CN111698085A - CP-ABE decryption outsourcing - Google Patents
CP-ABE decryption outsourcing Download PDFInfo
- Publication number
- CN111698085A CN111698085A CN202010513483.0A CN202010513483A CN111698085A CN 111698085 A CN111698085 A CN 111698085A CN 202010513483 A CN202010513483 A CN 202010513483A CN 111698085 A CN111698085 A CN 111698085A
- Authority
- CN
- China
- Prior art keywords
- decryption
- user
- ciphertext
- key
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012946 outsourcing Methods 0.000 title claims abstract description 19
- 238000000034 method Methods 0.000 claims abstract description 17
- 238000012795 verification Methods 0.000 claims description 15
- 230000008569 process Effects 0.000 claims description 6
- 238000013507 mapping Methods 0.000 claims description 4
- 238000004364 calculation method Methods 0.000 abstract description 8
- 230000007246 mechanism Effects 0.000 abstract description 8
- 238000013475 authorization Methods 0.000 abstract description 3
- 230000003044 adaptive effect Effects 0.000 abstract description 2
- 238000007726 management method Methods 0.000 abstract description 2
- 238000005516 engineering process Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- 239000003795 chemical substances by application Substances 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 239000003595 mist Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a CP-ABE decryption outsourcing, and relates to the technical field of data encryption and decryption in a mobile cloud environment. The invention not only realizes fine-grained access control of the file on the cloud server, but also simplifies key management operation of the user and realizes revocation of access authority of illegal users. When a user is revoked, a legal user does not need to update the secret key, so that the burden of an authorization mechanism is reduced. The local user only needs simple XOR operation to update the ciphertext. The safety certification shows that the method provided by the invention has non-adaptive plaintext selection safety under a general bilinear group model. The performance analysis shows that the invention more effectively reduces the decryption calculation cost of the mobile equipment, can efficiently realize the revocation of illegal users, and effectively realizes the control of the access authority of the users.
Description
Technical Field
The invention relates to a CP-ABE decryption outsourcing, and belongs to the technical field of cloud computing.
Background
The cloud storage brings convenience to data storage and brings a potential safety hazard that how to guarantee legal access to data to a user is a storage medium of the cloud located outside the control of the user? This problem can be solved by decrypting the data and controlling the decryption capabilities of the user to achieve ciphertext access control. Ciphertext access control may be understood as an access control method in which a user decrypts data and then controls the access rights of the data user by distributing a decryption key. A ciphertext access control mechanism is adopted, a user independently decrypts data, and the data content is protected by the user; meanwhile, the data decryption key is distributed to authorized visitors by the user, and an autonomous and controllable access control mechanism can be realized. The research on ciphertext access control can be traced back to a hierarchical access control system which is provided by Akl and Taylor and realized based on a public key cryptographic algorithm. With the continuous development of cryptography, the ciphertext access control technology is also continuously perfected, and ciphertext access control mechanisms realized based on algorithms such as asymmetric decryption, one-way Hash, identity decryption and attribute decryption appear in sequence. The basic ideas of the access control technologies are the same, but the operations such as data decryption, key management, key distribution and the like are optimized through different cryptographic technologies, and the performance of a ciphertext access control mechanism is improved.
Access control in a fog computing environment is a security guarantee for user data sharing, similar to the case in a cloud computing environment, but its network structure and system model are different from those in a cloud computing environment. Therefore, there is a need to consider a new access control scheme for clouds, fog and users, where the fog node should assist the user in reducing the amount of computation and provide more flexibility. Outsourcing is one of the best choices for implementing a fog node to assist users, and can be used to perform large-scale computations to reduce the computational overhead required by resource-constrained devices. In addition, to prevent data from being tampered with by malicious molecules in cloud computing and fog computing, it is very necessary to increase verifiability. In 2014, Asim et al constructed a CP-ABE scheme with the ability to decrypt and decrypt outsourcing. In their scheme, the data owner first generates the ciphertext and then applies the semi-trusted agent to re-decrypt the decryption information associated with the access structure. In the decryption process, the user sends a conversion key to another semi-trusted agent to decrypt most of ciphertext, and finally, the user performs the final small part of calculation to decrypt and obtain information, so that most of calculation expense is reduced for the user. In 2016, Mao et al introduced a generic structure for attribute-based decryption that is verifiable for outsourced decryption, which also left a simple computation for the user to decrypt the ciphertext. The ABE refers to attribute-based decryption, and the attribute-based decryption scheme is divided into two types, namely Key-Policy ABE (KP-ABE) based attribute decryption of a Key Policy and attribute-based decryption of a Ciphertext Policy (CP-ABE). In KP-ABE, the key is related to the access strategy, the cipher text is related to the attribute set, the decryptor can only select descriptive attributes for the data, and can not decide who can decrypt the cipher text, but only trust the key issuer. The attributes in CP-ABE are used to describe the user's private key, and the decryptor can use the access policy to decide which decrypted data can be accessed, but the decryptor does not know who can access the ciphertext. Therefore, the deployment mode of the CP-ABE is closer to that of the traditional access control model, the CP-ABE can be well suitable for protecting sensitive data in a fog computing environment, and meanwhile, the access strategy can be controlled more flexibly.
Although the ciphertext in the conventional CP-ABE scheme does not directly tell the recipient identity, the plaintext access structure is appended to the ciphertext, and anyone who can see the ciphertext can infer from the access structure some of the decrypted data or the private information of the person who can access the decrypted data. In some applications, the access structure contains sensitive information. Thus, the access structure itself is confidential information in addition to the data content. It follows that in some specific cases it is important to decrypt the access structure for concealment. In 2008, Nishide and Kazuki et al first proposed an attribute-based decryption scheme with hidden access structures. By this scheme, the decryptor can decrypt data using the hidden access structure. If the attribute associated with the decryptor's key does not satisfy the access structure associated with the decrypted data, the decryptor cannot decrypt the data or even speculate on the access structure specified by the decryptor.
Disclosure of Invention
Technical problem to be solved
The invention mainly solves the technical problems in the prior art and provides a CP-ABE decryption outsourcing.
(II) technical scheme
In order to achieve the above purpose, the present invention adopts the following technical solutions, in order to overcome the disadvantages in the prior art, the computation overhead of decryption and decryption of the user is reduced by using fog computation, and the access structure is hidden to prevent the user privacy from being revealed and verify whether the data is tampered in the transmission process. The CP-ABE decryption outsourcing and the system are provided, and the access structure of the LSSS is used for decrypting the ciphertext, so that the description of a data owner on fine granularity of the attribute of a searcher is realized, the access authority is flexibly controlled, and the system efficiency is improved.
The technical scheme is as follows: in order to achieve the purpose, the invention adopts the technical scheme that:
a CP-ABE decryption outsource, comprising the steps of:
step 1: and generating a system public parameter PK and a system master key MSK according to the security parameter 1k, the global attribute set U and the bilinear mapping, wherein the system public parameter PK is public, and the system master key MSK is stored by a private key generation center.
Step 2: and generating a user decryption key DSK and a fog node decryption key TSK according to the system public parameter PK, the system master key MSK and the user attribute set A, wherein the fog node decryption key TSK is sent to the fog node for outsourcing decryption, and the user decryption key DSK is sent to the user for decrypting the finally decrypted data file by the user.
And step 3: and the data owner sends the partial LSSS access structure (M, rho) to the fog node, the fog node generates partial ciphertext CT 1 according to the system public parameter PK and the partial LSSS access structure (M, rho), and the fog node returns the partial ciphertext CT 1 to the data owner. And the data owner generates a ciphertext CT and verification data E about the data and LSSS access structure attribute values according to the system public parameter PK, the data file M, the symmetric key ck, the access structure (M, rho, { A rho (i) }) and the partial ciphertext CT 1, wherein A rho (i) is the attribute value of the attribute name corresponding to rho (i). And uploading the ciphertext CT to a cloud storage through the fog node by the data owner for storage.
And 4, step 4: and the fog node generates an LSSS access structure verification set according to the ciphertext CT and the fog node decryption key TSK, and if and only if the attribute of the user accords with the LSSS access structure, the user can correctly decrypt the LSSS access structure, and meanwhile, the generated part of ciphertext CT' is returned to the user, otherwise, the decryption fails. And the user obtains a symmetric key ck and a random value gamma according to the partial ciphertext CT' and the user decryption key DSK, verifies whether the verification data E is established or not according to the random value gamma, and decrypts the data file m from the E ck (m) by using the symmetric key ck if the verification data E is established. Otherwise, the ciphertext data is falsified, and the decryption fails.
Advantageous effects
The invention provides a CP-ABE decryption outsourcing. The method has the following beneficial effects:
1. the invention adopts a CP-ABE decryption outsourcing. Considering that the computing power of user equipment, such as mobile equipment like a mobile phone and the like, is limited in the fog environment, and the fog computing environment provides a large number of fog nodes with certain computing power, the method outsourcing a large number of encryption and decryption computations to the fog nodes, and the burden of the user is reduced. Meanwhile, the low-delay characteristic of the fog calculation greatly reduces the data transmission time between the user and the fog node.
2. The invention introduces a partial hidden access structure technology, decrypts the ciphertext by adopting the LSSS access structure, and the LSSS access strategy can realize fine-grained description of the user attribute, is convenient for a data owner to control the file access right, and accords with practical application. The attribute in the access structure is divided into an attribute name and an attribute value, and the attribute value is embedded into the ciphertext, so that the privacy protection is effectively improved.
3. The invention effectively integrates the attribute decryption based on the ciphertext strategy based on the fog calculation with the partially hidden LSSS access structure technology, fully utilizes the advantages of the attribute decryption and the partially hidden LSSS access structure technology, ensures the protection of decryption data and user privacy, realizes the verification of the correctness of the ciphertext on the premise of effectively improving the calculation efficiency of user decryption and decryption in practical application, prevents the ciphertext from being modified in the processes of ciphertext transmission and outsourcing decryption, and improves the safety of the system.
Detailed Description
The technical solution of the present invention is further specifically described by the following embodiments in combination.
With the rapid development of network and cloud technologies, mobile cloud computing has become a new service model, and further, the ways of life, learning, medical treatment and the like of people are changed. Mobile cloud computing is the deployment of a plurality of portable mobile devices on a cloud computing platform to realize data sharing. How to ensure the information security of the mobile equipment; how to reduce the encryption and decryption costs of the mobile device; how to implement access control and revocation functions for users; if the problems cannot be solved, the safety of the mobile cloud computing cannot be guaranteed. Therefore, aiming at the characteristics of mobile cloud computing, the corresponding security problem is researched on the basis, and an effective and safe encryption and decryption mechanism is established, so that the method is necessary and urgently needed, and has important theoretical significance and application value.
In order to solve the above problems, the present embodiment mainly researches a data encryption and decryption mechanism in a mobile cloud environment, and provides an outsource encryption and decryption CP-ABE method capable of revoking a user. The proposed scheme has proved to have non-adaptive selection plaintext security under a general bilinear group model. The method of the invention not only has the characteristic of low encryption and decryption cost of the mobile equipment, but also can revoke the access authority of the user, thereby realizing flexible and effective access control. When the illegal user is revoked, the legal user does not need to update the key, thereby effectively lightening the burden of the authorization mechanism. Compared with the existing scheme, the invention not only effectively reduces the encryption and decryption calculation cost of the mobile equipment, but also has the function of revoking the user and effectively realizes the control of the access authority of the user.
The following describes a specific process of outsourcing CP-ABE decryption disclosed in this embodiment in detail. The method comprises the following steps:
s1, inputting a security parameter 1 lambda through a system establishment algorithm Setup (1 lambda), and outputting a system public key PK and a master key MK;
in specific application, the system establishes an algorithm Setup (1 lambda), the order of groups G0 and GT is set as prime number P, and G is a generator of G0. Bilinear mapping e G0 XG 0 → GT, secure hash function H: {0,1} → G0. Assume that the system has k users, and the attribute space of each user is S ═ λ 1, λ 2, …, λ n }. The trusted authority selects two random numbers α, β ∈ Zp, and then generates a system public key PK ═ { G0, GT, G, H ═ G β, e (G, G) α }, and a master key MK ═ β, G α.
S2, inputting an attribute set S, a system public key PK and a master key MK of a user through a key generation algorithm KeyGen (PK, S, MK), and outputting a private key SK of the user; fog node decryption module: and the fog node generates an LSSS access structure verification set according to the ciphertext CT and the fog node decryption key TSK, and if and only if the attribute of the user accords with the LSSS access structure, the user can correctly decrypt the LSSS access structure, and meanwhile, the generated part of ciphertext CT' is returned to the user, otherwise, the decryption fails.
A user decryption module: and obtaining a symmetric key ck and a random value gamma according to the partial ciphertext CT' and the user decryption key DSK, verifying whether the verification data E is established according to the random value gamma, and decrypting the data file m from the E ck (m) by using the symmetric key ck if the verification data E is established. Otherwise, the ciphertext data is falsified, and the decryption fails.
The mist node decryption module decrypts the ciphertext of the part related to the LSSS access structure, and the user decryption module decrypts the last small part of the ciphertext to obtain data. And finally, verifying whether the ciphertext is tampered.
The invention outsourcing most of decryption and decryption calculation to the fog node. The method is suitable for the fog computing environment because the fog computing provides a large number of fog nodes with certain computing power, and the low-delay characteristic of the fog computing greatly reduces the data transmission time between the user and the fog nodes.
The decryption module uses an Attribute-Based Encryption (ABE) -Based ciphertext access control method, and a specific access control structure is designed by using the user-related Attribute as the basis of resource authorization, so that the decryption module is suitable for a large-scale distributed network interaction environment; the CP-ABE is an attribute decryption algorithm (CP-ABE) based on a Ciphertext strategy, a private key in the algorithm is related to an attribute set, a Ciphertext is related to an access structure, and authority control of a data owner to an accessor is easier to realize; the LSSS access structure is partially hidden, fine-grained description of attributes of an accessor can be realized by the LSSS access structure, access authority is flexibly controlled, the attributes in the access structure are divided into two parts, namely attribute names and attribute values, the attribute values are embedded into a ciphertext, the attribute values in the access structure are hidden, and protection of a system on user privacy is enhanced.
And the ciphertext verification function is to add verification data obtained by XOR of the ciphertext and a hash value into the ciphertext, and then compare the value obtained by XOR of the plaintext and the hash value with the verification data when a user decrypts the plaintext to obtain the plaintext so as to verify whether the ciphertext is tampered in the transmission and outsourcing decryption processes. By using the hash function and the XOR operation, the effect of verifying the ciphertext can be achieved, and only a small influence is generated on the system efficiency.
The foregoing shows and describes the fundamental principles and principal features of the invention, namely its novel advantages. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (3)
1. A CP-ABE decryption outsource is characterized in that the outsource encryption and decryption CP-ABE method comprises the following steps:
inputting a security parameter 1 lambda through a system establishing algorithm Setup (1 lambda), and outputting a system public key PK and a master key MK;
inputting an attribute set S, a system public key PK and a master key MK of a user and outputting a private key SK of the user through a key generation algorithm KeyGen (PK, S and MK);
decrypting the file through a decryption algorithm Encrypt (PK, M, Lambda), inputting a system public key PK, a plaintext M and an access structure Lambda, and outputting a ciphertext C, wherein the decryption process of the file comprises decryption by a data owner and decryption by a decryption server, firstly, the data owner decrypts the data plaintext, then, the ciphertext is sent to the decryption server, and the decryption server decrypts the attribute of the ciphertext again;
authorizing a user to Decrypt a file through a decryption algorithm Decrypt (C, SK), inputting a user private key SK and a corresponding ciphertext C, and outputting a plaintext M if the user private key meets an access strategy of the ciphertext, wherein the decryption process of the file comprises outsourcing decryption and local user decryption, firstly, a decryption server performs attribute-based decryption to obtain CTDO, and then, the user decrypts the CTDO again to obtain a data plaintext;
when a user is revoked, the local user updates the decryption file through an Update algorithm Update (PK, C), inputs a system public key PK and a ciphertext C, and outputs an updated ciphertext C'.
2. A CP-ABE decryption outsourcing according to claim 1, wherein said system establishment algorithm Setup (1 λ) is as follows: setting the orders of the groups G0 and GT as prime number P, and G as a generator of G0; bilinear mapping e is G0 XG 0 → GT, and secure hash function H: {0,1} → G0; assume that the system has k users, and the attribute space of each user is S ═ λ 1, λ 2, …, λ n }.
3. A CP-ABE decryption outsource according to claim 1, comprising the steps of:
step 1: generating a system public parameter PK and a system master key MSK according to the security parameter 1k, the global attribute set U and the bilinear mapping, wherein the system public parameter PK is public, and the system master key MSK is stored by a private key generation center;
step 2: generating a user decryption key DSK and a fog node decryption key TSK according to the system public parameter PK, the system master key MSK and the user attribute set A, wherein the fog node decryption key TSK is sent to the fog node for outsourcing decryption, and the user decryption key DSK is sent to a user for decrypting the finally decrypted data file by the user;
and step 3: the data owner sends a part of LSSS access structure (M, rho) to the fog node, the fog node generates a part of ciphertext CT 1 according to the system public parameter PK and the part of LSSS access structure (M, rho), and meanwhile, the fog node returns the part of ciphertext CT 1 to the data owner; a data owner generates a ciphertext CT and verification data E about the attribute values of data and an LSSS access structure according to a system public parameter PK, a data file M, a symmetric key ck, the access structure (M, rho, { A rho (i) }) and a part of ciphertext CT 1, wherein A rho (i) is the attribute value of an attribute name corresponding to rho (i); the data owner uploads the ciphertext CT to a cloud storage through a fog node for storage;
and 4, step 4: the fog node generates an LSSS access structure verification set according to the ciphertext CT and a fog node decryption key TSK, correct decryption can be performed only when the attribute of the user accords with the LSSS access structure, meanwhile, a generated part of ciphertext CT' is returned to the user, and decryption fails otherwise; the user obtains a symmetric key ck and a random value gamma according to the partial ciphertext CT' and the user decryption key DSK, verifies whether the verification data E is established or not according to the random value gamma, and decrypts the data file m from E ck (m) by using the symmetric key ck if the verification data E is established; otherwise, the ciphertext data is falsified, and the decryption fails.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010513483.0A CN111698085A (en) | 2020-06-08 | 2020-06-08 | CP-ABE decryption outsourcing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010513483.0A CN111698085A (en) | 2020-06-08 | 2020-06-08 | CP-ABE decryption outsourcing |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111698085A true CN111698085A (en) | 2020-09-22 |
Family
ID=72479848
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010513483.0A Pending CN111698085A (en) | 2020-06-08 | 2020-06-08 | CP-ABE decryption outsourcing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111698085A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114205379A (en) * | 2021-11-26 | 2022-03-18 | 江苏大学 | CP-ABE outsourcing decryption result reusing method based on NDN |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20000015266U (en) * | 1998-12-31 | 2000-07-25 | 서평원 | Pseudo Noise Code Control Circuit of CDM Receiver |
| CN107359986A (en) * | 2017-07-03 | 2017-11-17 | 暨南大学 | The outsourcing encryption and decryption CP ABE methods of user revocation |
| CN108881314A (en) * | 2018-08-28 | 2018-11-23 | 南京邮电大学 | Mist calculates the method and system for realizing secret protection under environment based on CP-ABE ciphertext access control |
-
2020
- 2020-06-08 CN CN202010513483.0A patent/CN111698085A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20000015266U (en) * | 1998-12-31 | 2000-07-25 | 서평원 | Pseudo Noise Code Control Circuit of CDM Receiver |
| CN107359986A (en) * | 2017-07-03 | 2017-11-17 | 暨南大学 | The outsourcing encryption and decryption CP ABE methods of user revocation |
| CN108881314A (en) * | 2018-08-28 | 2018-11-23 | 南京邮电大学 | Mist calculates the method and system for realizing secret protection under environment based on CP-ABE ciphertext access control |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114205379A (en) * | 2021-11-26 | 2022-03-18 | 江苏大学 | CP-ABE outsourcing decryption result reusing method based on NDN |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111191288B (en) | Block chain data access right control method based on proxy re-encryption | |
| CN108881314B (en) | Privacy protection method and system based on CP-ABE ciphertext under fog computing environment | |
| CN110099043B (en) | Multi-authorization-center access control method supporting policy hiding and cloud storage system | |
| Zhao et al. | Trusted data sharing over untrusted cloud storage providers | |
| Tong et al. | Cloud-assisted mobile-access of health data with privacy and auditability | |
| Zhou et al. | TR-MABE: White-box traceable and revocable multi-authority attribute-based encryption and its applications to multi-level privacy-preserving e-healthcare cloud computing systems | |
| Moffat et al. | A survey on ciphertext-policy attribute-based encryption (CP-ABE) approaches to data security on mobile devices and its application to IoT | |
| CN114039790B (en) | Fine-grained cloud storage security access control method based on blockchain | |
| CN107359986A (en) | The outsourcing encryption and decryption CP ABE methods of user revocation | |
| Dai et al. | A PKI-based mechanism for secure and efficient access to outsourced data | |
| EP2359524A2 (en) | Method and apparatus for pseudonym generation and authentication | |
| Kaaniche et al. | ID based cryptography for cloud data storage | |
| Wang et al. | A pre-authentication approach to proxy re-encryption in big data context | |
| CN112187798A (en) | Bidirectional access control method and system applied to cloud-side data sharing | |
| CN109617855B (en) | File sharing method, device, equipment and medium based on CP-ABE layered access control | |
| Sethia et al. | CP-ABE for selective access with scalable revocation: A case study for mobile-based healthfolder. | |
| Saha et al. | A cloud security framework for a data centric WSN application | |
| Liu et al. | A blockchain-based secure cloud files sharing scheme with fine-grained access control | |
| Chaudhary et al. | RMA-CPABE: A multi-authority CPABE scheme with reduced ciphertext size for IoT devices | |
| Takabi | Privacy aware access control for data sharing in cloud computing environments | |
| Song et al. | A practical group key management algorithm for cloud data sharing with dynamic group | |
| Wang et al. | Enabling privacy and leakage resistance for dynamic blockchain-based access control systems | |
| CN113055164A (en) | Cipher text strategy attribute encryption algorithm based on state cipher | |
| CN111698085A (en) | CP-ABE decryption outsourcing | |
| Kaaniche et al. | Id-based user-centric data usage auditing scheme for distributed environments |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20200922 |