CN115277171A - Data circulation control method based on purchasable attribute encryption in cloud environment - Google Patents
Data circulation control method based on purchasable attribute encryption in cloud environment Download PDFInfo
- Publication number
- CN115277171A CN115277171A CN202210877395.8A CN202210877395A CN115277171A CN 115277171 A CN115277171 A CN 115277171A CN 202210877395 A CN202210877395 A CN 202210877395A CN 115277171 A CN115277171 A CN 115277171A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- attribute
- key
- sender
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
- H04L9/3221—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
Abstract
The invention discloses a data circulation control method based on purchasable attribute encryption in a cloud environment, belonging to the technical field of data security; the method specifically comprises the following steps: firstly, a data circulation control platform comprising a trusted authority, a sender, a purifier, a cloud server and a receiver is built; the trusted authority generates an encryption key to the sender and a matched decryption key to the receiver; then, the sender processes each data to be sent by using a random message key, and then packages the data into an encrypted ciphertext by using the encrypted key and sends the encrypted ciphertext to the purifier; the clarifier purifies the ciphertext by using a random message key, and uploads the ciphertext to the cloud server to be sent to any receiver; and the receiver obtains a corresponding decryption key according to the access control strategy P, and when the attribute set in the plaintext meets the access control strategy, the plaintext is recovered. The invention can realize the read and write control of data at the same time, and effectively resist the attack caused by the leakage of the message key by a malicious sender in the KP-ABE scheme.
Description
Technical Field
The invention relates to the field of data security, in particular to a data circulation control method based on purifyable attribute encryption in a cloud environment.
Background
The appearance of cloud computing provides abundant storage and computing resources for personal and enterprise users, and greatly improves the use efficiency and the operation efficiency of data. Personal and enterprise data can be quickly and reliably sent, stored, and distributed between senders and recipients through cloud computing services. The sender can send data of any size to a group of receivers through the cloud server, and the cloud server stores the data in a data center of the cloud server so as to transmit the data when the receivers are not on line. In addition, the recipient may subscribe to data from the sender through the cloud service, and this publisher-subscriber relationship will control the flow of messages between the sender and the recipient. Thus, the recipient can create multiple subscriptions to the topic and receive messages from the recipient, ultimately forming a many-to-many messaging.
Due to the semi-trusted characteristic of the cloud platform, a proper encryption mechanism is required to store sensitive data in the cloud in a ciphertext form and perform fine-grained circulation control on the data, such as an attribute-based encryption (ABE) technology. The ABE introduces an access strategy in the idea of a public key encryption algorithm, can realize fine-grained access control, generates a key or a ciphertext according to the access strategy, enables users meeting a specified access strategy to decrypt, and controls sensitive data to flow to a user set meeting access conditions.
The key strategy-based attribute-based encryption (KP-ABE) technology can realize the encrypted access control of data in cloud computing, and related entities comprise a trusted authority, a cloud server, a sender and a receiver. As shown in FIG. 1, the implementation process of KP-ABE comprises the following steps:
1) And (5) initializing the system. A trusted authority generates a system public key PK and a system master key MK.
2) And generating a key. The trusted authority generates a private key SK according to the system master key MK and the access policy and distributes the private key SK to the receiving party safely.
3) And (5) encrypting data. The sender inputs a system public key PK, a plaintext m and an attribute set S, and encrypts the plaintext m by using a random message key K to obtain a ciphertext cmThen, the message key K is encrypted to obtain a ciphertext cKTo obtain the final ciphertext ct = (c)m,cK) And uploading to the cloud server.
4) And (6) decrypting the data. The user acquires ciphertext ct = (c) from the cloud serverm,cK) Then, the private key SK is used firstly from cKRecovers the message key K and then decrypts c with KmTo obtainAnd (5) plaintext m.
Under the cloud computing environment, the adoption of the KP-ABE technology to realize the safe circulation control of data has the following problems:
1) The KP-ABE cannot resist the attack of message key leakage, namely a sender may leak a message key K of data, and any receiver can download a ciphertext ct from a cloud server and directly decrypt a plaintext m after acquiring the message key K from the sender, so that the circulation control of the data is invalid.
2) KP-ABE can only realize the read control of data, namely only authorized receivers can access the data through a decryption key, but can not realize the write control of the data, namely, any sender can execute an encryption algorithm to upload a ciphertext to a cloud server, so that a malicious sender encrypts sensitive data and leaks the sensitive data to some receivers.
Disclosure of Invention
Aiming at the problems, the invention provides a data circulation control method based on decontaminable attribute encryption in a cloud environment, which generates a group of encryption keys associated with attributes for each sender by keeping a structural signature and a zero-knowledge proof mechanism, and simultaneously inputs the encryption keys and an access control strategy when generating the ciphertext, thereby ensuring that only the sender with the correct encryption key can upload the corresponding ciphertext to a cloud server, and realizing fine-grained data reading control of a receiver. In addition, the original ciphertext is subjected to the key-free purification operation at the purifier end, so that the message key can be prevented from being leaked to an unauthorized receiver by a sender, and the key leakage attack can be effectively resisted.
The data circulation control method based on the purifyable attribute encryption in the cloud environment comprises the following specific steps:
step one, building a data circulation control platform comprising a trusted authority, a sender, a purifier, a cloud server and a receiver;
and step two, the trusted authority generates an encryption key to each sender and generates a matched decryption key to each receiver.
For each sender, the trusted authority runs the EKGen algorithm to obtain encryptionSecret key ekS= (S, M, σ), returning the encryption key to the sender over the secure channel;
S={A1,A2,...,Akis the set of attributes of the input,is the set of all attribute hash values in the attribute set S; σ is the signature on the set of attribute hash values M;
for each recipient, a recipient policy is givenWhereinIs a matrix of l rows and n columns, p is a mapping function, and the matrix isEach line in (a) is mapped to an attribute;
the trusted authority runs DKGEN algorithm to generate a decryption key according to the access control strategy P, and the decryption key dk is transmitted through the secure channelP={Dτ,0,Dτ,1,Dτ,2}τ∈[l]Sending the data to a receiver;
step three, the sender processes each data to be sent by using a random message key, then uses an encryption key to package the message key, and finally sends an encrypted ciphertext to the purifier;
the encrypted ciphertext is c = (ct, pi); the knowledge that pi is zero proves; ct = (C, C)0,{Cτ,1,Cτ,2}τ∈[k]) Is a cipher text for attribute encryption of message, including symmetric encrypted cipher text C of message and access control cipher text (C) generated by attribute set S0,{Cτ,1,Cτ,2}τ∈[k]) K is the number of attributes in the attribute set S;
step four, the purifier checks the encrypted ciphertext, purifies the ciphertext by using a random message key, and uploads the purified ciphertext c' to the cloud server;
for each uploaded ciphertext c, firstly, the purifier runs the Sanitize algorithm to verify a zero knowledge proof pi in the ciphertext to verify that the sender has the encryption key corresponding to the attribute set S, and if the verification fails, the ciphertext is discarded;
after the verification is successful, continuously detecting whether the ciphertext ct is consistent with the attribute set S declared in the received ciphertext; if not, the verification fails and the ciphertext is discarded;
when the detection is consistent, the hash value element is used for each attribute of the attribute set SContinue to check if equation is satisfied:if the cipher text fails, the clarifier discards the cipher text;
g1and w are both public system parameters;
after success, the purifier selects a random value s ' to randomize the original ciphertext ct to obtain a purified ciphertext C ' = (C ', C ') with the same form as the original ciphertext ct '0,{C′τ,1,C′τ,2}τ∈[k]);
Step five, the cloud server receives and stores the purified ciphertext c' for sending to any subscribed receiver;
step six, the receiver obtains a corresponding decryption key from the trusted authority according to the access control strategy P; and after the purified ciphertext is received from the cloud server, when the attribute set in the ciphertext meets the access control strategy, the plaintext is recovered.
For the clean ciphertext c', the receiver uses the decryption key dkPAnd (5) operating a Decrypt algorithm to Decrypt the plain text:
m=C′/B
specifically, let I be a matrixCorresponding to the row set of the attribute set S. When the attribute set S satisfies the access control strategy P, the constant omega is calculatediSatisfy the requirement ofIs a matrixRow i of (2).
(Di,0,Di,1,Di,2) Is a decryption key;
the invention has the advantages that:
1) A data circulation control method based on cleanable attribute encryption in a cloud environment is characterized in that a ciphertext generated by a sender is cleaned through a cleaner, the cleaned ciphertext can be correctly decrypted only by an authorized receiver, and an unauthorized receiver cannot decrypt even if acquiring a message key leaked by the sender, so that the attack caused by the fact that a malicious sender leaks the message key in a KP-ABE scheme can be effectively resisted.
2) A data circulation control method based on purchasable attribute encryption in a cloud environment can not only realize data reading control, but also realize data writing control, and ensure that only an authorized sender can use an encryption key to generate an effective ciphertext, and the ciphertext generated by an unauthorized sender can be discarded by a purifier, so that a malicious sender is prevented from leaking sensitive information to an unauthorized receiver.
Drawings
FIG. 1 is a KP-ABE based data flow control chart used in the prior art.
FIG. 2 is a flow chart of a data flow control method based on purchasable property encryption in a cloud environment according to the present invention;
fig. 3 is a structural diagram of a data flow control platform constructed according to the invention.
Detailed Description
The implementation process of the overall technical scheme is described by combining the figures
In order to meet the requirement of safe data circulation control in a cloud environment, the invention provides a data circulation control method based on purifyable attribute encryption in the cloud environment, which specifically comprises the following steps: 1) A purchasable attribute-based encryption algorithm is designed, an attribute ciphertext generated by a sender is purified by using a purifier, and the purified ciphertext is uploaded to a cloud server. 2) And generating a group of encryption keys described by attributes for each sender by adopting a mechanism of maintaining structural signatures and zero-knowledge proof, and generating corresponding proof when generating attribute ciphertext in an encryption stage. The purifier ensures that only the sender authorized to the set S can generate the encrypted ciphertext of the set S through verification, so that the write control of data is realized, and the fine-grained read control of the purified ciphertext is still effective.
The data circulation control method based on the purchasable property encryption in the cloud environment comprises the following specific steps as shown in fig. 2:
step one, building a data circulation control platform comprising a trusted authority, a sender, a purifier, a cloud server and a receiver;
in the invention, all network communication between a sender and a cloud server is controlled by a purifier, and the reading control of data is determined by an access control strategy of a receiver; the involved entities include: trusted authority, sender, purifier, cloud server, and recipient, as shown in fig. 3.
1) A trusted authority establishes a system public key and a system master key and maintains the whole system; at the same time, the trusted authority generates an encryption key to each sender and a decryption key to each receiver.
2) The sender obtains an encryption key corresponding to the attribute set of the sender from a trusted authority; for each datum, the sender first processes it with a random message key, then encapsulates it with an encryption key, and finally sends the result of the encryption to the purifier.
3) The cleaner examines the original ciphertext and converts it to a cleaned ciphertext; first, the clarifier verifies whether the sender is authorized to the set of declared properties, and then verifies whether the ciphertext was generated based on the set of declared properties. And if the verification is correct, the purifier purifies the ciphertext by using a random message key and uploads the purified ciphertext to the cloud server.
4) The cloud server is a semi-trusted third party that receives the cleansed ciphertext from the cleansers and provides storage services for the ciphertext. The cryptogram stored in the cloud server may be sent to any subscribed recipient.
5) The receiver defines an access control policy and obtains a corresponding decryption key from a trusted authority. And after the receiver receives the purified ciphertext from the cloud server, if the attribute set in the ciphertext meets the access control strategy, the plaintext is recovered.
And step two, the trusted authority generates an encryption key to each sender and generates a matched decryption key to each receiver.
For each sender, a trusted authority runs an EKGen algorithm to obtain an encryption key ekS= (S, M, σ), the encryption key is returned to the sender over the secure channel;
S={A1,A2,...,Akthe set of attributes entered for the sender describes the data write target for which each sender is authorized.Is the set of all attribute hash values in the attribute set S; σ is the signature on the set of attribute hash values M;
for each recipient, a given recipient access control policyConsisting of and or gates of any possible nature. WhereinIs a matrix of l rows and n columns, p is a mapping function, and the matrix isEach line in (a) is mapped to an attribute;
the trusted authority according to the visitThe inquiry control strategy P runs the DKGgen algorithm to generate a decryption key, and the decryption key dk is transmitted through the secure channelP={Dτ,0,Dτ,1,Dτ,2}τ∈[l]Sending the data to a receiver;
step three, the sender processes each data to be sent by using a random message key, then uses an encryption key to encapsulate the message key, and finally sends an encrypted result to the purifier;
the encrypted ciphertext is c = (ct, pi); the knowledge that pi is zero proves; ct = (C, C)0,{Cτ,1,Cτ,2}τ∈[k]) The message is encrypted by attribute encryption; wherein C is a symmetric encrypted ciphertext of the message; c = m · e (g)0,g1)αs(ii) a m is the plaintext of the message, α is the system master key, i.e., a secret value selected by the trusted authority, g0,g1Initializing parameters for the system; s is a random number;
(C0,{Cτ,1,Cτ,2}τ∈[k]) Is the access control ciphertext generated by the attribute set S, and k is the number of attributes in the attribute set S;
wherein, the first and the second end of the pipe are connected with each other,for each tau e k],Andw is a public system parameter;
step four, the purifier checks the original encrypted ciphertext, purifies the ciphertext by using a random message key, and uploads the purified ciphertext c' to the cloud server;
and for each uploaded ciphertext c, the purifier runs the Sanitize algorithm to verify a zero knowledge proof pi in the ciphertext so as to verify that the sender has the encryption key corresponding to the attribute set S, and if the verification fails, the ciphertext is discarded.
After the verification is successful, continuously detecting whether the ciphertext ct is consistent with the attribute set S declared in the received ciphertext; if not, the verification fails and the ciphertext is discarded;
when the detection is consistent, the hash value element is used for each attributeChecking equationIf not, the parser discards the ciphertext if it fails.
When all checks pass, the cleaner selects a random value s 'to randomize ct in the original ciphertext to obtain a cleaned ciphertext C' = (C ', C'0,{C′τ,1,C′τ,2}τ∈[k]);
The method specifically comprises the following steps:
Then, the purge ciphertext C ' = (C ', C '0,{C′τ,1,C′τ,2}τ∈[k]);
Step five, the cloud server receives and stores the purified ciphertext c' for sending to any subscribed receiver;
step six, the receiver obtains a corresponding decryption key from a trusted authority according to the access control strategy P; and after the purified ciphertext is received from the cloud server, if the attribute set in the ciphertext meets the access control strategy, recovering the plaintext.
For the clean ciphertext c', the receiver uses the decryption key dkPAnd executing a Decrypt algorithm to Decrypt the plain text m = C'/B.
Specifically, let I = { I: ρ (I) ∈ S } be a matrixThe row set of the middle corresponding attribute set S; constant if the attribute set S satisfies its access control policy PSatisfy the requirement of Is a matrixRow i of (2).
Then, calculating:
where τ is the index of the property ρ (i) in S.
(Di,0,Di,1,Di,2) For decrypting the key dkPThe value of the middle corresponding row set I; decryption key dkP={Dτ,0,Dτ,1,Dτ,2}τ∈[l]Corresponding to the entire matrixAll the lines need only one of the satisfied sets S for decryption.
The embodiment of the invention has a flow chart, and the specific process is as follows:
1) System initialization algorithm Setup (1)γ,tmax)
First, a security parameter γ and a maximum number of attributes t are selectedmaxThe trusted authority runs the Setup algorithm;
Selecting random numbersGenerating a signing keyAnd authentication keyAnd generates a public reference string crs based on the Schnorr non-interactive zero knowledge proof scheme.
Finally, the trusted authority stores the master key mk = (msk, sk), the public system parameter pp = (mpk, vk, crs); all other algorithms implicitly specify pp as input.
2) Encryption key generation
For each sender, an encryption key generation algorithm EKGen (mk, S), an input master key mk and an attribute set S, and an output encryption key ekS。
The method specifically comprises the following steps:
first of all, the first step is to, the trusted authority authorizes one attribute set S = { A) thereof1,A2,...,AkAnd running an EKGen algorithm to obtain an encryption key.
Generating signaturesThe trusted authority encrypts the key ek through a secure channelSAnd = (= (S, M, σ)) is returned to the sender.
3) Decryption key generation
For each receiver, the trusted authority allows it to flexibly specify an access control policy P for controlling the data flow, inputs a master key mk and the access control policy P, and runs a DKGen (mk, P) algorithm to generate a decryption key.
In particular, given a recipient policyWhereinIs a matrix of l rows and n columns, and random numbers are selectedIs provided withComputing
finally, the trusted authority decrypts the secret key dk through the secure channelP={Dτ,0,Dτ,1,Dτ,2}τ∈[l]And sending the data to a receiving party.
4) Data encryption algorithm Encrypt (ek)SM) input encryption key ekSAnd a message m, outputting the encrypted ciphertext c.
Given plaintext data m, the sender uses an encryption key ekS= (S, M, σ) run Encrypt algorithm to Encrypt data.
First, a random number is selectedCalculate C = m · e (g)0,g1)αsAndfor each tau e k]CalculatingAndto obtain ct = (C, C)0,{Cτ,1,Cτ,2}τ∈[k])。
Secondly, the sender runs the proof algorithm of the Schnorr scheme to calculate the zero knowledge proof pi to prove to the purifier that the sender has the right knowledgeSpecifically, the sender obtains π through the following four equation proofs.
Finally, the sender securely sends the ciphertext c = (ct, π) to the purifier.
5) Ciphertext cleansing
For each ciphertext c = (ct, pi) uploaded, the purifier runs the algorithm saitize (c) to purify. And inputting a ciphertext c associated with the attribute set S, and outputting a purified ciphertext c' if the sender is authorized to write to S, or outputting ^ T.
First, the purifier verifies the zero knowledge proof pi to verify that the sender has the encryption key corresponding to S, and if the verification fails, the ciphertext is discarded.
Then, detecting whether the ciphertext ct is consistent with the attribute set S declared in the received ciphertext; first, it is checked whether | S | = k. Then, for each elementCheck equationIf not, the clarifier discards the ciphertext if it fails.
If all checks pass, the purge ciphertext is calculated as follows:
finally, the cleaner will clean up the ciphertext C ' = (C ', C '0,{C′τ,1,C′τ,2}τ∈[k]) And uploading to a cloud server.
6) Data decryption
And the receiver receives data from the cloud server in a subscription mode. For the clean ciphertext c', the receiver uses the decryption key dkPRun Decrypt (c', dk)P) Decrypting the plaintext m by the algorithm; inputting the purge ciphertext c' and decryption key dk associated with the attribute set SPIf S meets the strategy P, outputting a plaintext m, otherwise outputting T;
specifically, let I = { I: ρ (I) ∈ S } be LSSS matrixCorresponding to the row set of the attribute set S. If S ∈ P, calculate the constantSatisfy the requirement ofHere, theIs a matrixRow i of (2). Then calculate
Where τ is the index of the property ρ (i) in S. Finally, the receiver can recover the plaintext m = C'/B.
Claims (5)
1. A data circulation control method based on purifyable attribute encryption in a cloud environment is characterized by comprising the following specific steps:
firstly, building a data circulation control platform comprising a trusted authority, a sender, a purifier, a cloud server and a receiver; the trusted authority generates an encryption key to each sender and generates a matched decryption key to each receiver;
then, the sender processes each data to be sent by using a random message key, then uses an encryption key to package the message key, and finally sends an encrypted ciphertext to the purifier; the purifier checks the encrypted ciphertext, purifies the ciphertext by using a random message key, and uploads the purified ciphertext c' to the cloud server; the cloud server receives and stores the purified ciphertext c' for sending to any subscribed receiver;
finally, the receiver obtains a corresponding decryption key from the trusted authority according to the access control strategy P; and after the purified ciphertext is received from the cloud server, when the attribute set in the ciphertext meets the access control strategy, the plaintext is recovered.
2. The data circulation control method based on decontaminable attribute encryption in the cloud environment of claim 1, wherein the trusted authority generates an encryption key for each sender and a matching decryption key for each receiver; the method specifically comprises the following steps:
for each sender, a trusted authority runs an EKGen algorithm to obtain an encryption key ekS= (S, M, σ), by security passReturning the encryption key to the sender;
S={A1,A2,...,Akis the set of attributes of the input,is the set of all attribute hash values in the attribute set S; σ is the signature on the set of attribute hash values M;
for each recipient, a recipient policy is givenWhereinIs a matrix of l rows and n columns, p is a mapping function, and the matrix isEach line in (a) is mapped to an attribute;
the trusted authority runs DKGEN algorithm according to the access control strategy P to generate a decryption key, and the decryption key dk is obtained through the secure channelP={Dτ,0,Dτ,1,Dτ,2}τ∈[l]And sending the data to a receiving party.
3. The data flow control method based on the decontaminable property encryption in the cloud environment according to claim 1, wherein the encrypted ciphertext is c = (ct, pi); the knowledge that pi is zero proves; ct = (C, C)0,{Cτ,1,Cτ,2}τ∈[k]) Is a cipher text for attribute encryption of message, including symmetric encrypted cipher text C of message and access control cipher text (C) generated by attribute set S0,{Cτ,1,Cτ,2}τ∈[k]) And k is the number of attributes in the attribute set S.
4. The data flow control method based on decontaminable attribute encryption in the cloud environment according to claim 1, wherein the process of checking the encrypted ciphertext and purifying the ciphertext by the purifier is as follows:
for each uploaded ciphertext c, firstly, the purifier runs the Sanitize algorithm to verify a zero knowledge proof pi in the ciphertext to verify that the sender has the encryption key corresponding to the attribute set S, and if the verification fails, the ciphertext is discarded;
after the verification is successful, continuously detecting whether the ciphertext ct is consistent with the attribute set S declared in the received ciphertext; if not, the verification fails and the ciphertext is discarded;
when the detection is consistent, the hash value element is used for each attribute of the attribute set SContinue checking if the equation is satisfied:if the cipher text fails, the clarifier discards the cipher text;
g1and w are both open system parameters;
after success, the purifier selects a random value s ' to randomize the original ciphertext ct to obtain a purified ciphertext C ' = (C ', C ') with the same form as the original ciphertext ct '0,{C′τ,1,C′τ,2}τ∈[k])。
5. The data circulation control method based on the decontaminable attribute encryption in the cloud environment according to claim 1, wherein the process of recovering the plaintext by the receiver according to the access control policy P is as follows:
for the clean ciphertext c', the receiver uses the decryption key dkPAnd (5) operating a Decrypt algorithm to Decrypt the plain text:
m=C′/B
specifically, let I be a matrixThe row set of the middle corresponding attribute set S; when the attribute set S satisfies the access control strategy P, the constant omega is calculatediSatisfy the requirement of Is a matrixRow i of (1);
(Di,0,Di,1,Di,2) Is the decryption key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210877395.8A CN115277171B (en) | 2022-07-25 | 2022-07-25 | Data circulation control method based on cleanable attribute encryption in cloud environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210877395.8A CN115277171B (en) | 2022-07-25 | 2022-07-25 | Data circulation control method based on cleanable attribute encryption in cloud environment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115277171A true CN115277171A (en) | 2022-11-01 |
CN115277171B CN115277171B (en) | 2023-09-29 |
Family
ID=83770441
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210877395.8A Active CN115277171B (en) | 2022-07-25 | 2022-07-25 | Data circulation control method based on cleanable attribute encryption in cloud environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115277171B (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015200196A1 (en) * | 2014-06-25 | 2015-12-30 | Sypris Electronics, Llc | System and device binding metadata with hardware intrinsic properties |
CN108880796A (en) * | 2018-06-25 | 2018-11-23 | 电子科技大学 | It is a kind of for server efficiently based on the outsourcing decryption method of encryption attribute algorithm |
CN109768858A (en) * | 2018-12-26 | 2019-05-17 | 西安电子科技大学 | Based on the encryption attribute access control system more authorized and design method under cloud environment |
CN109831430A (en) * | 2019-01-30 | 2019-05-31 | 中国科学院信息工程研究所 | Safely controllable efficient data sharing method and system under a kind of cloud computing environment |
US20200007318A1 (en) * | 2018-06-29 | 2020-01-02 | International Business Machines Corporation | Leakage-deterring encryption for message communication |
CN112637278A (en) * | 2020-12-09 | 2021-04-09 | 云南财经大学 | Data sharing method and system based on block chain and attribute-based encryption and computer readable storage medium |
WO2021190450A1 (en) * | 2020-03-23 | 2021-09-30 | 齐鲁工业大学 | Multi-attribute mechanism attribute-based encryption method with tracking for cloud-assisted internet of things |
US20210374265A1 (en) * | 2020-06-02 | 2021-12-02 | Nikolay GIGOV | Methods and systems for secure data sharing with granular access control |
CN113810410A (en) * | 2021-09-16 | 2021-12-17 | 东莞职业技术学院 | Unmisuse key decentralized attribute-based encryption method, system and storage medium |
-
2022
- 2022-07-25 CN CN202210877395.8A patent/CN115277171B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015200196A1 (en) * | 2014-06-25 | 2015-12-30 | Sypris Electronics, Llc | System and device binding metadata with hardware intrinsic properties |
CN108880796A (en) * | 2018-06-25 | 2018-11-23 | 电子科技大学 | It is a kind of for server efficiently based on the outsourcing decryption method of encryption attribute algorithm |
US20200007318A1 (en) * | 2018-06-29 | 2020-01-02 | International Business Machines Corporation | Leakage-deterring encryption for message communication |
CN109768858A (en) * | 2018-12-26 | 2019-05-17 | 西安电子科技大学 | Based on the encryption attribute access control system more authorized and design method under cloud environment |
CN109831430A (en) * | 2019-01-30 | 2019-05-31 | 中国科学院信息工程研究所 | Safely controllable efficient data sharing method and system under a kind of cloud computing environment |
WO2021190450A1 (en) * | 2020-03-23 | 2021-09-30 | 齐鲁工业大学 | Multi-attribute mechanism attribute-based encryption method with tracking for cloud-assisted internet of things |
US20210374265A1 (en) * | 2020-06-02 | 2021-12-02 | Nikolay GIGOV | Methods and systems for secure data sharing with granular access control |
CN112637278A (en) * | 2020-12-09 | 2021-04-09 | 云南财经大学 | Data sharing method and system based on block chain and attribute-based encryption and computer readable storage medium |
CN113810410A (en) * | 2021-09-16 | 2021-12-17 | 东莞职业技术学院 | Unmisuse key decentralized attribute-based encryption method, system and storage medium |
Non-Patent Citations (2)
Title |
---|
傅镜艺: "基于Android 的移动终端安全管理系统", 计算机工程 * |
霍成义;: "云计算中属性基加密机制研究", 信息安全研究, no. 08 * |
Also Published As
Publication number | Publication date |
---|---|
CN115277171B (en) | 2023-09-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2021042685A1 (en) | Transaction method, device, and system employing blockchain | |
US7634085B1 (en) | Identity-based-encryption system with partial attribute matching | |
Li et al. | Oblivious signature-based envelope | |
CN114157427B (en) | SM2 digital signature-based threshold signature method | |
CN104767612B (en) | It is a kind of from the label decryption method without certificate environment to PKIX environment | |
US20100098253A1 (en) | Broadcast Identity-Based Encryption | |
US11870891B2 (en) | Certificateless public key encryption using pairings | |
GB2490407A (en) | Joint encryption using base groups, bilinear maps and consistency components | |
CN104767611B (en) | It is a kind of from PKIX environment to the label decryption method without certificate environment | |
CN106713349B (en) | Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text | |
Watanabe et al. | Efficient asymmetric public-key traitor tracing without trusted agents | |
CA2819211A1 (en) | Data encryption | |
CN117201132A (en) | Multi-committee attribute base encryption method capable of achieving complete decentralization and application of multi-committee attribute base encryption method | |
Wang et al. | Identity-based matchmaking encryption with stronger security and instantiation on lattices | |
Mu et al. | Delegated decryption | |
CN116743358A (en) | Repudiation multi-receiver authentication method and system | |
CN115277171B (en) | Data circulation control method based on cleanable attribute encryption in cloud environment | |
Basu et al. | Secured hierarchical secret sharing using ECC based signcryption | |
Safavi-Naini et al. | Broadcast authentication for group communication | |
Chander | The state-of-the-art cryptography techniques for secure data transmission | |
Yuen et al. | Towards a cryptographic treatment of publish/subscribe systems | |
CN114070549A (en) | Key generation method, device, equipment and storage medium | |
Yap et al. | On the security of a lightweight authentication and encryption scheme for mobile ad hoc network | |
JPH06112935A (en) | Ciphering communication method | |
Tseng et al. | An efficient anonymous key agreement protocol based on chaotic maps |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |