CN116319058A - Access control method based on attribute and strategy hiding of blockchain - Google Patents
Access control method based on attribute and strategy hiding of blockchain Download PDFInfo
- Publication number
- CN116319058A CN116319058A CN202310394979.4A CN202310394979A CN116319058A CN 116319058 A CN116319058 A CN 116319058A CN 202310394979 A CN202310394979 A CN 202310394979A CN 116319058 A CN116319058 A CN 116319058A
- Authority
- CN
- China
- Prior art keywords
- attribute
- user
- access
- encrypted
- policy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 34
- 230000007246 mechanism Effects 0.000 claims abstract description 10
- 238000012795 verification Methods 0.000 claims description 12
- 239000011159 matrix material Substances 0.000 claims description 9
- 230000008569 process Effects 0.000 claims description 8
- 239000013598 vector Substances 0.000 claims description 7
- 230000000694 effects Effects 0.000 claims description 6
- 238000013507 mapping Methods 0.000 claims description 6
- 125000004122 cyclic group Chemical group 0.000 claims description 3
- 239000000654 additive Substances 0.000 description 2
- 230000000996 additive effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention belongs to the field of access control based on block chains, and in particular relates to an access control method based on attribute and strategy hiding of block chains, which comprises the steps of initializing a network and creating a certificate for a node; installing the access request chain code, the resource information management chain code and the attribute management chain code into a blockchain network and initializing; the data owner encrypts the plaintext data and then uploads the encrypted plaintext data to an IPFS network to obtain a storage address; the data owner initiates a request registration to an attribute authentication mechanism, the attribute authentication mechanism distributes attributes for the data owner and encrypts the data owner and uploads the data owner to a blockchain network through an attribute management chain code; the data owner invokes a resource information management chain code to upload the resource hash value, the storage address and the access strategy encrypted by using the homomorphic encryption algorithm into the blockchain network; the data requester initiates a request to the data through the access request chain code, and the encrypted access strategy and the encrypted attribute are verified in the blockchain; the invention reduces the storage burden of the block chain.
Description
Technical Field
The invention belongs to the field of access control based on a block chain, and particularly relates to an access control method based on attribute and strategy hiding of the block chain.
Background
With the advent of the informatization and networking age, data became an important asset in the present age. The value of the data asset comes from sharing, and the premise of the sharing is that the security of the data must be ensured. Currently, various types of data are either stored by the various platforms in their own databases or stored by the users themselves locally or on the cloud. If the platforms are left to acquire the user data at will, the user loses control over the user data, which causes a series of problems such as tampering, leakage and the like of the user data. If the data is stored locally by the user, it is difficult to play the value of the data. In order to realize secure storage and secure sharing of data, an efficient data encryption and decryption algorithm and a secure access control mechanism are required.
The concept of blockchain is an article "bitcoin" published by the middle book clever in the cryptography component in 2008: a point-to-point electronic cash system was first proposed. Blockchains have mainly the following characteristics: firstly, the block chain is a decentralizing calculation model, and no centralized mechanism or third party intermediary participates in the transaction and verification process; secondly, the record of the block chain is not tamperable, because each block contains hash values of all previous blocks, if someone tampers the content of any block, the hash values of all the subsequent blocks cannot be matched, and therefore, the record of the block chain is not tamperable; and thirdly, transparency, wherein transactions and records in the blockchain are public and transparent, and each node can check the transaction records and account book contents, so that the public transparency and traceability of data are ensured.
The attribute-based encryption (CP-ABE) algorithm is a one-to-many encryption algorithm, which is more efficient and resource-efficient than a one-to-one encryption algorithm. The data owner can formulate an access policy by himself, encrypt the data according to the access policy and upload the encrypted data for storage, and only entities meeting attribute requirements can decrypt the encrypted data to obtain original plaintext data. Using attributes to design access policies ensures flexibility and fine granularity of the overall access control flow. Meanwhile, because the access policy is embedded in the secret, safe data sharing and control of the user on the data are realized.
The interplanetary file system (Inter Planetary File System, IPFS) is a point-to-point distributed file system intended to connect all computer devices having the same file system. The addressing mode adopts the content addressing instead of the position addressing innovatively. IPFS adopts the decentralization design, and the uploaded files are stored in different IPFS nodes in a scattered way, and file fingerprints are calculated according to file contents and stored in a distributed hash table. The storage pressure of the blockchain can be greatly relieved through the IPFS, and the problem of low storage capacity of the blockchain is solved.
Disclosure of Invention
In order to solve the problem of lack of privacy protection under the capability of a blockchain and in access control, the invention provides an access control method based on attribute and policy hiding of the blockchain, which specifically comprises the following steps:
s1: initializing a blockchain network by an administrator, and creating a certificate for a node in the network;
s2: installing the access request chain code, the resource information management chain code and the attribute management chain code into a blockchain network and initializing;
s3: the data owner encrypts plaintext data by using an attribute encryption algorithm and an AES encryption algorithm and then uploads the encrypted plaintext data to an IPFS network to obtain a storage address Addr;
s4: the data owner initiates a request registration to an attribute authentication mechanism, the attribute authentication mechanism distributes attributes for the data owner and encrypts the data owner by using a homomorphic encryption algorithm, and the data owner uploads the data owner to a blockchain network through an attribute management chain code;
s5: the data owner invokes a resource information management chain code to upload the resource hash value H, the storage address Addr and the access strategy E (P) encrypted by using the homomorphic encryption algorithm into the blockchain network;
s6: and the data requester initiates a request to the data through the access request chain code, the encrypted access strategy and the encrypted attribute are verified in the blockchain, and if the encrypted access strategy and the encrypted attribute pass the verification, the encrypted access strategy and the encrypted attribute are decrypted to obtain the plaintext data.
Further, the resource information management chain code is used for acquiring resource information of a user and uploading an access strategy set by the user for the resource, and the resource information of the user comprises a resource storage address, a resource hash value and a resource identification id; the resource information management chain code comprises the following interfaces:
an AddPolicy () interface for adding new resource information and a corresponding access policy to the blockchain;
an UpdatePolicy () interface, configured to receive a resource id and a corresponding new access policy, and use the new access policy to cover the old to achieve the effect of updating the access control policy;
DeletePolicy () interface for deleting the resource information stored in the blockchain and the corresponding access control policy;
and the QueryPolicy () interface is used for realizing the function of searching the corresponding access strategy by using the resource id as an index.
Further, the attribute management chain code receives the user id transmitted from the attribute authentication center and the attribute set encrypted by using the homomorphic encryption algorithm; the attribute management chain code includes the following interfaces:
an AddAuttribute () interface for receiving and storing the user identity and the attribute set from the attribute authority;
an updatetattribute () interface, configured to receive a new attribute set sent by an attribute authority, and cover an old attribute set according to a resource id and the new attribute set, so as to achieve an attribute update effect;
deletet attribute () interface for deleting the attribute set corresponding to the user id;
the QueryAttribute () interface is used for obtaining the corresponding user attribute from the blockchain according to the identity, and the interface can only be called by the access request chain code.
Further, the access request chain code is used for receiving an access request of a user, calling the encrypted access strategy and the encrypted user attribute to carry out matching verification, and returning a result; the access request chain code includes the following ports:
and the Access check () port is used for carrying out matching verification according to the user id and the resource id, calling the corresponding encrypted user attribute and the encrypted access strategy, and returning the result.
Further, the attribute encryption is completed by an attribute authority, the attribute authority firstly calculates a hash value H of the attribute value, and then encrypts the hash value H through a Paillier homomorphic encryption algorithm to obtain an encrypted hash value, and the method specifically comprises the following steps:
if the attribute set of the user is expressed as: s= { (position: a), (age: B), (ID: C) };
the set of attributes uploaded onto the blockchain after encryption is represented as: s= { (position (H (A)) pk ),(age:(H(B)) pk ),(ID:(H(C)) pk )};
The attribute set S of the user comprises a position of the user, an age of the user and an identity ID of the user; a represents the attribute value of the position of the user, B represents the attribute value of the age of the user, and C represents the attribute value of the identity ID of the user C; h (a) represents a hash value of the position μposition of the user, H (B) represents a hash value of the age of the user, and H (C) represents a hash value of the identity ID of the user; (. Cndot. pk Representing homomorphic encryption algorithms.
Further, the process of encrypting the access policy using the homomorphic encryption algorithm includes:
the access policy is expressed as:
P=(position:A)AND((age:B)or(ID:D));
the process of encrypting the access policy includes:
P=(position:(H(A)+1) pk )AND((age:(H(B)+1) pk )OR(ID:(H(D)+1) pk ))
wherein, the access policy P represents a user with an attribute A and conforming to the attribute B or a user with an ID D, and D represents an attribute value of the ID of the user D; h (D) represents a hash value of the identity ID of the user D; (. Cndot. pk Representing homomorphic encryption algorithms; AND means AND operation, i.e. the values on both sides of AND are equal AND are both H (1) pk If the time is True, otherwise, returning to False;OR represents OR operates, i.e. the value on both sides of OR is H (1) pk Return True if not return False.
Further, after the access request is approximately received, the encrypted attribute value and the access policy are obtained through the corresponding interfaces, the corresponding attribute of the user is found according to the attribute name in the access policy, the difference value is calculated by utilizing the additive homomorphic property of the encryption algorithm, and the calculation of the difference value comprises:
Res=((H(A)+1)-H(A)) pk AND(((H(B)+1)-H(B)) pk )OR(((H(D)+1)-H(C)) pk )
wherein, when the difference Res is False, the user does not meet the access policy, and when Res is True, the user meets the access policy.
Further, the encryption step of the data owner through the CP-ABE algorithm comprises the following steps:
s31: by inputting the security parameter k into the generator, a set of parameters (G 0 ,G 1 P, g), public key PK and master key MK are calculated, expressed as:
PK={g,g β ,e(g,g) α ,h 1 ,h 2 ,…h U };
MK=g α ;
s32: the data owner runs an AES encryption algorithm to generate a symmetric key to encrypt data M to be shared, and ciphertext T=enc is obtained AES (M);
S33: the data owner runs the CP-ABE encryption algorithm, sets the access policy P and converts it into matrix a representing a matrix of lxn, randomly selects vectors
For each row A of A i Calculate->
Finally, ciphertext CT is obtained, which is expressed as:
CT=(C=key·e(g,g) αs ,C=g s ,(C 1 ,D 1 ),…,(C l ,D l ))
wherein Enc AES (-) represents the AES encryption algorithm; parameter G 0 And G 1 For a multiplication cyclic group with an order of p and a generator of g, p is a prime number, e is a bilinear map, expressed as e: g 0 ×G 0 →G 1 E (,) represents a bilinear mapping function; alpha, beta are two random numbers and alpha, beta epsilon Z p ,Z p Representing the non-negative minimum complete residual of modulo p; each attribute i epsilon U, randomly selects h 1 ,h 2 ,…h U ∈G 0 ;y 2 ,…,y n ∈Z p The method comprises the steps of carrying out a first treatment on the surface of the ρ represents a mapping function, will A i Mapped to a corresponding attribute lambda i The method comprises the steps of carrying out a first treatment on the surface of the s is a secret value; l represents the number of attributes in the access policy, n represents the number of attributes that solve the secret value; c (C) l C value representing the first attribute, expressed as
h l Representing a random value, r, corresponding to a first attribute in an access policy 1 ,r 2 ,…,r l ∈Z p Is a random number; d (D) l D-value representing the first attribute, denoted +.>
Further, the decryption process of the data requester includes:
s61: the data requester requests the attribute certification authority to obtain the private key SK, expressed as:
s62: the data requester decrypts the ciphertext CT according to the private key SK to obtain a symmetric key.
S63: the data requester decrypts the data through the symmetric key to obtain a final plaintext;
wherein t is a random number and t epsilon Z p The method comprises the steps of carrying out a first treatment on the surface of the x represents a certain attribute in the attribute set S; /represents a division operation;
and i= { I: ρ (i) ∈S; d (D) i A D value representing an ith attribute; k (K) i Representing a K value corresponding to the ith attribute; omega i Is a sum of i∈I ω i λ i A vector of =s.
The invention uses the chain code deployed in the blockchain to supervise the access request behavior of the user, realizes attribute hiding in access control through the homomorphic encryption system, protects the privacy of the user, realizes fine granularity and high-efficiency access control through the CP-ABE and AES encryption algorithm, and reduces the storage burden of the blockchain through the IPFS system.
Drawings
FIG. 1 is a flow chart of an access control method based on attribute and policy hiding of blockchain in accordance with the present invention;
FIG. 2 is a schematic diagram of an access tree of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The invention provides an access control method based on attribute and strategy hiding of a blockchain, which specifically comprises the following steps:
s1: initializing a blockchain network by an administrator, and creating a certificate for a node in the network;
s2: installing the access request chain code, the resource information management chain code and the attribute management chain code into a blockchain network and initializing;
s3: the data owner encrypts plaintext data by using an attribute encryption algorithm and an AES encryption algorithm and then uploads the encrypted plaintext data to an IPFS network to obtain a storage address Addr;
s4: the data owner initiates a request registration to an attribute authentication mechanism, the attribute authentication mechanism distributes attributes for the data owner and encrypts the data owner by using a homomorphic encryption algorithm, and the data owner uploads the data owner to a blockchain network through an attribute management chain code;
s5: the data owner invokes a resource information management chain code to upload the resource hash value H, the storage address Addr and the access strategy E (P) encrypted by using the homomorphic encryption algorithm into the blockchain network;
s6: and the data requester initiates a request to the data through the access request chain code, the encrypted access strategy and the encrypted attribute are verified in the blockchain, and if the encrypted access strategy and the encrypted attribute pass the verification, the encrypted access strategy and the encrypted attribute are decrypted to obtain the plaintext data.
In this embodiment, a chain code is written on a Hyperledger Fabric platform by using golang, where the chain code adopted in this embodiment includes an attribute verification chain code and an information management chain code, and specifically includes:
resource information management chain code
The resource information management chain code is used for realizing the uploading of the resource information (including the resource storage address, the resource hash value, the resource identification id and the like) of the user and the access strategy set by the user for the resource, and comprises the following interfaces:
an AddPolicy () interface for adding new resource information and a corresponding access policy to the blockchain;
an UpdatePolicy () interface, configured to receive a resource id and a corresponding new access policy, and use the new access policy to cover the old to achieve the effect of updating the access control policy;
DeletePolicy () interface for deleting the resource information stored in the blockchain and the corresponding access control policy;
and the QueryPolicy () interface is used for realizing the function of searching the corresponding access strategy by using the resource id as an index.
(II) Attribute management chain code
The attribute management chain code is used for receiving a user id transmitted from an attribute authentication center and an attribute set encrypted by using a homomorphic encryption algorithm, wherein the attribute is mainly the identity, the position, the address and the like of a user, and the chain code comprises the following interfaces:
and the AddAuttribute () interface is used for receiving and storing the user identity and the attribute set from the attribute authority.
And the updatetattribute () interface is used for receiving the new attribute set transmitted by the attribute authority, and covering the old according to the resource id and the new attribute set so as to achieve the effect of attribute updating.
Deletettribute () interface for deleting the attribute set corresponding to the user id.
The QueryAttribute () interface is used for obtaining the corresponding user attribute from the blockchain according to the identity. And the interface can only be invoked by the access request chain code.
(III) Access request chain code
The access request chain code is used for receiving an access request of a user, calling an encrypted access strategy and an encrypted user attribute to carry out matching verification, and returning a result, and comprises the following ports:
the Access check () port is used for carrying out matching verification according to the user id and the resource id call corresponding encrypted user attribute and the encrypted access strategy, and returning the result;
when the access request is verified, matching verification needs to be performed on the encrypted attribute and the access policy. Wherein, the attribute encryption is completed by an attribute authority, the attribute authority firstly calculates a hash value H of the attribute value, and then encrypts the hash value H through a Paillier homomorphic encryption algorithm to obtain H pk For example, a user has the following set of attributes:
S={(position:A),(age:B),(ID:C)}
the set of attributes uploaded onto the blockchain after encryption is as follows:
S={(position:H(A) pk ),(age:H(B) pk ),(ID:H(C) pk )}
the attribute set S of the user comprises a position of the user, an age of the user and an identity ID of the user;a represents the attribute value of the position of the user, B represents the attribute value of the age of the user, and C represents the attribute value of the identity ID of the user; h (a) represents a hash value of the position of the user, H (B) represents a hash value of the age of the user, and H (C) represents a hash value of the identity ID of the user; (. Cndot. pk Representing homomorphic encryption algorithms.
The encryption mode of the access strategy is similar to the encryption mode of the attribute, the hash value is calculated on the attribute in the access strategy, and then the homomorphic encryption algorithm is used for encryption. For example, the following access policies:
P=(position:A)AND((age:B)OR(ID:D))
the access policy uploaded to the blockchain after encryption processing is as follows:
P=(position:(H(A)+1) pk )AND((age:(H(B)+1) pk )OR(ID:(H(D)+1) pk ))
the access policy P represents a user with an attribute a and conforming to an attribute B or a user with an ID D.
After the access request is received, the encrypted attribute value and the access policy are obtained through the corresponding interfaces, the corresponding attribute of the user is found according to the attribute name in the access policy, and the difference value is calculated by utilizing the additive homomorphism property of the encryption algorithm, as follows:
Res=((H(A)+1)-H(A)) pk AND(((H(B)+1)-H(B)) pk )OR(((H(D)+1)-H(C)) pk )
wherein, the left AND right sides of the AND are equal in value AND are H (1) p When k is True, OR requires one of the edges to be H (1) pk Return True if not return False.
The paillier homomorphic encryption algorithm used therein is as follows:
and (3) key generation: first, two prime numbers p and q are randomly selected to ensure that the lengths of p and q are close or equal as much as possible. N=pq and λ=lcm (p-1, q-1) are calculated, lcm representing the least common multiple. Random selection
So that gcd (L (g) λ mod N 2 ) N) =1, let L (x) = (x-1)/N, μ= (L (g) λ mod N 2 )) -1 . Public key pk= (N, g), private key sk= (λ, μ).
Encryption: for plaintext m E Z N Selecting
Obtaining ciphertext c=g m r N modN 2 。
Decryption: m=l (c) λ modN 2 )*μ
The encryption step of the data owner through the CP-ABE algorithm comprises the following steps:
s31: by inputting the security parameter k into the generator, a set of parameters (G 0 ,G 1 ,p,g),G 0 And G 1 Generating a multiplication cyclic group with g for an order p, p being a prime number and e being a bilinear map e: g 0 ×G 0 →G 1 . Then randomly selecting two numbers alpha, beta epsilon Z p In addition, for each attribute i εU, h is randomly selected 1 ,h 2 ,…h U ∈G 0 Finally, the public key PK and the master key MK are calculated through formulas and sums.
PK={g,g β ,e(g,g) α ,h 1 ,h 2 ,…h U }
MK=g α
S32: the data owner runs an AES encryption algorithm to generate a symmetric key to encrypt data M to be shared, and ciphertext T=enc is obtained AES (M)。
S33: the data owner runs the CP-ABE encryption algorithm, sets the access policy P and converts it into matrix a representing a matrix of lxn, randomly selects vectors
For each row A of A i Calculate->
And finally obtaining the ciphertext CT.
Wherein r is 1 ,r 2 ,…,r l ∈Z p ;y 2 ,…,y n ∈Z p The method comprises the steps of carrying out a first treatment on the surface of the ρ represents a mapping function, will A i Mapped to a corresponding attribute equal to lambda i The method comprises the steps of carrying out a first treatment on the surface of the s is a secret value, which is a random number. The matrix a is transformed by an access structure tree, which follows the following rules:
traversing each node according to breadth-first algorithm and defining the root node as c=1 and
if the parent node is an or node, C and +.>
Unchanged; if the parent node is an and node, the right child node C is unchanged but +.>
On the right is connected 1, denoted +.>
Left child node C is unchanged +>
With 0 being connected to-1, expressed as (0, …, 0) | -1, wherein the number of 0 is equal to C; if the current branch is completely traversed, C is added with 1, other branches are traversed according to the breadth-first traversing sequence, and the steps are repeated to obtain the +.f of all leaf nodes>
A shared generator matrix M of M rows and d columns is formed. Specifically, an access tree as shown in FIG. 2, the vector of its leaf nodes is expressed as +.>
Finally, a matrix M with 4 rows and 3 columns is formed from top to bottom according to the traversing sequence, wherein the length deficiency is filled with 0. (1, 2) represents or and (2, 2) represents and in the tree.
The decryption process of the data requester includes:
s61: the data requester requests the attribute certification authority to obtain the private key SK.
Wherein t is Z p The method comprises the steps of carrying out a first treatment on the surface of the x corresponds to an attribute in the set of attributes, which may also be denoted by ρ (i).
S62: the data requester decrypts the ciphertext CT according to the private key SK to obtain a symmetric key.
Wherein omega i Make Sigma for a vector i∈I ω i λ i =s;
And i= { I: ρ (i) ∈S.
S63: the data requester decrypts the data through the symmetric key to obtain the final plaintext.
Although embodiments of the present invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made therein without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (9)
1. The access control method based on attribute and strategy hiding of the blockchain is characterized by comprising the following steps:
s1: initializing a blockchain network by an administrator, and creating a certificate for a node in the network;
s2: installing the access request chain code, the resource information management chain code and the attribute management chain code into a blockchain network and initializing;
s3: the data owner encrypts plaintext data by using an attribute encryption algorithm and an AES encryption algorithm and then uploads the encrypted plaintext data to an IPFS network to obtain a storage address Addr;
s4: the data owner initiates a request registration to an attribute authentication mechanism, the attribute authentication mechanism distributes attributes for the data owner and encrypts the data owner by using a homomorphic encryption algorithm, and the data owner uploads the data owner to a blockchain network through an attribute management chain code;
s5: the data owner invokes a resource information management chain code to upload the resource hash value H, the storage address Addr and the access strategy E (P) encrypted by using the homomorphic encryption algorithm into the blockchain network;
s6: and the data requester initiates a request to the data through the access request chain code, the encrypted access strategy and the encrypted attribute are verified in the blockchain, and if the encrypted access strategy and the encrypted attribute pass the verification, the encrypted access strategy and the encrypted attribute are decrypted to obtain the plaintext data.
2. The access control method based on attribute and policy hiding of a blockchain as claimed in claim 1, wherein the resource information management chain code is used for obtaining resource information of a user, and uploading an access policy set for the resource by the user, and the resource information of the user includes a resource storage address, a resource hash value and a resource identification id; the resource information management chain code comprises the following interfaces:
an AddPolicy () interface for adding new resource information and a corresponding access policy to the blockchain;
an UpdatePolicy () interface, configured to receive a resource id and a corresponding new access policy, and use the new access policy to cover the old to achieve the effect of updating the access control policy;
DeletePolicy () interface for deleting the resource information stored in the blockchain and the corresponding access control policy;
and the QueryPolicy () interface is used for realizing the function of searching the corresponding access strategy by using the resource id as an index.
3. The access control method based on attribute and policy hiding of block chain according to claim 1, wherein the attribute management chain code is used for receiving user id transmitted from the attribute authentication center and the encrypted attribute set using homomorphic encryption algorithm; the attribute management chain code includes the following interfaces:
an AddAuttribute () interface for receiving and storing the user identity and the attribute set from the attribute authority;
an updatetattribute () interface, configured to receive a new attribute set sent by an attribute authority, and cover an old attribute set according to a resource id and the new attribute set, so as to achieve an attribute update effect;
deletet attribute () interface for deleting the attribute set corresponding to the user id;
the QueryAttribute () interface is used for obtaining the corresponding user attribute from the blockchain according to the identity, and the interface can only be called by the access request chain code.
4. The access control method based on attribute and policy hiding of block chain according to claim 1, wherein the access request chain code is used for receiving the access request of the user, invoking the encrypted access policy and the encrypted user attribute to perform matching verification, and returning the result; the access request chain code includes the following ports:
and the Access check () port is used for carrying out matching verification according to the user id and the resource id, calling the corresponding encrypted user attribute and the encrypted access strategy, and returning the result.
5. The access control method based on attribute and policy hiding of block chain according to claim 1, wherein the attribute encryption is completed by an attribute authority, the attribute authority calculates a hash value H of the attribute value first, and encrypts the hash value H by a Paillier homomorphic encryption algorithm to obtain an encrypted hash value, specifically comprising the following steps:
if the attribute set of the user is expressed as: s= { (position: a), (age: B), (ID: C) };
the set of attributes uploaded onto the blockchain after encryption is represented as: s= { (position (H (A)) pk ),(age:(H(B)) pk ),(ID:(H(C)) pk )};
The attribute set S of the user comprises a position of the user, an age of the user and an identity ID of the user; a represents the attribute value of the position of the user, B represents the attribute value of the age of the user, and C represents the attribute value of the identity ID of the user; h (a) represents a hash value of the position of the user, H (B) represents a hash value of the age of the user, and H (C) represents a hash value of the identity ID of the user; (. Cndot. pk Representing homomorphic encryption algorithms.
6. The access control method based on attribute and policy hiding of block chain according to claim 1, wherein the process of encrypting the access policy using homomorphic encryption algorithm comprises:
the access policy is expressed as:
P=(position:A)AND((age:B)or(ID:D));
the process of encrypting the access policy includes:
P=(position:(H(A)+1) pk )AND((age:(H(B)+1) pk )OR(ID:(H(D)+1) pk ))
the access policy P represents a user with an attribute of A and conforming to an attribute of B or a user with an ID of D, wherein an attribute set S of the user comprises a position of the user, an age of the user and an ID of the user, A represents an attribute value of the position of the user, B represents an attribute value of the age of the user, and C represents an attribute value of the ID of the user; h (a) represents a hash value of the position of the user; h (B) represents a hash value of age of the user, and H (C) represents a hash value of identity ID of the user; (. Cndot. pk Representing homomorphic encryption algorithms; AND means AND operation, i.e. the values on both sides of AND are equal AND are both H (1) pk If the time is True, otherwise, returning to False; OR represents OR operates, i.e. the value on both sides of OR is H (1) pk Return True if not return False.
7. The access control method based on attribute and policy hiding of claim 6, wherein the access request, after receiving the access request, obtains an encrypted attribute value and access policy through a corresponding interface, finds a corresponding attribute of a user according to an attribute name in the access policy, calculates a difference value by using an additively homomorphic property of an encryption algorithm, and the calculating of the difference value includes:
Res=((H(A)+1)-H(A)) pk AND(((H(B)+1)-H(B)) pk )OR(((H(D)+1)-H(C)) pk )
wherein, the left AND right sides of the AND are equal in value AND are H (1) pk If the time is True, otherwise, returning to False; OR requires one of the edges to be H (1) pk Returning True if not, otherwise returning False; when the difference Res is False, the user does not meet the access policy, and when the Res is True, the user meets the access policy.
8. The access control method based on attribute and policy hiding of blockchain according to claim 1, wherein the data owner encrypting step by CP-ABE algorithm comprises:
s31: by inputting the security parameter k into the generator, a set of parameters (G 0 ,G 1 P, g), public key PK and master key MK are calculated, expressed as:
PK={g,g β ,e(g,g) α ,h 1 ,h 2 ,…h U };
MK=g α ;
s32: the data owner runs an AES encryption algorithm to generate a symmetric key to encrypt data M to be shared, and ciphertext T=enc is obtained AES (M);
S33: the data owner runs the CP-ABE encryption algorithm, sets the access policy P and converts it into matrix a representing a matrix of lxn, randomly selects vectors
For each row A of A i Calculate->
Finally, ciphertext CT is obtained, which is expressed as:
CT=(C=key·e(g,g) αs ,C'=g s ,(C 1 ,D 1 ),…,(C l ,D l ))
wherein Enc AES (-) represents the AES encryption algorithm; parameter G 0 And G 1 The multiplication cyclic group with the order of p and the generator of G is represented as e, wherein p is prime number, e is bilinear mapping and is represented as e: G 0 ×G 0 →G 1 E (,) represents a bilinear mapping function; alpha, beta are two random numbers and alpha, beta epsilon Z p ,Z p Representing the non-negative minimum complete residual of modulo p; each attribute i epsilon U, randomly selects h 1 ,h 2 ,…h U ∈G 0 ;y 2 ,…,y n ∈Z p The method comprises the steps of carrying out a first treatment on the surface of the ρ represents a mapping function, will A i Mapped to a corresponding attribute lambda i The method comprises the steps of carrying out a first treatment on the surface of the s is a secret value; l represents the number of attributes in the access policy, n represents the number of attributes that solve the secret value; c (C) l C value representing the first attribute, expressed as
h l Representing a random value, r, corresponding to a first attribute in an access policy 1 ,r 2 ,…,r l ∈Z p Is a random number; d (D) l D-value representing the first attribute, denoted +.>
9. The access control method based on attribute and policy hiding of a blockchain of claim 8, wherein the decryption process of the data requester includes:
s61: the data requester requests the attribute certification authority to obtain the private key SK, expressed as:
s62: the data requester decrypts the ciphertext CT according to the private key SK to obtain a symmetric key.
S63: the data requester decrypts the data through the symmetric key to obtain a final plaintext;
wherein t is a random number and t epsilon Z p The method comprises the steps of carrying out a first treatment on the surface of the x represents a certain attribute in the attribute set S; /represents a division operation;
and i= { I: ρ (I) ∈s }; d (D) i A D value representing an ith attribute; k (K) i Representing a K value corresponding to the ith attribute; omega i Is a sum of i∈I ω i λ i A vector of =s.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310394979.4A CN116319058A (en) | 2023-04-13 | 2023-04-13 | Access control method based on attribute and strategy hiding of blockchain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310394979.4A CN116319058A (en) | 2023-04-13 | 2023-04-13 | Access control method based on attribute and strategy hiding of blockchain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116319058A true CN116319058A (en) | 2023-06-23 |
Family
ID=86788787
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310394979.4A Pending CN116319058A (en) | 2023-04-13 | 2023-04-13 | Access control method based on attribute and strategy hiding of blockchain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116319058A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116566745A (en) * | 2023-07-11 | 2023-08-08 | 国网湖北省电力有限公司武汉供电公司 | Block chain-based data sharing and monitoring system and method |
-
2023
- 2023-04-13 CN CN202310394979.4A patent/CN116319058A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116566745A (en) * | 2023-07-11 | 2023-08-08 | 国网湖北省电力有限公司武汉供电公司 | Block chain-based data sharing and monitoring system and method |
| CN116566745B (en) * | 2023-07-11 | 2023-10-13 | 国网湖北省电力有限公司武汉供电公司 | Block chain-based data sharing and monitoring system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111916173B (en) | Medical data safety sharing system and method based on IPFS and alliance chain | |
| Li et al. | An efficient attribute-based encryption scheme with policy update and file update in cloud computing | |
| Huang et al. | Secure data access control with ciphertext update and computation outsourcing in fog computing for Internet of Things | |
| Zhou et al. | Achieving secure role-based access control on encrypted data in cloud storage | |
| Maffei et al. | Privacy and access control for outsourced personal records | |
| CN111835500A (en) | Searchable encryption data secure sharing method based on homomorphic encryption and block chain | |
| CN106059763B (en) | The properties base multi-mechanism hierarchical Ciphertext policy weight encryption method of cloud environment | |
| JP2008527866A (en) | Encryption key method and device based on identification information | |
| CN110365469B (en) | Data integrity verification method in cloud storage supporting data privacy protection | |
| CN110390203B (en) | Strategy hidden attribute-based encryption method capable of verifying decryption authority | |
| Ming et al. | Efficient revocable multi-authority attribute-based encryption for cloud storage | |
| CN108462575A (en) | Upload data ciphering method based on no trusted party thresholding Hybrid Encryption | |
| CN111917721A (en) | Attribute encryption method based on block chain | |
| CN116112244A (en) | Access control method based on blockchain and attribute-based encryption | |
| CN107086912A (en) | Ciphertext conversion method, decryption method and system in a kind of heterogeneous storage system | |
| Chaudhary et al. | RMA-CPABE: A multi-authority CPABE scheme with reduced ciphertext size for IoT devices | |
| Alimohammadi et al. | A secure key-aggregate authentication cryptosystem for data sharing in dynamic cloud storage | |
| CN116319058A (en) | Access control method based on attribute and strategy hiding of blockchain | |
| CN114697042A (en) | Block chain-based Internet of things security data sharing proxy re-encryption method | |
| CN104144057B (en) | A kind of CP ABE methods for generating secure decryption key | |
| Zhang et al. | Blockchain-aided anonymous traceable and revocable access control scheme with dynamic policy updating for the cloud IoT | |
| Peng et al. | A Secure Signcryption Scheme for Electronic Health Records Sharing in Blockchain. | |
| CN111447058B (en) | Book resource access control method based on Chinese remainder theorem | |
| Zhang et al. | Data owner based attribute based encryption | |
| CN117097469A (en) | Data hierarchical access control method based on attribute encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |