CN108200181B - Cloud storage oriented revocable attribute-based encryption system and method - Google Patents

Cloud storage oriented revocable attribute-based encryption system and method Download PDF

Info

Publication number
CN108200181B
CN108200181B CN201810025746.6A CN201810025746A CN108200181B CN 108200181 B CN108200181 B CN 108200181B CN 201810025746 A CN201810025746 A CN 201810025746A CN 108200181 B CN108200181 B CN 108200181B
Authority
CN
China
Prior art keywords
key
attribute
module
data
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810025746.6A
Other languages
Chinese (zh)
Other versions
CN108200181A (en
Inventor
孙磊
窦睿彧
赵志远
李作辉
胡翠云
郭松辉
户家富
赵琨
毛秀青
郭松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Information Engineering University of PLA Strategic Support Force
Original Assignee
Information Engineering University of PLA Strategic Support Force
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Information Engineering University of PLA Strategic Support Force filed Critical Information Engineering University of PLA Strategic Support Force
Priority to CN201810025746.6A priority Critical patent/CN108200181B/en
Publication of CN108200181A publication Critical patent/CN108200181A/en
Application granted granted Critical
Publication of CN108200181B publication Critical patent/CN108200181B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a revocable attribute-based encryption system and method for cloud storage.A public key and a main private key of the encryption system and an attribute private key and an attribute group initial key of a data user are generated by an attribute authorization module; the data owner module constructs a data access structure and encrypts a plaintext to obtain an initial ciphertext; the data management module generates an attribute group key through the constructed key encryption key tree, performs re-encryption processing on the initial ciphertext to generate a ciphertext file and a ciphertext header of the ciphertext file, and stores the ciphertext file through the storage module; the data management module can also update the attribute group key after the attribute of the data user module is cancelled, and process the attribute group key to obtain an updated ciphertext file. And the data user module accesses the ciphertext file and decrypts the ciphertext file to obtain a plaintext corresponding to the ciphertext file. Therefore, the attribute-level user revocation capability is realized, collusion attack between a revoked user and a non-revoked user can be resisted, and the method has the advantages of fixed-length ciphertext length and higher efficiency.

Description

Cloud storage oriented revocable attribute-based encryption system and method
Technical Field
The invention relates to the technical field of data security, in particular to a revocable attribute-based encryption system and method for cloud storage.
Background
In recent years, with the rapid development and wide application of technologies such as big data and cloud computing, a large amount of data generated by a large number of users can be uploaded to a cloud server for storage or computing, and therefore the related security problem of the data becomes a research hotspot.
Attribute-Based Encryption (ABE) is used as a novel public key Encryption system, can realize flexible fine-grained access control on data according to user attributes, and is one of key support technologies for solving the current cloud storage security problem. The ABE is classified into a Key-Policy attribute encryption scheme (Key-Policy ABE, KP-ABE) and a Ciphertext-Policy attribute encryption scheme (Ciphertext-Policy ABE, CP-ABE) according to the embedding position of an access structure. The CP-ABE is similar to role-based access control in traditional access control, can embed an access structure in a ciphertext, specifies that a user with certain attributes can access the ciphertext, and realizes a one-to-many encryption mode. Therefore, the CP-ABE can play a great value in a cloud storage mode, is widely concerned by academia and industry, and becomes a research hotspot of the current cryptology theory.
In the actual application process of the CP-ABE, the ciphertext length is an important technical index. In most of existing CP-ABE schemes, the length of a ciphertext is increased linearly along with the increase of complexity of an access structure, so that a data ciphertext occupies a large amount of cloud storage resources, and a user spends a large amount of funds on renting the cloud storage resources; and on the other hand, a large amount of communication resources are occupied in the data sharing process. Another security indicator of CP-ABE during application is attribute revocation. Since a large number of users are in the cloud storage, some user's relevant attributes may change during the operation of the system, or some private keys may be revealed, and therefore, revoking or updating the private key component of each attribute is crucial to the security of the system. Each attribute in CP-ABE may be shared by multiple users, which means that revocation of any attribute may affect other users, and thus attribute revocation is also a difficulty in CP-ABE schemes. Based on the influence range of the revoked attribute, the attribute key revocation can be divided into three cases, namely user revocation, user partial attribute revocation and system attribute revocation. The user revokes all attributes of the user without influencing the users which are not revoked; the user partial attribute revocation is to revoke some attributes in the user attribute information, and after revocation, the user loses the authority corresponding to the attribute, but does not affect the authority of other attributes; a system attribute revocation, i.e., revoking all users having that attribute.
However, in the existing research, it is found that the existing CP-ABE scheme has certain defects in a plurality of aspects such as fine-grained access control in a data outsourcing environment, resistance to collusion attack between a revoked user and an unrevoked user, saving of computing and storage resources, maintenance of an attribute revocation list, and the like, so that the existing CP-ABE scheme is difficult to meet the requirements of users.
Disclosure of Invention
In view of the above problems, the present invention provides an attribute encryption system and method, which achieve attribute-level user revocation capability, can resist collusion attack between revoked users and non-revoked users, and has a ciphertext length of a fixed length and higher efficiency.
In order to achieve the above object, according to a first aspect of the present invention, there is provided a cloud storage oriented revocable attribute-based encryption system, including: the system comprises an attribute authorization module, a data owner module, a data management module, a storage module and a data user module;
the attribute authorization module is used for generating a public key and a main private key of an encryption system, generating an attribute private key and an attribute group initial key of a data user module, sending the attribute private key of the data user module to the data user module, and sending the attribute group initial key to the data management module;
the data owner module is used for constructing a data access structure and encrypting a plaintext through a public key of the encryption system to generate an initial ciphertext;
the data management module is used for generating a public key of the data management module and a main private key of the data management module, generating an attribute group key through a constructed key encryption key tree, carrying out re-encryption processing on the initial ciphertext to generate a ciphertext file, and generating a ciphertext head of the ciphertext file;
the storage module is used for storing the ciphertext file and the ciphertext header of the ciphertext file;
the data user module is used for accessing the ciphertext file and decrypting the ciphertext file according to the public key of the encryption system, the private key of the data user module and the attribute group key to obtain a plaintext corresponding to the ciphertext file, wherein the attribute information of the data user module meets the data access structure constructed by the data owner module;
when the attribute of the data user module is revoked, the data management module is further configured to update the attribute group key of the data user module, and update the ciphertext file to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
Preferably, the attribute authorization module includes:
a parameter setting unit for setting parameters of the encryption system;
the first key generation unit is used for calculating and generating a public key and a main private key of the encryption system according to the parameters of the encryption system;
the private key generating unit is used for acquiring the attribute information of the data user module, calculating and generating an attribute private key and an attribute group initial key of the data user module according to the public key and the main private key of the encryption system and the public key of the data management module;
and the sending unit is used for sending the attribute key of the data user module to the data user module and sending the attribute group initial key to the data management module.
Preferably, the data owner module is specifically configured to encrypt a plaintext according to the data access structure and a public key of an encryption system sent by the attribute authorization module to generate an initial ciphertext.
Preferably, the data management module includes:
the second key generation unit is used for calculating and generating a public key and a main private key of the data management module according to the public key of the encryption system;
the construction unit is used for constructing a key encryption key tree according to the attribute information of the data user module;
the attribute group key generation unit is used for generating an attribute group key through the key encryption key tree according to the received attribute information of the data user module and the attribute initial group key sent by the attribute authorization module;
and the re-encryption unit is used for re-encrypting the initial ciphertext according to the public key of the encryption system and the private key of the data management module to generate a ciphertext file and generate a ciphertext header of the ciphertext file.
Preferably, when the attribute of the data user module is revoked, the data management module further includes:
the first updating unit is used for acquiring the revoked attribute of the data user module with the revoked attribute, calculating and generating an updated public key and a master private key of the corresponding data management module according to the revoked attribute, the private key of the data management module and the attribute group key of the data user module, and generating the updated attribute group key of the data user module;
and the second updating unit is used for updating the ciphertext file according to the obtained revoked attribute to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
According to a second aspect of the present invention, there is provided a revocable attribute-based encryption method for cloud storage, the method being applicable to a revocable attribute-based encryption system for cloud storage, the system including: the system comprises an attribute authorization module, a data owner module, a data management module, a storage module and a data user module, and the method comprises the following steps:
the attribute authorization module generates a public key and a main private key of an encryption system, generates an attribute private key and an attribute group initial key of a data user, sends the attribute private key of the data user module to the data user module, and sends the attribute group initial key to the data management module;
the data owner module constructs a data access structure and encrypts a plaintext through a public key of the encryption system to generate an initial ciphertext;
the data management module generates a public key of the data management module and a main private key of the data management module, generates an attribute group key through a constructed key encryption key tree, performs re-encryption processing on the initial ciphertext to generate a ciphertext file, and generates a ciphertext head of the ciphertext file;
the storage module stores the ciphertext file and the ciphertext header of the ciphertext file;
the data user module accesses the ciphertext file and decrypts the ciphertext file according to the public key of the encryption system, the private key of the data user module and the attribute group key to obtain a plaintext corresponding to the ciphertext file, wherein the attribute information of the data user module meets a data access structure constructed by the data owner module;
and when the attribute of the data user module is cancelled, the data management module updates the attribute group key of the data user module and updates the ciphertext file to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
Preferably, the generating, by the attribute authorization module, a public key and a master private key of the encryption system, generating an attribute private key and an attribute group initial key of the data user module, sending the attribute private key of the data user module to the data user module, and sending the attribute group initial key to the data management module includes:
setting parameters of an encryption system;
calculating and generating a public key and a main private key of the encryption system according to the parameters of the encryption system;
acquiring attribute information of a data user module, and calculating and generating an attribute private key and an attribute group initial key of the data user module according to a public key and a main private key of the encryption system and a public key of the data management module;
and sending the attribute key of the data user module to the data user module, and sending the attribute group initial key to the data management module.
Preferably, the data owner module constructs a data access structure, and encrypts a plaintext by using a public key of the encryption system to generate an initial ciphertext, and the method includes:
the data owner module constructs a data access structure;
and encrypting a plaintext according to the data access structure and the public key of the encryption system sent by the attribute authorization module to generate an initial ciphertext.
Preferably, the generating, by the data management module, a public key of the data management module and a master private key of the data management module, generating an attribute group key by using the constructed key encryption key tree, performing re-encryption processing on the initial ciphertext to generate a ciphertext file, and generating a ciphertext header of the ciphertext file includes:
calculating and generating a public key and a main private key of the data management module according to the public key of the encryption system;
constructing a key encryption key tree according to the attribute information of the data user module;
generating an attribute group key through the key encryption key tree according to the received attribute information of the data user module and the attribute initial group key sent by the attribute authorization module;
and carrying out re-encryption processing on the initial ciphertext according to the public key of the encryption system and the private key of the data management module to generate a ciphertext file, and generating a ciphertext head of the ciphertext file.
Preferably, when the attribute of the data user module is revoked, the method further includes:
the data management module acquires the revoked attribute of the data user module with the revoked attribute, calculates and generates an updated public key and a master private key of the corresponding data management module according to the revoked attribute, the private key of the data management module and the attribute group key of the data user module, and generates an updated attribute group key of the data user module;
and updating the ciphertext file according to the obtained revoked attribute to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
Compared with the prior art, the method and the device have the advantages that the key encryption key tree is built through the data management module, the attribute group key is built based on the key encryption key tree, the attribute group key of each data user module in the attribute group is different, and when a certain attribute of a certain data user module is revoked, the corresponding attribute group key is revoked. Because the attribute group key of each data user module is different, collusion attack between a revocation data user module and a non-revocation data user module can be resisted; when the attribute of the data user module is cancelled, all calculated amounts of updating the attribute group key of the data user module and the updated key file are completed by the data management module, so that the calculation burden of the data user module is effectively reduced, and the efficiency of the encryption system is improved; in addition, the invention adopts an AND gate access structure supporting multi-value attributes and wildcards in the encryption process, so that the ciphertext length is not linearly and positively correlated with the access structure any more, the constant ciphertext length is realized, and the storage burden and the communication burden are reduced; the invention has flexible and fine-grained access control capability and high-efficiency revocation capability.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a revocable attribute-based encryption system for cloud storage according to an embodiment of the present invention;
fig. 2 is a timing diagram of an execution process of a cloud storage oriented revocable attribute-based encryption system according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of another cloud storage-oriented revocable attribute-based encryption system according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a key encryption key tree according to an embodiment of the present invention;
fig. 5 is a schematic flowchart of a revocable attribute-based encryption method for cloud storage according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first" and "second," and the like in the description and claims of the present invention and the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "comprising" and "having," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not set forth for a listed step or element but may include steps or elements not listed.
The embodiment of the invention discloses a revocable attribute-based encryption system for cloud storage, and please refer to the attached figure 1, which comprises the following components:
the system comprises an attribute authorization module 1, a data owner module 2, a data management module 3, a storage module 4 and a data user module 5;
the attribute authorization module 1 is configured to generate a public key and a master private key of an encryption system, generate an attribute private key and an attribute group initial key of a data user module, send the attribute private key of the data user module to the data user module, and send the attribute group initial key to the data management module;
the data owner module 2 is used for constructing a data access structure and encrypting a plaintext through a public key of the encryption system to generate an initial ciphertext;
the data management module 3 is configured to generate a public key of the data management module and a master private key of the data management module, generate an attribute group key through a constructed key encryption key tree, perform re-encryption processing on the initial ciphertext to generate a ciphertext file, and generate a ciphertext header of the ciphertext file;
the storage module 4 is configured to store the ciphertext file and the ciphertext header of the ciphertext file;
the data user module 5 is configured to access the ciphertext file, and decrypt the ciphertext file according to the public key of the encryption system, the private key of the data user module, and the attribute group key to obtain a plaintext corresponding to the ciphertext file, where attribute information of the data user module satisfies a data access structure constructed by the data owner module;
when the attribute of the data user module 5 is revoked, the data management module 3 is further configured to update the attribute group key of the data user module, and update the ciphertext file to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
In the embodiment of the present invention, the attribute authorization module 1 may be a completely trusted authority, and is mainly responsible for generating a system public key and a system private key, and at the same time, it controls the distribution of the private key of the data user module and the initial key of the attribute group. The data owner module 2 will typically upload the encrypted data to the cloud service provider to reduce the storage burden. In order to reduce the calculation burden of the data owner module 2, when the data user module cancels the attribute, the key encryption key tree constructed by the data management module 3 generates the attribute group key to complete the updating work of the attribute related key and the ciphertext; the data owner module 2 needs to encrypt the data with the symmetric key before uploading the data to the cloud service provider and then designates an access structure for encrypting the symmetric key. Only when the attribute of the data user module 5 meets the access structure, the key can be correctly decrypted to obtain a symmetric key, and then the symmetric key is used for decrypting the ciphertext file to obtain a corresponding plaintext; the data user module 5, i.e. the data visitor in the system, can freely access the ciphertext data resources in the cloud. The attribute authorization module 1 generates a private key for the data accessor according to the attribute of the data accessor for decrypting the key ciphertext. If its attributes are not revoked, the data consumer module 5 is able to calculate the final plaintext. The operational relationship between the various modules of the system in an embodiment of the present invention is illustrated in fig. 2.
In the embodiment of the invention, a key encryption key tree is constructed through the data management module 3, the attribute group key is constructed based on the key encryption key tree, the attribute group keys of each data user module in the attribute group are different, and when a certain attribute of a certain data user module is revoked, the corresponding attribute group key is revoked. Because the attribute group key of each data user module is different, collusion attack between a revocation data user module and a non-revocation data user module can be resisted; when the attribute of the data user module is cancelled, all calculated amounts of updating the attribute group key of the data user and updating the ciphertext file are completed by the data management module 3, so that the calculation burden of the data user module is effectively reduced, and the efficiency of the encryption system is improved; in addition, the invention realizes the constant length of the ciphertext, and reduces the storage burden and the communication burden; the invention has flexible and fine-grained access control capability and high-efficiency revocation capability.
On the basis of the embodiment corresponding to fig. 1, referring to fig. 3, in another cloud storage oriented revocable attribute-based encryption system disclosed in the present invention, the attribute authorization module 1 specifically includes:
a parameter setting unit 11 for setting parameters of the encryption system;
a first key generation unit 12, configured to calculate and generate a public key PK and a master private key MSK of the encryption system according to the parameter of the encryption system;
a private key generating unit 13, configured to obtain the attribute information of the data user, calculate and generate an attribute private key SK of the data user module according to the public key PK and the master private key MSK of the encryption system and the public key DPK of the data management moduleLAnd an attribute group initial key KEK';
a sending unit 14, configured to use the attribute private key SK of the data user moduleLAnd sending the attribute group initial key to the data user module and sending the attribute group initial key to the data management module.
The data management module 3 includes:
a second key generation unit 31, configured to calculate and generate a public key DPK and a master private key DSK of the data management module according to the public key PK of the encryption system;
a construction unit 32, configured to construct a key encryption key tree according to the set information of the data user;
the attribute group key generation unit 33 is configured to generate an attribute group key KEK through the key encryption key tree according to the received attribute information of the data user and the attribute group initial key KEK' sent by the attribute authorization module;
and the re-encryption unit 34 is configured to re-encrypt the initial ciphertext according to the public key PK of the encryption system and the private key DSK of the data management module, generate a ciphertext file, and generate a ciphertext header of the ciphertext file.
It should be noted that the parameter setting unit 11 mainly employs a bilinear group technique, which is an important key technique in the cryptographic system. Let psi be a group production algorithm with the security parameter λ as input, output (p, G)TAnd e). Where p is a prime number determined by a safety parameter lambda, G and GTIs a cyclic group of order prime p. Bilinear map e: GXG → GTThe following properties are satisfied:
bilinear: for the
Figure BDA0001544878750000101
a,b∈ZpHaving e (u)a,vb)=e(u,v)ab
Non-degradability:
Figure BDA0001544878750000102
so that e (G, G) is at GTThe order in (1) is p.
Calculability: for the
Figure BDA0001544878750000103
E (u, v) can be efficiently calculated.
The Attribute Authority (AA) module 1 in the present invention is abbreviated as AA for descriptive convenience, and the first key generation unit 12 performs AASetup (1)λ) → PK, MSK }: the AA executes the algorithm for system initialization. The algorithm takes a hidden security parameter lambda as input and outputs a system public parameter, a public key PK and a private key MSK of AA, and specifically comprises the following steps:
AA inputs a security parameter λ and selects two multiplicative cyclic groups G and G of prime p orderTG is the generator of the cyclic group G, and there is effectively a bilinear map e G → GT
AA random selection
Figure BDA0001544878750000104
Two collusion resistant hash functions were chosen:
Figure BDA0001544878750000105
and H1:
Figure BDA0001544878750000106
Wherein
Figure BDA0001544878750000107
AA calculation
Figure BDA0001544878750000108
And
Figure BDA0001544878750000109
wherein i is more than or equal to 1 and less than or equal to n, and b is more than or equal to 1 and less than or equal to bi≤ni
Public key of AA public system
Figure BDA00015448787500001011
The master private key MSK is retained (α, β).
Correspondingly, the Data management module 3 (DSM), which is abbreviated as DSM for convenience of description, executes the algorithm dsmsetup (pk) → { DPK, DSK } for initialization. The algorithm takes a system public key PK as input and outputs a public key DPK of DSM and a main private key DSK. The DSM's public-private key pair will be updated when user attribute revocation occurs at the system. Referring to fig. 4, at this time, the constructing unit 32 constructs a Key Encryption Key (KEK) tree, that is, a complete binary tree established based on the user set, and provides a Key update capability for the un-revoked user, thereby achieving the purpose of revoking the user. Setting a system user set U ═ U1,u2,…,uNSystem attribute information W ═ att1,att2,…,attn}. Is provided with
Figure BDA00015448787500001010
Is to possess attribute attiIs called an attribute group. GiWill be regarded as having access to the attribute attiThe access list of (2). Let G ═ G1,G2,…,GnIs the attribute group set. For example: if u1,u2,u3Respectively possess attribute information att1,att2},{att1,att2,att3},{att2,att3}, then G1={u1,u2},G2={u1,u2,u3}, G3={u2,u3}. The DSM constructs the KEK tree as follows:
each user in the data user set U is assigned to a leaf node of the binary tree, each node vjStore one randomMachine value thetaj
Path node generation algorithm Path (u)k): for each user ukAll nodes from leaf node to root node are defined as user ukThe path node of (2). E.g., Path (u)5)={v12,v6,v3,v1}。
Minimum coverage set algorithm Mincs (G)i): for each attribute group GiIn the KEK tree G can be coverediIs the minimum coverage set. Such as Gi={u1,u2,u4,u6,u7,u8}, then Mincs (G)i)={v4,v11,v13,v7}。
Consider Path (u)k) And Mincs (G)i) Of each user uk∈GiWith and only one node vjStored random value thetaj. U as in (2) and (3)6Owning only node v13Stored random value theta13
The public key DPK and the main private key DSK for generating the DSM are specifically:
DSM for each
Figure BDA0001544878750000111
Selecting a random index
Figure BDA0001544878750000112
Computing
Figure BDA0001544878750000113
DSM public key
Figure BDA0001544878750000114
Preserving master private keys
Figure BDA0001544878750000115
After obtaining the public key and the private key of the AA, the public key and the master private key of the DSM, the private key of the data user is generated, that is, the private key generation unit 13 of the attribute authorization module 1 and the attribute group key generation module 33 of the data management module 3 are performed, specifically:
the private key generation unit 13 executes an algorithm AAKeyGen (id, PK, DPK, MSK, L) → { SK }LKEK' which takes a system public key PK, a DSM public key DPK, a system master private key MSK and user attribute information L as input and outputs a user attribute private key SKLAnd an attribute group key KEK', specifically:
AA random selection
Figure BDA0001544878750000116
For 1 ≦ i ≦ n, assume
Figure BDA0001544878750000117
AA calculation
Figure BDA0001544878750000118
Figure BDA0001544878750000119
Outputting user attribute related private keys
Figure BDA00015448787500001110
And
Figure BDA00015448787500001111
the attribute group key generation module 33 executes an algorithm DSMKeyGen (KEK ', L) → KEK, and outputs a user attribute group private key KEK with KEK' and user attribute information L as inputs.
The DSM generates an attribute group key for the user according to the KEK tree computation process. For each
Figure BDA0001544878750000121
DSM calculation
Figure BDA0001544878750000122
If it is
Figure BDA0001544878750000123
The DSM stops calculating; if it is
Figure BDA0001544878750000124
DSM calculation
Figure BDA0001544878750000125
Wherein the random value thetajCorresponding node
Figure BDA0001544878750000126
Output of
Figure BDA0001544878750000127
The data encryption process is carried out in two steps, namely the initial encryption of the data owner module 2 and the re-encryption of the data management module 3, and the phase comprises two polynomial time algorithms of Encrypt and DSMEncrypt. The data owner module 2 constructs an access structure and encrypts a plaintext to generate an initial ciphertext, and then the DSM performs proxy re-encryption to generate a ciphertext file, wherein the ciphertext file comprises a re-encrypted ciphertext and a data ciphertext header. The method specifically comprises the following steps:
the data owner module 2 executes an algorithm Encrypt (PK, W, m) → CT ', which takes a system public key PK, an access structure W and a plaintext message m as inputs and outputs an intermediate ciphertext CT', specifically:
suppose that
Figure BDA0001544878750000128
To use the access structure
Figure BDA0001544878750000129
Encrypted plaintext m e GTData owner calculation
Figure BDA00015448787500001210
Data owner Module 2 random selection
Figure BDA00015448787500001211
Computing
Figure BDA00015448787500001212
C1′=gsAnd
Figure BDA00015448787500001213
outputting the initial ciphertext
Figure BDA00015448787500001217
To improve computational efficiency, the data owner module 2 may first encrypt the data m with the symmetric key k, and then the data owner designates an attribute-based access structure W for encrypting the symmetric key k.
The re-encryption unit 34, performs the algorithm DSMEncrypt (PK, DSK, CT') → { Hdr, CT → [ (Hdr), CTWThe algorithm takes a system public key PK, a DSM public key DPK and an intermediate ciphertext CT' as input, and outputs a ciphertext head Hdr and a final ciphertext CTWThe method specifically comprises the following steps:
for W in access structureiDSM randomly selects ki∈ZpAnd call up
Figure BDA00015448787500001216
And (4) an algorithm.
Re-encrypting the intermediate ciphertext CT' to obtain
Figure BDA00015448787500001218
Figure BDA00015448787500001214
Then CTW=(W,C0,C1,C2)。
Calculating ciphertext header
Figure BDA00015448787500001215
DSM will (CT)WHdr) to the memory module 4 for storage.
After data is encrypted, if a data user module accesses a ciphertext file, the ciphertext file needs to be decrypted, before that, whether the attribute of a data user meets the access structure of the data owner module 2 is judged, and only when the attribute information of the data user module meets the access structure and the attribute of the data user is not revoked, the data user module can calculate and obtain a plaintext corresponding to the ciphertext file through the following process.
I.e. performing the algorithm Decrypt (PK, Hdr, CT)W,SKLKEK) → m, with the system public key PK, ciphertext header Hdr, ciphertext CTWPrivate key SK of user attributeLAnd KEK as inputs, outputting plaintext data m. Data user first calculation
Figure BDA0001544878750000131
Then the plaintext message m is obtained by calculation according to the following formula:
Figure BDA0001544878750000132
when the attribute of a certain data user is revoked, the data management module 3 first updates the public-private key pair of DSM, the attribute group key of the data user, and then updates the ciphertext file, that is, updates the corresponding ciphertext and ciphertext header, and at this time, the data management module 3 further includes:
the first updating unit 35 is configured to obtain a revoked attribute of a data user module with a revoked attribute, calculate and generate an updated public key DPK and a master private key DSK of a corresponding data management module according to the revoked attribute, a private key of the data management module, and an attribute group key of the data user module, and generate an updated attribute group key of the data user module;
and the second updating unit 36 is configured to update the ciphertext file according to the obtained revoked attribute, so as to obtain an updated ciphertext file.
The first updating unit 35 executes an algorithm
Figure BDA0001544878750000133
With DSM private key DSK, user private key KEK and revoked attribute LxAs input, a new private key is output
Figure BDA0001544878750000134
The method specifically comprises the following steps:
when data user uzProperty (2) of
Figure BDA0001544878750000135
When revoked, the DSM randomly selects
Figure BDA0001544878750000136
And calculate
Figure BDA0001544878750000137
By using
Figure BDA0001544878750000138
And
Figure BDA0001544878750000139
substitution in DPK and DSK
Figure BDA00015448787500001310
And
Figure BDA00015448787500001319
obtaining a new DSM public key
Figure BDA00015448787500001311
And a master private key
Figure BDA00015448787500001312
DSM update attribute group
Figure BDA00015448787500001313
And recalculate
Figure BDA00015448787500001314
For example: if it is
Figure BDA00015448787500001315
Then
Figure BDA00015448787500001316
When data user u6Property L ofxWhen the key is revoked, the key is cancelled,
Figure BDA00015448787500001317
Figure BDA00015448787500001318
for each data user
Figure BDA0001544878750000141
DSM calculation
Figure BDA0001544878750000142
If it is
Figure BDA0001544878750000143
The DSM stops calculating; if it is
Figure BDA0001544878750000144
DSM calculation
Figure BDA0001544878750000145
And
Figure BDA0001544878750000146
wherein the random value
Figure BDA0001544878750000147
Corresponding node
Figure BDA0001544878750000148
For DSM
Figure BDA0001544878750000149
In the alternative KEK
Figure BDA00015448787500001410
Second updating unit 36, executing the algorithm
Figure BDA00015448787500001411
With ciphertext header Hdr, ciphertext CT and revoked attribute LxAs input, a new ciphertext header is output
Figure BDA00015448787500001412
And ciphertext
Figure BDA00015448787500001413
The method specifically comprises the following steps:
DSM random selection
Figure BDA00015448787500001414
And re-encrypting the ciphertext:
Figure BDA00015448787500001415
Figure BDA00015448787500001416
output of
Figure 1
Updating the ciphertext header:
Figure BDA00015448787500001418
in the embodiment of the invention, a key encryption key tree is constructed through the data management module 3, the attribute group key is constructed based on the key encryption key tree, the attribute group key of each data user in the attribute group is different, and when a certain attribute of a certain data user is revoked, the corresponding attribute group key is revoked. Because the attribute group key of each data user is different, collusion attack between a revoked data user and a non-revoked data user can be resisted; in the data encryption process, firstly, the uploaded data, namely the plaintext, is initially encrypted through the data owner module 2, and then, the data is re-encrypted through the data management module 3, so that an AND gate strategy of multi-value attributes and wildcards is supported, further, the ciphertext length is not in positive linear correlation with the data access structure, and the constant ciphertext length is realized; and when the attribute of the data user is revoked, all the calculation amounts of the attribute group key of the data user and the updated key file are completed by the data management module 3, so that the calculation burden of the data user is effectively reduced, the efficiency of an encryption system is improved, and flexible and fine-grained access control and high-efficiency revocation capability are realized.
Corresponding to the revocable attribute-based encryption system for cloud storage provided by the embodiment of the invention, the invention also provides a revocable attribute-based encryption method for cloud storage, which is suitable for the revocable attribute-based encryption system for cloud storage, and the system comprises: the method comprises the following steps of an attribute authorization module, a data owner module, a data management module, a storage module and a data user module, and referring to the attached figure 5:
s11, the attribute authorization module generates a public key and a main private key of an encryption system, generates an attribute private key and an attribute group initial key of a data user module, sends the attribute private key of the data user module to the data user module, and sends the attribute group initial key to the data management module;
s12, the data owner module constructs a data access structure, and encrypts a plaintext through a public key of the encryption system to generate an initial ciphertext;
s13, the data management module generates a public key of the data management module and a main private key of the data management module, generates an attribute group key through a constructed key encryption key tree, re-encrypts the initial ciphertext to generate a ciphertext file, and generates a ciphertext header of the ciphertext file;
s14, the storage module stores the ciphertext file;
s15, the data user module accesses the ciphertext file, and decrypts the ciphertext file according to the public key of the encryption system, the private key of the data user module and the attribute group key to obtain a plaintext corresponding to the ciphertext file, wherein the attribute information of the data user module meets the data access structure constructed by the data owner module;
and S16, when the attribute of the data user module is cancelled, the data management module updates the attribute group key of the data user module, and updates the ciphertext file to obtain an updated ciphertext file and a ciphertext header of the ciphertext file.
Specifically, the attribute authorization module generates a public key and a master private key of an encryption system, generates an attribute private key and an attribute group initial key of a data user, sends the attribute private key of the data user to the data user module, and sends the attribute group initial key to the data management module, and the method includes:
setting parameters of an encryption system;
calculating and generating a public key and a main private key of the encryption system according to the parameters of the encryption system;
acquiring attribute information of a data user module, and calculating and generating an attribute private key and an attribute group initial key of the data user module according to a public key and a main private key of the encryption system and a public key of the data management module;
and sending the attribute key of the data user module to the data user module, and sending the attribute group initial key to the data management module.
Correspondingly, the data owner module constructs a data access structure, encrypts a plaintext through a public key of the encryption system to generate an initial ciphertext, and includes:
the data owner module constructs a data access structure;
and encrypting a plaintext according to the data access structure and the public key of the encryption system sent by the attribute authorization module to generate an initial ciphertext.
Correspondingly, the data management module generates a public key of the data management module and a master private key of the data management module, generates an attribute group key through a constructed key encryption key tree, performs re-encryption processing on the initial ciphertext to generate a ciphertext file, and generates a ciphertext header of the ciphertext file, including:
calculating and generating a public key and a main private key of the data management module according to the public key of the encryption system;
constructing a key encryption key tree according to the attribute information of the data user module;
generating an attribute group key through the key encryption key tree according to the received attribute information of the data user module and the attribute initial group key sent by the attribute authorization module;
and carrying out re-encryption processing on the initial ciphertext according to the public key of the encryption system and the private key of the data management module to generate a ciphertext file, and generating a ciphertext head of the ciphertext file.
Specifically, when the attribute of the data user module is revoked, the method further includes:
the data management module acquires the revoked attribute of the data user module with the revoked attribute, calculates and generates an updated public key and a master private key of the corresponding data management module according to the revoked attribute, the private key of the data management module and the attribute group key of the data user module, and generates an updated attribute group key of the data user module;
and updating the ciphertext file according to the obtained revoked attribute to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
In the embodiment of the invention, a key encryption key tree is constructed through a data management module, an attribute group key is constructed based on the key encryption key tree, the attribute group keys of each data user module in an attribute group are different, and when a certain attribute of a certain data user module is revoked, the corresponding attribute group key is revoked. Because the attribute group key of each data user module is different, collusion attack between a revoked data user and a non-revoked data user can be resisted; when the attribute of the data user module is cancelled, all calculated amounts of updating the attribute group key of the data user module and the updated key file are completed by the data management module, so that the calculation burden of the data user module is effectively reduced, and the efficiency of the encryption system is improved; in addition, the invention realizes the constant length of the ciphertext, and reduces the storage burden and the communication burden; the invention has flexible and fine-grained access control capability and high-efficiency revocation capability.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (8)

1. A cloud storage oriented revocable attribute-based encryption system, the system comprising: the system comprises an attribute authorization module, a data owner module, a data management module, a storage module and a data user module;
the attribute authorization module is configured to generate a public key and a master private key of an encryption system, generate an attribute private key and an attribute group initial key of a data user module, send the attribute private key of the data user module to the data user module, and send the attribute group initial key to the data management module, where the attribute authorization module includes: a parameter setting unit for setting parameters of the encryption system; the first key generation unit is used for calculating and generating a public key and a main private key of the encryption system according to the parameters of the encryption system; the private key generating unit is used for acquiring the attribute information of the data user module, calculating and generating an attribute private key and an attribute group initial key of the data user module according to the public key and the main private key of the encryption system and the public key of the data management module; a sending unit, configured to send the attribute key of the data user module to the data user module, and send the attribute group initial key to the data management module;
the data owner module is used for constructing a data access structure and encrypting a plaintext through a public key of the encryption system to generate an initial ciphertext;
the data management module is used for generating a public key of the data management module and a main private key of the data management module, generating an attribute group key through a constructed key encryption key tree, carrying out re-encryption processing on the initial ciphertext to generate a ciphertext file, and generating a ciphertext head of the ciphertext file, wherein the encryption process is an AND gate access structure supporting multi-valued attributes and wildcards;
the storage module is used for storing the ciphertext file and the ciphertext header of the ciphertext file;
the data user module is used for accessing the ciphertext file and decrypting the ciphertext file according to the public key of the encryption system, the private key of the data user module and the attribute group key to obtain a plaintext corresponding to the ciphertext file, wherein the attribute information of the data user module meets the data access structure constructed by the data owner module;
when the attribute of the data user module is revoked, the data management module is further configured to update the attribute group key of the data user module, and update the ciphertext file to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
2. The system according to claim 1, wherein the data owner module is specifically configured to encrypt plaintext according to the data access structure and a public key of an encryption system sent by the attribute authorization module to generate an initial ciphertext.
3. The system of claim 1, wherein the data management module comprises:
the second key generation unit is used for calculating and generating a public key and a main private key of the data management module according to the public key of the encryption system;
the construction unit is used for constructing a key encryption key tree according to the attribute information of the data user module;
the attribute group key generation unit is used for generating an attribute group key through the key encryption key tree according to the received attribute information of the data user module and the attribute initial group key sent by the attribute authorization module;
and the re-encryption unit is used for re-encrypting the initial ciphertext according to the public key of the encryption system and the private key of the data management module to generate a ciphertext file and generate a ciphertext header of the ciphertext file.
4. The system of claim 1, wherein when the attribute of the data user module is revoked, the data management module further comprises:
the first updating unit is used for acquiring the revoked attribute of the data user module with the revoked attribute, calculating and generating an updated public key and a master private key of the corresponding data management module according to the revoked attribute, the private key of the data management module and the attribute group key of the data user module, and generating the updated attribute group key of the data user module;
and the second updating unit is used for updating the ciphertext file according to the obtained revoked attribute to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
5. A revocable attribute-based encryption method for cloud storage is characterized in that the method is suitable for a revocable attribute-based encryption system for cloud storage, and the system comprises: the system comprises an attribute authorization module, a data owner module, a data management module, a storage module and a data user module, and the method comprises the following steps:
the attribute authorization module generates a public key and a main private key of an encryption system, generates an attribute private key and an attribute group initial key of a data user, sends the attribute private key of the data user module to the data user module, and sends the attribute group initial key to the data management module, wherein the attribute authorization module generates the public key and the main private key of the encryption system, generates the attribute private key and the attribute group initial key of the data user module, sends the attribute private key of the data user module to the data user module, and sends the attribute group initial key to the data management module, and the method comprises the following steps: setting parameters of an encryption system; calculating and generating a public key and a main private key of the encryption system according to the parameters of the encryption system; acquiring attribute information of a data user module, and calculating and generating an attribute private key and an attribute group initial key of the data user module according to a public key and a main private key of the encryption system and a public key of the data management module; sending the attribute key of the data user module to the data user module, and sending the attribute group initial key to the data management module;
the data owner module constructs a data access structure and encrypts a plaintext through a public key of the encryption system to generate an initial ciphertext;
the data management module generates a public key of the data management module and a main private key of the data management module, generates an attribute group key through a constructed key encryption key tree, performs re-encryption processing on the initial ciphertext to generate a ciphertext file, and generates a ciphertext head of the ciphertext file, wherein the encryption process is an AND gate access structure supporting multi-valued attributes and wildcards;
the storage module stores the ciphertext file and the ciphertext header of the ciphertext file;
the data user module accesses the ciphertext file and decrypts the ciphertext file according to the public key of the encryption system, the private key of the data user module and the attribute group key to obtain a plaintext corresponding to the ciphertext file, wherein the attribute information of the data user module meets a data access structure constructed by the data owner module;
and when the attribute of the data user module is cancelled, the data management module updates the attribute group key of the data user module and updates the ciphertext file to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
6. The method of claim 5, wherein the data owner module constructs a data access structure and encrypts plaintext with a public key of the encryption system to generate an initial ciphertext, comprising:
the data owner module constructs a data access structure;
and encrypting a plaintext according to the data access structure and the public key of the encryption system sent by the attribute authorization module to generate an initial ciphertext.
7. The method of claim 5, wherein the data management module generates a public key of the data management module and a master private key of the data management module, generates an attribute group key through the constructed key encryption key tree, performs re-encryption processing on the initial ciphertext to generate a ciphertext file, and generates a ciphertext header of the ciphertext file, comprising:
calculating and generating a public key and a main private key of the data management module according to the public key of the encryption system;
constructing a key encryption key tree according to the attribute information of the data user module;
generating an attribute group key through the key encryption key tree according to the received attribute information of the data user module and the attribute initial group key sent by the attribute authorization module;
and carrying out re-encryption processing on the initial ciphertext according to the public key of the encryption system and the private key of the data management module to generate a ciphertext file, and generating a ciphertext head of the ciphertext file.
8. The method of claim 5, wherein when the attribute of the data user module is revoked, the method further comprises:
the data management module acquires the revoked attribute of the data user module with the revoked attribute, calculates and generates an updated public key and a master private key of the corresponding data management module according to the revoked attribute, the private key of the data management module and the attribute group key of the data user module, and generates an updated attribute group key of the data user module;
and updating the ciphertext file according to the obtained revoked attribute to obtain an updated ciphertext file and a ciphertext header of the updated ciphertext file.
CN201810025746.6A 2018-01-11 2018-01-11 Cloud storage oriented revocable attribute-based encryption system and method Active CN108200181B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810025746.6A CN108200181B (en) 2018-01-11 2018-01-11 Cloud storage oriented revocable attribute-based encryption system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810025746.6A CN108200181B (en) 2018-01-11 2018-01-11 Cloud storage oriented revocable attribute-based encryption system and method

Publications (2)

Publication Number Publication Date
CN108200181A CN108200181A (en) 2018-06-22
CN108200181B true CN108200181B (en) 2021-03-19

Family

ID=62589031

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810025746.6A Active CN108200181B (en) 2018-01-11 2018-01-11 Cloud storage oriented revocable attribute-based encryption system and method

Country Status (1)

Country Link
CN (1) CN108200181B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108880798B (en) * 2018-06-28 2020-11-03 西南交通大学 Attribute basis weight encryption method for realizing fine-grained attribute revocation
CN108989305A (en) * 2018-07-10 2018-12-11 国家电网公司华东分部 A kind of data-sharing systems, method and device
CN108989028A (en) * 2018-07-16 2018-12-11 哈尔滨工业大学(深圳) Group cipher distribution management method, apparatus, electronic equipment and storage medium
CN109040045B (en) * 2018-07-25 2021-04-06 广东工业大学 Cloud storage access control method based on ciphertext policy attribute-based encryption
CN110098926B (en) * 2019-05-06 2021-08-13 西安交通大学 Attribute revocation method
CN112565223B (en) * 2020-11-27 2022-11-04 东莞职业技术学院 Internet of things-oriented attribute encryption access control method and system and storage medium
CN113037485B (en) * 2021-05-24 2021-08-03 中国人民解放军国防科技大学 Group session key establishment method and system
CN113438235B (en) * 2021-06-24 2022-10-18 国网河南省电力公司 Data layered credible encryption method
CN113438238A (en) * 2021-06-25 2021-09-24 北京八分量信息科技有限公司 User information anti-theft automatic alarm system based on decentralization
CN113642427A (en) * 2021-07-29 2021-11-12 中国人民解放军战略支援部队信息工程大学 Image protection method for artificial intelligence counterfeiting

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102781001A (en) * 2011-05-10 2012-11-14 中兴通讯股份有限公司 Method for encrypting built-in file of mobile terminal and mobile terminal
CN103152322A (en) * 2013-01-28 2013-06-12 中兴通讯股份有限公司 Method of data encryption protection and system thereof
US8837738B2 (en) * 2011-04-08 2014-09-16 Arizona Board Of Regents On Behalf Of Arizona State University Methods, systems, and apparatuses for optimal group key management for secure multicast communication
CN104113408A (en) * 2014-07-11 2014-10-22 西安电子科技大学 Method for realizing timely user attribute cancel based on ciphertext-policy attribute-based encryption
CN105049430A (en) * 2015-06-30 2015-11-11 河海大学 Ciphertext-policy attribute-based encryption method having efficient user revocation capability
CN106059768A (en) * 2016-05-30 2016-10-26 西安电子科技大学 Encryption system and method for resisting re-encryption key leakage and capable of cancelling attributes
CN106330865A (en) * 2016-08-12 2017-01-11 安徽大学 Attribute-Based Keyword Search Method Supporting Efficient Revocation in Cloud Environment
CN107359986A (en) * 2017-07-03 2017-11-17 暨南大学 The outsourcing encryption and decryption CP ABE methods of user revocation

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160241399A1 (en) * 2013-03-15 2016-08-18 Arizona Board Of Regents On Behalf Of Arizona State University Efficient Privacy-Preserving Ciphertext-Policy Attribute Based Encryption and Broadcast Encryption

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8837738B2 (en) * 2011-04-08 2014-09-16 Arizona Board Of Regents On Behalf Of Arizona State University Methods, systems, and apparatuses for optimal group key management for secure multicast communication
CN102781001A (en) * 2011-05-10 2012-11-14 中兴通讯股份有限公司 Method for encrypting built-in file of mobile terminal and mobile terminal
CN103152322A (en) * 2013-01-28 2013-06-12 中兴通讯股份有限公司 Method of data encryption protection and system thereof
CN104113408A (en) * 2014-07-11 2014-10-22 西安电子科技大学 Method for realizing timely user attribute cancel based on ciphertext-policy attribute-based encryption
CN105049430A (en) * 2015-06-30 2015-11-11 河海大学 Ciphertext-policy attribute-based encryption method having efficient user revocation capability
CN106059768A (en) * 2016-05-30 2016-10-26 西安电子科技大学 Encryption system and method for resisting re-encryption key leakage and capable of cancelling attributes
CN106330865A (en) * 2016-08-12 2017-01-11 安徽大学 Attribute-Based Keyword Search Method Supporting Efficient Revocation in Cloud Environment
CN107359986A (en) * 2017-07-03 2017-11-17 暨南大学 The outsourcing encryption and decryption CP ABE methods of user revocation

Also Published As

Publication number Publication date
CN108200181A (en) 2018-06-22

Similar Documents

Publication Publication Date Title
CN108200181B (en) Cloud storage oriented revocable attribute-based encryption system and method
Li et al. User collusion avoidance CP-ABE with efficient attribute revocation for cloud storage
Li et al. A lightweight secure data sharing scheme for mobile cloud computing
Li et al. TMACS: A robust and verifiable threshold multi-authority access control system in public cloud storage
He et al. Secure, efficient and fine-grained data access control mechanism for P2P storage cloud
CN108632030B (en) CP-ABE-based fine-grained access control method
CN114039790B (en) Fine-grained cloud storage security access control method based on blockchain
Xu et al. Multi-authority proxy re-encryption based on CPABE for cloud storage systems
Ming et al. Efficient revocable multi-authority attribute-based encryption for cloud storage
CN110933033A (en) Cross-domain access control method for multiple Internet of things domains in smart city environment
Hoang et al. Forward-secure data outsourcing based on revocable attribute-based encryption
Hu et al. CP_ABSC: An attribute-based signcryption scheme to secure multicast communications in smart grids
Pervez et al. SAPDS: self-healing attribute-based privacy aware data sharing in cloud
CN110611571A (en) Revocable access control method of smart grid system based on fog
Lv et al. A secure and efficient revocation scheme for fine-grained access control in cloud storage
AboDoma et al. Adaptive time-bound access control for internet of things in fog computing architecture
Ding et al. Policy based on homomorphic encryption and retrieval scheme in cloud computing
CN114143072A (en) CP-ABE-based attribute revocation optimization method and system
US20120201376A1 (en) Communication device and key calculating device
Hong et al. A key-insulated CP-ABE with key exposure accountability for secure data sharing in the cloud
Wang et al. Research on Ciphertext‐Policy Attribute‐Based Encryption with Attribute Level User Revocation in Cloud Storage
Chen et al. Achieve revocable access control for fog-based smart grid system
Yao et al. A Collusion‐Resistant Identity‐Based Proxy Reencryption Scheme with Ciphertext Evolution for Secure Cloud Sharing
Imine et al. Immediate attribute revocation in decentralized attribute-based encryption access control
Zhou et al. Secure fine-grained access control of mobile user data through untrusted cloud

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant