CN113179164A - Multi-authority ciphertext policy attribute-based encryption method based on ideal lattices - Google Patents
Multi-authority ciphertext policy attribute-based encryption method based on ideal lattices Download PDFInfo
- Publication number
- CN113179164A CN113179164A CN202110471463.6A CN202110471463A CN113179164A CN 113179164 A CN113179164 A CN 113179164A CN 202110471463 A CN202110471463 A CN 202110471463A CN 113179164 A CN113179164 A CN 113179164A
- Authority
- CN
- China
- Prior art keywords
- attribute
- authority
- gid
- user
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Abstract
The invention belongs to the technical field of data encryption in information security, and particularly relates to a multi-authority ciphertext strategy attribute-based encryption method based on an ideal lattice. The lattice-based attribute encryption method is constructed based on the ideal lattice, and encryption and decryption operations are all performed by taking an integer polynomial ring as a unit, so that multi-bit plaintext is encrypted once. The invention adopts a G-lattice-based trapdoor generation and primary image sampling method, and solves the problems of larger public and private key size and low calculation efficiency of the traditional lattice-based encryption method. The invention realizes the partition and reconstruction of the key by using the threshold secret sharing technology, so that a plurality of authorization mechanisms jointly distribute and manage the user key, the workload of a central authorization mechanism is effectively reduced, the performance and safety bottleneck existing in the encryption method of a single authorization mechanism are solved, the operation efficiency of the system is improved, the flexible and fine-grained access control of encrypted data is realized, and the application requirement of a distributed cloud storage environment is better met.
Description
Technical Field
The invention belongs to the technical field of data encryption in information security, and particularly relates to a multi-authority ciphertext strategy attribute-based encryption method based on an ideal lattice.
Background
The cloud computing technology can provide dynamic, expandable and strong-universality data remote storage and resource sharing services, effectively reduces the cost and burden of local data maintenance, and becomes a research hotspot in the field of information technology. However, because the openness of the internet and the cloud service provider are not completely trusted, how to ensure the security of data in the cloud and protect the data from being illegally accessed or tampered becomes an important problem which needs to be researched urgently.
An Attribute-Based Encryption (ABE) mechanism is an extension of an Identity-Based Encryption system (IBE), is proposed by Sahai and Waters in the European conference 2005, allows an encryptor to make an access control strategy according to the Attribute of a receiver in an Encryption algorithm, and can successfully decrypt only when an Attribute set of the receiver meets the access control strategy, so that the confidentiality of data can be effectively protected, and 'one-to-many' data sharing and flexible and fine-grained access control can be realized. However, most of the existing attribute-based encryption schemes are constructed based on the bilinear mapping principle, and cannot resist the attack of the quantum algorithm. In order to deal with new security threats in the post-quantum era, researchers have proposed a quantum attack resistant cryptosystem in recent years, wherein the trellis cryptosystem not only can effectively resist the quantum attack, but also achieves good balance in the aspects of security, computational efficiency and the like, and is paid attention to in the post-quantum cryptosystem.
The existing lattice-based attribute encryption scheme mainly has the following two problems, namely firstly, most of the lattice-based attribute encryption schemes are constructed based on LWE problems on standard lattices, the encryption and decryption operations of the lattice-based attribute encryption schemes mainly depend on matrix operation, and the problems of large public and private key sizes and low calculation efficiency exist; secondly, the existing lattice-based attribute encryption scheme generally adopts a single trusted authority to distribute and manage keys, and when the number of attributes in the system is large, the central authority may be overloaded and easily attacked in a centralized manner, which causes performance and security bottlenecks of the system. In addition, with the development of the distributed cloud storage technology, different attributes are authenticated and managed independently by corresponding authorization mechanisms, and the encryption mode of a single authorization mechanism cannot meet the actual application requirements.
Disclosure of Invention
The invention aims to solve the problems of trust dispersion and excessive load of a central authority in an encryption system, and provides a multi-authority ciphertext strategy attribute-based encryption method based on ideal lattices, which can effectively resist quantum attack, realize a flexible and fine-grained access control strategy, keep higher operation efficiency and be used for realizing safe data sharing in a distributed cloud environment.
The purpose of the invention is realized by the following technical scheme: the method comprises the following steps:
step 1: central authority CA runs the global initialization algorithm CASETup (1) of the systemλ) Generating a system common parameter pp ═ (q, n, k, σ)s,f,u);
Wherein q is a prime number, q ═ q (λ); n and k are positive integers, n ═ n (λ),sigma and sigmasIs a gaussian distribution parameter, σ ═ σ (λ), σs=σs(λ); f is an irreducible polynomial and,u∈Rq,Rqrepresenting an integer multiple ring;
step 2: inputting the system public parameter pp into each attribute authority AAθIn each attribute authority AAθExecuting an authorization mechanism initialization algorithm, and calculating to obtain an authorization mechanism public key APK of the authorization mechanismθAnd an authority private key ASKθ;
step 2.2: attribute authority AAθProperty set for self managementEach attribute x iniSelecting a uniform random vector pairWherein the content of the first and second substances,lθauthorizing an organization AA for an attributeθThe number of attributes managed;
And step 3: the data owner appoints the data mu to be encrypted and makes an access control strategy Representing an attribute authority AAθManaging the set of attributes that an authorized user must hold within a domain,representing an attribute authority AAθManaging a set of attributes that an authorized user cannot hold within a domain; converting the plaintext message mu into mu0,μ1,…,μn-1}∈{0,1}nExpressed as a ring polynomial μ (x) ═ μ0+μ1x+…+μn-1xn-1,μ(x)∈Rq;
Step 3.1: encryptionThe player randomly selects s ←URq,e←DR,σCalculatingObtained by random sampling of discrete GaussComputingc0∈Rq;
And 4, step 4: the user gid interacts with each authorization mechanism respectively according to the attribute set held by the user gid to obtain the private key SKgid;
And 5: the public key APK of the public parameter pp and the attribute authority is used by the user gidθAnd a private key SKgidAnd decrypting the ciphertext ct.
The present invention may further comprise:
in the step 4, the user gid interacts with each authorization mechanism respectively according to the attribute set held by the user gid to obtain the private key SKgidThe method comprises the following steps:
step 4.1: the CA of the central authority authenticates the identity of the authority and randomly selects a polynomial of degree N-1 aj←URqPartition the parameter u in pp into N shared shares { u }1,…,uN},uθP (θ), and mixing uθDistribute to corresponding authorities AAθ;
Step 4.2: attribute authority AAθProperty set for self managementEach attribute x iniPerforming discrete Gaussian sampling to obtainIf xi∈Sgid,θThen give an orderOtherwise, it orders
Wherein the content of the first and second substances,Sgid,θrepresenting an attribute authority AAθA set of attributes owned by the user gid;
step 4.3: AAθCalling ring pre-image sampling algorithmTo obtainUser acquisition of a complete secret key SKgid={wgid,θ}θ∈[N],Wherein the content of the first and second substances,δθ∈Rq;
in said step 5, the user gid uses the public parameter pp and the public key APK of the attribute authorityθAnd a private key SKgidThe method for decrypting the ciphertext ct specifically comprises the following steps:
Step 5.2: attribute authority AAθManaged property setsEach attribute x iniIf propertyCalculating aθ,i=(cθ,i)T·wθ,i(ii) a If attribute xi∈Sgid,θCalculatingOtherwise, calculating
step 5.4: for all d e [0, n-1]If, ifThen orderOtherwise makeObtaining a decrypted setI.e. the original plaintext encrypted by the data owner
The invention has the beneficial effects that:
the lattice-based attribute encryption method is constructed based on the ideal lattice, and encryption and decryption operations are all performed by taking an integer polynomial ring as a unit, so that multi-bit plaintext is encrypted once. The invention adopts a G-lattice-based trapdoor generation and primary image sampling method, and solves the problems of larger public and private key size and low calculation efficiency of the traditional lattice-based encryption method. The invention realizes the partition and reconstruction of the key by using the threshold secret sharing technology, so that a plurality of authorization mechanisms jointly distribute and manage the user key, the workload of a central authorization mechanism is effectively reduced, the performance and safety bottleneck existing in the encryption method of a single authorization mechanism are solved, the operation efficiency of the system is improved, the flexible and fine-grained access control of encrypted data is realized, and the application requirement of a distributed cloud storage environment is better met.
Drawings
Fig. 1 is a framework diagram of the present invention.
Fig. 2 is a flow chart of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings.
The invention belongs to the technical field of data encryption in information security, and particularly relates to a multi-authority ciphertext strategy attribute-based encryption method based on an ideal lattice. The lattice-based attribute encryption method is constructed based on the ideal lattice, multi-bit plaintext can be encrypted once, quantum attack resistance can be effectively resisted, on the basis, a flexible and fine-grained access control strategy is realized, and higher operation efficiency is kept. The invention realizes the segmentation and reconstruction of the user key by using the threshold secret sharing technology, effectively reduces the workload of an authorization mechanism and further improves the system operation efficiency; the method introduces multiple authorization mechanisms, and effectively solves the problems of distributed trust in the encryption system and excessive load of a central authorization mechanism. The invention can be used for realizing safe data sharing in a distributed cloud environment.
A multi-authority ciphertext strategy attribute-based encryption method based on an ideal lattice comprises the following steps:
step 1: central authority CA runs the global initialization algorithm CASETup (1) of the systemλ) Generating a system common parameter pp ═ (q, n, k, σ)s,f,u);
Wherein q is a prime number, q ═ q (λ); n and k are positive integers, n ═ n (λ),sigma and sigmasIs a gaussian distribution parameter, σ ═ σ (λ), σs=σs(λ); f is an irreducible polynomial and,u∈Rq,Rqrepresenting an integer multiple ring;
step 2: inputting the system public parameter pp into each attribute authority AAθIn each attribute authority AAθExecuting an authorization mechanism initialization algorithm, and calculating to obtain an authorization mechanism public key APK of the authorization mechanismθAnd an authority private key ASKθ;
step 2.2: attribute authority AAθProperty set for self managementEach attribute x iniSelecting a uniform random vector pairWherein the content of the first and second substances,lθauthorizing an organization AA for an attributeθThe number of attributes managed;
And step 3: the user gid interacts with each authorization mechanism respectively according to the attribute set held by the user gid to obtain the private key SKgid;
Step 3.1: the CA of the central authority authenticates the identity of the authority and randomly selects a polynomial of degree N-1 aj←URqPartition the parameter u in pp into N shared shares { u }1,…,uN},uθP (θ), and mixing uθDistribute to corresponding authorities AAθ;
Step 3.2: attribute authority AAθProperty set for self managementEach attribute x iniPerforming discrete Gaussian sampling to obtainIf xi∈Sgid,θThen give an orderOtherwise, it orders
Wherein the content of the first and second substances,Sgid,θrepresenting an attribute authority AAθA set of attributes owned by the user gid;
step 3.3: AAθCalling ring pre-image sampling algorithmTo obtainUser acquisition of a complete secret key SKgid={wgid,θ}θ∈[N],Wherein the content of the first and second substances,δθ∈Rq;
and 4, step 4: the data owner appoints the data mu to be encrypted and makes an access control strategy Representing an attribute authority AAθManaging the set of attributes that an authorized user must hold within a domain,representing an attribute authority AAθManaging a set of attributes that an authorized user cannot hold within a domain; converting the plaintext message mu into mu0,μ1,…,μn-1}∈{0,1}nExpressed as a ring polynomial μ (x) ═ μ0+μ1x+…+μn-1xn-1,μ(x)∈Rq;
Step 4.1: the encryptor chooses s ← at randomURq,e←DR,σCalculatingObtained by random sampling of discrete GaussComputingc0∈Rq;
And 5: the public key APK of the public parameter pp and the attribute authority is used by the user gidθAnd a private key SKgidThe method for decrypting the ciphertext ct specifically comprises the following steps:
Step 5.2: attribute authority AAθManaged property setsEach attribute x iniIf propertyCalculating aθ,i=(cθ,i)T·wθ,i(ii) a If attribute xi∈Sgid,θCalculatingOtherwise, calculating
step 5.4: for all d e [0, n-1]If, ifThen orderOtherwise makeObtaining a decrypted setI.e. the original plaintext encrypted by the data owner
The invention has the beneficial effects that:
the lattice-based attribute encryption method is constructed based on the ideal lattice, and encryption and decryption operations are all performed by taking an integer polynomial ring as a unit, so that multi-bit plaintext is encrypted once. Meanwhile, the trap door generation and original image sampling method based on the G-lattice is adopted in the scheme, so that the problems that the public and private keys are large in size and low in calculation efficiency in the traditional lattice-based encryption method are solved, the method can resist quantum attack and has high operation efficiency.
The invention realizes the partition and reconstruction of the key by using the threshold secret sharing technology, so that a plurality of authorization mechanisms jointly distribute and manage the user key, the workload of a central authorization mechanism is effectively reduced, the performance and safety bottleneck existing in the encryption method of a single authorization mechanism are solved, the operation efficiency of the system is improved, the flexible and fine-grained access control of encrypted data is realized, and the application requirement of a distributed cloud storage environment is better met.
Example 1:
the invention aims to provide a multi-authority ciphertext strategy attribute-based encryption method based on an ideal lattice. The method can effectively resist quantum attack resistance, support the multi-attribute authorization mechanism, effectively solve the problems of distributed trust in the encryption system and excessive load of the central authorization mechanism, and improve the operation efficiency. The method can be used for realizing safe data sharing in a distributed cloud environment.
Fig. 1 is a framework diagram of the present invention, in which the main entities involved and their functions are as follows: the Central Authority (CA) is mainly responsible for executing system initialization operation, generating system global public parameters, authenticating identities of all users and attribute authorities in the system, receiving registration requests of the system users and the attribute authorities, and issuing globally unique user identity identifications gid and authority identifications theta for the users and the attribute authorities respectively; each Attribute Authority (AA) independently manages a part of attributes in the system and generates a corresponding key for the user, wherein each attribute is managed by only one authority; the Data Owner (DO) is responsible for making an access control strategy according to the requirement on the attribute of the receiver and encrypting the data by using an encryption algorithm to generate a ciphertext; the Cloud Server (CS) is mainly used as a third-party platform to provide storage and downloading services of encrypted data for the user; the system user (DU) holds the attribute set of the system user, ciphertext can be downloaded from the Cloud Server (CS), and if the attribute set of the system user (DU) meets the access strategy set by the Data Owner (DO), plaintext data can be obtained through successful decryption by using a decryption algorithm. The method specifically comprises the following steps:
1. the central authority CA performs system initialization operations, generates system public parameters pp, and issues identification θ and gid to the authority and the user applying for registration.
2. Each authority AAθ(θ∈[N]) Executing the initialization operation of the authorization mechanism by using the system public parameter pp to generate the public key APK of the authorization mechanismθAnd an authority private key ASKθ。
3. CA uses threshold secret sharing technology to share secret parameter u in public parameter pp among authorization organizations, and each authorization organization AAθGenerating shared shares uθ。
4. The data owner DO makes an access strategy according to the security requirement of the data owner DO, the access strategy comprises the steps of setting an attribute set which must be held by an authorized user and an attribute set which cannot be held by the authorized user, and the public parameter pp and the public key { APK (authorization authority key) } of the public parameter are utilizedθ}θ∈[N]And encrypting the data by the access strategy to generate a ciphertext ct, and uploading the ct to the cloud server CS.
5. The system user DU interacts with the authorization organization one by one, and submits to the organization AAθAttribute set S held under administrative domaingid,θAuthorization institution AAθThe user attribute is authenticated and authorized to generate an attribute set Sgid,θThe corresponding private key is sent to a system user DU, and finally the DU obtains a complete user private key SKgid。
6. The system user DU downloads the ciphertext ct from the cloud server CS and utilizes the user private key SK acquired by the system user DUgidPublic parameter pp and authority public key { APKθ}θ∈[N]And (4) decrypting ct, and if and only if the attribute set of the user meets the access policy set by the data owner, successfully decrypting the ct to obtain the plaintext.
FIG. 2 is a flowchart of a multi-authority ciphertext policy attribute based encryption method based on an ideal lattice according to the present invention. The method comprises the following specific implementation steps:
the CASetup stage:
central authority CA runs the global initialization algorithm CASETup (1) of the systemλ) Generating a system common parameter pp ═ (q, n, k, σ)sF, u) where q ═ q (λ) is a prime number, n ═ n (λ) andis a positive integer, σ ═ σ (λ) and σs=σs(lambda) is a Gaussian distribution parameter,is an irreducible polynomial, u ∈ Rq。
AASetup phase:
the attribute authority executes the authority initialization algorithm, and inputs the system public parameter pp, the authority number theta and the authority AAθNumber of managed attributes lθFirstly calling trapdoor generation algorithm TrapGen generationAndwherein m is k + 2; is provided withIndicating authority AAθA managed set of attributes. For collectionsThe ith attribute x in (1)i,AAθSelecting uniform and random vector pairsWhereinFinally returning the public key of the authorityAnd an authority private key
KeyGen stage:
and the user interacts with each authorization mechanism respectively according to the attribute set held by the user and requests to obtain the corresponding private key. Let lθIndicating authority AAθNumber of attributes managed, Sgid=Uθ∈[N]Sgid,θThe attribute set owned by the user gid is represented, and the specific implementation process is as follows:
KeyGen stage 1:
per attribute authority AAθApplying for registration to CA, CA certifies authority identity, and utilizes Shamir threshold secret sharing technique to make u belong to RqSplit into N shared shares { u }1,…,uNN is the number of authorities. Specifically, a polynomial of degree N-1 is randomly selectedWherein a isi←uRqAnd shares the secret uθ=P(θ)∈RqDistribute to corresponding authorities AAθ。
KeyGen stage 2:
for each attribute in the administrative domainAuthorization institution AAθFirstly, discrete Gaussian sampling is carried out to obtainWhereinIf xi∈Sgid,θIs provided withOtherwiseIs provided withIs provided with
KeyGen stage 3:
Encrypt phase:
the Data Owner (DO) specifies the data mu to be encrypted and makes an access control policyWherein Indicating authority AAθManaging the set of attributes that an authorized user must hold within a domain,represents AAθManaging collections of attributes that an authorized user cannot hold within a domain. Converting the plaintext message mu into mu0,μ1,…,μn-1}∈{0,1}nExpressed as a ring polynomial μ (x) ═ μ0+μ1x+…+μn-1xn-1∈Rq. The encryptor chooses s ← at randomURq,e←DR,σCalculatingObtained by random sampling of discrete GaussAnd (3) calculating:
The Decrypt stage:
the user inputs the public parameter pp, the public key of the authority { APKθ}θ∈[N]Ciphertext ct and user Key SKgid. First, toEach authority AAθ(θ∈[N]) CalculatingThen, for the authority AAθManaged attributesFor attributeCalculating aθ,i=(cθ,i)T·wθ,i(ii) a For attribute xi∈Sgid,θCalculatingFor attributeComputingFinal calculationAndwhereinFor all i e [0, n-1]If, ifOrder toOtherwise make
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (3)
1. A multi-authority ciphertext strategy attribute-based encryption method based on an ideal lattice is characterized by comprising the following steps:
step 1: central authority CA runs the global initialization algorithm CASETup (1) of the systemλ) Generating a system common parameter pp ═ (q, n, k, σ)s,f,u);
Wherein q is a prime number, q ═ q (λ); n and k are positive integers, n ═ n (λ), k ═ log (q) +1](ii) a Sigma and sigmasIs a gaussian distribution parameter, σ ═ σ (λ), σs=σs(λ); f is an irreducible polynomial and,u∈Rq,Rqrepresenting an integer multiple ring;
step 2: inputting the system public parameter pp into each attribute authority AAθIn each attribute authority AAθExecuting an authorization mechanism initialization algorithm, and calculating to obtain an authorization mechanism public key APK of the authorization mechanismθAnd an authority private key ASKθ;
step 2.2: attribute authority AAθProperty set for self managementEach attribute x iniSelecting a uniform random vector pairWherein the content of the first and second substances,lθauthorizing an organization AA for an attributeθThe number of attributes managed;
And step 3: the data owner appoints the data mu to be encrypted and makes an access control strategy Representing an attribute authority AAθManaging the set of attributes that an authorized user must hold within a domain,representing an attribute authority AAθManaging a set of attributes that an authorized user cannot hold within a domain; converting the plaintext message mu into mu0,μ1,…,μn-1}∈{0,1}nExpressed as a ring polynomial μ (x) ═ μ0+μ1x+…+μn-1xn-1,μ(x)∈Rq;
Step 3.1: the encryptor chooses s ← at randomURq,e←DR,σCalculatingObtained by random sampling of discrete GaussComputing
And 4, step 4: the user gid interacts with each authorization mechanism respectively according to the attribute set held by the user gid to obtain the private key SKgid;
And 5: the public key APK of the public parameter pp and the attribute authority is used by the user gidθAnd a private key SKgidAnd decrypting the ciphertext ct.
2. The idealised lattice-based multi-authority ciphertext policy attribute-based encryption method of claim 1, wherein: in the step 4, the user gid interacts with each authorization mechanism respectively according to the attribute set held by the user gid to obtain the private key SKgidThe method comprises the following steps:
step 4.1: the CA of the central authority authenticates the identity of the authority and randomly selects a polynomial of degree N-1 aj←URqPartition the parameter u in pp into N shared shares { u }1,…,uN},uθP (θ), and mixing uθDistribute to corresponding authorities AAθ;
Step 4.2: attribute authority AAθFor self-managed attribute set xθEach attribute x iniPerforming discrete Gaussian sampling to obtainIf xi∈Sgid,θThen give an orderOtherwise, it orders
Wherein the content of the first and second substances,Sgid,θrepresenting an attribute authority AAθA set of attributes owned by the user gid;
3. the idealised lattice-based multi-authority ciphertext policy attribute-based encryption method of claim 2, wherein: in said step 5, the user gid uses the public parameter pp and the public key APK of the attribute authorityθAnd a private key SKgidThe method for decrypting the ciphertext ct specifically comprises the following steps:
Step 5.2: attribute authority AAθManaged attribute set χθEach attribute x iniIf propertyCalculating aθ,i=(cθ,i)T·wθ,i(ii) a If attribute xi∈Sgid,θCalculatingOtherwise, calculating
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110471463.6A CN113179164B (en) | 2021-04-29 | 2021-04-29 | Multi-authority ciphertext policy attribute-based encryption method based on ideal lattices |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110471463.6A CN113179164B (en) | 2021-04-29 | 2021-04-29 | Multi-authority ciphertext policy attribute-based encryption method based on ideal lattices |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113179164A true CN113179164A (en) | 2021-07-27 |
CN113179164B CN113179164B (en) | 2023-03-17 |
Family
ID=76925699
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110471463.6A Active CN113179164B (en) | 2021-04-29 | 2021-04-29 | Multi-authority ciphertext policy attribute-based encryption method based on ideal lattices |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113179164B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113987558A (en) * | 2021-12-24 | 2022-01-28 | 杭州电子科技大学 | Off-line/on-line lattice-based attribute-based encryption method |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9209974B1 (en) * | 2015-05-03 | 2015-12-08 | Zeutro, Llc | Functional encryption key management |
US20170272411A1 (en) * | 2013-03-15 | 2017-09-21 | Arizona Board Of Regents On Behalf Of Arizona State University | Enabling comparable data access control for lightweight mobile devices in clouds |
CN107682157A (en) * | 2017-10-11 | 2018-02-09 | 河南理工大学 | More mechanical properties base encryption methods based on LWE on a kind of new lattice |
CN109743162A (en) * | 2018-12-29 | 2019-05-10 | 西安电子科技大学 | A kind of operated using ideal lattice carries out the matched encryption method of identity attribute |
CN110572827A (en) * | 2019-09-29 | 2019-12-13 | 河北云坚万盾安全技术有限公司 | Safety access gateway and identity authentication method |
CN111342976A (en) * | 2020-03-04 | 2020-06-26 | 中国人民武装警察部队工程大学 | Verifiable ideal lattice upper threshold proxy re-encryption method and system |
CN111953483A (en) * | 2020-07-29 | 2020-11-17 | 哈尔滨工程大学 | Multi-authority access control method based on criterion |
-
2021
- 2021-04-29 CN CN202110471463.6A patent/CN113179164B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170272411A1 (en) * | 2013-03-15 | 2017-09-21 | Arizona Board Of Regents On Behalf Of Arizona State University | Enabling comparable data access control for lightweight mobile devices in clouds |
US9209974B1 (en) * | 2015-05-03 | 2015-12-08 | Zeutro, Llc | Functional encryption key management |
CN107682157A (en) * | 2017-10-11 | 2018-02-09 | 河南理工大学 | More mechanical properties base encryption methods based on LWE on a kind of new lattice |
CN109743162A (en) * | 2018-12-29 | 2019-05-10 | 西安电子科技大学 | A kind of operated using ideal lattice carries out the matched encryption method of identity attribute |
CN110572827A (en) * | 2019-09-29 | 2019-12-13 | 河北云坚万盾安全技术有限公司 | Safety access gateway and identity authentication method |
CN111342976A (en) * | 2020-03-04 | 2020-06-26 | 中国人民武装警察部队工程大学 | Verifiable ideal lattice upper threshold proxy re-encryption method and system |
CN111953483A (en) * | 2020-07-29 | 2020-11-17 | 哈尔滨工程大学 | Multi-authority access control method based on criterion |
Non-Patent Citations (2)
Title |
---|
ZECHAO LIU: ""Multi-authority ciphertext policy attribute-based encryption scheme on ideal lattices"", 《2018 IEEE INTL CONF ON PARALLEL & DISTRIBUTED PROCESSING WITH APPLICATIONS, UBIQUITOUS COMPUTING & COMMUNICATIONS, BIG DATA & CLOUD COMPUTING, SOCIAL COMPUTING & NETWORKING, SUSTAINABLE COMPUTING & COMMUNICATIONS》 * |
汤海婷: ""基于格的属性密码体制及其应用研究"", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113987558A (en) * | 2021-12-24 | 2022-01-28 | 杭州电子科技大学 | Off-line/on-line lattice-based attribute-based encryption method |
Also Published As
Publication number | Publication date |
---|---|
CN113179164B (en) | 2023-03-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109040045B (en) | Cloud storage access control method based on ciphertext policy attribute-based encryption | |
CN113193953B (en) | Multi-authority attribute-based encryption method based on block chain | |
CN108833393B (en) | Revocable data sharing method based on fog computing | |
Li et al. | TMACS: A robust and verifiable threshold multi-authority access control system in public cloud storage | |
Xu et al. | CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud | |
Li et al. | Two-factor data access control with efficient revocation for multi-authority cloud storage systems | |
CN114039790B (en) | Fine-grained cloud storage security access control method based on blockchain | |
CN104901942A (en) | Distributed access control method for attribute-based encryption | |
CN106487506B (en) | Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption | |
CN110933033B (en) | Cross-domain access control method for multiple Internet of things domains in smart city environment | |
Xu et al. | Multi-authority proxy re-encryption based on CPABE for cloud storage systems | |
Fan et al. | A secure and efficient outsourced computation on data sharing scheme for privacy computing | |
Ming et al. | Efficient revocable multi-authority attribute-based encryption for cloud storage | |
Liu et al. | Dynamic attribute-based access control in cloud storage systems | |
Chaudhary et al. | RMA-CPABE: A multi-authority CPABE scheme with reduced ciphertext size for IoT devices | |
CN113360944B (en) | Dynamic access control system and method for electric power Internet of things | |
CN110933052A (en) | Encryption and policy updating method based on time domain in edge environment | |
CN113179164B (en) | Multi-authority ciphertext policy attribute-based encryption method based on ideal lattices | |
Yan et al. | Attribute-based encryption in cloud computing environment | |
Deng et al. | Flexible revocation in ciphertext-policy attribute-based encryption with verifiable ciphertext delegation | |
Malarvizhi et al. | Secure file sharing using cryptographic techniques in cloud | |
Wang et al. | Revocable, dynamic and decentralized data access control in cloud storage | |
Imine et al. | ABR: A new efficient attribute based revocation on access control system | |
Fan et al. | A secure cross-domain access control scheme in social networks | |
Pradhan et al. | Smart grid data security using practical CP-ABE with obfuscated policy and outsourcing decryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |