CN110717191A - Block chain data privacy protection access control method based on searchable attribute encryption - Google Patents

Block chain data privacy protection access control method based on searchable attribute encryption Download PDF

Info

Publication number
CN110717191A
CN110717191A CN201911014447.3A CN201911014447A CN110717191A CN 110717191 A CN110717191 A CN 110717191A CN 201911014447 A CN201911014447 A CN 201911014447A CN 110717191 A CN110717191 A CN 110717191A
Authority
CN
China
Prior art keywords
user
attribute
key
transaction
trapdoor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201911014447.3A
Other languages
Chinese (zh)
Inventor
冯涛
裴宏梅
陈武阳
方君丽
龚翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lanzhou University of Technology
Original Assignee
Lanzhou University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lanzhou University of Technology filed Critical Lanzhou University of Technology
Priority to CN201911014447.3A priority Critical patent/CN110717191A/en
Publication of CN110717191A publication Critical patent/CN110717191A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

A block chain data privacy protection access control method based on searchable attribute encryption is characterized in that a data owner initializes and vectors U and U' are randomly selected. The trader a chooses the random numbers η, μ to run the key generation function to compute the public key PK. CA selects random numbers alpha and beta with different sizes, initializes calculation PK, and calculates MK. The transaction user A generates transaction information, encrypts the identity of the transaction user A, runs a wallet signature algorithm to carry out signature by using a private key corresponding to a wallet address, and sends the signature to the transaction user B, and the transaction information Tr can be obtained by the same methodAB. The trader extracts the plaintext information key from the trade and uses the index key gμAnd random number tau, mu pair key IwThe encryption is carried out in such a way that,obtain a transaction ciphertext CMAnd trapdoor ciphertext CTK. And calculating access authority VR', if the user attribute meets the combination of the access structure, obtaining a user key UK and decrypting the trapdoor key ciphertext to obtain the TK. And finally, constructing a keyword trapdoor T by utilizing the trapdoor key and the user keyW′And if the trapdoor is successfully matched, obtaining a transaction message ciphertext, and decrypting to obtain a transaction message M.

Description

Block chain data privacy protection access control method based on searchable attribute encryption
Technical Field
The invention relates to the technical field of block chain data privacy protection safety.
Background
The block chain is used as a distributed database account book, and is widely applied to various industries due to the characteristics of public transparency, incapability of being tampered, decentralization and the like. The block chain plays an irreplaceable role in various industries such as finance, education, logistics chain and the like. Meanwhile, the method has great application potential in daily payment service.
Encryption of attributes: in an ABE system, an encryptor will associate encrypted data with a set of attributes. The right to have access to the primary key will issue a different private key to the user, where the user's private key is associated with an access structure above the attributes and reflects the access policy attributed to the user. The decryption algorithm allows the user to decrypt the data using the additional private key as long as the access policy specified by the private key allows.
Public key searchable encryption: the data sharing process in the public key searchable encryption mechanism does not involve the interaction of secret keys, data is encrypted by using the public key, a user decrypts the shared data by using the private key, and the security is based on difficult assumption.
Disclosure of Invention
The invention aims to provide a block chain data privacy protection access control method based on searchable attribute encryption.
The invention relates to a block chain data privacy protection access control method based on searchable attribute encryption, which comprises the following steps:
(1) registering: the user puts forward a registration application to the system, acquires an identity identifier RID and a user attribute set corresponding to the real identity information, and the data has a (transaction user) registration acquisition key and an identity identifier;
(2) initialization: data owner initialization: selecting a group G with a prime number p as an order and a generating element G0In the limiting zone ZpSelecting N elements as system attributes to form a system attribute set S, and making the attributes in S according to the attributesThe correlation between the two is divided into a tree and set as HiFor the depth of the ith tree, define H ═ max { Hi}i∈[1,x]Maximum depth in x trees; randomly selecting vector U ═ U (U)y)1≤y≤xAnd U ═ U'y′)1≤y′≤xWhere uy denotes the public parameter corresponding to the y-th attribute tree, uy∈G0,u′y′Expressing the public parameters corresponding to the y' th tree, trader A selects a group G with the order of prime number p and the generating element of G1Let H1:{0,1}*→G1Is a hash function; the trader selects two random numbers eta, mu to calculate the public key PK ═ g, gμAnd the private key SK ═ η represents a trapdoor key. CA initialization: z* PExpressed as a finite field ZpElement set of m and p prime from Z* PTwo random numbers α and β with different sizes are selected, and PK ═ G is calculated0,g,gβ,Y=e(g,g)αU, U', and calculate MK ═ α, β, defining a bilinear map e: g0×G0=G1
(3) Transaction generation and signature: the transaction user A generates transaction information, encrypts the identity of the transaction user A, operates a wallet signature algorithm to carry out signature by using a private key corresponding to a wallet address, and sends the signature to the transaction user B, wherein the user signature process comprises the following steps: trans | | σA||CTATrAB=Trans||σA||CTA||σB||CTB
(4) Index generation: the trader extracts the key from the trading plaintext information and uses the index key gμAnd encrypting the keywords by the random numbers tau and mu, wherein the keywords of the transaction information are calculated as follows: i isw=(I1,I2)=(g1 μr,e(H1(w)μ,g1 ητ));
(5) Encrypted (M, TK, PK) → CM,CTKAnd VR: setting the nth' user attribute a in the cipher text strategy attribute set Hn' at the m ' th attribute tree, depth h ', path Rn′=(an′0,an′1,...,an′k,...,an′h) Where k' is ∈ [0, h ]],an′k′Is the user attribute an′On the path Rn′Corresponding attribute of the k' th layer of (1), for policy attribute an', select its corresponding secret share w according to the mapping piAttribute ciphertext Cn′And policy parameter C'm′Is calculated as follows, the ciphertext is created as follows:
Figure BDA0002245240800000021
wherein u'm′Representing the public parameter, u, corresponding to the m' th attribute treek′Public parameters representing the k' th layer; the ciphertext is:
Figure BDA0002245240800000031
m is transaction plaintext information, S is secret value, E1Is a partial cipher text containing transaction plaintext information M;
(6) trapdoor generation (W', TK, UK, lambda) → TW′: in this algorithm, a random number is chosen and a trapdoor is calculated:
TW′=(T1,T2)=(λ·UK,H1(W′)λ·TK)
(7) and (3) testing: (RID, I)W,TW′)→{CM}: matching of calculations performed on the basis of the RID submitted by the user and the UK corresponding to this algorithm
Figure BDA0002245240800000032
The following were used:
Figure BDA0002245240800000033
if the search key of the user is the same as the search key contained in the index, the equation is established; the block chain returns the result to the user, otherwise, the empty set is returned to the user;
(8) secret keyAnd (3) key generation: set of attributes S for a useruMiddle nth user attribute anIs located in the ith attribute tree with the depth h and the path Rn=(an0,an1,...,ank,...,anh) Where k is [0, h ]],
Figure BDA0002245240800000034
Is the user attribute anRoute RnCorresponding attributes of the kth layer, and selecting a random number r belonging to Z for resisting collusion attack by an authority center CA* PFor the attribute a of the usernSelecting a random number rn∈ZPAnd calculates an attribute private key dnPrivate key parameter DnAnd Dn' set of rights parameters, calculated as follows:
Figure BDA0002245240800000035
Figure BDA0002245240800000036
Figure BDA0002245240800000037
in conjunction with the private key component, the user can obtain the private key as
Figure BDA0002245240800000038
(9) Decryption (C)M,CTK,SK)→(M,TK,VR′):
Authorization set S in attributesu' of, user attribute anIn the m-th attribute tree, the policy attribute an' in m ' attribute trees, two satisfy m ═ m '; user attributes anDepth h and policy attribute a ofnThe depth of' satisfies: h is less than or equal to h'; user's attribute path Rn=(an0,an1,...,ank,...,anh) With policy attribute an' Attribute Path Rn′=(an′0,an′1,...,an′k′,...,an′h′) Satisfies the following conditions: when k is k', ank=an′k′Where k is [0, h ]],k′∈[0,h′](ii) a A for overlay policy attributesn' user attribute, decryption authority value dn' is calculated as follows:
Figure BDA0002245240800000041
deciphering bilinear map AniAnd the authority VR' of the user is calculated as follows:
Figure BDA0002245240800000042
Figure BDA0002245240800000043
if the user's authority satisfies the structure, the user can decrypt the trapdoor key:
Figure BDA0002245240800000044
the transaction message can be recovered as:
Figure BDA0002245240800000045
the invention has the advantages that:
(1) content privacy
The transaction information and the shared secret are encrypted by adopting an attribute encryption mechanism algorithm based on a ciphertext strategy, which is safer than a symmetric encryption algorithm. By encrypting the transaction information and the shared secret with the LSSS linear secret sharing structure, we can ensure the privacy of the contents of both parties to the transaction. And random number r is introduced in the process of generating the private keyjAn identification RID of the user interaction. Even if different users collude with each other without rightsThe private key cannot be obtained. Thus, despite collusion, an illegal user cannot obtain the transaction information and shared secrets.
(2) Identity privacy
By adopting an authority CA which stores a trapdoor key ciphertext, a trading user A does not need to be online at any time and randomly generates a key UK and an identity RID for each user. The RID sequence represents the identity of the user in the interaction process, and the identity privacy of the user is protected.
(3) Search privacy
The search mechanism of our scheme can resist a variety of attacks. During the index generation process, the transactor A encrypts the indexed key using a random number μ, and nodes on the blockchain cannot perform an internal key guessing attack by matching candidate keys to trapdoors. In the trapdoor generation stage, a random number is used for hiding a search key, so that a malicious node is prevented from executing key replay attack after the trapdoor is cracked. So blockchain network nodes and attackers cannot obtain useful information for keywords. Our scheme thus guarantees the privacy of the keywords without reducing the security of previous algorithms.
(4) Attribute privacy
The CA authority center realizes fine-grained access control, and meanwhile, the authority center authorizes users of the block chain through verifying VR, so that the risk brought by submitting an access structure to a block chain network is avoided. This mechanism preserves the attributes of the linear access structure established by the transaction party.
Detailed Description
The invention relates to a block chain data privacy protection access control method based on searchable attribute encryption, which comprises the following steps:
(1) registering: the user puts forward a registration application to the system, acquires an identity identifier RID and a user attribute set corresponding to the real identity information, and the data has a (transaction user) registration acquisition key and an identity identifier;
(2) initialization: data owner initialization: selecting a group G with a prime number p as an order and a generating element G0In the limiting zone ZpSelectingN elements as system attributes to form a system attribute set S, dividing the attributes in S into trees according to the correlation between the attributes, and setting HiFor the depth of the ith tree, define H ═ max { Hi}i∈[1,x]Maximum depth in x trees; randomly selecting vector U ═ U (U)y)1≤y≤xAnd U ═ U'y′)1≤y′≤xWherein u isyRepresenting the public parameter, u, corresponding to the y-th attribute treey∈G0,u′y′Expressing the public parameters corresponding to the y' th tree, trader A selects a group G with the order of prime number p and the generating element of G1Let H1:{0,1}*→G1Is a hash function. The trader selects two random numbers eta, mu to calculate the public key PK ═ g, gμAnd the private key SK ═ η represents a trapdoor key. CA initialization: z* PExpressed as a finite field ZpElement set of m and p prime from Z* PTwo random numbers α and β with different sizes are selected, and PK ═ G is calculated0,g,gβ,Y=e(g,g)αU, U', and calculate MK ═ α, β, defining a bilinear map e: g0×G0=G1
(3) Transaction generation and signature: the transaction user A generates transaction information, encrypts the identity of the transaction user A, operates a wallet signature algorithm to carry out signature by using a private key corresponding to a wallet address, and sends the signature to the transaction user B, wherein the user signature process comprises the following steps: trans | | σA||CTATrAB=Trans||σA||CTA||σB||CTB
(4) Index generation: the trader extracts the key from the trading plaintext information and uses the index key gμAnd encrypting the keywords by the random numbers tau and mu, wherein the keywords of the transaction information are calculated as follows: i isw=(I1,I2)=(g1 μτ,e(H1(w)μ,g1 ητ));
(5) Encrypted (M, TK, PK) → CM,CTKAnd VR: setting the nth' user attribute in the cipher text strategy attribute set Han' at the m ' th attribute tree, depth h ', path Rn′=(an′0,an′1,...,an′k,...,an′h) Where k' is ∈ [0, h ]],an′k′Is the user attribute an′On the path Rn′Corresponding attribute of the k' th layer of (1), for policy attribute an', select its corresponding secret share w according to the mapping piAttribute ciphertext Cn′And policy parameter C'n′Is calculated as follows, the ciphertext is created as follows:
Figure BDA0002245240800000061
wherein u'm′Representing the public parameter, u, corresponding to the m' th attribute treek′Public parameters representing the k' th layer; the ciphertext is:
Figure BDA0002245240800000062
m is the transaction plaintext information, s is the secret value, E1Is a partial cipher text containing transaction plaintext information M;
(6) trapdoor generation (W', TK, UK, lambda) → TW′: in this algorithm, a random number is chosen and a trapdoor is calculated:
TW′=(T1,T2)=(λ·UK,H1(W′)λ·TK)
(7) and (3) testing: (RID, I)W,TW′)→{CM}: matching of calculations performed on the basis of the RID submitted by the user and the UK corresponding to this algorithm
Figure BDA0002245240800000075
The following were used:
Figure BDA0002245240800000076
if the search key of the user is the same as the search key contained in the index, the equation is established; the block chain returns the result to the user, otherwise, the empty set is returned to the user;
(8) and (3) key generation: set of attributes S for a useruMiddle nth user attribute anIs located in the ith attribute tree with the depth h and the path Rn=(an0,an1,...,ank,...,anh) Wherein k is [0, h ]],
Figure BDA0002245240800000077
Is the user attribute anRoute RnCorresponding attributes of the kth layer, and selecting a random number r belonging to Z for resisting collusion attack by an authority center CA* PFor the attribute a of the usernSelecting a random number rn∈ZPAnd calculates an attribute private key dnPrivate key parameter DnAnd Dn' set of rights parameters, calculated as follows:
Figure BDA0002245240800000071
Figure BDA0002245240800000072
Figure BDA0002245240800000073
in conjunction with the private key component, the user can obtain the private key as
Figure BDA0002245240800000074
(9) Decryption (C)M,CTK,SK)→(M,TK,VR′):
Authorization set S in attributesu' of, user attribute anIn the m-th attribute tree, the policy attribute an' in m ' attribute trees, two satisfy m ═ m '; user attributes anDepth h and policy attribute a ofnThe depth of' satisfies: h is less than or equal to h'; user's attribute path Rn=(an0,an1,...,ank,...,anh) With policy attribute an' Attribute Path Rn′=(an′0,an′1,...,an′k′,...,an′h′) Satisfies the following conditions: when k is k', ank=an′k′Where k is [0, h ]],k′∈[0,h′](ii) a A for overlay policy attributesn' user attribute, decryption authority value dn' is calculated as follows:
Figure BDA0002245240800000081
deciphering bilinear map AniAnd the authority VR' of the user is calculated as follows:
Figure BDA0002245240800000082
Figure BDA0002245240800000083
if the user's authority satisfies the structure, the user can decrypt the trapdoor key:
Figure BDA0002245240800000084
the transaction message can be recovered as:
Figure BDA0002245240800000085
description of the symbols:
H1:{0,1}*→G1: hash function
Ani: bilinear mapping
gμ: index key
Su: attribute collection
PK: public key
MK: master key
Cn′: attribute ciphertext
an: user attributes
Rn: attribute path
an': policy attributes
σA: signature of transaction user A
σB: signature of transacting user B
CTA: encryption of transaction user A identity
CTB: and encrypting the identity of the transaction user B.
M: clear text of transaction
s: secret value
CA: authoritative center
RID: identity label
VR': user rights restriction
Figure BDA0002245240800000094
Private key of user
UK: user key
TW′=(T1,T2)=(λ·UK,H1(W′)λ·TK): safety trap door
CTK: transaction information cipher text
Iw: transaction information keywords
The following examples are used to further develop the invention.
The block chain data privacy protection access control method based on searchable attribute encryption comprises the following specific implementation mode that firstly, two transaction parties (data owners) register identities to an authority center to obtain corresponding keys and identity identifiers RID, and send trapdoor key ciphertext, and the two transaction parties encrypt and sign to generate transaction information ciphertextAnd extracts the transaction information keyword Iw=(I1,I2)=(g1 μτ,e(H1(w)μ,g1 ητ) And the transaction information is added to the tail of the transaction information and sent to the block chain, and the miners' nodes are added into the block chain after verification. The data user (monitoring node) firstly registers the identity of the data user to the CA authority center and obtains the private key of the user
Figure BDA0002245240800000092
And trapdoor key ciphertextAnd after the user decrypts the trapdoor key ciphertext, obtaining the user authority VR 'and the trapdoor key TK, sending the user authority VR' and the trapdoor key TK to the CA, and after the authority center verifies that the authority center legally meets the access structure, sending the user key UK to the data user. Data user constructed safety trap door TW′=(T1,T2)=(λ·UK,H1(W′)λTK) The data is sent to a block chain in a transaction form, and a miner node matches a keyword index at the tail part of transaction information sent by a data owner
Figure BDA0002245240800000101
After verification, the transaction information is sent to the data user, and the data user can decrypt and obtain the plaintext M of the transaction information.

Claims (1)

1. The block chain data privacy protection access control method based on searchable attribute encryption is characterized by comprising the following steps:
(1) registering: the user puts forward a registration application to the system, acquires an identity identifier RID and a user attribute set corresponding to the real identity information, and the data has a (transaction user) registration acquisition key and an identity identifier;
(2) initialization: data owner initialization: selecting a group G with a prime number p as an order and a generating element G0In the limiting zone ZpSelecting N elements as system attributes to form a system attribute set S, dividing the attributes in S into x trees according to the correlation between the attributes, and setting HiFor the depth of the ith tree, define: h ═ max { Hi}i∈[1,x]Maximum depth in x trees; randomly selecting vector U ═ U (U)y)1≤y≤xAnd U ═ U'y′)1≤y′≤xWherein u isyRepresenting the public parameter, u, corresponding to the y-th attribute treey∈G0,u′y′Expressing the public parameters corresponding to the y' th tree, trader A selects a group G with the order of prime number p and the generating element of G1Let H1:{0,1}*→G1Is a hash function; the trader selects two random numbers eta, mu to calculate the public key PK ═ g, gμThe private key SK ═ η represents a trapdoor key; CA initialization: z* PExpressed as a finite field ZpElement set of m and p prime from Z* PTwo random numbers α and β with different sizes are selected, and PK ═ G is calculated0,g,gβ,Y=e(g,g)αU, U', and calculate MK ═ α, β, defining a bilinear map e: g0×G0=G1
(3) Transaction generation and signature: the transaction user A generates transaction information, encrypts the identity of the transaction user A, operates a wallet signature algorithm to carry out signature by using a private key corresponding to a wallet address, and sends the signature to the transaction user B, wherein the user signature process comprises the following steps: trans | | σA||CTATrAB=Trans||σA||CTA||σB||CTB
(4) Index generation: the trader extracts the key from the trading plaintext information and uses the index key gμAnd encrypting the keywords by the random numbers tau and mu, wherein the keywords of the transaction information are calculated as follows:
Figure FDA0002245240790000011
(5) encrypted (M, TK, PK) → CM,CTKAnd VR: setting the nth' user attribute a in the cipher text strategy attribute set Hn' at the m ' th attribute tree, depth h ', path Rn′=(an′0,an′1,...,an′k,...,an′h) Where k' is ∈ [0, h ]],an′k′Is the user attribute an′On the path Rn′Corresponding attribute of the k' th layer of (1), for policy attribute an′Selecting its corresponding secret share w according to the mapping piAttribute ciphertext Cn′And policy parameter C'n′Is calculated as follows, the ciphertext is created as follows:
Figure FDA0002245240790000021
wherein u'm′Representing the public parameter, u, corresponding to the m' th attribute treek′Public parameters representing the k' th layer; the ciphertext is:
Figure FDA0002245240790000022
Figure FDA0002245240790000023
m is the transaction plaintext information, s is the secret value, E1Is a partial cipher text containing transaction plaintext information M;
(6) trapdoor generation (W', TK, UK, lambda) → TW′: in this algorithm, a random number is chosen and a trapdoor is calculated: t isW′=(T1,T2)=(λ·UK,H1(W′)λ·TK)
(7) And (3) testing: (RID, I)W,TW′)→{CM}: matching of calculations performed on the basis of the RID submitted by the user and the UK corresponding to this algorithm
Figure FDA0002245240790000024
The following were used:
if the search key of the user is the same as the search key contained in the index, the equation is established; the block chain returns the result to the user, otherwise, the empty set is returned to the user;
(8) and (3) key generation: set of attributes S for a useruMiddle nth user attribute anIs located in the ith attribute tree with the depth h and the path Rn=(an0,an1,...,ank,...,anh) Where k is [0, h ]],
Figure FDA00022452407900000210
Is the user attribute anRoute RnCorresponding attributes of the kth layer, and selecting a random number r belonging to Z for resisting collusion attack by an authority center CA* PFor the attribute a of the usernSelecting a random number rn∈ZPAnd calculates an attribute private key dnPrivate key parameter DnAnd Dn' set of rights parameters, calculated as follows:
Figure FDA0002245240790000026
Figure FDA0002245240790000027
Figure FDA0002245240790000028
in conjunction with the private key component, the user can obtain the private key as
Figure FDA0002245240790000029
(9) Decryption (C)M,CTK,SK)→(M,TK,VR′):
Authorization set s in attributesu' of, user attribute anIn the m-th attribute tree, the policy attribute an' in m ' attribute trees, two satisfy m ═ m '; user attributes anDepth h and policy attribute a ofnThe depth of' satisfies: h is less than or equal toh'; user's attribute path Rn=(an0,an1,...,ank,...,anh) With policy attribute an' Attribute Path Rn′=(an′0,an′1,...,an′k′,...,an′h′) Satisfies the following conditions: when k is k', ank=an′k′Where k is [0, h ]],k′∈[0,h′](ii) a A for overlay policy attributesn' user attribute, decryption authority value dn' is calculated as follows:
deciphering bilinear map AniAnd the authority VR' of the user is calculated as follows:
Figure FDA0002245240790000032
if the authority of the user satisfies the structure, the users can decrypt the trapdoor key:
Figure FDA0002245240790000034
the transaction message can be recovered as:
Figure FDA0002245240790000035
CN201911014447.3A 2019-10-24 2019-10-24 Block chain data privacy protection access control method based on searchable attribute encryption Withdrawn CN110717191A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911014447.3A CN110717191A (en) 2019-10-24 2019-10-24 Block chain data privacy protection access control method based on searchable attribute encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911014447.3A CN110717191A (en) 2019-10-24 2019-10-24 Block chain data privacy protection access control method based on searchable attribute encryption

Publications (1)

Publication Number Publication Date
CN110717191A true CN110717191A (en) 2020-01-21

Family

ID=69213216

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911014447.3A Withdrawn CN110717191A (en) 2019-10-24 2019-10-24 Block chain data privacy protection access control method based on searchable attribute encryption

Country Status (1)

Country Link
CN (1) CN110717191A (en)

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111431715A (en) * 2020-03-30 2020-07-17 中南民族大学 Policy control signature method supporting privacy protection
CN111614680A (en) * 2020-05-25 2020-09-01 华中科技大学 CP-ABE-based traceable cloud storage access control method and system
CN111641641A (en) * 2020-05-29 2020-09-08 兰州理工大学 Block chain data sharing method based on searchable proxy re-encryption
CN111859444A (en) * 2020-06-12 2020-10-30 中国科学院信息工程研究所 Block chain data supervision method and system based on attribute encryption
CN112131316A (en) * 2020-11-20 2020-12-25 腾讯科技(深圳)有限公司 Data processing method and device applied to block chain system
CN112163854A (en) * 2020-09-14 2021-01-01 北京理工大学 Hierarchical public key searchable encryption method and system based on block chain
CN112543105A (en) * 2020-11-26 2021-03-23 齐鲁工业大学 Role-based complete access control method under intelligent contract
CN112836229A (en) * 2021-02-10 2021-05-25 北京深安信息科技有限公司 Attribute-based encryption and block-chaining combined trusted data access control scheme
CN112989375A (en) * 2021-03-05 2021-06-18 武汉大学 Hierarchical optimization encryption lossless privacy protection method
CN113014563A (en) * 2021-02-10 2021-06-22 华中科技大学 Method and system for guaranteeing integrity of searchable public key encryption retrieval
CN113127926A (en) * 2021-03-12 2021-07-16 西安电子科技大学 Method, system, storage medium and computer for analyzing statistical relevance of private data
CN113158143A (en) * 2020-01-22 2021-07-23 区块链新科技(广州)有限公司 Key management method and device based on block chain digital copyright protection system
CN113507366A (en) * 2021-05-21 2021-10-15 北方工业大学 Grid-based searchable log blind signature scheme
CN113868450A (en) * 2021-09-29 2021-12-31 武汉大学 Remote sensing image safety retrieval method based on block chain
CN113904823A (en) * 2021-09-28 2022-01-07 长沙学院 Constant-level authorization computation complexity attribute base searchable encryption method and system
CN114036565A (en) * 2021-11-19 2022-02-11 上海勃池信息技术有限公司 Private information retrieval system and private information retrieval method
CN115065479A (en) * 2022-06-02 2022-09-16 西安电子科技大学 Decentralized rewriting method for block chain
CN115865520A (en) * 2023-02-09 2023-03-28 西华大学 Authentication and access control method with privacy protection in mobile cloud service environment
CN115906185A (en) * 2023-02-14 2023-04-04 蓝象智联(杭州)科技有限公司 Batch hiding query method and device and storage medium
CN117596085A (en) * 2024-01-19 2024-02-23 华南理工大学 Searchable encryption method with forward and backward privacy based on attribute set
CN117596036A (en) * 2023-11-20 2024-02-23 北京邮电大学 Dynamic attribute-based encryption access control method with multi-time granularity constraint
CN117997651A (en) * 2024-04-03 2024-05-07 湖南天河国云科技有限公司 Data sharing method, system, equipment and storage medium

Cited By (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113158143A (en) * 2020-01-22 2021-07-23 区块链新科技(广州)有限公司 Key management method and device based on block chain digital copyright protection system
CN111431715B (en) * 2020-03-30 2020-12-18 中南民族大学 Policy control signature method supporting privacy protection
CN111431715A (en) * 2020-03-30 2020-07-17 中南民族大学 Policy control signature method supporting privacy protection
CN111614680A (en) * 2020-05-25 2020-09-01 华中科技大学 CP-ABE-based traceable cloud storage access control method and system
CN111614680B (en) * 2020-05-25 2021-04-02 华中科技大学 CP-ABE-based traceable cloud storage access control method and system
CN111641641A (en) * 2020-05-29 2020-09-08 兰州理工大学 Block chain data sharing method based on searchable proxy re-encryption
CN111859444A (en) * 2020-06-12 2020-10-30 中国科学院信息工程研究所 Block chain data supervision method and system based on attribute encryption
CN111859444B (en) * 2020-06-12 2022-03-01 中国科学院信息工程研究所 Block chain data supervision method and system based on attribute encryption
CN112163854A (en) * 2020-09-14 2021-01-01 北京理工大学 Hierarchical public key searchable encryption method and system based on block chain
CN112163854B (en) * 2020-09-14 2022-08-05 北京理工大学 Hierarchical public key searchable encryption method and system based on block chain
CN112131316A (en) * 2020-11-20 2020-12-25 腾讯科技(深圳)有限公司 Data processing method and device applied to block chain system
CN112543105A (en) * 2020-11-26 2021-03-23 齐鲁工业大学 Role-based complete access control method under intelligent contract
CN112836229A (en) * 2021-02-10 2021-05-25 北京深安信息科技有限公司 Attribute-based encryption and block-chaining combined trusted data access control scheme
CN113014563A (en) * 2021-02-10 2021-06-22 华中科技大学 Method and system for guaranteeing integrity of searchable public key encryption retrieval
CN112989375B (en) * 2021-03-05 2022-04-29 武汉大学 Hierarchical optimization encryption lossless privacy protection method
CN112989375A (en) * 2021-03-05 2021-06-18 武汉大学 Hierarchical optimization encryption lossless privacy protection method
CN113127926B (en) * 2021-03-12 2024-01-16 西安电子科技大学 Method, system, storage medium and computer for analyzing statistical correlation of privacy data
CN113127926A (en) * 2021-03-12 2021-07-16 西安电子科技大学 Method, system, storage medium and computer for analyzing statistical relevance of private data
CN113507366A (en) * 2021-05-21 2021-10-15 北方工业大学 Grid-based searchable log blind signature scheme
CN113507366B (en) * 2021-05-21 2024-04-26 北方工业大学 Grid-based searchable log blind signature scheme
CN113904823A (en) * 2021-09-28 2022-01-07 长沙学院 Constant-level authorization computation complexity attribute base searchable encryption method and system
CN113904823B (en) * 2021-09-28 2024-02-27 长沙学院 Attribute-based searchable encryption method and system for constant-level authorization computation complexity
CN113868450B (en) * 2021-09-29 2024-04-02 武汉大学 Remote sensing image safety retrieval method based on block chain
CN113868450A (en) * 2021-09-29 2021-12-31 武汉大学 Remote sensing image safety retrieval method based on block chain
CN114036565B (en) * 2021-11-19 2024-03-08 上海勃池信息技术有限公司 Private information retrieval system and private information retrieval method
CN114036565A (en) * 2021-11-19 2022-02-11 上海勃池信息技术有限公司 Private information retrieval system and private information retrieval method
CN115065479A (en) * 2022-06-02 2022-09-16 西安电子科技大学 Decentralized rewriting method for block chain
CN115065479B (en) * 2022-06-02 2024-06-07 西安电子科技大学 Decentralizing rewriting method for block chain
CN115865520A (en) * 2023-02-09 2023-03-28 西华大学 Authentication and access control method with privacy protection in mobile cloud service environment
CN115865520B (en) * 2023-02-09 2023-04-28 西华大学 Authentication and access control method with privacy protection in mobile cloud service environment
CN115906185A (en) * 2023-02-14 2023-04-04 蓝象智联(杭州)科技有限公司 Batch hiding query method and device and storage medium
CN115906185B (en) * 2023-02-14 2023-07-28 蓝象智联(杭州)科技有限公司 Batch hidden query method, device and storage medium
CN117596036A (en) * 2023-11-20 2024-02-23 北京邮电大学 Dynamic attribute-based encryption access control method with multi-time granularity constraint
CN117596036B (en) * 2023-11-20 2024-06-11 北京邮电大学 Dynamic attribute-based encryption access control method with multi-time granularity constraint
CN117596085A (en) * 2024-01-19 2024-02-23 华南理工大学 Searchable encryption method with forward and backward privacy based on attribute set
CN117997651A (en) * 2024-04-03 2024-05-07 湖南天河国云科技有限公司 Data sharing method, system, equipment and storage medium
CN117997651B (en) * 2024-04-03 2024-06-07 湖南天河国云科技有限公司 Data sharing method, system, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN110717191A (en) Block chain data privacy protection access control method based on searchable attribute encryption
Qadir et al. A review paper on cryptography
CN106357401B (en) A kind of storage of private key and application method
Li et al. Privacy-preserving-outsourced association rule mining on vertically partitioned databases
Patel et al. Image encryption using different techniques: A review
CN103281377B (en) A kind of encrypt data storage and querying method of facing cloud
EP2228942B1 (en) Securing communications sent by a first user to a second user
US5557346A (en) System and method for key escrow encryption
CN112148801B (en) Method and device for predicting business object by combining multiple parties for protecting data privacy
CN111859444B (en) Block chain data supervision method and system based on attribute encryption
WO2007103906A2 (en) Secure data transmission using undiscoverable or black data
CN113158143B (en) Key management method and device based on block chain digital copyright protection system
CN101529791A (en) A method and apparatus to provide authentication and privacy with low complexity devices
CN103532701A (en) Encryption and decryption method for numeric type data
Cha et al. Blockchain based sensitive data management by using key escrow encryption system from the perspective of supply chain
Ra et al. A key recovery system based on password-protected secret sharing in a permissioned blockchain
CN110690957A (en) Anti-quantum-computation private key backup, loss reporting and recovery method and system based on alliance chain and implicit certificate
CN103493428B (en) Data encryption
Kroll et al. Secure protocols for accountable warrant execution
Shoukat et al. A survey about latest trends and research issues of cryptographic elements
Jones et al. Information Security: A Coordinated Strategy to Guarantee Data Security in Cloud Computing
CN113079177B (en) Remote sensing data sharing method based on time and decryption frequency limitation
CN114065242A (en) Privacy data protection method based on block chain technology
US10938790B2 (en) Security system and method
CN114629640A (en) White-box accountable attribute-based encryption system and method for solving key escrow problem

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20200121

WW01 Invention patent application withdrawn after publication