CN117220897A - Traceable and revocable attribute-based encryption method with complete policy hiding - Google Patents

Traceable and revocable attribute-based encryption method with complete policy hiding Download PDF

Info

Publication number
CN117220897A
CN117220897A CN202310267137.2A CN202310267137A CN117220897A CN 117220897 A CN117220897 A CN 117220897A CN 202310267137 A CN202310267137 A CN 202310267137A CN 117220897 A CN117220897 A CN 117220897A
Authority
CN
China
Prior art keywords
attribute
algorithm
ciphertext
policy
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202310267137.2A
Other languages
Chinese (zh)
Inventor
郭丽峰
徐卓恒
贾孟飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanxi University
Original Assignee
Shanxi University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanxi University filed Critical Shanxi University
Priority to CN202310267137.2A priority Critical patent/CN117220897A/en
Publication of CN117220897A publication Critical patent/CN117220897A/en
Withdrawn legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses an attribute-based encryption method with complete strategy hiding. Nowadays, more and more data are sent to the cloud for analysis and storage, and data security in the cloud is widely concerned. Among them, the attribute-based encryption (CP-ABE) of ciphertext policies is considered one of the most promising data protection techniques. However, in most CP-ABE schemes, an attacker can obtain user privacy information from the policy plaintext, requiring us to hide the policy. When the decryption key is revealed, the identity of the user cannot be accurately confirmed, and the malicious user needs to be tracked and revoked. In view of the above, the present invention proposes a CP-ABE scheme that enables the application of policy complete hiding, traceability and revocability, using hiding set intersection (PSI) to hide attribute values and attribute names in the policy. To improve the efficiency of the scheme, we use offline/online confidentiality and outsource decryption techniques to provide lightweight processing. Finally, based on the q-BDHE assumption, we demonstrate that the scheme has selective plaintext security under a standard model.

Description

Traceable and revocable attribute-based encryption method with complete policy hiding
Technical Field
The invention belongs to the field of privacy protection, and mainly relates to a traceable and revocable attribute-based encryption method with complete policy hiding, which provides a basis for ensuring privacy security of users.
Background
Intelligent health (S-health) is an intelligent medical information technology that uses multiple sensor devices and other technologies to access patient health data and connect individuals, resources, and organizations to intelligently respond to health needs. Compared with the traditional medical service mode, the intelligent health (S-health) improves the working efficiency of doctors, and realizes interconnection and sharing of medical information. The problem of disclosure of the privacy of the intelligent health record is solved, and the method has important significance for users and the whole country.
The access policy in the conventional ABE scheme proposed in recent years is stored in the cloud server together with the ciphertext, so that anyone who can retrieve the ciphertext can use the related access policy. However, the access policy may also contain sensitive information. For example, the medical record is an access policy "neurology AND (sector OR numers)". We can see that a patient of a medical record may have neurological problems and it is therefore necessary to hide such information. In the ABE system, there may be a malicious user who leaks the decryption key to a third party, and since the decryption key is associated with an attribute, the user who leaks the decryption key cannot be determined. This requires tracking and revocation of malicious users. Therefore, how to design a method for protecting privacy and security of users, tracking malicious users and canceling encryption of the malicious users is a key problem to be solved at present.
Disclosure of Invention
In order to overcome the problems in the prior art, the invention provides a traceable revocable attribute-based encryption method with complete policy hiding. The PSI technology is adopted to realize complete hiding of the strategy, and the online/offline encryption technology is used to reduce the user encryption overhead. In addition, the scheme adopts the outsourcing decryption technology to outsource most of calculation to the medical cloud server, so that the calculation cost of the data user is reduced. In addition, the present scheme may track the user based on the user's decryption key and then revoke the user by using the leaf node values of the binary tree associated with the user information. The method comprises the following specific steps:
1) System initialization algorithm
Setup(1 λ T) → (pp, msk). The CA runs the algorithm and inputs a binary tree T and a security parameter lambda. The public parameter pp and the system master key msk are output and the CA also maintains the revocation list R.
2) Key generation algorithm
KeyGen (pp, msk, u, S). Fwdarw.SK. CA runs the algorithm, inputs the public parameter pp, the user identity u, the set of attributes S and a master key msk, and then generates and sends a decryption key SK to the user. Wherein SK is composed of a decryption key DK and a conversion key TK.
3) Off-line encryption algorithm
Enc.off (pp) →it. DO runs the algorithm and inputs the common parameter pp. The intermediate ciphertext IT is output.
4) Online encryption algorithm
Enc.on (M, pp, (M, ρ), IT, R) →ct. DO runs the algorithm, inputting the public parameter pp, message M, access policy (M, p), intermediate ciphertext IT and revocation list R. And outputting the ciphertext CT.
5) Policy hiding algorithm
PoliceHide (pp, policy) → (CP, LM, LV). DO runs the algorithm and inputs the common parameter pp and access policy. The ciphertext policy CP, the tag matrix LM, and the tag vector LV are output.
6) Decryption test algorithm
DecTest (pp, S, CP, LM, LV, LS'). Fwdarw.true/False, map. The DU runs the algorithm, inputting the common parameters pp, the set of attributes S, the ciphertext policies CP, and some tags. An authorization relationship is determined by computing an intersection between the set of user attributes and each minimum authorization set of policies. When the user's set of attributes contains their intersection, the user is authorized. If the user's set of attributes does not contain their intersection, we say that the user is unauthorized. When S is an authorized set, true and the mapping between the key and ciphertext is output. If not, output False, the algorithm terminates.
7) Outsourcing decryption algorithm
Decout (TK, CT, map, CP). Fwdarw.CTout. The CPS runs the algorithm and inputs a conversion key TK, a ciphertext CT, a mapping relation Map and a ciphertext strategy CP. And outputting part of ciphertext CTout and sending the part of ciphertext CTout to the DU.
8) Decryption algorithm
Dec (pp, CTout, DK). Fwdarw.m. The DU runs the algorithm, inputting the public parameter pp, the partial ciphertext CTout and the decryption key DK. The message m is output.
9) Key checking algorithm
KeySanityCheck (pp, msk, SK). Fwdarw.0/1. CA runs the algorithm, inputs public parameter pp and user's key SK, then the algorithm checks whether it needs to track the decryption key SK, if it passes the key integrity check, the algorithm outputs 1; otherwise, the algorithm outputs 0.
10 Tracking algorithm)
Trace (pp, SK, R) →u/∈. The CA runs the algorithm, inputting the public parameter pp, the user's key SK and the revocation list. If SK passes KeySanityCheck, then the algorithm outputs user identity u and updates user revocation list R' =R { u }; otherwise, the algorithm is terminated and the T is output.
11 Ciphertext updating algorithm
CTupdate (CT, R ', X '). Fwdarw.CT '. The CS runs the algorithm, inputting the ciphertext CT, the updated revocation list R 'and the updated key X'. And outputting the updated ciphertext CT 'and storing the updated ciphertext CT' in the cloud.
Drawings
FIG. 1 is a diagram of a traceable revocable attribute-based encryption methodology model with complete policy hiding;
FIG. 2 is a diagram of a traceable revocable attribute-based encryption methodology map with full policy hiding;
FIG. 3 is a performance diagram of stages of a traceable revocable attribute-based encryption method with complete policy hiding;
Detailed Description
The attribute encryption method based on privacy protection in the embodiment comprises the following steps:
(1)Setup(1 λ ) → (pp, msk). G and G T Is a multiplication cyclic group with 2 orders as prime number p, the random generator of group G is G, and a bilinear mapping e is defined as G×G- & gtG T . CA selects random number alpha epsilon Z p . h, u, v, w.epsilon.G. For each node in the binary tree T, randomly selectingAnd calculate +.>The common parameter pp and master key msk are as follows: pp= (g, e (g, g) α ,h,u,v,w)msk=(α,g α )
(2) KeyGen (pp, msk, S). Fwdarw.SK. CA selects random number Z epsilon Z p . Also select k+1 random numbers (r, r 1 ,r 2 ,…,r k )∈Z p . Let Path (i) d )={i 0 ,…,i d (i) 0 =root,i d Is the value of the binary tree leaf node associated with user u, calculates the decryption key component associated with user uDecryption key DK and conversion key TK.Dk=z finally, the output key sk= { DK, TK }
(3) Enc.off (pp) →it. In the off-line encryption stage, the algorithm generates an intermediate ciphertext IT, which consists of a main module and an attribute module. The main modules are calculated as follows: DO selects a random number s.epsilon.Z p Then calculateAnd->DO set->Is the main module. In addition, the calculation method of the attribute module is as follows: DO selects a random number x i ,t ii '∈Z p And calculate +.>Where i ε J, J represents the size of the intermediate ciphertext pool for temporarily storing intermediate ciphertext. DO set->Last DO definition it= { IT main ,IT att As intermediate ciphertext.
(4) Enc.on (M, pp, (M, ρ), IT, R) →ct. Revocation list R, where M is a matrix of l x n, DO selects v randomly 2 ,v 3 ,…,v n ∈Z p Setting a vectorAnd calculate->As an effective shared vector of s. DO selects any master module from the ciphertext pool +.>And selecting any attribute moduleDO set-upAnd calculates the following ciphertext: { C 4,i =λ ii ',C 5,i =-t i (ρ(i)-x i )} i∈[l] Thus, ciphertext
(5) PoliceHide (pp, policy) → (CP, LM, LV). Each row in the label matrix LM is calculated to correspond to a minimum authorization set, and each column in LM is associated with the same attribute. LM is a matrix of n×|ap| magnitude, where each element LM in LM i,j Is a Boolean value, when LM i,j When=1, the attribute a is described j Is contained in Y i Is a kind of medium. At the same time DO generates an ordered mapping row vector LV= { LV 0 ,LV 1 ,…,LV l-1 Between the access matrix and AP' for which the attribute set is identical. When ρ (j) =a i When LV is i =j。
Minimum authorization set Y i Corresponding polynomial f i (x) Let Y be i ={A i,0 ,A i,1 ,…,A i,n-1 },|Y i The policy ciphertext for each minimum authorization set is then calculated as follows:
cp i =cp i|Yi| ||cp i,|Yi|-1 ||…||cp i,0
CP=cp 1 ||cp 2 ||…||cp N ||LM||LV
(6)DecTest(pp,S,CP,LM,LV,LS')→(True/False,Map)。
for example: assume the policy is "{ A 1 OR A 2 }AND{A 3 OR A 4 "the minimum grant set is { { { A }" 1 ,A 3 },{A 1 ,A 4 },{A 2 ,A 3 },{A 2 ,A 4 }, ordered set of policy attributes AP' = { a 1 ,A 2 ,A 3 ,A 4 Mapping function ρ in access control structure, { ρ (1) =a } 3 ,ρ(2)=A 4 ,ρ(3)=A 2 ,ρ(4)=A 1 }. User u 1 Attribute set s= { a 5 ,A 3 ,A 6 ,A 1 Then the ordered set of attributes S' = { a } 1 ,A 3 ,A 5 ,A 6 }. Because S contains the minimum authorization set { A } 1 ,A 3 Ls= {1, 0} can be derived. LS ' represents the relationship between the order of attributes in the key and the order of attributes in the ordered set S ', so LS ' = {3,1,0,2}. According to LM and LS, the corresponding relation between the ordered attribute set and the ordered user attribute set of the strategy can be established. The mapping between ciphertext and key can then be known by LV and LS'. An attribute of 0 in the ranked attribute set of policies corresponds to an attribute of 0 in the ranked user attribute set. A policy with index 2 corresponds to an attribute with index 1. Thus, the mapping relationship between ciphertext and key is as follows:
(7)Decout(TK,CT,Map,CP)→CTout。
case1: if u is E R, the algorithm is terminated, and T is output.
Case2: if it isThe following algorithm is then executed:
1. for the followingThere is one node j e cover (R) ≡path (u), assuming path (u) = { i 0 ,i dept(j) ,…,i d (i) dept(j) =j, and i d Is the leaf node value associated with user u in the binary tree, calculated by the algorithmThen calculate b=e (K u ,T j ) θ =e(g,g) rs
2. Let theDefined as i= { i|ρ (I) ∈s }, there is a set of constants { ω } i ∈Z p } i∈I Make the followingTherefore there is->And then calculating:
(8)Dec(pp,CTout,DK)→m
(9)KeySanityCheck(pp,msk,SK)→0/1。
z∈Z p ,K,L,K u ,K 1,i ,K 2,i ∈G
if e (K, g) z )=e(g,g) α e(L z ,w)e(L z G) +.1, keysanitycheck algorithm returns 1. Otherwise the KeySanityCheck algorithm returns 0.
(10) Trace (pp, SK, R) →u/∈. The algorithm is executed by an authority. If the decryption key SK fails the key integrity check, the algorithm will abort and output T. Otherwise, the algorithm performs as follows:
1. searching a binary tree with a median of i d Leaf node of (1), output and i d An associated user u. If no such node exists, the algorithm is aborted and output.
2. If it isU is added to the revocation list R and thus the new revocation list R' =rsu { u }.
(11) CTupdate (CT, R ', X '). Fwdarw.CT '. CA randomly selects eta epsilon Z p And calculateAnd then sent to the cloud via a secure channel. Let cover (R ') be the smallest set of covers associated with the latest revocation list R'. Given j '∈cover (R'), there are two cases:
1. if j ε cover (R) exists such that j=j', then T is set j =T j'
2. If j ε cover (R) exists such that j is an ancestor of j ', assume path (j')=path (j)/(u { i) dept(j)+1 ,…,i dept(j') (i) dept(j) =j,i dept(j') =j'. Let Y j =T j And iterate the calculationWhere k=dept (j), …, dept (j').
Ciphertext component associated with access policy is unchanged and last updated ciphertextIs that
To further evaluate the performance of this patent, we implemented this patent in the python language based on the Charm library. The experimental operating environment is as follows: the operating system is Linux, the mirror image is Ubuntu 18.04.6, and the processor is AMD Ryzen 7 5800H with Radeon Graphics@3.20GHz,4GB memory. The number of attributes in the access strategy is increased from 0 to 20, and the number of user attributes meeting the access strategy is also increased from 0 to 20, the experiment is performed 100 times, and the average value of the 100 experimental results is taken as the final result of the experiment, so that the accuracy of the experiment is ensured.
As shown in fig. 3, in the aspect of attribute authority initialization, the initialization time of the document [22] is low because this scheme has no tracking and revocation functions, while in order to implement tracking and revocation, the initialization phase of our scheme and document [31] needs to initialize a binary tree, thus consuming longer time than the document [22 ]; in the aspect of key generation, the time consumed by the key generation of the three schemes is in linear relation with the attribute quantity; in terms of data owner encryption, the time required by the encryption of the document [31] and the document [22] is in a linear relation with the number of attributes, and the scheme is in a constant level, because the encryption stage of the scheme transfers a large amount of computation to an offline stage, and only the online stage needs to execute lightweight operation; in terms of data user decryption, the decryption time of the document [31] is in a linear relation with the number of attributes, while the decryption time of the document [22] and our scheme is in a constant order, because most of the decryption is carried out to the proxy cloud server, and the user only needs to execute a small amount of decryption operation.
Comparison document:
[22]Yang L,Li C,Cheng Y,Yu S,Ma J,Achieving privacy preserving sensitive attributes for large universe based on private set intersection[J].Inform Sci 2022:582:529–546.
[31]D.Han,N.Pan and K.-C.Li,ATraceable and Revocable Ciphertext-Policy Attribute-based Encryption Scheme Based on Privacy Protection[J].in IEEE Transactions on Dependable and Secure Computing,vol.19,no.1,pp.316-327,1Jan.-Feb.2022。

Claims (1)

1. the attribute encryption method based on privacy protection is characterized by comprising the following steps:
(1)Setup(1 λ ) → (pp, msk). G and G T Is a multiplication cyclic group with 2 orders as prime number p, the random generator of group G is G, and a bilinear mapping e is defined as G×G- & gtG T . CA selects random number alpha epsilon Z p . h, u, v, w ε G; for each node in the binary tree T, randomly selectingAnd calculate +.>The common parameter pp and master key msk are as follows: pp= (g, e (g, g) α ,h,u,v,w)msk=(α,g α )
(2) KeyGen (pp, msk, S). Fwdarw.SK. CA selects random number Z epsilon Z p . Also select k+1 random numbers (r, r 1 ,r 2 ,…,r k )∈Z p The method comprises the steps of carrying out a first treatment on the surface of the Let Path (i) d )={i 0 ,…,i d (i) 0 =root,i d Is the value of the binary tree leaf node associated with user u, calculates the decryption key component associated with user uDecryption key DK and conversion key TK;dk=z finally, the output key sk= { DK, TK }
(3) Enc.off (pp) →IT; in an offline encryption stage, an algorithm generates an intermediate ciphertext IT, which consists of a main module and an attribute module; the main modules are calculated as follows: DO selects a random number s.epsilon.Z p Then calculateAnd->DO set->Is the main module;
the calculation method of the attribute module is as follows: DO selects a random number x i ,t ii '∈Z p And calculateWherein i is E J, J represents the size of the intermediate ciphertext pool for temporarily storing the intermediate ciphertext; DO set->Last DO definition it= { IT main ,IT att As intermediate ciphertext;
(4) Enc.on (M, pp, (M, ρ), IT, R) →ct; revocation list R, where M is a matrix of l x n, DO selects v randomly 2 ,v 3 ,…,v n ∈Z p Setting a vectorAnd calculate->An effective shared vector as s; DO selects any master module from the ciphertext pool +.>And selecting any attribute moduleDO set-up
And calculates the following ciphertext: { C 4,i =λ ii ',C 5,i =-t i (ρ(i)-x i )} i∈[l]
Thus, ciphertext
(5) PoliceHide (pp, policy) → (CP, LM, LV); calculating a label matrix LM, wherein each row in the LM corresponds to a minimum authorization set, and each column in the LM is related to the same attribute; LM is a matrix of n×|ap| magnitude, where each element LM in LM i,j Is a Boolean value, when LM i,j When=1, the attribute a is described j Is contained in Y i In (a) and (b); at the same time DO generates an ordered mapping row vector LV= { LV 0 ,LV 1 ,…,LV l-1 Between the access matrix and the AP' with the same set of attributes; when ρ (j) =a i When LV is i =j;
Minimum authorization set Y i Corresponding polynomial f i (x) Let Y be i ={A i,0 ,A i,1 ,…,A i,n-1 },|Y i The policy ciphertext for each minimum authorization set is then calculated as follows:
f i (x)=(x-A i,0 )(x-A i,1 )…(x-A i,n-1 )
=x n +a n-1 x n-1 +…+a 1 x+a 0
cp i =cp i|Yi| ||cp i,|Yi|-1 ||…||cp i,0
CP=cp 1 ||cp 2 ||…||cp N ||LM||LV
(6)DecTest(pp,S,CP,LM,LV,LS')→(True/False,Map);
for example: assume the policy is "{ A 1 OR A 2 }AND{A 3 OR A 4 "the minimum grant set is { { { A }" 1 ,A 3 },{A 1 ,A 4 },{A 2 ,A 3 },{A 2 ,A 4 }, ordered set of policy attributes AP' = { a 1 ,A 2 ,A 3 ,A 4 Mapping function ρ in access control structure, { ρ (1) =a } 3 ,ρ(2)=A 4 ,ρ(3)=A 2 ,ρ(4)=A 1 -a }; user u 1 Attribute set s= { a 5 ,A 3 ,A 6 ,A 1 Then the ordered set of attributes S' = { a } 1 ,A 3 ,A 5 ,A 6 -a }; because S contains the minimum authorization set { A } 1 ,A 3 Ls= {1, 0}; LS ' represents the relationship between the order of attributes in the key and the order of attributes in the ordered set S ', so LS ' = {3,1,0,2}. According to LM and LS, the corresponding relation between the ordered attribute set of the strategy and the ordered user attribute set can be established; then, the mapping relation between the ciphertext and the secret key can be known through LV and LS'; the attribute with index 0 in the ordered attribute set of the policy corresponds to the attribute with index 0 in the ordered user attribute set; a policy with index 2 corresponds to an attribute with index 1; thus, the mapping relationship between ciphertext and key is as follows:
(7)Decout(TK,CT,Map,CP)→CTout;
case1: if u is E R, the algorithm is terminated, and T is output;
case2: if it isThe following algorithm is then executed:
1. for the followingThere is one node j e cover (R) ≡path (u), assuming path (u) = { i 0 ,i dept(j) ,…,i d (i) dept(j) =j, and i d Is associated with user u in a binary treeLeaf node value, algorithm calculation +.>Then calculate b=e (K u ,T j ) θ =e(g,g) rs
2. Let theDefined as i= { i|ρ (I) ∈s }, there is a set of constants { ω } i ∈Z p } i∈I Make the followingTherefore there is->And then calculating:
(8)Dec(pp,CTout,DK)→m
(9)KeySanityCheck(pp,msk,SK)→0/1;
z∈Z p ,K,L,K u ,K 1,i ,K 2,i ∈G
if e (K, g) z )=e(g,g) α e(L z ,w)e(L z G) +.1, keysanitycheck algorithm returns 1; otherwise, the KeySanityCheck algorithm returns 0;
(10) Trace (pp, SK, R) →u/∈; the algorithm is executed by an authority. If the decryption key SK cannot pass the key integrity check, the algorithm is stopped and the T is output; otherwise, the algorithm performs as follows:
1. searching a binary tree with a median of i d Leaf node of (1), output and i d An associated user u; if no node exists, the algorithm is stopped, and the T is output;
2. if it isU is added to the revocation list R and thus the new revocation list R' =rsu { u };
(11) CTUpdate (CT, R ', X ')→ct '; the cloud server runs the algorithm, CA randomly selects eta epsilon Z p And calculateThen the cloud terminal sends the cloud terminal to the cloud terminal through a secure channel; setting the cover (R ') as the smallest coverage set associated with the latest revocation list R'; given j '∈cover (R'), there are two cases:
1. if j ε cover (R) exists such that j=j', then T is set j =T j'
2. If j ε cover (R) exists such that j is an ancestor of j ', assume path (j')=path (j)/(u { i) dept(j)+1 ,…,i dept(j') (i) dept(j) =j,i dept(j') =j'; let Y j =T j And iterate the calculationWhere k=dept (j), …, dept (j');
ciphertext component associated with access policy is unchanged, and the last updated ciphertext is
CN202310267137.2A 2023-03-17 2023-03-17 Traceable and revocable attribute-based encryption method with complete policy hiding Withdrawn CN117220897A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310267137.2A CN117220897A (en) 2023-03-17 2023-03-17 Traceable and revocable attribute-based encryption method with complete policy hiding

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310267137.2A CN117220897A (en) 2023-03-17 2023-03-17 Traceable and revocable attribute-based encryption method with complete policy hiding

Publications (1)

Publication Number Publication Date
CN117220897A true CN117220897A (en) 2023-12-12

Family

ID=89037657

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310267137.2A Withdrawn CN117220897A (en) 2023-03-17 2023-03-17 Traceable and revocable attribute-based encryption method with complete policy hiding

Country Status (1)

Country Link
CN (1) CN117220897A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107294718A (en) * 2017-08-09 2017-10-24 长安大学 Voidable key strategy is based on encryption attribute method in a kind of master pattern
WO2018113563A1 (en) * 2016-12-21 2018-06-28 哈尔滨工业大学深圳研究生院 Database query method and system having access control function
WO2018165835A1 (en) * 2017-03-14 2018-09-20 深圳大学 Cloud ciphertext access control method and system
CN110457930A (en) * 2019-08-16 2019-11-15 上海海事大学 The attribute base encryption method and system of the hiding traceable revocation malicious user of strategy
CN114143072A (en) * 2021-11-29 2022-03-04 长春理工大学 CP-ABE-based attribute revocation optimization method and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018113563A1 (en) * 2016-12-21 2018-06-28 哈尔滨工业大学深圳研究生院 Database query method and system having access control function
WO2018165835A1 (en) * 2017-03-14 2018-09-20 深圳大学 Cloud ciphertext access control method and system
CN107294718A (en) * 2017-08-09 2017-10-24 长安大学 Voidable key strategy is based on encryption attribute method in a kind of master pattern
CN110457930A (en) * 2019-08-16 2019-11-15 上海海事大学 The attribute base encryption method and system of the hiding traceable revocation malicious user of strategy
CN114143072A (en) * 2021-11-29 2022-03-04 长春理工大学 CP-ABE-based attribute revocation optimization method and system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
古丽米热·尔肯: "《部分属性隐藏的 LSSS 访问结构属性基加密研究》", 《中国优秀硕士学位论文全文数据库(电子期刊)》, 15 July 2021 (2021-07-15), pages 13 - 15 *
程昱婷: "《面向智慧医疗的属性隐私保护和数据可信删除研究》", 《中国优秀硕士学位论文全文数据库(电子期刊)》, 15 May 2021 (2021-05-15), pages 17 - 43 *

Similar Documents

Publication Publication Date Title
CN110474893B (en) Heterogeneous cross-trust domain secret data secure sharing method and system
Hua et al. CINEMA: Efficient and privacy-preserving online medical primary diagnosis with skyline query
US8620882B2 (en) Tokenization of multiple-field records
Kumar et al. Enhancing multi‐tenancy security in the cloud computing using hybrid ECC‐based data encryption approach
Shen et al. Secure authentication in cloud big data with hierarchical attribute authorization structure
CN110611662B (en) Attribute-based encryption-based fog collaborative cloud data sharing method
CN107948146A (en) A kind of connection keyword retrieval method based on encryption attribute in mixed cloud
CN101689230A (en) Improved tape backup method
Kaur et al. ClaMPP: A cloud-based multi-party privacy preserving classification scheme for distributed applications
Palmieri et al. Spatial bloom filters: Enabling privacy in location-aware applications
Pigatto et al. Performance evaluation and comparison of algorithms for elliptic curve cryptography with El-Gamal based on MIRACL and RELIC libraries
CN116303767A (en) Medical data multistage management and sharing method based on CP-ABE
CN114760052A (en) Bank Internet of things platform key generation method and device, electronic equipment and medium
Lian et al. Privacy-preserving spatial query protocol based on the Moore curve for location-based service
CN117171765A (en) Scene self-adaptive privacy calculation method and device
CN111597582A (en) Method for constructing encrypted reverse order rectangular tree and space keyword query method
CN117220897A (en) Traceable and revocable attribute-based encryption method with complete policy hiding
CN116248289A (en) Industrial Internet identification analysis access control method based on ciphertext attribute encryption
Azhar et al. A group authentication protocol on multilayer structure for privacy-preserving IoT environment
Dai et al. A resource-aware approach for authenticating privacy preserving GNN queries
Wang et al. FRNet: An MCS framework for efficient and secure data sensing and privacy protection in IoVs
CN112822009A (en) Attribute ciphertext efficient sharing system supporting ciphertext deduplication
JP2021148850A (en) Information processing system, information processing method, information processing program, secure computing system, secure computing method, and secure computing program
Prakancharoen Database secure manipulation based on paillier’s homomorphic encryption (DSM-PHE)
Mujawar et al. An Attribute-Based Encryption Method Using Outsourced Decryption and Hierarchical Access Structure

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20231212