摘要
属性基加密通过访问结构与属性集之间的匹配关系实现对用户解密权限的控制,高效地解决了"一对多"的秘密数据共享问题,在云计算、大数据、隐私保护等领域有着广泛的应用前景。然而,实际应用中存在叛逆者(或恶意用户)泄露私钥获取非法利益的情况。针对此问题,文章提出一种支持叛逆者追踪的密文策略属性基加密方案。该方案基于IBRAIMI等人提出的ABE方案,在私钥生成算法中融入Boneh-Boyen签名算法,实现对叛逆者的追踪。该方案被证明在DBDH假设下满足选择明文攻击安全。通过性能分析发现,该方案密文长度、私钥长度都得到了缩短,降低了计算开销和通信开销。因此,该方案在文件共享、电子病历等方面具有较大的理论意义和应用价值。
Attribute-based encryption(ABE) which can realize fine-grained access control by matching the access structure with attribute set meets the demand of secret data sharing in "one-to-many" environment. So it is widely used in the field of cloud computing,big data, privacy protection and so on. However, there are cases in which a traitor(or a malicious user) leaks a private key to obtain an illegal benefit in practical use. To solve this problem, a ciphertext policy attribute-based encryption scheme supporting traitor tracing is proposed in the paper. Based on the ABE scheme proposed by IBRAIMI, the Boneh-Boyen signature algorithm is introduced in the private key generation algorithm to track the traitor.The scheme is proved to be secure against chosen plaintext attack under DBDH assumption.The performance analysis shows that the size of the ciphertext and the private key are reduced, and the cost of computation and communication are optimized. Therefore, the scheme has higher theoretical significance and application values in file sharing, electronic medical records, and so on.
引文
[1]SAHAI A,WATERS B.Fuzzy Identity-Based Encryption[C]//Springer.2005 International Conference on Theory and Applications of Cryptographic Techniques,May 22-26,2005,Aarhus,Denmark.Heidelberg:Springer,2005:457-473.
[2]YAN Xixi,YE Qing,LIU Yu.Attribute-based Encryption Scheme Supporting Privacy Preserving and User Revocation in the Cloud Environment[J].Netinfo Security,2017,17(6):14-21.闫玺玺,叶青,刘宇.云环境下支持隐私保护和用户撤销的属性基加密方案[J].信息网络安全,2017,17(6):14-21.
[3]HAN Qingde,XIE Hui,YUAN Zhimin,et al.A MA-CP-ABE Scheme of Supporting Access Structure Hiding[J].Netinfo Security,2017,17(1):48-56.韩清德,谢慧,袁志民,等.一种支持访问结构隐藏的MA-CP-ABE方案[J].信息网络安全,2017,17(1):48-56.
[4]CHOR B,FIAT A,NAOR M,et al.Tracing Traitors[J].IEEETransactions on Information Theory,2000,46(3):893-910.
[5]BONEH D,FRANKLIN M.An Eff icient Public Key Traitor Tracingscheme[C]//Springer.1999 Annual International Cryptology Conference,August 15-19,1999,Santa Barbara,CA,USA.Heidelberg:Springer,1999:338-353.
[6]GOYAL V.Reducing Trust in the PKG in Identity Based Cryptosystems[C]//Springer.27th Annual International Cryptology Conference on Advances in Cryptology,August 19-23,2007,Santa Barbara,CA,USA.Heidelberg:Springer,2007:430-447.
[7]HINEK M J,JIANG Shaoquan,SAFAVI-NAINI R,et al.Attribute-based Encryption with Key Cloning Protection[J].Bulletin of the Korean Mathematical Society,2008(4):803-819.
[8]YU Shucheng,REN Kui,LOU Wenjing,et al.Defending Against Key Abuse Attacks in KP-ABE Enabled Broadcast Systems[C]//Springer.2009 International Conference on Security and Privacy in Communication Systems,September 14-18,2009,Athens,Greece.Heidelberg:Springer,2009:311-329.
[9]LIU Zhen,CAO Zhenfu,WONG D S.Blackbox Traceable CP-ABE:How to Catch People Leaking Their Keys by Selling Decryption Devices on Ebay[EB/OL].https://www.semanticscholar.org/paper/Blackbox-traceable-CP-ABE%3A-how-to-catch-people-keysLiu-Cao/5c30bf0188d0ad3fc144aea59a29801b6dd3bd88,2017-11-10.
[10]LIU Zhen,CAO Zhenfu,WONG D S.White-Box Traceable Ciphertext-policy Attribute-based Encryption Supporting Any Monotone Access Structures[J].IEEE Transactions on Information Forensics&Security,2013,8(1):76-88.
[11]NING Jianting,CAO Zhenfu,DONG Xiaolei,et al.Large Universe Ciphertext-policy Attribute-based Encryption with White-box Traceability[C]//Springer.19th European Symposium on Research in Computer Security,September 7-11,2014,Wroclaw,Poland.Heidelberg:Springer,2014:55-72.
[12]NING Jianting,DONG Xiaolei,CAO Zhenfu,et al.Whitebox Traceable Ciphertext-policy Attribute-based Encryption Supporting Flexible Attributes[J].IEEE Transactions on Information Forensics&Security,2015,10(6):1274-1288.
[13]NING Jianting,CAO Zhenfu,DONG Xiaolei,et al.Traceable and Revocable CP-ABE with Shorter Ciphertexts[EB/OL].https://apps.webofknowledge.com/full_record.do?product=UA&search_mo de=GeneralSearch&qid=1&SID=5ETZgblaiYa4Svm8KZS&page=1&doc=1&tdsourcetag=s_pcqq_aiomsg,2018-2-11.
[14]JIANG Yinhao,SUSILO W,MU Y,et al.Ciphertext-policy Attribute-based Encryption Against Key-delegation Abuse in Fog Computing[J].Future Generation Computer Systems,2018,78(P2):720-729.
[15]ZHANG K,LI Hui,MA Jianfeng,et al.Efficient Large-universe Multi-authority Ciphertext-policy Attribute-based Encryption with White-box Traceability[EB/OL].https://apps.webofknowledge.com/full_record.do?product=UA&search_mode=GeneralSearch&qid=5&SID=5ETZgblaiYa4Svm8KZS&page=1&doc=1&tdsourcetag=s_pcqq_aiomsg,2018-2-11.
[16]IBRAIMI L,TANG Qiang,HARTEL P,et al.Efficient and Provable Secure Ciphertext-policy Attribute-based Encryption Schemes[C]//Springer.2009 International Conference on Information Security Practice and Experience,April 13-15,2009,Xi’an,China.Heidelberg:Springer,2009:1-12.
[17]BONEH D,BOYEN X.Short Signatures without Random Oracles[C]//Springer.2004 International Conference on the Theory and Applications of Cryptographic Techniques,May 2-6,2004,Interlaken,Switzerland.Heidelberg:Springer,2004:56-73.