CN112564903B - Decentering access control method for data security sharing in smart power grid - Google Patents

Decentering access control method for data security sharing in smart power grid Download PDF

Info

Publication number
CN112564903B
CN112564903B CN202011445331.8A CN202011445331A CN112564903B CN 112564903 B CN112564903 B CN 112564903B CN 202011445331 A CN202011445331 A CN 202011445331A CN 112564903 B CN112564903 B CN 112564903B
Authority
CN
China
Prior art keywords
user
cloud server
private key
identity
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011445331.8A
Other languages
Chinese (zh)
Other versions
CN112564903A (en
Inventor
张乐友
叶亚迪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN202011445331.8A priority Critical patent/CN112564903B/en
Publication of CN112564903A publication Critical patent/CN112564903A/en
Application granted granted Critical
Publication of CN112564903B publication Critical patent/CN112564903B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs

Abstract

The invention discloses a depocenter access control method for safely sharing data in a smart power grid. The method mainly comprises the following implementation steps: 1. constructing an access control system; 2. initializing an access control system, and generating a global public parameter GP of the system; 3. initializing an authorization mechanism; 4. generating a user key; 5. generating a private key, a public signature key and a private signature key of the cloud server; 6. generating a final ciphertext; 7. verifying the user identity and decrypting the message; 8. and deleting the user to be revoked in the private key list of the cloud server. The method adopts a plurality of mechanisms to share the tasks of the system, improves the efficiency of the system, gives a large amount of encryption and decryption calculation to the cloud server, saves the calculation overhead of data users, and increases zero-knowledge proof to protect the identity information of the users in the interaction process of the users and a plurality of authorization mechanisms.

Description

Decentering access control method for data security sharing in smart power grid
Technical Field
The invention belongs to the technical field of cloud storage safety and information safety, and particularly relates to a depocenter access control method for data safety sharing in a smart power grid.
Background
With the development of science and technology, the smart power grid comes into operation. The system can meet the power demand and can use the information network to integrate power. The difference between the smart grid and the traditional grid is that the form of unidirectional information exchange is broken through, and bidirectional information exchange between a user and a power company is realized. The realization of the bidirectional information exchange enables a power supply company to generate power in real time according to the requirements of users, and also enables the users to collect and analyze the power consumption data of the residential buildings in real time according to intelligent equipment. The smart grid is divided into power flow and information flow, and the transformer substation distributes the power flow and the information flow to household appliances for use after power generation.
The general structure of the smart grid comprises six parts: batch power generation, power transmission, power distribution, users, control centers and markets. The control center is the core of the intelligent power grid and collects the power consumption of users through the intelligent electric meters. This collected data may help the market distribute power efficiently. It should be noted that data regarding the amount of power consumed by a user has market value because it can predict future power usage scenarios. The smart grid is based on an interaction process on the cloud, and information such as power generation, power distribution, power transmission and power utilization is sent to the cloud server, so that the risk of privacy disclosure can be caused. So the privacy and security of the user requires our attention.
Since 2012 the smart grid added with attribute-based access control to protect the privacy of the electricity users, a large number of related schemes were proposed, but the application of the schemes to the smart grid faces three problems:
(1) the pressure of the authority is high, and the authority is high. Because the attributes are managed and private keys are generated by a single authority in the system, this can result in excessive authority rights, too heavy a burden to manage all the attributes of the system and generate the corresponding private keys, and the private keys of the user can be compromised if the center is not trusted.
(2) And (4) revealing of user privacy. The risk that user's privacy was revealed has two aspects, and first, the user need give the center to own identity information with the in-process of center interaction, and this probably leads to revealing of user's privacy, and second, in the user and the cloud server interaction process, the user need give out own identity information and download the ciphertext on the cloud server, because the cloud server is semi-credible, so the problem of revealing also can exist in user's privacy.
(3) The calculation efficiency is low. There are a large number of pairing operations and exponent operations in ABE, which results in a linear increase in the amount of computation consumed by the user in the encryption and decryption stages as the number of attributes increases. How to solve the three problems is the key to applying the data security sharing to the smart grid.
Disclosure of Invention
The invention provides a decentralization access control method for safely sharing data in an intelligent power grid, which aims to solve the problems that the single center management burden is heavy, a user private key is easy to leak and the calculation efficiency is low in the existing intelligent power grid access control.
The specific technical scheme of the invention is as follows:
the invention provides a depocenter access control method for safely sharing data in a smart power grid, which comprises the following steps:
step 1: building an access control system
The access control system comprises a plurality of authorization mechanisms, an identity management center, an RTU and a cloud server;
the authorization mechanism is responsible for generating an authorization mechanism private key, an authorization mechanism public key, a signature private key and a cloud server private key and sending the cloud server private key to the cloud server;
the identity management center is a credible organization and is responsible for managing the identity of the user and generating a corresponding identity id for the user;
the RTU is used for encrypting a plaintext to generate a ciphertext and uploading the ciphertext to the cloud server, and the cloud server is responsible for storing the ciphertext and partially decrypting the ciphertext;
step 2: initializing an access control system, and generating a global public parameter GP of the system;
and step 3: initializing an authorization mechanism; each authority generates an authority public key PK using the global public parametersθAnd an authority private key SKθ
And 4, step 4: generating a user key; user public key UPK generated by user using global public parameteridAnd a user private key USK;
and 5: generating a private key, a public signature key and a private signature key of the cloud server;
step 5.1: the user asking any authority AAθIs authorized to construct a public key PKθThe zero-knowledge proof protocol is used for identity verification, and the identity of the user is ensured not to be revealed;
if the user identity authentication is passed, executing the step 5.2;
step 5.2: the cloud server utilizes global public parameter GP and authority private key SKθPublic key of user UPKidGenerating a cloud server private key CSK by using the identity certificate of the user and the attribute set of the userid,SGenerating a signature public key and a signature private key by using the global public parameter and a public key of an authorization mechanism;
step 6: generating a final ciphertext;
firstly, an RTU generates a secret number and defines an encryption strategy and a signature strategy; then the secret number and the encryption strategy are sent to a cloud server, the cloud server uses the secret number, the encryption strategy and a public key of an authority to generate a part of ciphertext and sends the part of ciphertext to an RTU; finally, the RTU generates a final ciphertext by using a plaintext, a partial ciphertext generated by the cloud server and a signature strategy;
and 7: verifying the user identity and decrypting the message;
the cloud server verifies the identity of the user by using the identity certificate and the signature public key of the user, if the identity verification of the user passes, the cloud server decrypts part of the ciphertext by using the private key of the cloud server and sends the decrypted part of the ciphertext to the user, the user finally decrypts the part of the ciphertext by using the user private key USK to recover a plaintext, if the identity of the user does not pass the verification, the user is not a legal identity, the decryption fails, and the step 8 is skipped;
and 8: revoking the user; and deleting the user to be revoked in the private key list of the cloud server.
Further, the generation process of the global common parameter GP in step 2 is specifically:
step 2.1: setting a security parameter lambda of an access control system; multiplication cyclic groups G and G with prime order p in the cyclic domainT
Step 2.2: randomly selecting generator G, G from multiplication cyclic group G1,g2,y0,{yi}i∈[1,l]And then five collusion-resistant hash functions H, H are selected from the multiplication loop group G1,H2,H3,F:
Wherein, H:
Figure BDA0002824288460000041
H1:{0,1}*→{0,1}l;H2:
Figure BDA0002824288460000042
H3:
Figure BDA0002824288460000043
F:U→G;
Figure BDA0002824288460000044
a set of remainders representing modulo p;
step 2.3: according to step 2.1 and step 2.2 the common parameter of the generation system is GP ═ p, g1,y0,{yi}i∈[1,l],H,H1,H2,H3,F,U,Uθ,T,G,GT,e};
T:U→UθRepresenting authority U mapping attribute i e U to management attribute iθ(ii) a i represents an attribute of the user, U represents a set of attributes of the user, UθRepresenting a set of attributes managed by an authority; e is a bilinear map satisfying e: G × G → GT
Further, the public key PK of the authority in step 3θAnd an authority private key SKθThe generation process comprises the following steps:
each authority AAθ(θ∈Uθ) Selecting random numbers
Figure BDA0002824288460000051
And calculates the authority AAθPublic key
Figure BDA0002824288460000052
And a private key SKθ={αθ,yθ}。
Further, the user public key UPK of the step 4 isidThe generation process of the user private key USK specifically comprises the following steps:
step 4.1: the user is at an authority AAθRegistering in the identity management center to obtain an identity certificate cert (id), wherein the id represents the identity of the user;
step 4.2: user random selection
Figure BDA0002824288460000053
And calculates the user public key
Figure BDA0002824288460000054
And a user private key
Figure BDA0002824288460000055
The user private key is kept secret by the user.
Further, the specific process of generating the cloud server private key, the signature public key and the signature private key in the step 5.2 is as follows:
cloud server private key generation: use authority AAθPrivate key SKθGlobal common parameter GP, user public key UPKidThe user identity certificate cert (id) and the user attribute set U generate a cloud server private key CSKid,S={Ki,id,K'i,id}i∈U
Figure BDA0002824288460000056
Figure BDA0002824288460000057
Generating a signature public key and a signature private key: authorization institution AAθRandom selection
Figure BDA0002824288460000058
Generating a public signature key
Figure BDA0002824288460000059
Authorization institution AAθRandom selection
Figure BDA00028242884600000510
And calculates the signature private key
Figure BDA00028242884600000511
Further, the specific process of generating the final ciphertext in the step 6 is as follows:
step 6.1: generating a secret number and defining an encryption strategy and a signature strategy;
first, RTU random selection
Figure BDA0002824288460000061
Calculating a secret number s2The specific calculation formula is as follows:
s2=(s-s1)modp,
the RTU then defines an encryption policy We=(Mee) And signature policySlightly Ws=(Mss) And then s is2And an encryption policy WeSending the data to a cloud server; wherein M ise,MsMatrices, rho, of l × nesRespectively representing indexes for mapping any row of the matrix l × n to any attribute;
step 6.2: the cloud server generates a part of cipher text and sends the cipher text to the RTU;
cloud server selection s2,y2,…,yn,
Figure BDA0002824288460000062
Setting two column vectors
Figure BDA0002824288460000063
Parallel order vector
Figure BDA0002824288460000064
Computing shared shares of secret values
Figure BDA0002824288460000065
Then randomly select r1,r2,…,rn,
Figure BDA0002824288460000066
Computing partial ciphertext CT1
Figure BDA0002824288460000067
Figure BDA0002824288460000068
And to encrypt part of the ciphertext
Figure BDA0002824288460000069
Sending the data to an RTU;
step 6.3: the RTU generates a final ciphertext;
firstly, for plaintext M to be encrypted, RTU randomly selectsSelecting
Figure BDA00028242884600000610
Generating vectors
Figure BDA00028242884600000611
And calculate
Figure BDA00028242884600000612
Then, RTU randomly chooses a1,a2,…,an∈ZpCalculating
C0=Me(g,g)s
Figure BDA00028242884600000615
μ=Η1(C′),
Figure BDA00028242884600000614
{S′j=aj-a′j}j∈[1,n],H2(We,Ws,C0,C′,C″,C″′)=β,
Figure BDA0002824288460000071
Figure BDA0002824288460000072
The final ciphertext obtained is:
Figure BDA0002824288460000073
further, the specific process of step 7 is as follows:
step 7.1: verifying the identity of the user;
the user submits its own identity certificate cert (id) to the cloud server, which verifies it by the following equation:
Figure BDA0002824288460000074
here, the
Figure BDA0002824288460000075
If the verification is successful, the cloud server selects cx∈ZpAnd satisfy
Figure BDA0002824288460000076
Figure BDA0002824288460000077
And calculate
Figure BDA0002824288460000078
Figure BDA0002824288460000079
After the calculation is finished, partial ciphertext CT is returnedid=(C0,C1,id,C2,id) Giving the user;
if the verification fails, the user cannot obtain the ciphertext;
step 7.2: decrypting by the user;
the user utilizes his private key
Figure BDA00028242884600000710
Decrypting part of the ciphertext to obtain plaintext M:
Figure BDA00028242884600000711
further, when the user is revoked in the step 8, the method includes inputting an identity certificate cert (id) of the user, a private key list KT of the cloud server, and finding { cert (id) and CSK stored in the KTid,SAnd deleting the list, and finally obtaining an updated list KT (KT) ═ KT \ cert (id) and CSK (CSK)id,S}。
The invention has the beneficial effects that:
1. the invention realizes the hiding of the user identity information, on one hand, when the user inquires the private key from the center, the zero-knowledge proof protocol is used to enable the center to generate the corresponding private key for the user on the premise of not knowing the legal user identity information, on the other hand, in the interaction process of the cloud server and the user, the user presents the identity certificate to the cloud server, wherein the identity certificate is generated by a credible identity management center, and the identity certificate is the blinding processing of the user identity, so the identity information of the user can not be exposed.
2. The method and the system realize the authentication of the user, the user wants to download the ciphertext from the cloud server in the interaction process of the user and the cloud server needs to authenticate the validity of the identity of the user, if the authentication is successful, the cloud server decrypts the ciphertext part and sends the ciphertext part to the user, and if the authentication is failed, the cloud server does not send any effective information to the user.
3. According to the invention, outsourcing encryption and outsourcing decryption are respectively added in the signcryption stage and the signcryption release stage, so that the calculation overhead of a user and the calculation efficiency of a system are saved, a large amount of encryption and decryption calculation is given to the cloud server for carrying out, and in the signcryption release stage, the decryption stage of the user only needs one exponential operation and one bilinear pair operation regardless of the number of attributes or the complexity of an access strategy.
4. The invention adds revocation. When the user is revoked, the identity certificate and the cloud server private key of the user in the cloud private key list are deleted, so that even if the property set of the revoked user meets the access policy, the user cannot obtain the plaintext message, and because the identity of the user cannot be successfully verified on the cloud server, the ciphertext cannot be downloaded in the cloud server, and the security is further improved.
5. The invention realizes that a plurality of authorization agencies jointly manage the attributes in the system and generate the corresponding private keys. Compared with the prior art that the authority of a single authorization mechanism is too large and the burden is too heavy, a plurality of mechanisms share the tasks of the system, and the efficiency of the system is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a block diagram of an access control system
FIG. 2 is a flow chart of the operation of the present invention;
fig. 3 is a flow chart of the operation of verifying the identity of a user and decrypting a message.
Detailed Description
The related art in the present invention will be described clearly and completely with reference to the accompanying drawings in the following embodiments, and it is to be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment provides a decentering access control method for data security sharing in a smart grid, and now, with reference to fig. 1 to 3, the specific implementation of the access control method is described as follows:
step 1: building an access control system
As shown in fig. 1, the access control system includes a plurality of authorities AA, an identity management center (IC), an RTU and a Cloud server (Cloud);
each authority manages its own attribute range, and is responsible for generating an attribute private key, a signature private key, a cloud server private key and their public keys and sending the cloud server private key to the cloud server, it should be noted that in this embodiment, at least one authority is specified to be trusted;
the identity management center is a credible organization and is responsible for managing the identity of the user and generating a corresponding identity id for the user;
the RTU is a data owner that can send data to trusted entities of the cloud server through outsourcing. He defines two policies: an encryption policy and a signature policy, and then sign the plaintext using both policies. And sending the signed message to the cloud server.
The cloud server is responsible for storing signcryption data from the RTU and can verify the identity of the user. That is, when a user wants to download a ciphertext from a cloud server, he first goes through authentication by the cloud server, and if the authentication succeeds, the cloud server decrypts a portion of the ciphertext using a private key obtained from the center and sends it to the user, and if the authentication fails, the user does not obtain any data from the cloud server. The cloud server in this embodiment is curious but honest, i.e. it can perform tasks honestly and efficiently, but will also try to learn as much information as possible, such as the ciphertext.
The user has a set of attributes and a unique identity certificate in the system, and generates a user private key and a corresponding public key for the user. The user may download the ciphertext on the cloud server and un-sign it.
And 2, step: initializing an access control system, and generating a global public parameter GP of the system;
step 2.1: setting a security parameter lambda of an access control system; the security parameter is used as the input length of the public key cryptosystem, and the system is safer when the security parameter is larger. Multiplication cyclic groups G and G with prime order p in the cyclic domainT(ii) a The circular domain comes from the near-world algebra, and most public key cryptographic algorithms are calculated in a limited domain;
step 2.2: randomly selecting generator G, G from multiplication cyclic group G1,g2,y0,{yi}i∈[1,l]And then five collusion-resistant hash functions H, H are selected from the multiplication loop group G1,H2,H3,F:
Wherein, H:
Figure BDA0002824288460000111
H1:{0,1}*→{0,1}l,H2:
Figure BDA0002824288460000112
H3:
Figure BDA0002824288460000113
Figure BDA0002824288460000114
F:U→G。
Figure BDA0002824288460000115
representing a remainder set modulo p;
step 2.3: the common parameter of the generation system according to step 1.1 and step 1.2 is GP ═ p, g1,y0,{yi}i∈[1,l],H,H1,H2,H3,F,U,Uθ,T,G,GT,e};
T:U→UθRepresenting the mapping of an attribute i ∈ U to U managing the attribute iθ(ii) a i represents the user's attributes, U represents the user's set of attributes, UθRepresenting a collection of attributes managed by an authority.
e is a bilinear map satisfying e: GXG → GT
And step 3: initializing an authorization mechanism; each authority generates an authority public key PK using the global public parametersθAnd an authority private key SKθ
Each authority AAθ(θ∈Uθ) Selecting random numbers
Figure BDA0002824288460000116
And calculates the authority AAθPublic key
Figure BDA0002824288460000117
And a private key SKθ={αθ,yθ}。
And 4, step 4: generating a user key; user public key UPK generated by user using global public parameteridAnd a user private key USK;
step 4.1: the user being at an authority AAθRegistering in the identity management center to obtain an identity certificate cert (id), wherein the id represents the identity of the user;
step 4.2: user random selection
Figure BDA0002824288460000118
And calculates the user public key
Figure BDA0002824288460000119
And a user private key
Figure BDA00028242884600001110
The private key of the user is kept secret by the user;
and 5: generating a private key and a signature private key of the cloud server;
step 5.1: the user asking any authority AAθIs authorized to construct a public key PKθThe zero-knowledge proof protocol is used for identity verification, and the identity of the user is ensured not to be revealed;
if the user identity authentication is passed, executing the step 5.2;
among them, Zero-Knowledge Proof protocol (Zero-Knowledge Proof) was proposed by s.goldwasser, s.micali and c.rackoff in the beginning of the 80 th 20 th century. It means that the prover can convince the verifier that some assertion is correct without providing the verifier with any useful information. Zero knowledge proof is essentially an agreement involving two or more parties, i.e., a series of steps that are required by two or more parties to complete a task. The prover proves to the verifier and convinces him that he knows or owns a certain message, but the proving process cannot reveal any information about the proven message to the verifier.
Step 5.2: the cloud server utilizes global public parameter GP and authority private key SKθPublic key of user UPKidGenerating a cloud server private key CSK by using the identity certificate of the user and the attribute set of the userid,SGenerating a public signature key and a private signature key using the global public parameters and the public key of the authority;
Generating a private key of the cloud server: use authority AAθPrivate key SKθGlobal common parameter GP, user public key UPKidThe user identity certificate cert (id) and the user attribute set U generate a cloud server private key CSKid,S={Ki,id,K′i,id}i∈U
Figure BDA0002824288460000121
Figure BDA0002824288460000122
Generating a signature private key: authorization institution AAθRandom selection
Figure BDA0002824288460000123
Generating a public signature key
Figure BDA0002824288460000124
Authorization institution AAθRandom selection
Figure BDA0002824288460000125
And calculates the signature private key
Figure BDA0002824288460000131
Step 6: generating a final ciphertext;
firstly, an RTU generates a secret number and defines an encryption strategy and a signature strategy; then sending the secret number and the encryption strategy to a cloud server, using the secret number, the encryption strategy and an authority public key by the cloud server to generate a part of ciphertext and sending the part of ciphertext to an RTU (remote terminal Unit), and finally using a plaintext, the part of ciphertext and a signature strategy by the RTU to generate a final ciphertext;
step 6.1: generating a secret number and defining an encryption strategy and a signature strategy;
first, RTU random selection
Figure BDA0002824288460000132
Calculating a secret number s2Tool for measuringThe volume calculation formula is:
s2=(s-s1)modp,
the RTU then defines an encryption policy We=(Mee) And a signature policy Ws=(Mss) And encrypt the strategy WeSending the data to a cloud server; wherein M ise,MsMatrices, rho, of l × nesRespectively representing indexes for mapping any row of the matrix l × n to any attribute;
step 6.2: the cloud server generates a part of ciphertext and sends the part of ciphertext to the RTU;
cloud server selection s2,y2,…,yn,
Figure BDA0002824288460000133
Setting two column vectors
Figure BDA0002824288460000134
Parallel order vector
Figure BDA0002824288460000135
Computing shared shares of secret values
Figure BDA0002824288460000136
Then randomly select r1,r2,…,rn,
Figure BDA0002824288460000137
Computing partial ciphertext CT1
Figure BDA0002824288460000138
Figure BDA0002824288460000139
And to encrypt part of the ciphertext
Figure BDA00028242884600001310
Sending the data to an RTU;
step 6.3: the RTU generates a final ciphertext;
first, for a plaintext M to be encrypted, the RTU randomly selects
Figure BDA0002824288460000141
Generating vectors
Figure BDA0002824288460000142
And calculate
Figure BDA0002824288460000143
Then, RTU randomly selects a1,a2,…,an∈ZpCalculating
C0=Me(g,g)s
Figure BDA00028242884600001411
μ=Η1(C′),
Figure BDA0002824288460000145
{S′j=aj-aj}j∈[1,n],H2(We,Ws,C0,C′,C″,C″′)=β,
Figure BDA0002824288460000146
Figure BDA0002824288460000147
The final ciphertext obtained is:
Figure BDA0002824288460000148
and 7: verifying the user identity and decrypting the message;
the cloud server verifies the identity of the user by using the identity certificate and the signature public key of the user, if the identity verification of the user passes, the cloud server decrypts part of the ciphertext by using the private key of the cloud server and sends the decrypted part of the ciphertext to the user, the user finally decrypts the part of the ciphertext by using the user private key USK to recover a plaintext, if the identity of the user does not pass the verification, the user is not a legal identity, the decryption fails, and the step 8 is skipped;
step 7.1: verifying the identity of the user;
the user submits its own identity certificate cert (id) to the cloud server, which verifies it by the following equation:
Figure BDA0002824288460000149
here, the
Figure BDA00028242884600001410
If the verification is successful, the cloud server selects cx∈ZpAnd satisfy
Figure BDA0002824288460000151
Figure BDA0002824288460000152
And calculate
Figure BDA0002824288460000153
Figure BDA0002824288460000154
After the calculation is finished, partial ciphertext CT is returnedid=(C0,C1,id,C2,id) Giving the user;
if the verification fails, the user cannot obtain the ciphertext;
step 7.2: decrypting by the user;
the user utilizes his private key
Figure BDA0002824288460000155
Decrypting the ciphertext to obtain a plaintext message M:
Figure BDA0002824288460000156
step 8, canceling invalid users; and deleting the user to be revoked in the cloud private key list.
The revocation of the user comprises the steps of inputting an identity certificate cert (id) of the user, finding a private key list KT of a cloud server, and finding a cert (id) and a CSK stored in the KTid,SAnd deleting the list, and finally obtaining an updated list KT (KT) ═ KT \ cert (id) and CSK (CSK)id,S}。
In conclusion, the method of the invention uses the attribute base signature to show the confidentiality and the unforgeability of the ciphertext; adding zero knowledge proof to protect the identity information of the user during the interaction of the user with a plurality of authorities; an outsourcing encryption algorithm and an outsourcing decryption algorithm are added, the calculation overhead of a data user is saved, and a large amount of encryption and decryption calculation is handed to a third party (a cloud server); and verifying the user to ensure the legal identity of the user in the interaction process of the user and the cloud server, wherein the verification can be executed by any cloud server. The scheme of the invention greatly improves the encryption and decryption efficiency, the confidentiality of the identity information and the access control flexibility on the basis of protecting the privacy, so that the practicability of the scheme of the invention is stronger. Therefore, the invention overcomes the defects of the prior art and has good application prospect.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (4)

1. A de-centering access control method for data security sharing in a smart grid is characterized by comprising the following steps:
step 1: building an access control system
The access control system comprises a plurality of authorization mechanisms, an identity management center, an RTU and a cloud server;
the authorization mechanism is responsible for generating an authorization mechanism private key, an authorization mechanism public key, a signature private key and a cloud server private key and sending the cloud server private key to the cloud server;
the identity management center is a credible mechanism and is responsible for managing the identity of the user and generating a corresponding identity id for the user;
the RTU is used for encrypting a plaintext to generate a ciphertext and uploading the ciphertext to the cloud server, and the cloud server is responsible for storing the ciphertext and partially decrypting the ciphertext;
step 2: initializing an access control system, and generating a global public parameter GP of the system;
the generation process of the global common parameter GP specifically includes:
step 2.1: setting a security parameter lambda of an access control system; multiplication cyclic groups G and G with prime order p in the cyclic domainT
Step 2.2: randomly selecting generator G, G from multiplication cyclic group G1,g2,y0,{yi}i∈[1,l]And then five collusion-resistant hash functions H, H are selected from the multiplication loop group G1,H2,H3,F:
Wherein, H:
Figure FDA0003526895610000011
H1:{0,1}*→{0,1}l;H2:
Figure FDA0003526895610000012
H3:
Figure FDA0003526895610000013
F:U→G;
Figure FDA0003526895610000014
denotes the modulus pA remainder set of (d);
step 2.3: the common parameter of the generation system according to step 2.1 and step 2.2 is GP ═ p, g1,y0,{yi}i∈[1,l],H,H1,H2,H3,F,U,Uθ,T,G,GT,e};
T:U→UθRepresenting the mapping of an attribute i ∈ U to U managing the attribute iθ(ii) a i represents an attribute of a user, U represents a set of attributes of a user, UθRepresenting a set of attributes managed by an authority; e is a bilinear map satisfying e: G × G → GT
And step 3: initializing an authorization mechanism; each authority generates an authority public key PK using the global public parametersθAnd an authority private key SKθ
Public key PK of authorityθAnd an authority private key SKθThe generation process comprises the following steps:
each authority AAθ(θ∈Uθ) Selecting random numbers
Figure FDA0003526895610000021
And calculates the authority AAθPublic key
Figure FDA0003526895610000022
And a private key SKθ={αθ,yθ};
And 4, step 4: generating a user key; user public key UPK generated by user using global public parameteridAnd a user private key USK;
and 5: generating a private key, a public signature key and a private signature key of the cloud server;
step 5.1: the user asking any authority AAθIs authorized to construct a public key PKθThe zero-knowledge proof protocol is used for identity verification and the identity of the user is ensured not to be revealed;
if the user identity authentication is passed, executing step 5.2;
step 5.2: the cloud server utilizes the global public parameter GP to authorize the agency privateKey SKθPublic key of user UPKidGenerating a cloud server private key CSK by using the identity certificate of the user and the attribute set of the userid,SGenerating a public signature key and a private signature key by using the global public parameter and a public key of an authority;
the specific process of generating the private key, the signature public key and the signature private key of the cloud server comprises the following steps:
cloud server private key generation: use authority AAθPrivate key SKθGlobal common parameter GP, user public key UPKidThe user identity certificate cert (id) and the user attribute set U generate a cloud server private key CSKid,S={Ki,id,K'i,id}i∈U
Figure FDA0003526895610000023
Figure FDA00035268956100000314
Generating a signature public key and a signature private key: authorization institution AAθRandom selection
Figure FDA0003526895610000031
Generating a public signature key
Figure FDA0003526895610000032
Authorization institution AAθRandom selection
Figure FDA0003526895610000033
And calculates the signature private key
Figure FDA0003526895610000034
Step 6: generating a final ciphertext;
firstly, an RTU generates a secret number and defines an encryption strategy and a signature strategy, and the specific process of the step is as follows:
RTU random selection
Figure FDA0003526895610000035
Calculating a secret number s2The specific calculation formula is as follows:
s2=(s-s1)mod p,
RTU-defined encryption policy We=(Mee) And a signature policy Ws=(Mss) And will encrypt the strategy WeSending the data to a cloud server; wherein M ise,MsMatrices, rho, of l × nesRespectively representing indexes for mapping any row of the matrix l × n to any attribute;
and then sending the secret number and the encryption strategy to a cloud server, wherein the cloud server generates a part of ciphertext by using the secret number, the encryption strategy and the public key of the authority and sends the part of ciphertext to the RTU, and the specific process of the step is as follows:
cloud server selection
Figure FDA0003526895610000036
Setting two column vectors
Figure FDA0003526895610000037
Parallel order vector
Figure FDA0003526895610000038
Computing shared shares of secret values
Figure FDA0003526895610000039
Then randomly select
Figure FDA00035268956100000310
Computing partial ciphertext CT1
Figure FDA00035268956100000311
Figure FDA00035268956100000312
And to encrypt part of the ciphertext
Figure FDA00035268956100000313
Sending the data to an RTU;
and finally, the RTU generates a final ciphertext by using the plaintext, a part of ciphertext generated by the cloud server and a signature strategy, and the specific process of the step is as follows:
first, for a plaintext M to be encrypted, the RTU randomly selects
Figure FDA0003526895610000041
Generating vectors
Figure FDA0003526895610000042
And calculate
Figure FDA0003526895610000043
Then, RTU randomly selects a1,a2,…,an∈ZpCalculating
Figure FDA0003526895610000044
{S′j=aj-a′j}j∈[1,n],H2(We,Ws,C0,C′,C″,C″′)=β,
Figure FDA0003526895610000045
Figure FDA0003526895610000046
The final ciphertext obtained is:
Figure FDA0003526895610000047
and 7: verifying the user identity and decrypting the message;
the cloud server verifies the identity of the user by using the identity certificate and the signature public key of the user, if the identity verification of the user passes, the cloud server decrypts part of the ciphertext by using the private key of the cloud server and sends the decrypted part of the ciphertext to the user, the user finally decrypts the part of the ciphertext by using the user private key USK to recover a plaintext, if the identity of the user does not pass the verification, the user is not a legal identity, the decryption fails, and the step 8 is skipped;
the specific process of verifying the user identity comprises the following steps:
the user submits its own identity certificate cert (id) to the cloud server, which verifies it by the following equation:
Figure FDA0003526895610000051
here, the
Figure FDA0003526895610000052
If the verification is successful, the cloud server selects cx∈ZpAnd satisfy
Figure FDA0003526895610000053
Figure FDA0003526895610000054
And calculate
Figure FDA0003526895610000055
Figure FDA0003526895610000056
After the calculation is finished, partial ciphertext CT is returnedid=(C0,C1,id,C2,id) Giving the user;
if the verification fails, the user cannot obtain the ciphertext;
the specific process of user decryption is as follows:
the user utilizes his private key
Figure FDA0003526895610000057
Decrypting part of the ciphertext to obtain plaintext M:
Figure FDA0003526895610000058
and 8: revoking the user; and deleting the user to be revoked in the private key list of the cloud server.
2. The decentralized access control method for secure sharing of data in a smart grid according to claim 1, wherein the public key PK of the authority in step 3θAnd an authority private key SKθThe generation process comprises the following steps:
each authority AAθ(θ∈Uθ) Selecting random numbers
Figure FDA0003526895610000059
And calculates the authority AAθPublic key
Figure FDA00035268956100000510
And a private key SKθ={αθ,yθ}。
3. The decentralized access control method for secure sharing of data in smart grid according to claim 1, wherein the user public key UPK of step 4idThe generation process of the user private key USK specifically comprises the following steps:
step (ii) of4.1: the user is at an authority AAθRegistering in the identity management center to obtain an identity certificate cert (id), wherein the id represents the identity of the user;
step 4.2: user random selection
Figure FDA0003526895610000061
And calculates the user public key
Figure FDA0003526895610000062
And a user private key
Figure FDA0003526895610000063
The user private key is kept secret by the user.
4. The decentralized access control method for the secure sharing of data in the smart grid according to claim 1, wherein: the revocation of the user comprises the steps of inputting an identity certificate cert (id) of the user, finding a private key list KT of a cloud server, and finding a cert (id) and a CSK stored in the KTid,SAnd deleting the list, and finally obtaining an updated list KT (KT) ═ KT \ cert (id) and CSK (CSK)id,S}。
CN202011445331.8A 2020-12-08 2020-12-08 Decentering access control method for data security sharing in smart power grid Active CN112564903B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011445331.8A CN112564903B (en) 2020-12-08 2020-12-08 Decentering access control method for data security sharing in smart power grid

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011445331.8A CN112564903B (en) 2020-12-08 2020-12-08 Decentering access control method for data security sharing in smart power grid

Publications (2)

Publication Number Publication Date
CN112564903A CN112564903A (en) 2021-03-26
CN112564903B true CN112564903B (en) 2022-06-14

Family

ID=75062866

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011445331.8A Active CN112564903B (en) 2020-12-08 2020-12-08 Decentering access control method for data security sharing in smart power grid

Country Status (1)

Country Link
CN (1) CN112564903B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114244501A (en) * 2021-11-16 2022-03-25 上海应用技术大学 Power data privacy protection system and implementation method thereof, and encryption attribute revocation method
CN114185993B (en) * 2021-12-21 2023-02-03 北京理工大学 Auditable data sharing method based on block chain
CN114301651B (en) * 2021-12-22 2023-07-21 河南大学 Yellow river dam bank monitoring data sharing method based on CP-ABE
CN115189903B (en) * 2022-02-22 2023-09-15 西安电子科技大学 Distributed access control method supporting privacy protection in Internet of vehicles
CN114598717A (en) * 2022-04-08 2022-06-07 徐洪记 Distributed cloud storage data access method and data service system
CN115296809B (en) * 2022-10-08 2023-02-24 晨越建设项目管理集团股份有限公司 Data transmission method of intelligent engineering construction information system supporting asynchronous decryption at two ends

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108810004A (en) * 2018-06-22 2018-11-13 西安电子科技大学 More authorization center access control methods, cloud storage system can be revoked based on agency

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108390876B (en) * 2018-02-13 2021-12-14 西安电子科技大学 Multi-authorization-center access control method capable of supporting outsourcing revocation and verification and cloud server
CN110099043B (en) * 2019-03-24 2021-09-17 西安电子科技大学 Multi-authorization-center access control method supporting policy hiding and cloud storage system
CN110602063A (en) * 2019-08-27 2019-12-20 西安电子科技大学 Multi-authorization-center access control method and system and cloud storage system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108810004A (en) * 2018-06-22 2018-11-13 西安电子科技大学 More authorization center access control methods, cloud storage system can be revoked based on agency

Also Published As

Publication number Publication date
CN112564903A (en) 2021-03-26

Similar Documents

Publication Publication Date Title
CN112564903B (en) Decentering access control method for data security sharing in smart power grid
CN108234501A (en) A kind of virtual plant safety communicating method based on quantum key fusion
CN106341232B (en) A kind of anonymous entity discrimination method based on password
CN110933033B (en) Cross-domain access control method for multiple Internet of things domains in smart city environment
CN104168114A (en) Distributed type (k, n) threshold certificate-based encrypting method and system
CN101488853A (en) Cross-certification method based on seed key management
CN105790941A (en) Identity-based combined key generation and authentication method with field partition
Ming et al. Efficient revocable multi-authority attribute-based encryption for cloud storage
CN113708917B (en) APP user data access control system and method based on attribute encryption
CN108712259A (en) Identity-based acts on behalf of the efficient auditing method of cloud storage for uploading data
Ye et al. Secure decentralized access control policy for data sharing in smart grid
CN114124371A (en) Certificateless public key searchable encryption method meeting MTP (Multi-time programmable) security
CN113098681B (en) Port order enhanced and updatable blinded key management method in cloud storage
CN111756722B (en) Multi-authorization attribute-based encryption method and system without key escrow
Zhang et al. Secure and privacy-preserving attribute-based sharing framework in vehicles ad hoc networks
CN116599659B (en) Certificate-free identity authentication and key negotiation method and system
CN113360944A (en) Dynamic access control system and method for power internet of things
Zhang et al. Smart grid data access control scheme based on blockchain
CN115941180B (en) Key distribution method and system based on post quantum security and identity identification
CN115883102B (en) Cross-domain identity authentication method and system based on identity credibility and electronic equipment
CN116432207A (en) Power data authority hierarchical management method based on blockchain
CN114070570B (en) Safe communication method of electric power Internet of things
Kumar et al. Escrow-less identity-based signature scheme with outsourced protection in cloud computing
Crampton et al. A certificate-free grid security infrastructure supporting password-based user authentication
Hassouna et al. A New Level 3 Trust Hierarchal Certificateless Public Key Cryptography Scheme in the Random Oracle Model.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant