摘要
现有支持属性间接撤销的CP-ABE方案存在撤销代价与安全性难以兼顾的问题,为此,借鉴属性间接撤销思想和双系统加密技术,提出一个适应性安全且支持属性撤销的CP-ABE方案,并基于3素数子群判定问题证明该方案的安全性。分析结果表明,与经典ABE属性撤销方案相比,该方案的效率较高,访问策略表达更为灵活。
In the existing CP-ABE schemes that supporting attribute indirect revocation,the cost of revocation and its security can not be taken into account in the model simultaneously. Based on the idea of attribute indirect revocation and the dual system encryption technique,this paper constructs an adaptively security CP-ABE scheme that supports attribute revocation,and proves the security of the scheme using the 3P-SDP. Analysis result show s that,compared w ith the ABE schemes proposed before,the proposed scheme is more flexible and efficient in the access policy and attribute revocation.
引文
[1]Sahai A,Waters B.Fuzzy Identity-based Encryption[C]//Proceedings of Cryptology-EUROCRYPT’05.Berlin,Germany:Springer,2005:457-473.
[2]Bethencourt J,Sahai A,Waters B.Ciphertext-policy Attribute-based Encryption[C]//Proceedings of IEEE Symposium on Security and Privacy.Washington D.C.,USA:IEEE Press,2007:321-334.
[3]Waters B.Ciphertext-policy Attribute-based Encryption:An Expressive,Efficient,and Provably Secure Realization[C]//Proceedings of PKC’11.Berlin,Germany:Springer,2011:53-70.
[4]Goyal V,Pandey O,Sahai A,et al.Attribute-based Encryption for Fine-grained Access Control of Encrypted Data[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2006:89-98.
[5]Attrapadung N,Imai H.Attribute-based Encryption Supporting Direct/indirect Revocation M odes[M]//Parker M G.Cryptography and Coding.Berlin,Germany:Springer,2009:278-300.
[6]苏金树,曹丹,王小峰,等.属性基加密机制[J].软件学报,2011,22(6):1299-1315.
[7]胡海英,商威.一种可撤销的KP-ABE方案[J].计算机系统应用,2013,22(9):123-128.
[8]王鹏翩,冯登国,张立武.一种支持完全细粒度属性撤销的CP-ABE方案[J].软件学报,2012,23(10):2805-2816.
[9]Hanaoka Y,Hanaoka G,Shikata J,et al.Identity-based Hierarchical Strongly Key-insulated Encryption and Its Application[C]//Proceedings of Cryptology-ASIACRYPT’05.Berlin,Germany:Springer,2005:495-514.
[10]Boldyreva A,Goyal V,Kumar V.Identity-based Encryption w ith Efficient Revocation[C]//Proceedings of the 15th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2008:417-426.
[11]Ibraimi L,Petkovic M,Nikova S,et al.Mediated Ciphertext-policy Attribute-based Encryption and Its Application[C]//Proceedings of the 10th International Workshop on Information Security Applications.Berlin,Germany:Springer,2009:309-323.
[12]Lewko A,Okamoto T,Sahai A,et al.Fully Secure Functional Encryption:Attribute-based Encryption and(Hierarchical)Inner Product Encryption[C]//Proceedings of Cryptology-EUROCRYPT’10.Berlin,Germany:Springer,2010:62-91.
[13]Lewko A,Waters B.New Techniques for Dual System Encryption and Fully Secure HIBE w ith Short Ciphertexts[C]//Proceedings of the 7th Theory of Cryptography Conference,February 9-11,2011,Zurich,Sw itzerland.Berlin,Germany:Springer,2010:455-479.
[14]孙瑾,胡予濮.完全安全的基于属性的广播加密方案[J].西安电子科技大学学报,2012,39(4):23-28.
[15]孙瑾.标准模型下可证明安全的公钥广播密码研究[D].西安:西安电子科技大学,2012.
[16]Boneh D,Goh E J,Nissim K.Evaluating 2-DNF Formulas on Ciphertexts[M]//M icciancio D.Theory of Cryptography.Berlin,Germany:Springer,2005:325-341.
[17]Beimel A.Secure Schemes for Secret Sharing and Key Distribution[D].Haifa,Israel:Israel Institute of Technology,1996.
[18]Yu Shucheng,Wang Cong,Ren Kui,et al.Attribute Based Data Sharing w ith Attribute Revocation[C]//Proceedings of the 5th ACM Symposium on Information,Computer and Communications Security.New York,USA:ACM Press,2010:261-270.