CN109561067B - Strategy updating method and system based on CP-ABE - Google Patents

Strategy updating method and system based on CP-ABE Download PDF

Info

Publication number
CN109561067B
CN109561067B CN201811228328.3A CN201811228328A CN109561067B CN 109561067 B CN109561067 B CN 109561067B CN 201811228328 A CN201811228328 A CN 201811228328A CN 109561067 B CN109561067 B CN 109561067B
Authority
CN
China
Prior art keywords
data
ciphertext
terminal
new
cloud server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811228328.3A
Other languages
Chinese (zh)
Other versions
CN109561067A (en
Inventor
王树兰
王汇文
王磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Technology University
Original Assignee
Shenzhen Technology University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Technology University filed Critical Shenzhen Technology University
Priority to CN201811228328.3A priority Critical patent/CN109561067B/en
Priority to PCT/CN2019/080917 priority patent/WO2020082692A1/en
Publication of CN109561067A publication Critical patent/CN109561067A/en
Application granted granted Critical
Publication of CN109561067B publication Critical patent/CN109561067B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a strategy updating method and a strategy updating system based on CP-ABE, wherein the method comprises the following steps: the data-owning terminal encrypts target data by using a preset encryption algorithm, uploads the generated ciphertext to the cloud server, generates an update key based on a new access strategy in the data-owning terminal, and uploads the update key to the cloud server; and the cloud server updates the ciphertext by using the received update key. In the invention, the ciphertext updating in the data owning terminal is entrusted to the cloud server, so that the data owning terminal does not need to perform calculation related to the ciphertext updating, thereby effectively reducing the calculation amount in the data owning terminal and reducing the communication overhead between the data owning terminal and the cloud server.

Description

Strategy updating method and system based on CP-ABE
Technical Field
The invention relates to the technical field of data encryption, in particular to a strategy updating method and a strategy updating system based on CP-ABE (Ciphertext-strategy-based encryption).
Background
At present, an ABE (Attribute Based Encryption) mechanism is used as an Encryption mode of end-to-end data in a cloud storage system, and allows a user to define an access policy and encrypt the data, so that access control can be flexibly realized.
In the context of big data, as more and more enterprises and utilities store data to the cloud server, the data-owning terminal may need to dynamically and frequently change the access policy, so policy update becomes an important research problem. In the conventional encryption mechanism, to implement policy updating, an encryption party needs to decrypt an old ciphertext first, encrypt an obtained plaintext, and upload a generated new ciphertext to a cloud server, so that the data owner terminal has a large amount of calculation in the whole process, and the communication overhead between the data owner terminal and the cloud server is large.
Disclosure of Invention
The application provides a strategy updating method and a strategy updating system based on CP-ABE, which can solve the technical problems that the calculation amount of a data owning terminal and the communication overhead between the data owning terminal and a cloud server are large in the conventional strategy updating method.
Specifically, a first aspect of the present invention provides a policy updating method based on CP-ABE, including:
the data owning terminal encrypts the target data by using a preset encryption algorithm and uploads the generated ciphertext to the cloud server;
the data-owning terminal generates an updating key based on a new access strategy in the data-owning terminal and uploads the new access strategy and the updating key to the cloud server;
and the cloud server updates the ciphertext by using the received new access strategy and the updated key.
Optionally, the step of updating the ciphertext by the cloud server using the received new access policy and the update key includes:
l SSS matrix updating is carried out on the old access strategy corresponding to the ciphertext by using the new access strategy;
and strategy updating is carried out on the ciphertext by using the updated L SSS matrix, the updated key and a preset ciphertext updating algorithm to generate a new ciphertext.
Optionally, the step of generating an update key based on a new access policy in the data-owning terminal includes:
and the data owning terminal runs a preset key updating algorithm to generate the updated key by using the encrypted information, the new access strategy and the old access strategy in the target data.
Optionally, the method further comprises:
and when the data-owned terminal needs to update the file of the ciphertext, encrypting the new data in the data-owned terminal by using the access strategy corresponding to the ciphertext, and uploading the generated new ciphertext to the cloud server.
Optionally, the step of encrypting the new data in the data-owning terminal by using the access policy corresponding to the ciphertext includes:
and encrypting the new data by using the access strategy and the secret value corresponding to the ciphertext and a preset update file and secret value algorithm to generate the new ciphertext.
Optionally, the method further comprises:
when the data owning terminal needs to perform strategy updating and file updating on the ciphertext at the same time, the data owning terminal encrypts the new data by using the access strategy and the secret value corresponding to the ciphertext and a preset updating file and secret value algorithm and uploads the generated new ciphertext to the cloud server;
generating an updating key based on a new access strategy in the data owning terminal, and uploading the new access strategy and the updating key to the cloud server; and after receiving the new ciphertext, the new access policy and the updated key, the cloud server updates the new ciphertext by using the new access policy and the updated key.
The invention provides a strategy updating system based on CP-ABE, which comprises a data owning terminal and a cloud server, wherein the data owning terminal is in communication connection with the cloud server;
the data-owned terminal is used for encrypting target data by using a preset encryption algorithm, uploading the generated ciphertext to the cloud server, generating an update key based on a new access strategy in the data-owned terminal when strategy update is required to be performed on the ciphertext, and uploading the new access strategy and the update key to the cloud server;
and the cloud server is used for updating the ciphertext by using the received new access strategy and the updated key.
Optionally, the system further comprises a data using terminal, the data using terminal is in communication connection with the cloud server, and the data using terminal is used for downloading the ciphertext from the cloud server and decrypting the ciphertext.
Optionally, the system further includes an attribute authorization terminal, where the attribute authorization terminal is in communication connection with the data using terminal and the data owning terminal, respectively, and the attribute authorization terminal is configured to generate a public key and a private key corresponding to the system and generate a user private key corresponding to the data using terminal.
The invention provides a strategy updating method based on CP-ABE, which comprises the following steps: the data-owning terminal is used for encrypting the target data by using a preset encryption algorithm, uploading the generated ciphertext to the cloud server, generating an update key based on a new access strategy in the data-owning terminal, and uploading the update key to the cloud server; and the cloud server is used for updating the ciphertext by using the received updating key. Compared with the prior art, the method and the device have the advantages that the ciphertext updating in the data owning terminal is entrusted to the cloud server, so that the data owning terminal does not need to perform calculation related to the ciphertext updating, the calculation amount in the data owning terminal can be effectively reduced, and the communication overhead between the data owning terminal and the cloud server is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic structural diagram of a CP-ABE-based policy update system according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a CP-ABE-based policy updating method according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating the conversion of an access tree into an access tree according to an embodiment of the present invention;
FIG. 4 is a diagram illustrating the conversion of an access tree to an L SSS matrix according to an embodiment of the present invention;
FIG. 5 is a diagram illustrating access tree policy update according to an embodiment of the present invention.
Detailed Description
In order to make the objects, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a policy updating system based on CP-ABE in an embodiment of the present invention, in this embodiment, the system includes a data owning terminal 10, a cloud server 20, a data using terminal 30, and an attribute authorizing terminal 40, where the data owning terminal 10 is in communication connection with the cloud server 20, the data using terminal 30 is in communication connection with the cloud server 20, and the attribute authorizing terminal 40 is in communication connection with the data using terminal 10 and the data owning terminal 30, respectively.
The data-owning terminal 10 is configured to encrypt target data by using a preset encryption algorithm, upload a generated ciphertext to the cloud server 20, and, when policy update needs to be performed on the ciphertext, generate an update key based on a new access policy in the data-owning terminal 10, and upload the update key to the cloud server 20. In addition, the data owning terminal 10 can also be used for updating files in file updating, and if the same type of files need to be encrypted, the new files can be encrypted according to the old strategy in strategy updating and uploaded to the cloud server 20.
The cloud server 20 is configured to update the ciphertext with the received update key. The cloud server 20 is further configured to provide computing and storage services, store the ciphertext uploaded by the data owning terminal 10, and provide a ciphertext downloading service to the data using terminal 30. And meanwhile, the system is also responsible for updating the ciphertext and updating the file.
The data using terminal 30 is configured to download the ciphertext from the cloud server 20, and when the attribute of the ciphertext satisfies the access policy corresponding to the ciphertext, the downloaded ciphertext may be decrypted.
The attribute authorization terminal 40 is configured to generate a public key and a private key corresponding to the system, manage an attribute domain of the public key and the private key, and provide a user private key for the data using terminal 30 according to an attribute set initialized by the system.
Based on the system, the strategy updating method based on the CP-ABE provided by the embodiment of the invention is described.
Referring to fig. 2, fig. 2 is a schematic flowchart of a policy updating method based on CP-ABE in an embodiment of the present invention, where in the embodiment of the present invention, the method includes:
step 201, the data owning terminal encrypts the target data by using a preset encryption algorithm and uploads the generated ciphertext to the cloud server.
Step 202, the data-owning terminal generates an update key based on a new access policy in the data-owning terminal, and uploads the new access policy and the update key to the cloud server;
and 203, the cloud server updates the ciphertext by using the received new access policy and the update key.
Specifically, based on the system shown in fig. 1, the following describes in detail each algorithm involved in the present invention.
The CP-ABE mechanism mainly comprises 4 algorithms: the functions realized by the specific functions of Setup, Encrypt, KeyGen and Decrypt are as follows:
setup (λ, U): the system initialization algorithm takes the security parameter lambda and the attribute domain U as input and outputs a system public key PK and a master private key MSK.
Encrypt (PK, a, m): the data encryption algorithm takes the system public key PK, the data m and the access structure A as input and outputs a ciphertext CT. The algorithm encrypts the data m and generates a ciphertext CT, which implies the access structure a, and only data satisfying the attributes of the access structure can be decrypted using the terminal 30.
KeyGen (MSK, S): the key generation algorithm takes the master private key MSK and the attribute set S as input and outputs a user private key SK.
Decrypt (PK, CT, SK): the data decryption algorithm takes as input a system public key PK, ciphertext CT (implicitly including the access structure a) and a private key SK (containing the set of attributes S). Only when the data usage terminal 30 attribute set S satisfies the attributes in the access structure a, the data usage terminal 30 decrypts the ciphertext and returns the data m.
UpdateKeyGen (PK, EnInfo (m), A, A'): the update key algorithm takes a public parameter PK, data m encryption information EnInfo (m), an old strategy A and a new strategy A' as input, and outputs an update key UK of data mm
CTUpdate(CT,UKm): updating cipher text algorithm to update cipher text CT and update key UK of data mmAs an input, a new ciphertext CT' is output.
UpdateFile (PK, A, m'): the update file and secret value algorithm takes the public parameter PK, the file m 'and the access structure A' as input and outputs a ciphertext CTmsWhile the values changed throughout the update are m' and the secret value s.
In the embodiment, a more efficient CP-ABE scheme for policy update and file update is provided, which has the advantages of flexibly applying policy update and file update to solve the problem in practical application and reducing the communication overhead between the terminals.
The functions realized specifically are as follows:
setup (λ, U): initializing a system; the attribute authorization terminal takes the security parameter lambda and the attribute domain U in the system as input. Selecting bilinear group G with prime order p0Bilinear mapping e: G0×G0→GTGroup G0The random oracle h maps the elements of the attribute field U into h1,...,hU∈G0And is defined as U ═ h1,...,hUIn addition, two random numbers α, a ∈ Z are selectedpAnd calculating and generating a public key PK and a main private key MSK:
PK=(g,e(g,g)α,ga,h1,....,hU),MSK=ga(1)
encrypting (PK, (M, rho), M), encrypting data, taking public parameters PK, data M and L SSS (linear secret sharing scheme) as input by a data owning terminal, wherein each line in a matrix M is mapped with attributes one by the function of a function rho in the access control strategy (M, rho).
Where M is the matrix l × n and l is the number of ciphertext attributes before performing the encryption operation, a random vector is first selected
Figure BDA0001836524640000071
Wherein y is2,...,ynIn order to share the cryptographic index secret value s. Then calculate
Figure BDA0001836524640000072
Wherein M isiIs the ith row of the matrix M to which the vector corresponds. Finally, a random number r is generated1,...,rl∈ZpAnd attribute mask λ1',...,λl'∈Zp. And (3) calculating a ciphertext:
C=m·e(g,g)αs,C0=gs(2)
for i ∈ [1, l ], calculation
Figure BDA0001836524640000073
The above equation is described as (M, ρ).
Finally, the ciphertext is
Figure BDA0001836524640000074
Where EnInfo (m) is the random number set in the encryption process of data m, i.e. EnInfo (m) { r }1,....,rl}。
KeyGen (MSK, S): and generating a key. The attribute authorization terminal takes a master private key MSK and a user attribute set S as input, and the attribute authorization terminal takes the master private key MSK and the user attribute set S as inputMiddle attribute set S ═ { a ═ a1,...,Ax}. when the data using terminal registers to the attribute authorization terminal, the attribute authorization terminal provides the corresponding private key after judging the validity of the user identity, and generates the random number t ∈ Zp. Computing the private key SK of the user:
Figure BDA0001836524640000075
the private key of the user is:
Figure BDA0001836524640000076
decrypt (CT, SK): and (6) decrypting the data. And the data use terminal downloads a ciphertext CT of the file to be decrypted from the cloud server and takes the ciphertext CT and a private key SK thereof as input. Wherein the ciphertext CT comprises a set of attributes of the access control policy
Figure BDA0001836524640000083
It is defined as I ═ I:ρ (I) ∈ S, and { ω is calculatedi∈ZpIf { lambda } is not presentiIs the shared secret value s valid in matrix M, ∑i∈IωiλiS. Then, decryption calculation is carried out:
Figure BDA0001836524640000081
Figure BDA0001836524640000082
the data m is obtained by the above-described calculation data using terminal.
Further, in this embodiment, in order to update the access policy of the encrypted data stored in the cloud server, the ciphertext update of the data owning terminal is delegated to the cloud server, so that the communication overhead between the terminals can be reduced, and the calculation overhead of the data owning terminal can be reduced.
Policyiupdate: and updating the strategy. Policy updateThe method mainly comprises L SSS structure updating, key updating and ciphertext updating, the biggest challenge in a CP-ABE mechanism is strategy updating, in the prior art, strategy updating is realized, a data owning terminal needs to decrypt an old ciphertext firstly, encrypt obtained data m and upload a newly generated ciphertext to a cloud server, the calculation amount born by the data owning terminal in the whole process is large, communication consumption between the data owning terminal and the cloud server is large, and storage pressure of the cloud server is largeiAnd attribute mask λi' then generating an update key, uploading the update key to a cloud server, finally performing L SSS matrix update on an access policy (M, rho) by using policy parameters and a policy mask in an old ciphertext, performing policy update on a specified ciphertext, and generating a new ciphertext.
L SSS structure update
The old policy L SSS structure (M, p) is converted into the new policy L SSS structure (M ', p') in the policy update mechanism
Figure BDA0001836524640000091
The expression is divided into three parts: one is the access control policy (M, ρ); second, ciphertext subset C, C for encrypting data m0(ii) a Thirdly, encrypting the access control policy (M, rho) to the policy set
Figure BDA0001836524640000092
Wherein the expression of the ciphertext subset is C ═ m.e (g, g)αs,C0=gsIf a new secret value s is to be generated again for encryption, the data owning terminal obtains the public key PK from the attribute authorizing terminal and performs local encryptionAnd (4) calculating. In the above process, the communication between the data-owning terminal and the attribute authorization terminal is frequent, and the calculation of the data-owning terminal is repeated, so that the secret value s is not changed in the policy update, and the policy update is performed by fully utilizing the old policy. In order to randomize the encryption secret s again, the encryption information EnInfo (m) of the data m needs to contain two random vectors
Figure BDA0001836524640000093
And
Figure BDA0001836524640000094
the public key of each attribute x is composed of
Figure BDA0001836524640000095
The data owner terminal constructs an updated key through a key updating algorithm and uploads the updated key to the cloud server, the cloud server runs a ciphertext updating algorithm to update a ciphertext after obtaining the updated key, and the ciphertext is converted into a new policy through L SSS conversion from an old access control policy, the conversion process is divided into two stages, namely an access tree to an access tree and an access tree to a matrix, the specific conversion process is shown in FIG. 3, and FIG. 3 is a schematic diagram of the conversion from the access tree to the access tree in the embodiment of the invention.
In fig. 3, the old policy a is on the left and the new policy a' is on the right. The access policy in the observed old policy is (E, (a, B, C, D,2),2), and in the threshold access tree, each non-leaf node represents a threshold and each leaf node represents an attribute, the set of attributes { a, B, C, D, E } described above. Given a set of attributes S, for each leaf node, if the associated attribute is in S, then S is represented as the leaf node that satisfies the access policy A. In the (t, n) threshold node, n is the number of child nodes, 1 ≦ t ≦ n is the value of the threshold, and represents an or gate if t ≦ 1, and represents an and gate. And the access policy in the new policy is (E, (a, B, C, (a, F,2),2), attribute set { a, B, C, E, F }. An attribute F and an and gate threshold are added with respect to the old policy.
Referring to fig. 4, fig. 4 is a schematic diagram illustrating conversion of an access tree to L SSS matrix according to an embodiment of the present invention, in fig. 4, the left side is the access tree, the access policy is (E, (a, B, C, D,2), 2). the right side is the access policy (M, ρ) of L SSS, where M is a matrix, and attributes E, a, B, C, D corresponding to the first, second, third, fourth and fifth rows are respectively mapped by a mapping function ρ, a, B, C, D is given to a set of attributes S, and if and only if the set of attributes S is marked to each row in the matrix M and includes a vector (1, 0., 0), then S satisfies L SSS access policy.
Wherein, the boolean formula of the or threshold policy tree is:
E∧(((A∧B)∨(C∧D))∨((A∧B)∧(C∧D)))
the and-or-threshold strategy tree generates a L SSS matrix through L ewko-Waters algorithm, which is as follows:
Figure BDA0001836524640000101
the method comprises the steps that a general algorithm Boolean formula is converted into an equivalent L SSS matrix, the Boolean formula is considered as an access tree, internal nodes comprise AND gates, OR gates and leaf nodes with attributes, and (1,0,. multidot.0) is set as a shared vector of L SSS, firstly, a root node of the vector marking tree is (1) (the length of the representative vector is 1), then, each node is marked as a vector allocated by a parent node of the node along the hierarchy of the tree, finally, a global counter variable c is initialized to be 1, and after the access tree is traversed, c is the longest length of the vector.
The following rules are followed throughout the traversal:
1. if the parent node is an OR gate, and is labeled as vector v. Its child node is also marked v (variable c is unchanged).
2. If the parent node is an AND gate and is labeled as vector v, then 0 is added at the end (if necessary) to make it c long. Then marking a child node as a vector v |1 (parent node | child node connection); the other is labeled vector (0.. 0) | -1, where (0.. 0) denotes that the length of the 0 vector is c.
Once the entire tree is marked, the leaf nodes of the vector markers are converted to L every row in the SSS matrix, and if the vector lengths are different, vector 0 will be filled in the end of the vector, thereby achieving the same vector length.
Second, key updating
Assuming that the new access policy is a matrix M 'of n' × l ', each leaf node in the access tree is mapped to each row in M' by a mapping function ρ ', where each row vector in M' represents an attributeρ(i),MAnd numρ(i),M'Representing the number of attributes of the attribute ρ (i) in the matrices M and M', respectively. When the old policy in the old ciphertext is converted into the new policy, the old policy and the new policy are respectively discussed according to different situations encountered by the data owning terminal. The update key algorithm compares A and A' first, and divides the attributes of the new access policy into three parts:
(1) the set of attributes that existed in the old policy, defined as I1,M'(Type1);
(2) The set of attributes that existed in the old policy and appeared twice or more, defined as I2,M'(Type2);
(3) Set of attributes not present in the old policy, defined as I3,M'(Type3)。
Referring to fig. 5, fig. 5 is a schematic diagram of access tree policy update in the embodiment of the present invention. In fig. 5, the old policy is on the left and the new policy is on the right. Observing leaf nodes of new and old strategies, and dividing the new strategy into a set I if the attributes A, B, C and E of the old strategy exist in the new strategy1,M'(Type 1); in the new strategy, the attribute A already exists in the old strategy, and the attribute A appears twice in the new strategy, and then the new strategy is divided into a set I2,M'(Type 2); if the attribute F does not exist in the old strategy, the attribute F is divided into a set I3,M'(Type3)。
Based on the classification in the policy update, analysis is then performed from the ciphertext structure. In the ciphertext part produced by the Encrypt algorithm, the ciphertext of each attribute is set as:
Figure BDA0001836524640000111
in the ciphertext set of equation (9), hρ(i)Is a hash function, which represents that the ciphertext subset corresponds to an attribute, and λiIs then ZpA random number of the field whose main function is to mask the attribute parameter lambdaiSimultaneously as ciphertext subset C1,iIs masked randomly. Attribute parameter lambdaiSplitting the secret value s of the ciphertext into each attribute according to the access policy, and calling the attribute as a policy parameter, whereini' is policy parameter mask.
For three types of 1, 2 and 3 in the policy update, the following operations are respectively performed:
1) if the attribute in the new strategy corresponds to Type1, only the existing ciphertext is needed to be updated according to the C in the strategy3,iOf (2) a policy parameter lambdaiThen the method is finished;
2) if the attribute in the new policy corresponds to Type2, C needs to be updated first1,iAnd C3,iOf (2)iA random number riAnd a parameter mask λi', and also C2,iRandom number r ofiThen, the ciphertext is distinguished from a Type1 ciphertext with the same attribute through a mapping function rho;
3) if the attribute in the new policy corresponds to the attribute of Type3, the data owning terminal needs to recalculate the ciphertext C locally because the old policy does not have the same attribute ciphertext1,i,C2,i,C3,i
In the strategy updating scheme, the data owning terminal calculates L SSS matrix (M ', rho') according to the new strategy and generates random variable at the same time
Figure BDA0001836524640000121
Where the secret value s is the first element of the vector. Then calculate
Figure BDA0001836524640000122
Definition IM'L is an index set of M'. Wherein (j, i) indicates that an index of a certain attribute in the old policy is i, and the index is in the new policyThe index is j in the middle. In the ciphertext old policy (M, ρ), the old policy parameter of the attribute ρ (i) is λiOld policy parameter mask is λi'; and in the new strategy of the ciphertext (M ', rho'), the new strategy parameter of the attribute rho (j) is lambdajThe new policy parameter mask is λj'。
For j ∈ [1, l']If (j, I) ∈ I1,M'(Type1), the algorithm generates the update key:
UKj,i,m=a(λji) (10)
if (j, I) ∈ I2,M'(Type2), the algorithm generates a random number aj,rjj'∈ZpAnd simultaneously generating an updated key:
Figure BDA0001836524640000123
if (j, I) ∈ I3,M'(Type3), the algorithm generates a random number rjj'∈ZpAnd simultaneously generating an updated key:
Figure BDA0001836524640000124
finally obtaining the updated key UKmComprises the following steps:
Figure BDA0001836524640000125
the data owning terminal updates the secret key UKmSending the key to a cloud server, and once receiving the updated key UK by the cloud servermWill be according to UKmThe strategy parameters in the system update the old strategy, a ciphertext update algorithm CTUpdate is operated, and the corresponding ciphertext of each attribute is updated.
Third, cipher text updating
CTUpdate(CT,UKm): and (5) updating the ciphertext. Once receiving the update key UK, the cloud servermWill be updated with the old ciphertext CT and the update Key UKmAs an input. The CTUpdate algorithm is run and the CTUpdate algorithm,and updating the corresponding attribute ciphertext.
If Type1(j ∈ I)1,M') And then the updated ciphertext C'jThe calculation is as follows:
Figure BDA0001836524640000131
wherein r isj=riThe encrypted information EnInfo (m) is kept consistent with the original ciphertext in the encryption operation process of the data m, and all random numbers r are includedi,EnInfo(m)={r1,...,rn}。
If Type2(j ∈ I)2,M') And then the updated ciphertext C'jThe calculation is as follows:
Figure BDA0001836524640000132
wherein r isj=ajri
If Type3(j ∈ I)3,M') And then the updated ciphertext C'jThe calculation is as follows:
Figure BDA0001836524640000133
the final new ciphertext CT' is constructed as:
Figure BDA0001836524640000134
further, in the present embodiment, a file update is introduced in the CP-ABE scheme with policy update, and the purpose of introducing the file update is two points: firstly, in practical application, files of the same type generally need to be updated, for example, one report is repeatedly modified by a first version and a second version to generate a final version; secondly, in the process of policy updating, the secret value s of the data m is kept unchanged, which brings about potential safety hazard, and therefore, the place related to the secret value s in the scheme design needs to be improved.
FileUpdate: and (5) updating the file. The significance of file updating is that information generally needs to be updated in actual life, once files of the same type are modified, encryption operation needs to be carried out by resetting access authority, and generated new ciphertext is uploaded to a cloud server. The encryption of the data owning terminal each time causes high calculation cost, so that the exploration significance of file updating is necessary.
Considering the file update, policy update scheme proposed later, the file update refers to updating the file m and the secret value s, and the algorithm is described as follows:
the data-owning terminal takes as input the public parameters PK, the new file M ', and the L SSS access control policy (M ', ρ '), where the function ρ ' in the access control policy (M ', ρ ') maps each row in the matrix M ' with attributes one-to-onems
Where M is a matrix l × n, l is the number of ciphertext attributes, selecting a random number s' and a random vector before updating the file
Figure BDA0001836524640000141
Wherein y is2,...,ynIs to share the cryptographic index secret value s'. Then calculate
Figure BDA0001836524640000142
Wherein M isiIs the ith row of the matrix M to which the vector corresponds. Finally, a random number r is generated1',...,rl'∈ZpAnd attribute mask λ1”,...,λl”∈Zp. And (3) calculating a ciphertext:
Figure BDA0001836524640000143
wherein
Figure BDA0001836524640000144
Finally CTmsAnd uploading to a cloud server.
Further, in order to solve the problem of excessive calculation overhead and communication overhead, a scheme of file update and policy update is designed, and the scheme mainly includes three schemes:
(1) file updating, policy invariant (Scheme1)
In Scheme1, the Encrypt algorithm is run first, and the access control policy (M, ρ) and secret value s are obtained, then the UpdateFile algorithm is run, and the ciphertext CT is generatedmAnd finally uploading the data to a cloud server.
For example, a user may have to review every week in a department of a hospital, and the case information of each time after the review may be different, and the case information belongs to the same type of file, and is different in the generation time, and thus belongs to the same access policy. The user can keep the access policy according to the previous encryption operation to encrypt the new case and upload the new case to a server of a hospital, so that the file updating is realized.
(2) File unchanged, policy update (Scheme2)
In Scheme2, the UpdateKeyGen algorithm is first run to generate the update key UKmThen the UK is putmUploading to a cloud server, and once the cloud server obtains the UKmAnd updating the ciphertext with the corresponding attribute in the ciphertext CT to finally generate an updated ciphertext CT'.
For example, the user visits at hospital a, but needs to refer to hospital B for personal reasons, and the doctor at hospital B needs to view the case information of the user, so that the user can open the case information at hospital a to the doctor at hospital B by modifying the access policy, thereby effectively performing treatment and reducing the cost of the user.
(3) File update, policy update (Scheme3)
In Scheme3, the UpdateFile algorithm is first run to generate ciphertext CTmsUploading the data to a cloud server, and then operating an UpdateKeyGen algorithm by the data owning terminal, wherein the UpdateKeyGen algorithm is executed according to the ciphertext CTmsL SSS access policy update is carried out on the access control policy (M ', rho') in (1), and an update key UK is obtainedm'Upload to cloud server, once cloudEnd server obtains UKm'Will be paired with the ciphertext CTmsUpdating the ciphertext of the corresponding attribute in the file to finally generate an updated ciphertext CT'ms
Wherein the update ciphertext CT 'is calculated'ms
Figure BDA0001836524640000151
The strategy updating method based on the CP-ABE provided by the embodiment of the invention comprises the following steps: the method comprises the steps that a data-owning terminal encrypts target data by using a preset encryption algorithm and uploads a generated ciphertext to a cloud server, and when strategy updating is needed to be carried out on the ciphertext, an updating key is generated based on a new access strategy in the data-owning terminal and uploaded to the cloud server; and the cloud server updates the ciphertext by using the received update key. Compared with the prior art, the method and the device have the advantages that the ciphertext updating in the data owning terminal is entrusted to the cloud server, so that the data owning terminal does not need to perform calculation related to the ciphertext updating, the calculation amount in the data owning terminal can be effectively reduced, and the communication overhead between the data owning terminal and the cloud server is reduced.
Further, to better illustrate the beneficial effects that can be achieved by the present invention, the security of the above method is demonstrated below by selecting a clear text Attack (CPA) security game and deciding a q-parallel BDHE hypothesis, wherein the CPA security game is based on the CP-ABE scheme.
First, the CPA security game will be briefly described below.
In the efficient policy update and file update CP-ABE scheme, a user private key SK is known to be associated with an attribute set, and a ciphertext CT is associated with an access structure made by a data owning terminal. According to known conditions, in the established security model, first the adversary a needs to select the access structure a to be challenged*If the attribute set associated with the user private key SK does not satisfy A*Then the adversary can obtain all the SK. In the following CPA security game, the challenger and adversary are assumedThe information is transmitted in a completely safe channel in the process of exchanging the information.
Systeminit: adversary A selects access structure A of the challenge*And A is*To the challenger
Figure BDA0001836524640000161
Setup-in the System initialization phase, the challenger
Figure BDA0001836524640000162
The Setup algorithm in the scenario is run first, then the system public key PK is generated, and finally PK is transferred to adversary a.
Query Phase1 in the first Phase of interrogation, define the set of attributes chosen by adversary A as
Figure BDA0001836524640000163
And to the challenger
Figure BDA0001836524640000164
The user private key SK is repeatedly queried. At the same time, if challenger
Figure BDA0001836524640000165
After receiving the inquiry, the KeyGen algorithm of the scheme is operated, and finally the generated SK is transmitted to the adversary A.
Challenge-in the Challenge phase, adversary A first presents the challenger
Figure BDA0001836524640000166
Submitting two equal-length messages m0,m1∈GTThen challenger
Figure BDA0001836524640000167
Randomly selecting one bit mu ∈ {0,1}, simultaneously operating an Encrypt algorithm in the scheme, and encrypting by using A*Encrypt mμ. Last challenger
Figure BDA0001836524640000168
The encrypted ciphertext CT*To the adversary a.
Query Phase2 the same flow as the Query Phase1, the only difference is that the private key SK queried by adversary A does not satisfy A*
Guess, in the guessing stage, the enemy A outputs the Guess value first
Figure BDA0001836524640000169
Then, the guessed value is judged: if it is
Figure BDA00018365246400001610
Then adversary a wins the secure game. In this game, the probability that adversary A can win the secure game is AdvA(1K)=|Pr[μ=μ]-(1/2)|。
Leading: this solution is secure if there is no Probability Polynomial Time (PPT) adversary that can defeat the proposed CPA secure game described above with a non-negligible advantage.
The following are the safety proofs:
theorem: assuming that the decision q-parallel BDHE hypothesis holds, the absence of a probabilistic polynomial time adversary can selectively destroy the proposed CP-ABE scheme with a matrix size of l for efficient policy and file updates*×n*Wherein l*,n*≤q。
And (3) proving that: in a CPA security game of an efficient policy update and file update CP-ABE scheme, assume that adversary A has a non-negligible advantage AdvAThe above scheme can be broken through. Further, assume that adversary A selects a matrix M of challenges*Wherein the matrix M*Has a dimension of at least q. A simulator B is then constructed, which is able to decide on the problem of the q-parallel BDHE.
SystemInit simulator B needs a q-parallel BDHE challenge y, T. Adversary A gives the challenge access structure (M) of the algorithm**) Wherein the matrix M*Has n*And (4) columns.
Setup. in the initialization phase of the system, simulator B selects a random number α' ∈ ZpAnd α ═ α' + αq+1. The simulator calculates e (g, g)αThe following expression:
Figure BDA0001836524640000177
describing group element h in simulator B "project1,...,hU∈ G, random oracle h maps the elements of attribute field U to h1,...,hU∈ G, and is defined as U ═ h1,...,hUAnd the elements correspond to the attributes contained in the attribute field U one by one. For each attribute x, where x is in the range 1 ≦ x ≦ U, a random value z is first selectedx. Denoting X as a set of indices i, e.g. p*(i) X. H of simulator BxThe following were used:
Figure BDA0001836524640000171
the above expression needs to be noted for two points: 1) if it is not
Figure BDA0001836524640000172
So that
Figure BDA0001836524640000173
2) The random distribution of parameters is due to
Figure BDA0001836524640000174
The value is determined.
Query Phase1 in the first stage of querying simulator B repeatedly queries the user private key SK. assuming simulator B can obtain a set of attribute sets S by querying for SK, but S does not satisfy L SSS matrix M*
Simulator B first selects random number r ∈ ZpSum vector
Figure BDA0001836524640000175
Then, the value of omega is adjusted1Is defined as ω1-1, finally p is satisfied for all i*(i) ∈ S, so that it satisfies the equation
Figure BDA0001836524640000176
If this vector does not exist, then vector (1,0, 0.. 0) will exist in the span of attribute set S.
Simulator B starts with an implicit definition t:
Figure BDA0001836524640000181
the above expression can be set by
Figure BDA0001836524640000182
To be executed.
The observed t is predefined, where gatComprises
Figure BDA0001836524640000183
So that unknown terms can be cancelled out, and K is generated. Simulator B calculates K as follows:
Figure BDA0001836524640000184
then needs to calculate
Figure BDA0001836524640000185
First, let us consider that there is no i in x ∈ S such that ρ*(i) For these cases we simplify the setup such that
Figure BDA0001836524640000186
Then, a more difficult task is to create the key component K for all attributes x ∈ SxWhere the attribute x is the access structure used, for which it is to be ensured that it cannot be used
Figure BDA0001836524640000187
The form is simulated. Can pass through
Figure BDA0001836524640000188
The above mentioned stationThere is a term to cancel out while setting X to the set of all i such that it satisfies the equation ρ*(i) X. Simulator B generates KxThe following were used:
Figure BDA0001836524640000189
challenge-in the Challenge phase, the present embodiment builds a Challenge cryptogram. Adversary A first submits two equal-length messages m to simulator B0,m1∈GTThen, the simulator B randomly selects a bit
Figure BDA00018365246400001810
Generation of C-m by Encrypt algorithm of schemeβT·e(gs,gα′) And C ═ gs. The next most difficult part is to simulate CiSince the internally included terms need to cancel each other out. Simulator B may, however, choose to split the secret so that the internal terms can be cancelled out. The simulator B selects random numbers by feeling
Figure BDA00018365246400001811
And vectors sharing secret values
Figure BDA00018365246400001812
Figure BDA00018365246400001813
In addition, the simulator B selects a random value r1',...,rl'。
For i 1*We will turn RiDefined as the set of all k ≠ i, e.g. ρ*(i)=ρ*(k) In that respect In other words, all other row representations in the set have the same attribute, labeled row i, and then generate the part in the challenge ciphertext:
Figure BDA0001836524640000191
Figure BDA0001836524640000192
query Phase2: the same procedure as Query Phase1, which is not described in detail herein.
Guess-in the guessing phase, adversary A finally outputs a Guess
Figure BDA0001836524640000193
First, the simulator B determines, based on the output result, that if 0 is output, β is made β', and then
Figure BDA0001836524640000194
Output 1 indicates that it considers T to be group GTRandom elements of (c).
If T is e (g, g)abcThe challenge ciphertext is then a valid ciphertext, where Adv is the advantage of adversary AAAs follows:
Figure BDA0001836524640000195
if T is a group GTThe random element above indicates that the challenge ciphertext is a completely random ciphertext. Enemy A has
Figure BDA0001836524640000196
Thus, simulator B has a non-negligible advantage in deciding on a q-parallel BDHE game.
In summary, efficient policy update and file update CP-ABE schemes can be proven secure by CPA secure gaming and decision q-parallel BDHE assumptions.
In view of the above description of the CP-ABE based policy updating method and system provided by the present invention, those skilled in the art will appreciate that there are variations in the specific implementation and application scope according to the concepts of the embodiments of the present invention, and in summary, the content of the present specification should not be construed as limiting the present invention.

Claims (8)

1. A CP-ABE based policy update method, the method comprising:
the data owning terminal encrypts the target data by using a preset encryption algorithm and uploads the generated ciphertext to the cloud server;
the data-owning terminal generates an updating key based on a new access strategy in the data-owning terminal and uploads the new access strategy and the updating key to the cloud server;
the cloud server updates the ciphertext by using the received new access strategy and the updated key;
the method further comprises the following steps:
the data owning terminal performs file update on the ciphertext, wherein the file update comprises an update file and a secret value;
and when the data-owned terminal needs to update the file of the ciphertext, encrypting the new data in the data-owned terminal by using the new access strategy corresponding to the ciphertext and the updated secret value, and uploading the generated new ciphertext to the cloud server.
2. The method of claim 1, wherein the step of updating the ciphertext with the new access policy and the update key received by the cloud server comprises:
l SSS matrix updating is carried out on the old access strategy corresponding to the ciphertext by using the new access strategy;
and strategy updating is carried out on the ciphertext by using the updated L SSS matrix, the updated key and a preset ciphertext updating algorithm to generate a new ciphertext.
3. The method of claim 2, wherein the step of generating an update key based on a new access policy in the data-owning terminal comprises:
and the data owning terminal runs a preset key updating algorithm to generate the updated key by using the encrypted information, the new access strategy and the old access strategy in the target data.
4. The method according to claim 1, wherein the step of encrypting the new data in the data-owning terminal by using the new access policy corresponding to the ciphertext comprises:
and encrypting the new data by using the access strategy and the secret value corresponding to the ciphertext and a preset update file and secret value algorithm to generate the new ciphertext.
5. The method of any of claims 1 to 4, further comprising:
when the data owning terminal needs to perform strategy updating and file updating on the ciphertext at the same time, the new data is encrypted by using a new access strategy and an updated secret value corresponding to the ciphertext and an UpdateKeyGen algorithm, and the generated new ciphertext is uploaded to the cloud server;
generating an updating key based on a new access strategy in the data owning terminal, and uploading the new access strategy and the updating key to the cloud server; after receiving the new ciphertext, the new access policy and the updated key, the cloud server updates the new ciphertext by using the new access policy and the updated key;
the generating of the update key based on the new access policy in the data-owning terminal includes:
and the data owning terminal operates the UpdateKeyGen algorithm, carries out L SSS access policy update according to the access control policy in the new ciphertext and obtains an update key.
6. A strategy updating system based on CP-ABE is characterized in that the system comprises a data-owned terminal and a cloud server, wherein the data-owned terminal is in communication connection with the cloud server;
the data-owned terminal is used for encrypting target data by using a preset encryption algorithm, uploading the generated ciphertext to the cloud server, generating an update key based on a new access strategy in the data-owned terminal when strategy update is required to be performed on the ciphertext, and uploading the new access strategy and the update key to the cloud server;
the cloud server is used for updating the ciphertext by using the received new access strategy and the updating key;
the data-owning terminal also updates the ciphertext, wherein the file update comprises an update file and a secret value;
and when the data-owned terminal needs to update the file of the ciphertext, encrypting the new data in the data-owned terminal by using the new access strategy corresponding to the ciphertext and the updated secret value, and uploading the generated new ciphertext to the cloud server.
7. The system of claim 6, further comprising a data consumer terminal, wherein the data consumer terminal is communicatively coupled to the cloud server, and wherein the data consumer terminal is configured to download the ciphertext from the cloud server and decrypt the ciphertext.
8. The system of claim 7, further comprising an attribute authorization terminal, wherein the attribute authorization terminal is in communication connection with the data using terminal and the data owning terminal respectively, and the attribute authorization terminal is configured to generate a public key and a private key corresponding to the system and a user private key corresponding to the data using terminal.
CN201811228328.3A 2018-10-22 2018-10-22 Strategy updating method and system based on CP-ABE Active CN109561067B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201811228328.3A CN109561067B (en) 2018-10-22 2018-10-22 Strategy updating method and system based on CP-ABE
PCT/CN2019/080917 WO2020082692A1 (en) 2018-10-22 2019-04-02 Cp-abe-based policy update method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811228328.3A CN109561067B (en) 2018-10-22 2018-10-22 Strategy updating method and system based on CP-ABE

Publications (2)

Publication Number Publication Date
CN109561067A CN109561067A (en) 2019-04-02
CN109561067B true CN109561067B (en) 2020-07-28

Family

ID=65865075

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811228328.3A Active CN109561067B (en) 2018-10-22 2018-10-22 Strategy updating method and system based on CP-ABE

Country Status (2)

Country Link
CN (1) CN109561067B (en)
WO (1) WO2020082692A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110519049A (en) * 2019-08-07 2019-11-29 赤峰学院 A kind of cloud data protection system based on credible performing environment
CN112994880B (en) * 2021-03-19 2022-11-01 深圳大学 Ciphertext policy attribute-based encryption method and device and electronic equipment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107302524A (en) * 2017-06-02 2017-10-27 西安电子科技大学 A kind of ciphertext data-sharing systems under cloud computing environment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101593165B1 (en) * 2014-08-19 2016-02-15 한국전자통신연구원 Data access control method
CN104580205B (en) * 2015-01-05 2018-05-18 南京邮电大学 Fixation ciphertext length proxy re-encryption system and method based on CP-ABE in a kind of cloud computing
US10445109B2 (en) * 2016-06-30 2019-10-15 Digicert, Inc. Automated propagation of server configuration on a server cluster
CN108076028A (en) * 2016-11-18 2018-05-25 中兴通讯股份有限公司 The method, apparatus and system of a kind of encryption attribute
CN107370604B (en) * 2017-07-07 2019-05-31 华中科技大学 A kind of more granularity access control methods under big data environment
CN107743133B (en) * 2017-11-30 2020-06-09 中国石油大学(北京) Mobile terminal and access control method and system based on trusted security environment

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107302524A (en) * 2017-06-02 2017-10-27 西安电子科技大学 A kind of ciphertext data-sharing systems under cloud computing environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Anonymous Attribute-based Encrytion with Large Universe and Threshold Access Structures;Yinghui Zhang等;《2017 IEEE International Conference on Computational Science and Engineering(CSE)》;20170724;全文 *
基于属性加密算法的云存储研究;吴杰铭;《中国优秀硕士学位论文全文数据库》;20170715;第3.1.2节,第3.1.4节,第3.2节 *

Also Published As

Publication number Publication date
CN109561067A (en) 2019-04-02
WO2020082692A1 (en) 2020-04-30

Similar Documents

Publication Publication Date Title
CN113037460B (en) Federal learning privacy protection method based on homomorphic encryption and secret sharing
Zhang et al. Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing
Ng et al. Private data deduplication protocols in cloud storage
Jung et al. Privacy preserving cloud data access with multi-authorities
CN114065265B (en) Fine-grained cloud storage access control method, system and equipment based on blockchain technology
CN105049430B (en) A kind of ciphertext policy ABE base encryption method with efficient user revocation
CN114826703B (en) Block chain-based data search fine granularity access control method and system
CN114039790B (en) Fine-grained cloud storage security access control method based on blockchain
CN111130757A (en) Multi-cloud CP-ABE access control method based on block chain
CN106059763B (en) The properties base multi-mechanism hierarchical Ciphertext policy weight encryption method of cloud environment
CN105071937B (en) Ciphertext policy ABE base encryption method with the revocation of efficient attribute
CN104657673A (en) Average-complexity ideal-security order-preserving encryption
CN108632385B (en) Time sequence-based cloud storage privacy protection method for multi-branch tree data index structure
CN105208007A (en) Data sharing system
CN105721146B (en) A kind of big data sharing method towards cloud storage based on SMC
CN106612169A (en) Safe data sharing method in cloud environment
CN109561067B (en) Strategy updating method and system based on CP-ABE
CN115964751A (en) Data security storage and access control method based on attribute classification and grading
Tian et al. An efficient scheme of cloud data assured deletion
Sun et al. A dynamic and non-interactive boolean searchable symmetric encryption in multi-client setting
CN109327448A (en) A kind of cloud file sharing method, device, equipment and storage medium
Ming et al. Certificateless public auditing scheme with sensitive information hiding for data sharing in cloud storage
Zhang et al. A revocable multi-authority fine-grained access control architecture against ciphertext rollback attack for mobile edge computing
CN116319058A (en) Access control method based on attribute and strategy hiding of blockchain
CN114430321B (en) DFA self-adaptive security-based black box traceable key attribute encryption method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant