CN104113408B - It is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method - Google Patents
It is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method Download PDFInfo
- Publication number
- CN104113408B CN104113408B CN201410330696.4A CN201410330696A CN104113408B CN 104113408 B CN104113408 B CN 104113408B CN 201410330696 A CN201410330696 A CN 201410330696A CN 104113408 B CN104113408 B CN 104113408B
- Authority
- CN
- China
- Prior art keywords
- mrow
- msub
- attribute
- msup
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000013475 authorization Methods 0.000 claims description 3
- 238000010276 construction Methods 0.000 claims description 3
- 239000011159 matrix material Substances 0.000 claims description 3
- 125000004122 cyclic group Chemical group 0.000 claims 1
- 238000005516 engineering process Methods 0.000 description 6
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses it is a kind of realize the revocation of timely user property be based on ciphertext policy ABE encryption method, implementation step:System is established, and generates system public key and master key;Encipherer constructs access strategy;Encipherer is encrypted, and generates ciphertext;Attribute authority (aa) is centrally generated private key for user and authorizes private key;Cloud Server constructs path key binary tree;Cloud Server carries out proxy re-encryption, generates weight ciphertext, realizes the revocation to user property;Decryption person is decrypted, and draws in plain text.Present invention alleviates the burden at attribute authority (aa) center, efficiently can quickly solve with the corresponding private key replacement problem of revocation attribute, will have the access rights of other attributes after some or some attributes of user are revoked, and the attribute for cancelling some or certain user do not influence other users for this attribute access rights, have flexibly, in time, fine granularity, efficiently revocation user property the advantages of.
Description
Technical field
The present invention relates to Networks and information security field, is related to encryption data access control technology, and in particular to Yi Zhongshi
Now timely user property revocation based on ciphertext policy ABE encryption method.
Background technology
Based on encryption attribute, belong to public-key cryptography scheme, its towards object be a colony, rather than unique user,
Attribute is allowed users with to implement to message encryption and decryption, it is possible to achieve efficient one-to-many broadcast enciphering and fine granularity
Access control.It is divided into the encryption attribute and ciphertext plan of key strategy with application scenarios difference with the key form of expression according to ciphertext
The class of encryption attribute two slightly.Wherein, in the encryption attribute based on Ciphertext policy, private key for user is related to attribute, encipherer's system
Determine access strategy, determining the user of which attribute can decrypt, and and if only if, and user property meets ability during ciphertext access strategy
Can be with successful decryption.
With the development of cloud computing, the sensitive data of oneself is stored on third-party server by increasing user,
To reach the purpose of shared data.But third-party server is not completely believable, user has thus been triggered to pacify for data
The worry of full property.Encryption attribute is a good solution route, and access strategy can be embedded into ciphertext by user to be deposited
Storage is on Cloud Server, and only attribute meets that the user of access strategy just can be with the ciphertext on successful decryption Cloud Server.But
In view of user frequently adds or left properties user group, user property is cancelled compared with addition, in more complicated in execution, realization
Difficulty is bigger, and user property revocation turns into the hot issue of the cipher system research of encryption attribute.Existing many method solutions at present
Problem is certainly cancelled, revocation list can be embedded into ciphertext and realize that user cancels;Or timing re-encrypted private key is completed to belong to
Property revocation;Complete to cancel by way of system public key and private key for user can also being changed proxy re-encryption and simultaneously.But
It is that above method all respectively has weak point, revocation cost is big, underaction, it is impossible to realize fine-grained attribute revocation in time.
The content of the invention
In view of the shortcomings of the prior art, the present invention propose it is a kind of realize the revocation of timely user property based on Ciphertext policy category
Property encryption method, to reach the purpose for reducing attribute authority (aa) central task amount and fine granularity and cancelling user property.Using key with
Machine split and proxy re-encryption technology, the work at attribute authority (aa) center is transferred to Cloud Server to complete, Cloud Server according to
Properties user set constructs path key binary tree, efficiently can quickly solve the private key renewal corresponding with revocation attribute and ask
Topic.He will have the access rights of other attributes after some or some attributes of user are revoked, cancel some or
The attribute of certain user does not influence access rights of the other users for this attribute.
To achieve these goals, it is of the invention to adopt the following technical scheme that:
Access strategy is embedded into ciphertext using linear Secret sharing techniques;Will be main close using key random division technology
Key is randomly divided into two parts, is respectively used to generate private key for user and mandate private key for user and Cloud Server;Encipherer's generation is just
Beginning ciphertext sends it to Cloud Server, and Cloud Server carries out re-encryption generation weight ciphertext using Re-encryption Technology to initial ciphertext
To reach the purpose of data sharing and fine granularity access;Attribute authority (aa) center updates without with decryption person link up for its generation
Private key, reduce the burden at attribute authority (aa) center;Cloud Server constructs path key binary tree according to properties user set, can be with
Effectively solves the private key replacement problem corresponding to the other users attribute after user property revocation;The mandate private key of Cloud Server
Ciphertext decrypts weight ciphertext using as a part for validated user key together with renewal private key.Wherein:
Attribute authority (aa) center can be that system generates public key and master key, be responsible for each user's distributive property and generate use
Family private key, private key is authorized for Cloud Server generation, and user's set corresponding to each attribute is sent to Cloud Server.
Encipherer formulates access strategy and encrypts the data-message of oneself, and initial ciphertext is sent into Cloud Server.
Cloud Server be responsible for carrying out from the ciphertext that obtain of encipherer there re-encryption generation weight ciphertext be stored for
Family is shared, and is responsible for user and is gathered generation path key binary tree and control the access rights of user.
Decryption person, which accesses, is stored in ciphertext on Cloud Server, and only attribute meets ciphertext access strategy, and not from
The user cancelled in properties user set could successful decryption ciphertext.
The specific implementation step of the technical program is as follows:
Step 1, system is established, and generates system public key and master key:
Step 1.1, attribute authority (aa) center input security parameter 1λ, and select group G of the rank for prime number p, the security parameter 1λ
Determine the size of the group G;
Step 1.2, a hash function is defined:H:{0,1}*→G;
Step 1.3, attribute authority (aa) center is in finite fieldMiddle random selection integerCalculate α=(α1+
α2)modp;
Step 1.4, system public key PK=is generated<G,g,e,e(g,g)α,ga>With master key MK=<α1,α2,gα>, wherein e:
G×G→GTFor bilinear map, g is a generation member in group G;
Step 1.5, the system public key is disclosed, retains the master key.
Step 2, encipherer constructs access strategy:
Remember the shared generator matrix that M is l rows n row, the participant marked with function ρ (i) the expression rows of M i-th, wherein i=
1 ..., l, then the access strategy is (M, ρ).
To share a secret value s, n-1 number is randomly selectedA n-dimensional vector is formed with sVectorFor s l shared shares,For i-th of shared share, it belongs to participant
ρ(i);Above-mentioned linear secret sharing scheme has linear reconstruction property:Access strategy A, participant set S, S ∈ A are made to authorize
Set,If { λiThe legal shared of secret s, then constant be presentMake
Obtain Σi∈Iwiλi=s.
Step 3, message is encrypted encipherer, generates initial ciphertext, wherein including the visit in the initial ciphertext
Ask strategy:
Step 3.1, encipherer inputs the system public key PK=<G,g,e,e(g,g)α,ga>, the access strategy (M, ρ)
And need the clear-text message encrypted
Step 3.2, random number is selectedExport initial ciphertext CT=<C,C,{Ci,Di}I=1 ..., l>And send
To Cloud Server, whereinC=gs,
Step 4, attribute authority (aa) is centrally generated private key for user and authorizes private key:
Step 4.1, attribute authority (aa) center inputs the system public key PK=<G,g,e,e(g,g)α,ga>With master key MK=
<α1,α2,gα>;
Step 4.2, attribute authority (aa) center attribute set S, selection according to corresponding to the information distribution that user is provided is random
NumberPrivate key for user is generated for userWhereinL=gt,
Generated for Cloud Server and authorize private key
Step 4.3, by safe lane by SK1And SK2It is delivered separately to user and Cloud Server.
Step 5, Cloud Server construction path key binary tree:
Step 5.1, attribute authority (aa) center is by properties user set U corresponding to each attribute j ∈ SjIt is sent to Cloud Server,
Such as user identity ID1,ID2,ID3,ID4Possess attribute { 1,2,3 }, { 2,3,4 }, { 1,3,4 }, { 1,2,4 }, then cloud respectively
Dependence authority center is obtained properties user set U by server1={ ID1,ID3,ID4, U2={ ID1,ID2,ID4, U3=
{ID1,ID2,ID3, U4={ ID2,ID3,ID4};
Step 5.2, Cloud Server generation path key binary tree, each member in properties user set is described two
On the leafy node for pitching tree, each member has corresponding path key, and each leafy node or internal node represent at random
The key of generation, node uiPossess path key τi, path key derives from leafy node to root node, for each attribute
Customer group UjA corresponding minimum vertex-covering member tree (U all be presentj) can cover in all properties customer group corresponding to member
Leafy node, path key are included in minimum vertex-covering member.
Step 6, Cloud Server carries out proxy re-encryption, generates weight ciphertext, realizes the revocation to user property:
Step 6.1, the Cloud Server input initial ciphertext CT=<C,C,{Ci,Di}I=1 ..., l>With the authorization key
Step 6.2, the different attribute revocation list RL that Cloud Server is given according to attribute authority (aa) center generate two kinds
Different types of heavy ciphertext, wherein RL are attribute revocation list RLjSetAttribute revocation list RLjComprising
The corresponding relation that is revoked user between to each attribute j related in attribute set:
If attribute revocation listRepresent that the attribute of no user is revoked, then Cloud Server selection is random
NumberGenerate I weight ciphertextWherein,C=gs, C'
=gs/k,
IfThen for revocation listAttribute j' have the user being revoked, now taken according to cloud
Business device is all path key binary trees for not cancelling user's generation, and Cloud Server selects random numberGeneration
II weight ciphertextWhereinC=gs, C'=gs/k, To adopt
With symmetric encryption method to vj'The ciphertext of encryption, tree (Uj') it is properties user set Uj'Corresponding minimum vertex-covering member, τ is institute
State the path key in minimum vertex-covering member.
Step 7, decryption person is decrypted, and draws in plain text:
IfThe attribute of i.e. no user is revoked, then decryption person inputs the I weight ciphertextWith the private key for userAnd it is calculated as below:
Then the result drawn according to above formula calculates clear-text message
Finally export the clear-text message of decryption;
If attribute j' revocation listAnd the attribute j' of decryption person is revoked, that is, represent that decryption person exists
Revocation list RLx'In, then export ⊥;
If attribute j' revocation listAnd the attribute j' of decryption person is not revoked, that is, represent decryption person
Not in revocation list RLj'In, the still authority with access attribute j', then decryption person input the II weight ciphertextWith the private key for userAccording to the road of oneself
Footpath secret key decryptionObtain vj', updating private key isIt is calculated as below:
A=Πi∈IBi=e (g, g)ats;
Then clear-text message is calculated
Finally export the clear-text message of decryption.
The beneficial effects of the present invention are:
1st, access strategy is embedded into ciphertext using linear Secret sharing techniques so that the user of unauthorized can not recover
Go out secret value;
2nd, master key is randomly divided into two parts by attribute authority (aa) center, is respectively used to generate user for user and Cloud Server
Private key and mandate private key, most of work at attribute authority (aa) center are transferred to Cloud Server to complete, reduced in attribute authority (aa)
The burden of the heart;
3rd, Cloud Server constructs path key binary tree according to properties user set, efficiently can quickly solve to belong to revocation
The corresponding private key replacement problem of property;
4th, the ciphertext of the mandate private key of Cloud Server is sent to a place under guard as a part for validated user key and renewal private key one
Ciphertext;
5th, the revocation of the particular community to some or some specific users in time has been reached;
6th, he will have the access rights of other attributes, revocation after some or some attributes of user are revoked
The attribute of some or certain user do not influence access rights of the other users for this attribute;
7th, there is flexible, timely, fine granularity, efficiently cancel user property.
Brief description of the drawings
Fig. 1 is flow chart of the method for the present invention;
Fig. 2 is present system structural representation;
Fig. 3 is path key binary tree structure schematic diagram of the present invention.
Embodiment
Below with reference to accompanying drawing, the invention will be further described, it is necessary to which explanation, the present embodiment is with this technology side
Detailed embodiment and implementation steps are given premised on case, but is not limited to the present embodiment.
A kind of the main based on ciphertext policy ABE encryption method of timely user property revocation is realized as shown in figure 1, described
Comprise the following steps:
Step 1, system is established, and generates system public key and master key;
Step 2, encipherer constructs access strategy;
Step 3, message is encrypted encipherer, generates initial ciphertext;
Step 4, attribute authority (aa) is centrally generated private key for user and authorizes private key;
Step 5, Cloud Server construction path key binary tree;
Step 6, Cloud Server carries out proxy re-encryption, generates weight ciphertext, realizes the revocation to user property;
Step 7, decryption person is decrypted, and draws in plain text.
Wherein, system of the invention is made up of main bodys such as attribute authority (aa) center, encipherer, Cloud Server, decryption persons, main body
Between correlation it is as shown in Figure 2;
The specific implementation flow of step 1 is as follows:
Attribute authority (aa) center inputs security parameter 1λ, it is the group G of prime number p to select rank, security parameter 1λDetermine that crowd G's is big
It is small;Define a hash function:H:{0,1}*→G;Attribute authority (aa) center selects random integersCalculate α=(α1
+α2) modp, wherein symbol modp represent to calculate mould p remainder;Generation system public key PK=<G,g,e,e(g,g)α,ga>, it is main close
Key MK=<α1,α2,gα>, wherein, the generation member that g ∈ G are selection group G, e:G×G→GTFor bilinear map;System is public
Key discloses, and master key retains.
e:G×G→GTBilinear map need to meet following property:Rank is the group G and G of prime number pT, g is crowd G generation member,
Randomly select(1) bilinearity:It is rightHave(2) non-degeneracy:Make
Obtain e (g, h) ≠ 1;(3) computability:It is rightMapping e (g, h) can be calculated effectively in polynomial time.
The implementing procedure of step 2 is as follows:
Using linear secret sharing scheme, the shared share of all participants is formedOn a vector, M be l rows n row
Shared generator matrix, note function ρ (i) represents the participant that is marked of the rows of M i-th, wherein i=1 ..., l, then access strategy is
(M,ρ);
To share a secret valueRandomly select n-1 numberWith s form a n tie up to
AmountVectorFor s l shared shares,For i-th of shared share, it belongs to
In participant ρ (i), above-mentioned linear secret sharing scheme has linear reconstruction property:Access strategy A, participant set S, makes S ∈
A is sets of authorizations,If { λiThe legal shared of secret s, then constant be presentSo that Σi∈Iwiλi=s.
The implementing procedure of step 3 is as follows:
Encipherer inputs the system public key PK=<G,g,e,e(g,g)α,ga>, the access strategy (M, ρ) and need
The clear-text message of encryptionSelect random numberExport initial ciphertext CT=<C,C,{Ci,Di}I=1 ..., l>Concurrently
Cloud Server is given, whereinC=gs,
The specific implementation step of step 4 is as follows:
Attribute authority (aa) center input system public key PK=<G,g,e,e(g,g)α,ga>With master key MK=<α1,α2,gα>, root
Attribute set S corresponding to the information distribution provided according to user, selects random numberIt is calculated as below:
L=gt,
Private key for user is generated for userGenerated for Cloud Server and authorize private keyBy safe lane by SK1And SK2It is delivered separately to user and Cloud Server.
As shown in table 1, according to IDiAttribute set corresponding to the information distribution providedUser identity ID1Have
AttributeUser identity ID2With attributeUser identity ID3With attribute
User identity ID4With attribute
Table 1
The specific implementation flow of step 5 is as follows:
Attribute authority (aa) center is by properties user set U corresponding to each attribute jjIt is sent to Cloud Server:User identity ID1,
ID2,ID3,ID4Possess attribute respectivelyThen cloud
Dependence authority center acquisition properties user collection is combined into U by server1={ ID1,ID3,ID4, U2={ ID1,ID2,ID4, U3=
{ID1,ID2,ID3, U4={ ID2,ID3,ID4, it is specific as shown in table 2.
Table 2
Cloud Server generates path key binary tree, leaf knot of each member in properties user set in binary tree
On point, each member has corresponding path key.As shown in figure 3, user identity IDi, i=1 ..., 4 correspond to each leaf respectively
Child node, leafy node or internal node all represent the path key generated at random, and the path key that node ui possesses is τi, road
Footpath key is from leafy node to root node;For ID4The path key stored is RK4={ τ7,τ3,τ1}.For
Each properties user set UjA corresponding minimum vertex-covering member tree (U all be presentj) all properties user set can be covered
Leafy node corresponding to middle member, path key are included in minimum vertex-covering member;For example, for properties user set U2=
{ID1,ID2,ID4, then corresponding minimum vertex-covering member tree (U2)={ τ2,τ7, because node u2,u7Attribute use can be covered
Family set U2In all users:ID1,ID2,ID4.Any one is not in U2User can not all obtain tree (U2)={ τ2,τ7}
In any one path key.
The specific implementation flow of step 6 is as follows:
Cloud Server inputs initial ciphertext CT=<C,C,{Ci,Di}I=1 ..., l>, wherein ciphertext contains access strategy,C=gs,With mandate private key
The different two distinct types of heavy ciphertexts of generation of attribute revocation list RL that Cloud Server is given according to attribute authority (aa) center, its
Middle attribute revocation list RLjThe corresponding relation between the user being revoked related to each attribute j in attribute set is contained,
RL is attribute revocation list RLjSetAs shown in table 3, attribute 1,2,3,4 revocation set are respectively
RL1={ ID1,RL3={ ID1,ID2,
Table 3
If attribute revocation listThe attribute of i.e. no user is revoked, then Cloud Server selection random numberIt is calculated as below:
C=gs, C'=gs/k,
Generate I weight ciphertext
If attribute j' revocation listI.e. attribute j' has the user being revoked.Cloud Server is according to renewal
Properties user collection afterwards is combined into all unrevoked users and generates path key binary tree, Cloud Server selection random numberIt is calculated as below:
C=gs, C'=gs/k,
To use symmetric encryption method to vj'The ciphertext of encryption, key τ are the road in the minimum vertex-covering member in binary tree
Footpath key, generation II weight ciphertext
The specific implementation flow of step 7 is as follows:
IfI.e. attribute is not revoked, then decryption person IDiInput I weight ciphertextWith according to private keyIt is calculated as below:
Export the clear-text message of decryption;
If attribute j' revocation listDecryption person IDiAttribute j' be revoked IDi∈RLj', then ⊥ is exported.It is no
Then, decryption person IDiAttribute j' be not revoked i.e.That is decryption person IDiStill there is access attribute j' authority,
Then decryption person IDiInput II weight ciphertextAnd private key for user
Decryption person IDiAttribute be not revoked, then can be decrypted according to path keyObtain vj', update the private key for corresponding to attribute j'It is calculated as below:
A=Πi∈IBi=e (g, g)ats;
Export the clear-text message of decryption.
For those skilled in the art, it can make and various changing accordingly according to above technical scheme and design
Become and deform, and all these change and deformation should be construed as being included within the protection domain of the claims in the present invention.
Claims (7)
1. it is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method, it is characterised in that methods described
Comprise the following steps:
Step 1, system is established, and generates system public key and master key;
Step 2, encipherer constructs access strategy;
Step 3, message is encrypted encipherer, generates initial ciphertext;
Step 4, attribute authority (aa) is centrally generated private key for user and authorizes private key;
Step 5, Cloud Server construction path key binary tree;
Step 6, Cloud Server carries out proxy re-encryption, generates weight ciphertext, realizes the revocation to user property;Idiographic flow is such as
Under:
Step 6.1, Cloud Server inputs the initial ciphertextWith the mandate private keyG is a generation member in group G;D is the mandate private key that attribute authority (aa) center is Cloud Server generationα2Be respectively fromIn randomly selected element;It is expressed as the residue class using p as mould;
Step 6.2, the different attribute revocation list RL that Cloud Server is given according to attribute authority (aa) center generate two kinds of differences
The heavy ciphertext of type, wherein RL are attribute revocation list RLjSetAttribute revocation list RLjContain attribute
The corresponding relation that is revoked user between related to each attribute j in set:
If attribute revocation listRepresent that the attribute of no user is revoked, then Cloud Server selection random numberGenerate I weight ciphertextWherein,C=gs, C'=
gs/k, The clear-text message of encryptionS be fromIn randomly selected element;λiAnd riBe fromIn randomly selected element;H is hash function;
IfThen for revocation listAttribute j' have the user being revoked, now according to cloud service
Device is all path key binary trees for not cancelling user's generation, and Cloud Server selects random numberGeneration
II weight ciphertextWhereinC=gs, C'=gs/k, For
Using symmetric encryption method to vj'The ciphertext of encryption, tree (Uj') it is properties user set Uj'Corresponding minimum vertex-covering member, τ are
Path key in the minimum vertex-covering member;S is participation attribute set;Properties user set U corresponding to each attribute j ∈ Sj;
Step 7, decryption person is decrypted, and draws in plain text.
2. it is according to claim 1 it is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method,
Characterized in that, the idiographic flow of the step 1 is as follows:
Step 1.1, attribute authority (aa) center input security parameter 1λ, and select group G of the rank for prime number p, the security parameter 1λDetermine
The size of the group G;
Step 1.2, a hash function is defined:H:{0,1}*→G;
Step 1.3, attribute authority (aa) center is in finite fieldMiddle random selection integerCalculate α=(α1+α2)mod
p;
Step 1.4, system public key PK=is generated<G,g,e,e(g,g)α,ga>With master key MK=<α1,α2,gα>, wherein e:G×G
→GTFor bilinear map, g is a generation member in group G;
Step 1.5, the system public key is disclosed, retains the master key.
3. it is according to claim 1 it is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method,
Characterized in that, the idiographic flow of the step 2 is as follows:
Using linear secret sharing scheme, the shared share of all participants is formedOn a vector;It is l rows n row to remember M
Shared generator matrix, the participant marked with function ρ (i) the expression rows of M i-th, wherein i=1 ..., l;Then access strategy for (M,
ρ);To share a secret valueRandomly select n-1 numberA n-dimensional vector is formed with sVectorFor s l shared shares,For i-th of shared share, it belongs to participant ρ
(i);Remember access strategy A, participant set S, it is sets of authorizations to make S ∈ A,If { λi}
It is the legal shared of secret s, then constant is presentSo that ∑i∈Iwiλi=s.
4. it is according to claim 1 it is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method,
Characterized in that, the idiographic flow of the step 3 is as follows:
Step 3.1, encipherer inputs the system public key PK=<G,g,e,e(g,g)α,ga>, the access strategy (M, ρ) and
Need the clear-text message encryptedG and GTIt is the multiplicative cyclic group that rank is p, g is that a generation in group G is first, bilinear map
e:G×G→GT, hash function H:{0,1}*→G;Attribute authority (aa) center existsMiddle random selection integerCalculate e
(g,g)α,ga;
Step 3.2, random number is selectedExport initial ciphertextAnd it is sent to cloud
Server, whereinC=gs,
5. it is according to claim 1 it is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method,
Characterized in that, the idiographic flow of the step 4 is as follows:
Step 4.1, attribute authority (aa) center inputs the system public key PK=<G,g,e,e(g,g)α,ga>With master key MK=<α1,
α2,gα>;Hash function:H:{0,1}*→G;Attribute authority (aa) center is in finite fieldMiddle random selection integerIt is raw
Into system public key PK=<G,g,e,e(g,g)α,ga>, wherein e:G×G→GTFor bilinear map, g is a generation in group G
Member;
Step 4.2, attribute authority (aa) center attribute set S according to corresponding to the information distribution that user is provided, selects random numberPrivate key for user is generated for userWhereinL=gt,Kj=H (j
)t;Generated for Cloud Server and authorize private key
Step 4.3, by safe lane by SK1And SK2It is delivered separately to user and Cloud Server.
6. it is according to claim 1 it is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method,
Characterized in that, the idiographic flow of the step 5 is as follows:
Step 5.1, attribute authority (aa) center is by properties user set U corresponding to each attribute j ∈ SjIt is sent to Cloud Server;
Step 5.2, Cloud Server generation path key binary tree, each member in properties user set is in the binary tree
Leafy node on, each member has corresponding path key.
7. it is according to claim 1 it is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method,
Characterized in that, the step 7 is carried out in accordance with the following steps:
IfThe attribute of i.e. no user is revoked, then decryption person inputs the I weight ciphertextWith the private key for userAnd it is calculated as below:
<mrow>
<mi>A</mi>
<mo>=</mo>
<mfrac>
<mrow>
<msub>
<mi>&Pi;</mi>
<mrow>
<mi>i</mi>
<mo>&Element;</mo>
<mi>I</mi>
</mrow>
</msub>
<mi>e</mi>
<msup>
<mrow>
<mo>(</mo>
<msub>
<msup>
<mi>C</mi>
<mo>&prime;</mo>
</msup>
<mi>i</mi>
</msub>
<mo>,</mo>
<mi>L</mi>
<mo>)</mo>
</mrow>
<msub>
<mi>w</mi>
<mi>i</mi>
</msub>
</msup>
</mrow>
<mrow>
<msub>
<mi>&Pi;</mi>
<mrow>
<mi>i</mi>
<mo>&Element;</mo>
<mi>I</mi>
</mrow>
</msub>
<mi>e</mi>
<msup>
<mrow>
<mo>(</mo>
<msub>
<msup>
<mi>D</mi>
<mo>&prime;</mo>
</msup>
<mi>i</mi>
</msub>
<mo>,</mo>
<msub>
<mi>K</mi>
<mrow>
<mi>&rho;</mi>
<mrow>
<mo>(</mo>
<mi>i</mi>
<mo>)</mo>
</mrow>
</mrow>
</msub>
<mo>)</mo>
</mrow>
<msub>
<mi>w</mi>
<mi>i</mi>
</msub>
</msup>
</mrow>
</mfrac>
<mo>=</mo>
<mi>e</mi>
<msup>
<mrow>
<mo>(</mo>
<mi>g</mi>
<mo>,</mo>
<mi>g</mi>
<mo>)</mo>
</mrow>
<mrow>
<mi>a</mi>
<mi>t</mi>
<mi>s</mi>
</mrow>
</msup>
<mo>;</mo>
</mrow>
Then the result drawn according to above formula calculates clear-text message
Finally export the clear-text message of decryption;
If attribute j' revocation listAnd the attribute j' of decryption person is revoked, that is, represent that decryption person arranges in revocation
Table RLj'In, then export ⊥;
If attribute j' revocation listAnd the attribute j' of decryption person is not revoked, that is, represent decryption person
Not in revocation list RLj'In, the still authority with access attribute j', then decryption person input the II weight ciphertextWith the private key for userAccording to the path of oneself
Secret key decryptionObtain vj', updating private key isIt is calculated as below:
<mrow>
<mi>&rho;</mi>
<mrow>
<mo>(</mo>
<mi>i</mi>
<mo>)</mo>
</mrow>
<mo>=</mo>
<msup>
<mi>j</mi>
<mo>&prime;</mo>
</msup>
<mo>:</mo>
<msub>
<mi>B</mi>
<mi>i</mi>
</msub>
<mo>=</mo>
<mfrac>
<mrow>
<mi>e</mi>
<msup>
<mrow>
<mo>(</mo>
<msub>
<msup>
<mi>C</mi>
<mo>&prime;</mo>
</msup>
<mi>i</mi>
</msub>
<mo>,</mo>
<mi>L</mi>
<mo>)</mo>
</mrow>
<msub>
<mi>w</mi>
<mi>i</mi>
</msub>
</msup>
</mrow>
<mrow>
<mi>e</mi>
<msup>
<mrow>
<mo>(</mo>
<msub>
<msup>
<mi>D</mi>
<mo>&prime;</mo>
</msup>
<mi>i</mi>
</msub>
<mo>,</mo>
<msub>
<mover>
<mi>K</mi>
<mo>~</mo>
</mover>
<mrow>
<mi>&rho;</mi>
<mrow>
<mo>(</mo>
<mi>i</mi>
<mo>)</mo>
</mrow>
</mrow>
</msub>
<mo>)</mo>
</mrow>
<msub>
<mi>w</mi>
<mi>i</mi>
</msub>
</msup>
</mrow>
</mfrac>
<mo>=</mo>
<mi>e</mi>
<msup>
<mrow>
<mo>(</mo>
<mi>g</mi>
<mo>,</mo>
<mi>g</mi>
<mo>)</mo>
</mrow>
<mrow>
<msub>
<mi>at&lambda;</mi>
<mi>i</mi>
</msub>
<msub>
<mi>w</mi>
<mi>i</mi>
</msub>
</mrow>
</msup>
<mo>;</mo>
</mrow>
<mrow>
<mi>&rho;</mi>
<mrow>
<mo>(</mo>
<mi>i</mi>
<mo>)</mo>
</mrow>
<mo>&NotEqual;</mo>
<msup>
<mi>j</mi>
<mo>&prime;</mo>
</msup>
<mo>:</mo>
<msub>
<mi>B</mi>
<mi>i</mi>
</msub>
<mo>=</mo>
<mfrac>
<mrow>
<mi>e</mi>
<msup>
<mrow>
<mo>(</mo>
<msub>
<msup>
<mi>C</mi>
<mo>&prime;</mo>
</msup>
<mi>i</mi>
</msub>
<mo>,</mo>
<mi>L</mi>
<mo>)</mo>
</mrow>
<msub>
<mi>w</mi>
<mi>i</mi>
</msub>
</msup>
</mrow>
<mrow>
<mi>e</mi>
<msup>
<mrow>
<mo>(</mo>
<msub>
<msup>
<mi>D</mi>
<mo>&prime;</mo>
</msup>
<mi>i</mi>
</msub>
<mo>,</mo>
<msub>
<mi>K</mi>
<mrow>
<mi>&rho;</mi>
<mrow>
<mo>(</mo>
<mi>i</mi>
<mo>)</mo>
</mrow>
</mrow>
</msub>
<mo>)</mo>
</mrow>
<msub>
<mi>w</mi>
<mi>i</mi>
</msub>
</msup>
</mrow>
</mfrac>
<mo>=</mo>
<mi>e</mi>
<msup>
<mrow>
<mo>(</mo>
<mi>g</mi>
<mo>,</mo>
<mi>g</mi>
<mo>)</mo>
</mrow>
<mrow>
<msub>
<mi>at&lambda;</mi>
<mi>i</mi>
</msub>
<msub>
<mi>w</mi>
<mi>i</mi>
</msub>
</mrow>
</msup>
<mo>;</mo>
</mrow>
A=Πi∈IBi=e (g, g)ats;
Then clear-text message is calculated
Finally export the clear-text message of decryption.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410330696.4A CN104113408B (en) | 2014-07-11 | 2014-07-11 | It is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410330696.4A CN104113408B (en) | 2014-07-11 | 2014-07-11 | It is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104113408A CN104113408A (en) | 2014-10-22 |
CN104113408B true CN104113408B (en) | 2017-12-08 |
Family
ID=51710047
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410330696.4A Expired - Fee Related CN104113408B (en) | 2014-07-11 | 2014-07-11 | It is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104113408B (en) |
Families Citing this family (34)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104320393B (en) * | 2014-10-24 | 2018-04-17 | 西安电子科技大学 | The controllable efficient attribute base proxy re-encryption method of re-encryption |
CN104363215B (en) * | 2014-11-04 | 2017-10-10 | 河海大学 | A kind of encryption method and system based on attribute |
CN105162589B (en) * | 2015-01-11 | 2018-08-14 | 陕西理工学院 | It is a kind of to can verify that encryption attribute method based on lattice |
CN107251479B (en) * | 2015-02-20 | 2020-08-11 | 三菱电机株式会社 | Data storage device and data processing method |
CN107251480B (en) * | 2015-02-20 | 2018-07-10 | 三菱电机株式会社 | Data storing device, data update system and data processing method |
CN105871551B (en) * | 2016-06-22 | 2019-08-06 | 江苏迪纳数字科技股份有限公司 | User based on proxy re-encryption cancels access control method |
CN108076028A (en) * | 2016-11-18 | 2018-05-25 | 中兴通讯股份有限公司 | The method, apparatus and system of a kind of encryption attribute |
CN106911702B (en) * | 2017-03-08 | 2019-08-02 | 福建师范大学 | Based on the cloud storage block encryption access control method for improving CP-ABE |
CN107204973A (en) * | 2017-04-13 | 2017-09-26 | 南京邮电大学 | A kind of dynamic updates the KAC methods of user right |
CN108737096A (en) * | 2017-04-25 | 2018-11-02 | 杭州弗兰科信息安全科技有限公司 | A kind of key management system for group communication |
CN108737085A (en) * | 2017-04-25 | 2018-11-02 | 杭州弗兰科信息安全科技有限公司 | A kind of encryption data shared system that key can cancel immediately |
CN107343008A (en) * | 2017-07-17 | 2017-11-10 | 山东超越数控电子有限公司 | A kind of data safety isolation of anti-access module leakage is with sharing implementation method |
CN107222310A (en) * | 2017-08-01 | 2017-09-29 | 成都大学 | A kind of parallelization processing method of the Ciphertext policy cloud encryption based on encryption attribute |
CN107634830B (en) * | 2017-09-13 | 2019-10-25 | 中国人民解放军信息工程大学 | The revocable attribute base encryption method of server- aided, apparatus and system |
CN107566386A (en) * | 2017-09-14 | 2018-01-09 | 上海海事大学 | A kind of voidable attribute base encryption method |
CN108063756B (en) * | 2017-11-21 | 2020-07-03 | 阿里巴巴集团控股有限公司 | Key management method, device and equipment |
CN108200066A (en) * | 2018-01-04 | 2018-06-22 | 南京邮电大学 | A kind of logistics big data access control system and method based on encryption attribute |
CN108322447B (en) * | 2018-01-05 | 2021-12-10 | 中电长城网际***应用有限公司 | Data sharing method and system under cloud environment, terminal and cloud server |
CN108200181B (en) * | 2018-01-11 | 2021-03-19 | 中国人民解放军战略支援部队信息工程大学 | Cloud storage oriented revocable attribute-based encryption system and method |
CN108335108B (en) * | 2018-02-27 | 2021-05-11 | 中国科学院软件研究所 | Two-dimensional code secure mobile payment method and system |
CN108763944B (en) * | 2018-05-31 | 2022-06-10 | 金华航大北斗应用技术有限公司 | Multi-center large-attribute domain attribute-based encryption method capable of being safely revoked in fog computing |
CN109889494B (en) * | 2019-01-07 | 2020-07-07 | 南京航空航天大学 | Revocable cloud data security sharing method |
CN110035067B (en) * | 2019-03-13 | 2022-03-25 | 西安电子科技大学 | Attribute encryption method supporting efficient data deduplication and attribute revocation in cloud storage |
CN109995795B (en) * | 2019-04-26 | 2021-08-27 | 桂林电子科技大学 | Predicate group encryption method and system supporting dynamic joining of user |
CN110098926B (en) * | 2019-05-06 | 2021-08-13 | 西安交通大学 | Attribute revocation method |
CN110247761B (en) * | 2019-06-18 | 2021-04-20 | 西安电子科技大学 | Ciphertext strategy attribute encryption method supporting attribute revocation in lattice manner |
CN110535873B (en) * | 2019-09-16 | 2021-11-05 | 北京数字认证股份有限公司 | Encryption method and decryption method applied to data collaborative encryption system |
CN113098678B (en) * | 2019-12-23 | 2022-06-03 | 中移(苏州)软件技术有限公司 | Information processing method, terminal, center device, server, and storage medium |
CN111680306B (en) * | 2020-03-31 | 2023-04-25 | 贵州大学 | Cooperative access control revocation method based on attribute |
CN111818039B (en) * | 2020-07-03 | 2021-07-20 | 西安电子科技大学 | Three-factor anonymous user authentication protocol method based on PUF in Internet of things |
CN113194089B (en) * | 2021-04-28 | 2022-03-11 | 四川师范大学 | Attribute-based encryption method for ciphertext strategy supporting attribute revocation |
CN114244579A (en) * | 2021-11-29 | 2022-03-25 | 上海应用技术大学 | Power data privacy protection system and method for user-level revocable attribute encryption |
CN115189974B (en) * | 2022-09-13 | 2022-12-09 | 北京邮电大学 | Multi-organization access control method and device based on block chain |
CN116094845B (en) * | 2023-04-10 | 2023-07-25 | 中国人民解放军国防科技大学 | Efficient revocation conditional proxy re-encryption method and system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103179114A (en) * | 2013-03-15 | 2013-06-26 | 华中科技大学 | Fine-grained access control method for data in cloud storage |
CN103297227A (en) * | 2013-07-02 | 2013-09-11 | 西安电子科技大学 | Attribute-based encryption supporting flexible and direct-revocatory ciphertext policy |
-
2014
- 2014-07-11 CN CN201410330696.4A patent/CN104113408B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103179114A (en) * | 2013-03-15 | 2013-06-26 | 华中科技大学 | Fine-grained access control method for data in cloud storage |
CN103297227A (en) * | 2013-07-02 | 2013-09-11 | 西安电子科技大学 | Attribute-based encryption supporting flexible and direct-revocatory ciphertext policy |
Non-Patent Citations (3)
Title |
---|
"A Revocable ID-based Signcryption Scheme";Tsu-Yang Wu et al;《Journal of Information Hiding and Multimedia Signal Processing》;20120731;第3卷(第3期);第240-251页 * |
"一种高效属性可撤销的属性基加密方案";王锦晓 等;《计算机应用》;20120710(第S1期);正文第1节 * |
"可撤销的基于身份的签密方案";刘振华 等;《四川大学学报( 工程科学版)》;20140331;第46卷(第2期);第80-86页 * |
Also Published As
Publication number | Publication date |
---|---|
CN104113408A (en) | 2014-10-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104113408B (en) | It is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method | |
Han et al. | A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection | |
Yang et al. | An efficient and fine-grained big data access control scheme with privacy-preserving policy | |
Koo et al. | Secure and efficient data retrieval over encrypted data using attribute-based encryption in cloud storage | |
Ning et al. | White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes | |
Jung et al. | Privacy preserving cloud data access with multi-authorities | |
CN103618728B (en) | A kind of encryption attribute method at more mechanism centers | |
Ning et al. | Large universe ciphertext-policy attribute-based encryption with white-box traceability | |
CN104363215B (en) | A kind of encryption method and system based on attribute | |
CN103401839B (en) | A kind of many authorization center encryption method based on attribute protection | |
CN106375346B (en) | Data guard method based on condition broadcast agent re-encryption under a kind of cloud environment | |
CN105100083B (en) | A kind of secret protection and support user's revocation based on encryption attribute method and system | |
Zaghloul et al. | P-MOD: Secure privilege-based multilevel organizational data-sharing in cloud computing | |
CN107566386A (en) | A kind of voidable attribute base encryption method | |
CN108881314A (en) | Mist calculates the method and system for realizing secret protection under environment based on CP-ABE ciphertext access control | |
CN106452735A (en) | Outsourcing attribute encryption method supporting attribute cancellation | |
CN107359986A (en) | The outsourcing encryption and decryption CP ABE methods of user revocation | |
CN108111540A (en) | The hierarchical access control system and method for data sharing are supported in a kind of cloud storage | |
Zu et al. | New ciphertext-policy attribute-based encryption with efficient revocation | |
CN106656997B (en) | One kind being based on the cross-domain friend-making method for secret protection of mobile social networking proxy re-encryption | |
CN105763528B (en) | The encryption device of diversity person's anonymity under a kind of mixed mechanism | |
CN105162573B (en) | The encryption attribute method of revocable fraction prestige key strategy based on multilinear pairing | |
CN106612271A (en) | Encryption and access control method for cloud storage | |
CN107154845A (en) | A kind of BGN types ciphertext decryption outsourcing scheme based on attribute | |
CN107040374A (en) | The attribute base data encryption method of user's Dynamic Revocation is supported under a kind of cloud storage environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20171208 |