a centralized information security control point through a secure transmission channel according to the encryption authority attribute range of the user; the device comprises a centralized information safety control device and a user Ukey; the centralized information safety control equipment comprises an identity verification module, a permission management module, a CP-ABE module and a safety transmission module; the information-based method and the information-based device encrypt and decrypt according to the attributes, flexibly cope with attribute changes of a decryptor, and have high safety and reliability.

Description

CP-ABE-based method and device for safely accessing authority dynamic update centralized information
Technical Field
The invention particularly relates to a CP-ABE-based method and a CP-ABE-based device for access security of authority dynamic update centralized information.
Background
With the development and popularization of internet technology, the demand of data sharing and processing in an open distributed environment is more and more, especially at present that the network application is so extensive, network nodes taking geographic areas, companies, departments and the like as the range of a local area network are different from dozens to tens of thousands of nodes, and the data sharing behavior is very common; therefore, in terms of data sharing and resource access, the need to make flexible and extensible access control policies and to ensure confidentiality of shared data is increasing.
For the Sahai and the Waters, the attribute-based encryption is provided on an encryption mechanism based on a bilinear pairing technology, and the function of the attribute-based encryption is to utilize the attribute encryption; however, the existing independent authorized CP-ABE system and authorized distributed CP-ABE system have the following disadvantages:
1. the dynamicity of private key attributes in an independently authorized CP-ABE system increases the overhead and difficulty of private key revocation, such as: the user is changed from the property state with permission to the property state without permission, and the user still keeps the old private key with high permission; unless public parameters are updated in the whole network, users cannot be sensed to use the original private key to perform illegal operation; although the problem of dynamic attribute change is solved in the authorization centralized mode, if a large number of users request decryption, the users serving as the encryptor and the instant private key authorizer need to process a large amount of identity verification to generate the private key, so that the workload is large, errors are easy to occur, and the responsibility is overlarge.
2. The individual rights of the authorized distributed CP-ABE system are too large, so that the risk of forging the private key is easily caused, and if the certificate is added for authentication to ensure that the identity cannot be forged, a PKI system needs to be introduced, so that the complexity and the deployment difficulty of the system are increased.
Therefore, the possession of the private key is useful for both the authorized party and the user, regardless of independent authorization or authorized distribution, and once the private key is revealed, no investigation can be made as to whether the authorization is revealed or the user reveals himself, and the responsibility cannot be determined.
3. The transmission of secret content in a network environment is a key problem, and the transmission of attributes and the transmission of attribute keys all relate to the problem of safe transmission; the ABE does not provide a solution to the problem, and the common method is to generate an encryption channel off line or establish the encryption channel by utilizing SSL and the like; however, the off-line method has the disadvantages of being not flexible and convenient enough; the establishment of the encryption channel by using SSL requires additional overhead, and introduces a PKI security system to prevent man-in-the-middle attacks, which makes actual deployment difficult.
Disclosure of Invention
Aiming at the defects in the prior art, the CP-ABE-based method and the device for access security of authority dynamic update centralized information can encrypt and decrypt according to the attributes, flexibly cope with attribute changes of a decryptor, timely change the authority of the decryptor, and have higher security and reliability.
In order to achieve the purpose of the invention, the invention adopts the technical scheme that: a CP-ABE-based method for accessing centralized information by dynamically updating authority is provided, which comprises the following steps:
s1, initializing user identity information, a trusted communication function and a CP-ABE, and deploying a centralized information security control point;
s2, maintaining the authority of the application encryptor and the decryptor, establishing the user encryption authority attribute range, and generating and sending an authority attribute private key corresponding to the identity ID;
s3, according to the authority attribute private key, establishing a secure transmission channel between the encryptor and the decryptor and the centralized information security control point;
s4, submitting plaintext data to be encrypted and a decryption method to a centralized information security control point through a secure transmission channel according to the user encryption authority attribute range;
s5, submitting the self attribute of the decryptor and the data to be decrypted to the centralized information security control point through the security transmission channel, and extracting the plaintext data.
Further, the user identity information includes identity attribute information and an identity ID encrypted by an identity attribute key arrtr _ key, and an arrtr _ key is correspondingly deployed on the information security control point.
Further, the trusted communication function initialization comprises trusted initialization and encryption initialization;
the specific steps of trusted initialization include deploying a pair of public and private keys on a centralized information security control point, wherein the private key secur _ pri is not revealed, and the public key secur _ pub is issued to a user in the trusted communication function initialization stage;
the specific steps of encryption initialization include that an encryption key is established to an encryption channel through a DH algorithm, and in the trusted communication function initialization stage, a user and a centralized information security control point respectively store a common DH parameter.
Further, the specific steps of CP-ABE initialization are: establishing two elliptic curve groups G with the order of prime number q according to the input safety parameter lambda1、G2And a bilinear pair e: G1×G1→G2(ii) a And select a y, t1,…,tn∈Zq,ZqIs a factorial set of {0, … … q-1}, q is a preset parameter; let the public key ABE _ public of CP-ABE be (T)1=gt1,…,Tn=gtn,Y=e(g,g)y) Wherein Y in the formula satisfies the relationship e (g)a,gb)=e(g,g)abIs given as a set of relationships, G, a, b are arbitrarily large integers, G, a, b are belonged to G1(ii) a The master key of the CP-ABE is master _ key of (y, t)1,…tn)。
Further, the specific step of S2 is:
s21, the authority of the identity ID encrypted by the identity attribute key arrtr _ key is promoted or reduced;
s22, carrying out authority examination on an application encryptor; comparing and checking the authority information of the user through the centralized information security control point, and providing a corresponding encryption authority attribute range for an applicant; the encryption authority attribute range is as follows: if the low-authority person encrypts the file, the high-authority person requires to be able to decrypt the file; or the low-authority person encrypts a certain attribute range of the high-authority person without sensing specific individual information;
s23, carrying out authority extraction on the application decryptor; and receiving a decryption application sent by a decryption applicant through the centralized information security control point, extracting all corresponding authority attributes according to the ID of the decryption application, and providing the authority attributes to the CP-ABE to generate a corresponding authority attribute private key.
Further, the step of constructing the secure transmission channel between the encryptor and the centralized information security control point includes:
s311, initiating an application information encryption behavior, encrypting by using a public key secure _ pub, generating a local private key DH _ priv1, and sending to a centralized information security control point; the application information comprises an identity ID, identity attribute information encrypted by an identity attribute key arrtr _ key and a public key DH _ pub1 required by DH encryption;
s312, receiving the application information, decrypting the application information by using a private key secur _ pri, decrypting the identity attribute information of the applicant by using an identity attribute key arrtr _ key, and judging the legality of the applicant according to the identity attribute after decryption; the judgment standard is as follows: if the identity attribute after the comparison and the decrypted identity ID information are consistent, the applicant is legal; otherwise, the applicant is illegal;
s313, feeding back encryption authority, returning a DH public key DH _ pub2 of the applicant to the plaintext, signing by using a private key secure _ pri, generating a local DH private key DH _ priv2, and generating an encryption key DH _ secu _ key by using a public key DH _ pub1 and a private key DH _ priv 2;
s314, receiving a public key DH _ pub2 sent by the centralized information security control point, verifying a signature and confirming the source of the public key DH _ pub2, generating and centralizing an encryption key DH _ secu _ key which is the same as that of the centralized information security control point with a local private key DH _ priv1, and encrypting a plaintext;
s315, receiving a ciphertext formed by encrypting the plaintext, and decrypting by using the encryption key DH _ secu _ key alignment to obtain the original plaintext.
Further, the step of constructing the secure transmission channel between the decryptor and the centralized information security control point includes:
s321, initiating an application information decryption behavior, encrypting by using a public key secure _ pub, generating a local private key DH _ priv1, and sending to a centralized information security control point, wherein the application information comprises an identity ID, identity attribute information encrypted by an identity attribute key arrtr _ key and a public key DH _ pub1 required by DH encryption;
s322, receiving application information, decrypting the application information by using a private key secur _ pri, decrypting the identity attribute information of an applicant by using an identity attribute key arrtr _ key, and judging the validity of the applicant according to the identity attribute after decryption; the judgment standard is as follows: if the identity attribute after the comparison and the decrypted identity ID information are consistent, the applicant is legal; otherwise, the applicant is illegal;
s323, generating an encryption key DH _ secu _ key according to the public key DH _ pub1 and a private key DH _ priv2 of an applicant decryptor to encrypt a decrypted plaintext, forming a decrypted reply message together with the public key DH _ pub2, and signing the message by using the private key secur _ pri;
s324, receiving the information sent by the centralized information security control point, verifying the signature and confirming the source of the information, generating an encryption key DH _ secu _ key by using the received private key DH _ pub2 and the local private key DH _ priv1, and decrypting the message to obtain a plaintext result.
Further, the specific step of S4 is: according to the encryption authority attribute range, integrating authority attribute rules to obtain an attribute set A for formulating decryption rulesC(ii) a According to the attribute set ACAnd obtaining a ciphertext by using a resolving formula, wherein the resolving formula is as follows:
Figure 1
wherein A isCIs an attribute set, M is an encrypted message, and M belongs to G2(ii) a Randomly selecting s as ZqCT is the acquired ciphertext, and E is the randomly acquired ciphertext.
Further, the specific step of S5 is: generating attribute set A of application decryptor according to the user authority attribute contentuGenerating A at the centralized information security control pointuCorresponding secret key DiSaid secret key DiComprises the following steps:
Figure 2
wherein p is a polynomial of degree (d-1), d is a threshold parameter;
decrypting the ciphertext if Au Ngate Ac>d, selecting d attributes i ∈ Au ≈ Ac, and calculating E (E)i,Di)=e(g,g)p(i)s(ii) a Then Y is determined according to Lagrange interpolationS=e(g,g)p(0)s=e(g,g)ysFinally, the plaintext M ═ E | Y is obtainedS
The access device comprises a centralized information security control device and a user Ukey which are communicated with each other; the centralized information safety control equipment comprises an identity verification module, a permission management module, a CP-ABE module and a safety transmission module which are connected in sequence.
The invention has the beneficial effects that:
1. the use architectures of the traditional CP-ABE and the authorized distributed CP-ABE are changed, the security of the information is managed in a centralized way, and a user does not need to maintain a private key corresponding to the information such as the attribute, the authority, the priority and the like of the user; the authority information corresponding to each user is recorded on the centralized information security control equipment, the private key is generated according to the beginning of each decryption behavior and is destroyed along with the end of the decryption behavior, and the problem caused by the updating of the user key is solved; the problem of key destruction is solved if the user does not have a private key, so that the problem that a high-authority key is still reserved after the authority is changed is solved; and the problem of updating the global public key due to the change of the individual authority is avoided because the problem of key revocation does not exist.
2. The identity authentication method has the advantages that the legal reliability of the identity is guaranteed at a low cost, due to the centralization of functions, the identity authentication is centralized on a user and information security centralized equipment, an interaction mode is changed into a relatively simple one-to-many mode, and one mode is credible and controllable, so that the identity of the whole network can be guaranteed to be credible only by guaranteeing the security of a private key on the information security centralized equipment, a huge PKI system does not need to be introduced, and the identity authentication method is simple and easy to implement and has obvious advantages particularly in the deployment of small and medium-sized networks.
3. The problem that the responsibility of secret key leakage cannot be confirmed is solved, because the common user does not have the secret key, the secret key is generated by the information security equipment and destroyed after use, the possibility of secret key leakage is reduced, and the responsibility of secret key leakage of the user is avoided.
4. The problems of cost and reliability of information transmission are solved, and a DH algorithm is adopted for establishing an encryption channel to ensure the safe transmission of the plaintext; and on the confirmation of the identity, the confirmation of mutual identity can be ensured without introducing a PKI system, and the mode of information security centralized control ensures that the attribute owned by all users and the sent DH negotiation parameter can be interpreted only by information security centralized control equipment, and the DH channel does not need to keep the connection state of the channel, thereby reducing the consumption of bandwidth.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application.
Fig. 1 schematically shows a basic principle diagram of a CP-ABE based method for dynamically updating centralized information security access by authority.
Fig. 2 is a ladder diagram schematically showing the encryption and decryption processes in the CP-ABE based method for dynamically updating centralized information security access by authority.
Fig. 3 is a flow chart schematically showing a process between an encryption applicant and a centralized information security control point in a CP-ABE based method for dynamically updating rights of centralized information security access.
Fig. 4 is a general flowchart schematically showing the CP-ABE based method for dynamically updating centralized information security access by authority.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiment is only one embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiment is only one embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be described in further detail with reference to the accompanying drawings and specific embodiments.
In the following description, references to "one embodiment," "an embodiment," "one example," "an example," etc., indicate that the embodiment or example so described may include a particular feature, structure, characteristic, property, element, or limitation, but every embodiment or example does not necessarily include the particular feature, structure, characteristic, property, element, or limitation. Moreover, repeated use of the phrase "in accordance with an embodiment of the present application" although it may possibly refer to the same embodiment, does not necessarily refer to the same embodiment.
For the sake of simplicity, common technical knowledge known to those skilled in the art is omitted in the following.
According to an embodiment of the present application, there is provided a CP-ABE based method for accessing centralized information for dynamic authority update, as shown in fig. 1 to 4, the CP-ABE based method for accessing centralized information for dynamic authority update includes:
s1, initializing user identity information, a trusted communication function and a CP-ABE, and deploying a centralized information security control point; in the specific implementation, when the user identity information is initialized, all users are initialized; the user identity information comprises identity attribute information and identity ID encrypted by an identity attribute key arrtr _ key, and an arrtr _ key is correspondingly deployed on the information security control point.
The trusted communication function initialization comprises trusted initialization and encryption initialization; for credible initialization, as a safe centralized management mode, the whole network only deploys a pair of public and private keys on a centralized information safety control point, wherein the private key secur _ pri is not leaked and is an absolute secret; the public key secure _ pub is issued to the user in the trusted communication function initialization stage.
The specific steps of encryption initialization comprise that an encryption key is established to an encryption channel through a DH algorithm, and in the trusted communication function initialization stage, a user and a centralized information security control point respectively store a common DH parameter; wherein s ∈ Z is randomly selectedqAnd finally, the obtained ciphertext security transmission channel is ensured by an encryption key established by a DH algorithm.
Initializing the CP-ABE to generate a master key master _ key and a CP-ABE public key ABE _ public; the specific steps of CP-ABE initialization are as follows: establishing two elliptic curve groups G with the order of prime number q according to the input safety parameter lambda1、G2And a bilinear pair e: G1×G1→G2(ii) a And select a y, t1,…,tn∈Zq,ZqIs a factorial set of {0, … … q-1}, q is a preset parameter; let the public key ABE _ public of CP-ABE be (T)1=gt1,…,Tn=gtn,Y=e(g,g)y) Wherein Y in the formula satisfies the relationship e (g)a,gb)=e(g,g)abIs given as a set of relationships, G, a, b are arbitrarily large integers, G, a, b are belonged to G1(ii) a The master key of the CP-ABE is master _ key of (y, t)1,…tn)。
S2, maintaining the authority of the application encryptor and the decryptor, establishing the user encryption authority attribute range, and generating and sending an authority attribute private key corresponding to the identity ID; in specific implementation, the centralized information security control point has unique identity IDs of all users, and according to actual conditions, the authority of the identity IDs encrypted by the identity attribute key arrtr _ key is promoted or reduced, and meanwhile, an applicant encrypts the authority of the user.
In the checking process, the centralized information security control point receives an encryption request sent by a user, compares and checks the authority information of the user, provides a corresponding encryption authority attribute range for an applicant, and prevents the applicant from setting an encryption rule to be unauthorized; the encryption authority attribute range is as follows: if the low-authority person encrypts the file, the high-authority person requires to be able to decrypt the file; or the low-authority person encrypts a certain attribute range of the high-authority person without perceiving specific individual information.
And then, carrying out authority extraction on the application decryptor, receiving a decryption application sent by the decryption applicant through the centralized information security control point when carrying out the authority extraction, extracting all corresponding authority attributes according to the ID of the decryption application, and providing the authority attributes to the CP-ABE to generate a corresponding authority attribute private key.
S3, according to the authority attribute private key, establishing a secure transmission channel between the encryptor and the decryptor and the centralized information security control point; in specific implementation, the step of constructing a secure transmission channel between an encryptor and a centralized information security control point includes: initiating an application information encryption behavior, encrypting through a public key secure _ pub to ensure that only the centralized information security control point can decipher, generating a local private key DH _ priv1, and sending to the centralized information security control point; the application information includes an identity ID, identity attribute information encrypted by an identity attribute key arrtr _ key, and a public key DH _ pub1 required by DH encryption.
Receiving application information, decrypting the application information by using a private key secur _ pri, decrypting the identity attribute information of an applicant by using an identity attribute key arrtr _ key, and judging the validity of the applicant according to the identity attribute after decryption; the judgment standard is as follows: if the identity attribute after the comparison and the decrypted identity ID information are consistent, the applicant is legal; otherwise, the applicant is illegal to avoid man-in-the-middle attacks.
And feeding back encryption authority, returning a DH public key DH _ pub2 of the applicant to the plaintext, signing by using a private key secure _ pri, generating a local DH private key DH _ priv2, and generating an encryption key DH _ secu _ key by using a public key DH _ pub1 and a private key DH _ priv 2.
Receiving a public key DH _ pub2 sent by the centralized information security control point, verifying a signature and confirming the source of the public key DH _ pub2, generating and centralizing an encryption key DH _ secu _ key which is the same as that of the centralized information security control point with a local private key DH _ priv1, and encrypting a plaintext; and finally, receiving a ciphertext formed by encrypting the plaintext, decrypting by using the encryption key DH _ secu _ key alignment to obtain the original plaintext, and entering a CP-ABE encryption stage.
In specific implementation, the step of constructing a secure transmission channel between a decryptor and a centralized information security control point comprises: and initiating an application information decryption behavior, encrypting the application information by using the public key secure _ pub to generate a local private key DH _ priv1, and sending the local private key DH _ priv1 to the centralized information security control point, wherein the application information comprises an identity ID, identity attribute information encrypted by using the identity attribute key arrtr _ key and a public key DH _ pub1 required by DH encryption.
Receiving application information, decrypting the application information by using a private key secur _ pri, decrypting the identity attribute information of an applicant by using an identity attribute key arrtr _ key, and judging the validity of the applicant according to the identity attribute after decryption; the judgment standard is as follows: if the identity attribute after the comparison and the decrypted identity ID information are consistent, the applicant is legal; otherwise, the applicant is illegal.
Generating an encryption key DH _ secu _ key according to the public key DH _ pub1 and a private key DH _ priv2 of an applicant decryptor to encrypt a decrypted plaintext, forming a decrypted reply message together with the public key DH _ pub2, and signing the message by using the private key secur _ pri; and finally, receiving information sent by the centralized information security control point, verifying the signature and confirming the source of the message, generating an encryption key DH _ secu _ key by using the received private key DH _ pub2 and the local private key DH _ priv1, and decrypting the message to obtain a plaintext result.
S4, submitting plaintext data to be encrypted and a decryption method to a centralized information security control point through a secure transmission channel according to the user encryption authority attribute range; in specific implementation, according to the encryption authority attribute range, the user is provided with a choice, and the authority attribute rule is integrated to obtain an attribute set A for formulating the decryption ruleC(ii) a According to the attribute set ACAnd obtaining a ciphertext by using a resolving formula, wherein the resolving formula is as follows:
Figure 3
wherein A isCIs an attribute set, M is an encrypted message, and M belongs to G2(ii) a Randomly selecting s as ZqCT is the acquired ciphertext, E is the randomly acquired ciphertext, and g is an arbitrarily large integer.
S5, submitting the self attribute of the decryptor and the data to be decrypted to a centralized information security control point through a security transmission channel, and extracting plaintext data; in the specific implementation, the attribute set A of the application decryptor is generated according to the user authority attribute contentuGenerating A at the centralized information security control pointuCorresponding secret key DiSaid secret key DiComprises the following steps:
Figure 4
wherein p is a polynomial of degree (d-1), d is a threshold parameter;
decrypting the ciphertext if Au Ngate Ac>d, selecting d attributes i ∈ Au ≈ Ac, and calculating E (E)i,Di)=e(g,g)p(i)s(ii) a Then Y is determined according to Lagrange interpolationS=e(g,g)p(0)s=e(g,g)ysFinally, the plaintext M ═ E | Y is obtainedS
In summary, the CP-ABE-based method for dynamically updating centralized information security access for rights has the following advantages:
1. the use architectures of the traditional CP-ABE and the authorized distributed CP-ABE are changed, the security of the information is managed in a centralized way, and a user does not need to maintain a private key corresponding to the information such as the attribute, the authority, the priority and the like of the user; the authority information corresponding to each user is recorded on the centralized information security control equipment, the private key is generated according to the beginning of each decryption behavior and is destroyed along with the end of the decryption behavior, and the problem caused by the updating of the user key is solved; the problem of key destruction is solved if the user does not have a private key, so that the problem that a high-authority key is still reserved after the authority is changed is solved; and the problem of updating the global public key due to the change of the individual authority is avoided because the problem of key revocation does not exist.
2. The identity authentication method has the advantages that the legal reliability of the identity is guaranteed at a low cost, due to the centralization of functions, the identity authentication is centralized on a user and information security centralized equipment, an interaction mode is changed into a relatively simple one-to-many mode, and one mode is credible and controllable, so that the identity of the whole network can be guaranteed to be credible only by guaranteeing the security of a private key on the information security centralized equipment, a huge PKI system does not need to be introduced, and the identity authentication method is simple and easy to implement and has obvious advantages particularly in the deployment of small and medium-sized networks.
3. The problem that the responsibility of secret key leakage cannot be confirmed is solved, because the common user does not have the secret key, the secret key is generated by the information security equipment and destroyed after use, the possibility of secret key leakage is reduced, and the responsibility of secret key leakage of the user is avoided.
4. The problems of cost and reliability of information transmission are solved, and a DH algorithm is adopted for establishing an encryption channel to ensure the safe transmission of the plaintext; and on the confirmation of the identity, the confirmation of mutual identity can be ensured without introducing a PKI system, and the mode of information security centralized control ensures that the attribute owned by all users and the sent DH negotiation parameter can be interpreted only by information security centralized control equipment, and the DH channel does not need to keep the connection state of the channel, thereby reducing the consumption of bandwidth.
The access device for dynamically updating the centralized information security access method based on the CP-ABE authority comprises centralized information security control equipment and a user Ukey which are communicated with each other; the centralized information safety control equipment comprises an identity verification module, a permission management module, a CP-ABE module and a safety transmission module which are connected in sequence.
The CP-ABE module is used for completing all CP-ABE encryption functions and generating a public key, a main private key and a user private key of the CP-ABE; the CP-ABE module can maintain a plurality of sets of keys, record the key to which the corresponding ciphertext file belongs, and encrypt the plaintext by using a decoding rule provided by an encryption applicant; in actual operation, the personal attribute and the authority attribute of an application decryptor are used as keys to generate a user private key, the user private key of the application decryptor is used for decrypting a decryption target, a plaintext result is obtained after decryption is successful, and if decryption fails, decryption failure is fed back.
The authority management module is used for managing the authority information of the users, in the specific implementation, the authority management module maintains the authority information of all the users, and once the authority is changed, the authority database is updated at the first time; and inquiring the authority of the encrypted applicant and providing corresponding encrypted authority selection for the applicant, wherein if the low-authority person cannot prevent the high-authority person from decrypting under the general condition, the decryption attribute value of the high-authority is the requisite attribute.
The identity verification module is used for verifying the identity legitimacy of the user and the centralized information safety control equipment; when the user initiatively initiates, verifying whether the attribute of the user is consistent with the claimed attribute; when the user receives the encrypted public key sent by the centralized information safety control device, the public key of the device can be used for verifying whether the signature is legal or not so as to know whether the communication party is the real centralized information safety control device or not.
The safety transmission module is used for establishing a safety encrypted transmission channel between the user and the centralized information safety control equipment, and ensuring the safety of uploading and downloading the plaintext.
In actual operation, the information security access method and the information security access device provided by the invention process the following actual conditions, and the specific process of the processing is as follows:
setting a specific scene as company internal file encryption management, dividing the authority into a head company and branch companies A, B, wherein each branch company has a department K, J, and each department group1, group2, individual and authority level are sequentially reduced.
Let employee ID 001: belonging to division A, department K; the identity is the person responsible for the department.
Employee ID 002: belonging to division A, department J, group 2; the identity is a general employee.
Employee ID 003: belonging to division B, department J; the identity is the person responsible for the department.
1. Initializing centralized information safety control equipment;
the centralized information security control equipment initializes and generates a key arrtr _ key for encrypting and decrypting user ID information, a pair of private key secur _ pri and public key secur _ pub for signature, initialization parameters of DH, a master key master _ key of CP-ABE and a public key ABE _ public key of CP-ABE.
2. Initializing personal information;
initializing Ukey ID001-ID003 on the centralized information safety control equipment, storing the ID information, ID information ID _ key encrypted by the identity attribute key arrtr _ key, and initialization parameters of the public key secur _ pub and DH, and issuing the initialization parameters to corresponding staff.
3. Setting identity authority;
the administrator maintains the authority corresponding to each ID on the centralized information safety control equipment, and the ID001 corresponds to the authority attribute (company A, department K, department responsible person);
ID002 corresponds to the authority attribute (company a, department K, group2, general employee);
ID003 corresponds to the rights attribute (company B, department J, department leader);
4. initiating an encryption application;
the employee ID002 initiates an encryption application, sends an encryption request to the centralized information security control device, the request information includes ID information, identity attribute information encrypted by an identity attribute key arrtr _ key and a public key DH _ pub1 required by DH encryption, the application information is encrypted by the public key secur _ pub, it is ensured that only the centralized information security control device can read the information, and meanwhile, a private key DH _ priv 1of a DH algorithm is locally generated.
The centralized information security control equipment receives an encryption application private key secur _ pri reading message of the employee ID002, obtains ID information through an identity attribute key arrtr _ key, compares whether the ID information is in accordance with the applicant's called identity ID002, and discards the message if the ID information is not in accordance with the applicant's called identity ID 002; if yes, the ID002 is sent to the authority maintenance module to inquire the authority attribute corresponding to the user.
The authority maintenance module inquires about an attribute value company A-company A, a department K-deparatmentK, a group 2-group 2 and an ordinary employee-employee of the authority attribute corresponding to the ID002, after the attribute authority of the employee is obtained, the attribute selection content of the employee is informed to the ID002 of the employee, the employee is allowed to select a decryption attribute in the authority range, and the company, the department and the group are necessary decryption attributes, and the employee of the member in the same level can freely select whether to decrypt the decryption attribute.
Assuming that the employee in the same group as ID002 has ID004-ID007, the employee ID002 selects ID004 and ID005 in the same group to be decrypted, so that the decryption attribute (company, department, group2) is the essential attribute, and only one of the (ID004, ID005) is satisfied. After the decryption rule is submitted, the right maintenance module finds that the department responsible person ID001 is higher than the right of the group member ID002 according to the actual content selection, so that the ID001 can also be solved, and the final decryption attribute rule is the company A & & prepare & & group2& (1of (ID004, ID005, ID 001)).
After the employee ID002 formulates the decryption attribute, the centralized information security control equipment selects a DH private key DH _ priv2 and generates a public key DH _ pub2, and generates an encryption key DH _ secu _ key by using the public key DH _ pub1 and the private key DH _ priv 2; the public key DH _ pub2 is returned to employee ID002 while the information is signed with the private key secur _ pri.
After receiving the public key DH _ pub2, the employee ID002 verifies the signature by using the public key secure _ pub, and confirms that the information is sent by the centralized information security control equipment; and generating an encryption key DH _ secu _ key by using the local private key DH _ priv1 and the public key DH _ pub2, encrypting the plaintext by using the encryption key DH _ secu _ key, and sending the encrypted plaintext to the centralized information security control equipment.
The centralized information security control equipment receives the ciphertext information sent by the employee ID002, and decrypts the ciphertext information by using the encryption key DH _ secu _ key to obtain plaintext content; the centralized information security control apparatus encrypts plaintext using decryption rules of companyA & & deparatmentk & & group2& (1of (ID004, ID005, ID001)) and a public key ABE _ public of CP-ABE to obtain ciphertext.
5. Decrypting the information;
51. the decryption information is successful;
the employee ID001 applies for decrypting the ciphertext, and sends the personal information and the decryption application target to the centralized information security control equipment in a secure manner, wherein the message encryption manner is the same as the encryption application method; after receiving the message, the centralized information security control equipment verifies whether the identity is legal through the identity verification module, and the method is like an encryption process.
The authority attribute value (componyA, deparatmentK) of ID001 is extracted as the department person in charge, so that the authority attribute value also has the attributes of group1 and group2, and group1 and group2 are added to the attribute of ID 001; all rights attributes of final ID001 are (company A, deparatmentantK, group1, group2, ID 001).
Generating an attribute private key ID _ priv _ key of ID001 using the authority attribute (company, deparatentk, group1, group2, ID001) together with the master key master _ key of CP-ABE; decrypting the ciphertext by using the attribute private key ID _ priv _ key; wherein, the attribute (componyA, deparatmentantK, group1, group2, ID001) of ID001 just accords with the decryption rule of ciphertext, componyA & & deparatmentantK & & group2& (1of (ID004, ID005, ID001)), and a plaintext result is obtained; and finally, establishing a safe transmission channel by using a DH algorithm and returning the plaintext to the employee ID 002.
52. The decryption fails;
the employee ID003 applies for decrypting the CTa, the centralized information security control equipment receives the message and verifies whether the identity of the message is legal or not through the identity verification module; extracting the authority attribute value (componyB, deparatmentJ) of the ID003 as a department person in charge, so that the authority attribute value also has the attributes of the group1 and the group 2; therefore, the attribute of ID003 should be added with group1, group 2; all rights attributes of final ID001 are (company B, deparatmentJ, group1, group2, ID 003).
Generating an attribute private key ID _ priv _ key003 of ID003 using the authority attribute (company b, deparatmenttj, group1, group2, ID003) together with the master key master _ key of CP-ABE; the ciphertext is decrypted by using the attribute private key ID _ priv _ key003, the attribute of ID001 (company B, deparatmentantJ, group1, group2, ID003) does not conform to the decryption rule of the ciphertext, company A & & deparatmentantK & & group2& (1of (ID004, ID005, ID001)), and the company attribute, the department attribute and the ID attribute do not conform. Therefore, the file cannot be decrypted, and a result of the decryption failure is returned to the employee ID 003.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (4)

1. A CP-ABE-based method for accessing centralized information by dynamically updating authority is characterized by comprising the following steps:
s1, deploying a centralized information security control point, generating user identity attribute information, and initializing a trusted communication function and a CP-ABE;
s2, initializing a centralized information security control point, generating an identity attribute key arrtr _ key for encrypting and decrypting user identity attribute information, a pair of private key secur _ pri and public key secur _ pub for signature, DH initialization parameters, a main key master _ key of CP-ABE and a CP-ABE public key ABE _ public key;
s3, initializing user personal information on the centralized information security control point, storing the user personal information into ID information, and issuing the initialization parameters of the ID information ID _ key encrypted by the identity attribute key arrtr _ key, the public key secur _ pub and the DH to a corresponding user;
s4, setting authority attribute range of each user in the centralized information security control point;
s5, the user sends an encryption request, and the information of the encryption request includes: the ID information, the identity attribute information encrypted by the identity attribute key arrtr _ key and the public key DH _ pub 1;
s6, encrypting the information of the encryption request by the public key secur _ pub, and sending the information to the centralized information security control point to generate a local private key DH _ priv 1;
s7, the centralized information security control point receives the information of the encryption request, decrypts the encrypted information of the encryption request by using a private key secur _ pri, decrypts the identity attribute information of the applicant by using an identity attribute key arrtr _ key, and judges the legality of the applicant according to the comparison of the decrypted identity attribute information;
s8: if the decrypted identity attribute information is consistent with the identity ID information through comparison, the applicant is legal; otherwise, the applicant is illegal;
s9: the centralized information security control point inquires a corresponding authority attribute range according to the legal identity ID information, the encryptor selects a decryption attribute according to the authority attribute range, and a decryption attribute rule is generated according to the encryption authority attribute range; the encryption authority attribute range is as follows:
if the low-authority person encrypts the file, the high-authority person requires to be able to decrypt the file; or the low-authority person encrypts a certain attribute range of the high-authority person without sensing specific individual information;
s10: based on DH initialization parameters, a safe transmission channel is established by using a DH algorithm, a user uploads decryption attribute rules and unencrypted plaintext information to the centralized information safety control point through the transmission channel, and the centralized information safety control point receives the plaintext through the transmission channel; the centralized information security control point encrypts a plaintext by using a decryption attribute rule and a public key ABE _ public of the CP-ABE to obtain a ciphertext;
s11, the user sends a decryption request, and the information of the decryption request comprises: the ID information, the identity attribute information encrypted by the identity attribute key arrtr _ key and the public key DH _ pub 1;
s12: repeating the steps S6-S8 to verify the validity of the identity of the decryptor;
s13: the centralized information security control point queries the authority attribute range according to the ID information of a legal decryptor, and generates an attribute private key ID _ priv _ key of the decryptor by using the authority attribute range of the decryptor and the master key master _ key of the CP-ABE; decrypting the ciphertext by using the attribute private key ID _ priv _ key;
if the authority attribute range of the decryptor accords with the decryption rule of the ciphertext, the ciphertext can be obtained, and a DH algorithm is used for establishing a safe transmission channel to return the plaintext to the user;
if the authority attribute range of the decryptor does not accord with the decryption rule of the ciphertext, the file cannot be decrypted, and a decryption failure result is returned to the decryptor.
2. The CP-ABE based privilege dynamic update centralized information security access method of claim 1, characterized in that: the trusted communication function initialization comprises trusted initialization and encryption initialization;
the specific steps of the trusted initialization include deploying a pair of a public key and a private key on a centralized information security control point, wherein the private key secur _ pri is not leaked to the outside, and the public key secur _ pub is issued to a user in the trusted communication function initialization stage;
the specific steps of encryption initialization include that an encryption key is generated on an encryption channel through a DH algorithm, and in the initialization stage of the trusted communication function, a user and a centralized information security control point respectively store a common DH parameter.
3. The CP-ABE based privilege dynamic update centralized information security access method as claimed in claim 1, wherein the CP-ABE initialization comprises the following specific steps:
establishing two elliptic curve groups G with the order of prime number q according to the input safety parameter lambda1、G2And a bilinear pair e: G1×G1→G2(ii) a And select a y, t1,…,tn∈Zq,ZqIs a factorial set of {0, … … q-1}, q is a preset parameter; let the public key ABE _ public of CP-ABE be (T)1=gt1,…,Tn=gtn,Y=e(g,g)y) Wherein Y in the formula satisfies the relationship e (g)a,gb)=e(g,g)abIs given as a set of relationships, G, a, b are arbitrarily large integers, G, a, b are belonged to G1(ii) a The master key of the CP-ABE is master _ key of (y, t)1,…tn)。
4. An access device based on the CP-ABE-based privilege dynamic update centralized information security access method of any one of claims 1-3, characterized in that: the system comprises a centralized information security control point and a user Ukey which are communicated with each other; the centralized information security control point comprises an identity verification module, a permission management module, a CP-ABE module and a security transmission module which are connected in sequence.
CN201611257108.4A 2016-12-30 2016-12-30 CP-ABE-based method and device for safely accessing authority dynamic update centralized information Active CN106790185B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611257108.4A CN106790185B (en) 2016-12-30 2016-12-30 CP-ABE-based method and device for safely accessing authority dynamic update centralized information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611257108.4A CN106790185B (en) 2016-12-30 2016-12-30 CP-ABE-based method and device for safely accessing authority dynamic update centralized information

Publications (2)

Publication Number Publication Date
CN106790185A CN106790185A (en) 2017-05-31
CN106790185B true CN106790185B (en) 2021-06-15

Family

ID=58953491

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611257108.4A Active CN106790185B (en) 2016-12-30 2016-12-30 CP-ABE-based method and device for safely accessing authority dynamic update centralized information

Country Status (1)

Country Link
CN (1) CN106790185B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108494733B (en) * 2018-02-11 2021-10-29 上海全程玖玖健康服务有限公司 Message queue subscription method for communication between health management systems
US11036876B2 (en) 2018-08-20 2021-06-15 Cisco Technology, Inc. Attribute-based encryption for microservices

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8423764B2 (en) * 2010-06-23 2013-04-16 Motorola Solutions, Inc. Method and apparatus for key revocation in an attribute-based encryption scheme
WO2014177610A1 (en) * 2013-04-30 2014-11-06 Thomson Licensing Device and method for traceable group encryption
CN104363215B (en) * 2014-11-04 2017-10-10 河海大学 A kind of encryption method and system based on attribute
CN104901942B (en) * 2015-03-10 2019-03-12 重庆邮电大学 A kind of distributed access control method based on encryption attribute
US9209974B1 (en) * 2015-05-03 2015-12-08 Zeutro, Llc Functional encryption key management
CN105100083B (en) * 2015-07-06 2019-04-30 河海大学 A kind of secret protection and support user's revocation based on encryption attribute method and system
CN105045639B (en) * 2015-08-25 2018-11-27 广东欧珀移动通信有限公司 Downloading method of mobile terminal, device and mobile terminal

Also Published As

Publication number Publication date
CN106790185A (en) 2017-05-31

Similar Documents

Publication Publication Date Title
US11621842B2 (en) Origin certificate based online certificate issuance
US11271730B2 (en) Systems and methods for deployment, management and use of dynamic cipher key systems
CN106104562B (en) System and method for securely storing and recovering confidential data
US11849029B2 (en) Method of data transfer, a method of controlling use of data and cryptographic device
CN109495274B (en) Decentralized intelligent lock electronic key distribution method and system
KR20190073472A (en) Method, apparatus and system for transmitting data
US20200320178A1 (en) Digital rights management authorization token pairing
CN104641592A (en) Method and system for a certificate-less authentication encryption (CLAE)
US11831753B2 (en) Secure distributed key management system
US11626975B2 (en) Secure online issuance of customer-specific certificates with offline key generation
CN114039790A (en) Block chain-based fine-grained cloud storage security access control method
CN111294349B (en) Method and device for sharing data of Internet of things equipment
US20220171832A1 (en) Scalable key management for encrypting digital rights management authorization tokens
US20120155647A1 (en) Cryptographic devices & methods
CN106790185B (en) CP-ABE-based method and device for safely accessing authority dynamic update centralized information
US20220407690A1 (en) Key ladder generating a device public key
KR101389981B1 (en) Data delegation method for public cloud storage service and data access method for the delegated data
JP2015186101A (en) Key exchange device and key exchange method
CN113656365B (en) Block chain-based data sharing method and system
US11979491B2 (en) Transmission of secure information in a content distribution network
CN117473551A (en) Data sharing method based on block chain and access control
CN113886781A (en) Multi-authentication encryption method, system, electronic device and medium based on block chain
CN111200602A (en) Rights-sharing management method, encryption card, administrator lock and cipher machine

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant