CN105915333A - High-efficiency secret key distribution method based on attribute encryption - Google Patents
High-efficiency secret key distribution method based on attribute encryption Download PDFInfo
- Publication number
- CN105915333A CN105915333A CN201610146573.4A CN201610146573A CN105915333A CN 105915333 A CN105915333 A CN 105915333A CN 201610146573 A CN201610146573 A CN 201610146573A CN 105915333 A CN105915333 A CN 105915333A
- Authority
- CN
- China
- Prior art keywords
- key
- attribute
- data
- user
- secret key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a high-efficiency secret key distribution method based on attribute encryption. An attribute encryption system is widely applied, yet a strategy is needed in an objective sense for mitigating the burden of an attribute authentication center and also ensuring system security in the process of attribute cancellation and secret key updating. A system related to by the method comprises six modules including the attribute authentication center, a secret key aid, a data sender, a data receiver, a base station, a data server and the like. The attribute authentication center is in charge of managing attributes of users and distributes initial private keys to the users. The secret key aid is in charge of updating private keys of the users when each time fragment of the system begins. According to the invention, the life cycle of the system is divided into a plurality of time fragments, and in case of attribute cancelation or secret key leakage, forward and backward security of the system can be ensured through updating the private keys of valid users. The secret key aid can help the users to update the secret keys and thus the burden of the authentication center is effectively mitigated.
Description
Technical field
The present invention relates to secrecy or the safety communication technology of digital information transmission, be specifically related to a kind of based on encryption attribute
Efficient key update method
Background technology:
The system of encryption attribute has attracted in recent years and has been widely applied.In traditional encryption attribute mechanism, attribute authenticates
Center carries important task, should manage intrasystem all properties, generate key, operand mistake for each user again
Greatly, easily cause the single point failure of node thus affect the performance of system.Additionally, be usually associated with during attribute is cancelled
The renewal of common parameter, owing to the common parameter in encryption attribute mechanism is relatively big, the substantial amounts of calculating that renewal can cause frequently
And communication resource consumption.On the other hand, in properties secret system, it is frequently accompanied by the situation generation that private key for user is revealed.As
Really key can not get updating timely, and substantial amounts of private data can be exposed to disabled user, and whole system also can be faced with huge
Security threat.Therefore, encryption system based on attribute needs a kind of strategy, can alleviate the burden of attribute AUC, again
Can cancel at attribute and ensure security of system during key updating.Additionally, the expense of key updating should be preferably minimized, keep away
Exempt from a large amount of common parameter and update the huge communication load brought.
Application No. CN201510407611.2, entitled " revocable fraction prestige key strategy based on multilinear pairing
Encryption attribute method " patent propose the encryption attribute of a kind of revocable fraction prestige key strategy based on multilinear pairing
Method, constructs and meets the key strategy of user for the single attribute cancelling user, the only property set of ciphertext, and user could be complete
Become decrypting process.Scheme is taked by the strategy of authority's central configuration fraction prestige, and each fraction prestige is grasped respective master key and participates in
Common parameter set up process, utilize linear privacy share algorithm that access strategy transfers to access structure, generate and access knot accordingly
Private key for user under structure, according to property set and known revocation list, is encrypted message, it is judged that whether user is cancelling row
In table, complete decrypting process, in conjunction with known private key and user, set up tracing algorithm, it is determined that user and the relatedness of private key, and
Solve and cancel the single attribute of user and the problem of all attributes of non-user, demonstrate the relatedness of user and confidence, improve
Operation efficiency and overall security.But, due to the problem that many authority centers exist the time and parameter synchronization is shared, work as user
Attribute when needing to cancel, in system, common parameter renewal can take the biggest calculating resource so that it is whole that system key updates
Body efficiency is on the low side, is not suitable for being applied to the scene such as radio communication, Sensor Network.Additionally, key updatings whole in scheme works all
By attribute, AUC completes, and over-burden for node, easily causes the problems such as single point failure.
Summary of the invention
The technical problem to be solved in the present invention is to seek a kind of encryption policy to alleviate the burden of attribute AUC, again can
Cancel at attribute and ensure security of system during key updating, reduce the expense of key updating, it is to avoid a large amount of common parameters
Update the huge communication load brought.
For solving the problems referred to above, the technical scheme that the present invention proposes is a kind of efficient key distributor based on encryption attribute
Method, comprises the steps of
Step one: system initialization
1. definition G1,G2Being two cyclic groups, it is G that its exponent number is p. definition g1On one generation unit.
2. definitionIt is a bilinear map, and defines a hash function H1:{0,1}*→G1,
The function of this function is that the character string of random length is projected G1On.
3. attribute AUC is at finite fieldInterior is one random number of each Attributions selectionAdditionally chooseThen the main private key of system is { ti,gy, s}, aid key is h, and system common parameter is
Step 2: initial key is distributed
At starting stage TP0, without loss of generality, it is assumed that the unique identifier of a user is u1, the community set being had is { Ai},
Then this user is at TP0The initial key in moment is defined as
Step 3: key updating
1. when the time slice of system is from TPn-1Evolve to TPnTime, key aid is calculated as each property calculation key
More fresh information
2. user obtainsAfter, by the key updating before oneself to latest edition, calculation procedure method is as follows:
Step 4: data encryption
1. data sender choosesAnd define the matrix of l row n rowAs access control matrix.
2. assumeThe i-th row value beMatrix data sender chooses a column vector
And make
3., according to the common parameter of system, data sender calculates following information:
C1=gx,
4. data sender is by { C0,C1,C2,i,C3,i,C4,iPacking is uploaded to data server as ciphertext.
Step 5: data deciphering
1. Data receiver downloads corresponding ciphertext at data server.
2. Data receiver utilizes current private keyCarry out acquisition calculated as below in plain text, wherein ωiIt is that a constant makes
Obtain ∑i∈lλiωi=x.
Above-mentioned formula correctness specification is as follows:
Further, present invention also offers the system that can realize efficient key distribution method based on encryption attribute, comprise
Attribute AUC, key aid, data sender, Data receiver, base station and data server.Wherein, attribute authentication
The attribute of user, and the initial private key of dispatch user are responsible in center.Key aid is responsible at each time slice of system
The private key of user is updated during beginning.The communication that base station is each inter-entity provides the channel of safety.Data sender formulates in plain text
Encryption policy, afterwards ciphertext is uploaded to data server.The physical node that data server is made up of computer cluster,
It is responsible for the storage data of safety.Data receiver downloads corresponding ciphertext, and is obtained in plain text by the deciphering of owned private key.
Beneficial effect:
1, in the cryptographic key distribution method that the present invention provides, the life cycle of system is divided into some time fragment, surely belongs to
Property cancel or Key Exposure occur time, can by update validated user private key guarantee the forward direction of system and consequent safety.
The private key of fragment user reveals the safety not affecting system other times fragment the most sometime.
2, for existing encryption attribute mechanism AUC over-burden feature, in system, introduce a key assist
Device, helps user to update private key, alleviates the burden of AUC, it is to avoid cause node to delay the situation of machine.And in key updating
During, system common parameter will not occur any change, only need to update the part private key of user, greatly reduce key more
New cost.
3, have employed efficient attribute key update method, only have updated the part private key of user, and the public ginseng of system
Number need not change, and greatly improves the efficiency of system.Data sender can formulate control extension strategy, thus realizes certainly
Main data access controls.
Accompanying drawing explanation
Fig. 1 is the system schematic of the present invention.
Detailed description of the invention
It is embodied as being further described in detail to the present invention below in conjunction with the accompanying drawings.
Fig. 1 is the system schematic of the present invention.It can be seen that efficient key dissemination system based on encryption attribute, bag
Containing six functional entitys, i.e. attribute AUC, key aid, data sender, Data receiver, base station and data, services
Device.Wherein, attribute AUC is responsible for the attribute of user, and the initial private key of dispatch user.In order to alleviate attribute authentication
The calculated load at center, introduces another device keys aid in system.Key aid is responsible for generating private key for user more
Fresh information;In order to before and after guarantee system to safety, system is divided into some discrete time slices;When the private key of user is sent out
When life leaks or needs attribute to redirect, system enters future time fragment, and is responsible in system every by key aid
The private key of user is updated when individual time slice starts;Key aid is responsible for when each time slice of system starts updating user
Private key.The communication that base station is each inter-entity provides the channel of safety.Data sender formulates encryption of plaintext strategy, afterwards
Ciphertext is uploaded to data server.The physical node that data server is made up of computer cluster, is responsible for the storage of safety
Data.Data receiver downloads corresponding ciphertext, and is obtained in plain text by the deciphering of owned private key.
Now efficient key based on encryption attribute is updated and the process of data sharing illustrates, comprise the steps of
Step one: system initialization
1. definition G1,G2Being two cyclic groups, it is G that its exponent number is p. definition g1On one generation unit.
2. definitionIt is a bilinear map, and defines a hash function H1:{0,1}*→G1,
The function of this function is that the character string of random length is projected G1On.
3. attribute AUC is at finite fieldInterior is one random number of each Attributions selectionAdditionally chooseThen the main private key of system is { ti,gy, s}, aid key is h, and system common parameter is
Step 2: initial key is distributed
At starting stage TP0, without loss of generality, it is assumed that the unique identifier of a user is u1, the community set being had is { Ai},
Then this user is at TP0The initial key in moment is defined as
Step 3: key updating
1. when the time slice of system is from TPn-1Evolve to TPnTime, key aid is calculated as each property calculation key
More fresh information
2. user obtainsAfter, by the key updating before oneself to latest edition, calculation procedure method is as follows:
Step 4: data encryption
1. data sender choosesAnd define the matrix of l row n rowAs access control matrix.
2. assumeThe i-th row value beMatrix data sender chooses a column vector
And make
3., according to the common parameter of system, data sender calculates following information:
C1=gx,
4. data sender is by { C0,C1,C2,i,C3,i,C4,iPacking is uploaded to data server as ciphertext.
Step 5: data deciphering
1. Data receiver downloads corresponding ciphertext at data server.
2. Data receiver utilizes current private keyCarry out acquisition calculated as below in plain text, wherein ωiIt is that a constant makes
Obtain ∑i∈lλiωi=x.
The correctness specification of above formula is as follows:
In order to before and after guarantee system to safety and solve the problem that attribute key is revoked, the present invention is by the life of whole system
The life cycle is divided into the time slice that several are discrete, and the information of each time slice can be embedded in the private key that user is current
In.When occurring user property to cancel in system, update or during the situation such as private key for user leakage, by updating the private of validated user
Key guarantees intrasystem front backward security.
Especially, it should be noted that, in order to alleviate the computation burden of attribute AUC, in system, introduce a key
Aid, helps user to update private key when new time slice arrives.In the life cycle of whole system, system public
There is not any change in parameter, therefore attribute cancels the renewal that need not involve parameter, in addition to User Part private key needs to update
Without synchronizing systematic parameter, therefore the efficiency of key updating is greatly improved.
The foregoing is only a specific embodiment of the present invention, not in order to limit the present invention, used in the present embodiment
Data set and attack mode are only limitted to the present embodiment, all within the spirit and principles in the present invention, any amendment of being made, equivalent
Replacement, improvement etc., should be included within the scope of the present invention.
Claims (2)
1. an efficient key distribution method based on encryption attribute, it is characterised in that comprise the steps of
Step one: system initialization
1) definition G1,G2Being two cyclic groups, it is G that its exponent number is p., definition g1On one generation unit;
2) definitionIt is a bilinear map, and defines a hash function H1: { 0,1}*→G1, this letter
The function of number is that the character string of random length is projected G1On;
3) attribute AUC is at finite fieldInterior is one random number of each Attributions selectionAdditionally chooseThen the main private key of system is { ti,y, s}, aid key is h, and system common parameter is
Step 2: initial key is distributed
At starting stage TP0, without loss of generality, it is assumed that the unique identifier of a user is u1, the community set being had is { Ai, then should
User is at TP0The initial key in moment is defined as
Step 3: key updating
1) when the time slice of system is from TPn-1Evolve to TPnTime, key aid is calculated as the renewal of each property calculation key
Information
2) user obtainsAfter, by the key updating before oneself to latest edition, calculation procedure method is as follows:
Step 4: data encryption
1) data sender choosesAnd define the matrix of l row n rowAs access control matrix;
2) assumeThe i-th row value beMatrix data sender chooses a column vectorAnd
And order
3) according to the common parameter of system, data sender calculates following information:
4) data sender is by { C0,C1,C2,i,C3,i,C4,iPacking is uploaded to data server as ciphertext;
Step 5: data deciphering
1) Data receiver downloads corresponding ciphertext at data server;
2) Data receiver utilizes current private keyCarry out acquisition calculated as below in plain text, wherein ωiIt is that a constant makes
2. the system of the efficient key distribution method based on encryption attribute realized described in claim 1, it is characterised in that
Comprise attribute AUC, key aid, data sender, Data receiver, base station and data server, wherein, described
Attribute AUC is responsible for the attribute of user, and the initial private key of dispatch user;Described key aid is responsible in system
The private key of user is updated when each time slice starts;The communication that described base station is each inter-entity provides the channel of safety;Institute
State data sender and formulate encryption of plaintext strategy, afterwards ciphertext is uploaded to data server;Described data server be by
The physical node of computer cluster composition, is responsible for the storage data of safety;Described Data receiver downloads corresponding ciphertext, and passes through
The deciphering of owned private key obtains in plain text.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610146573.4A CN105915333B (en) | 2016-03-15 | 2016-03-15 | A kind of efficient key distribution method based on encryption attribute |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610146573.4A CN105915333B (en) | 2016-03-15 | 2016-03-15 | A kind of efficient key distribution method based on encryption attribute |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105915333A true CN105915333A (en) | 2016-08-31 |
CN105915333B CN105915333B (en) | 2019-08-23 |
Family
ID=56745211
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610146573.4A Active CN105915333B (en) | 2016-03-15 | 2016-03-15 | A kind of efficient key distribution method based on encryption attribute |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105915333B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106503994A (en) * | 2016-11-02 | 2017-03-15 | 西安电子科技大学 | Block chain private data access control method based on encryption attribute |
CN108418784A (en) * | 2017-12-04 | 2018-08-17 | 重庆邮电大学 | A kind of distributed cross-domain authorization and access control method based on properties secret |
CN107947923B (en) * | 2017-11-29 | 2020-08-04 | 重庆邮电大学 | Attribute key distribution method without trusted center |
CN114363858A (en) * | 2022-03-21 | 2022-04-15 | 苏州浪潮智能科技有限公司 | Conversation and registration method, system and related components of cellular internet of vehicles cooperative communication |
CN114785622A (en) * | 2022-06-21 | 2022-07-22 | 深圳赛思鹏科技发展有限公司 | Access control method, device and storage medium for multi-identification network |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070116269A1 (en) * | 2005-08-05 | 2007-05-24 | Zoltan Nochta | System and method for updating keys used for public key cryptography |
US20110320809A1 (en) * | 2010-06-23 | 2011-12-29 | Motorola, Inc. | Method and apparatus for key revocation in an attribute-based encryption scheme |
CN102546161A (en) * | 2010-12-08 | 2012-07-04 | 索尼公司 | Ciphertext policy based revocable attribute-based encryption method and equipment and system utilizing same |
CN103618728A (en) * | 2013-12-04 | 2014-03-05 | 南京邮电大学 | Attribute-based encryption method for multiple authority centers |
CN104486315A (en) * | 2014-12-08 | 2015-04-01 | 北京航空航天大学 | Revocable key external package decryption method based on content attributes |
-
2016
- 2016-03-15 CN CN201610146573.4A patent/CN105915333B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070116269A1 (en) * | 2005-08-05 | 2007-05-24 | Zoltan Nochta | System and method for updating keys used for public key cryptography |
US20110320809A1 (en) * | 2010-06-23 | 2011-12-29 | Motorola, Inc. | Method and apparatus for key revocation in an attribute-based encryption scheme |
CN102546161A (en) * | 2010-12-08 | 2012-07-04 | 索尼公司 | Ciphertext policy based revocable attribute-based encryption method and equipment and system utilizing same |
CN103618728A (en) * | 2013-12-04 | 2014-03-05 | 南京邮电大学 | Attribute-based encryption method for multiple authority centers |
CN104486315A (en) * | 2014-12-08 | 2015-04-01 | 北京航空航天大学 | Revocable key external package decryption method based on content attributes |
Non-Patent Citations (1)
Title |
---|
唐强,姬东耀: "《多授权中心可验证的基于属性的加密方案》", 《武汉大学学报》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106503994A (en) * | 2016-11-02 | 2017-03-15 | 西安电子科技大学 | Block chain private data access control method based on encryption attribute |
CN107947923B (en) * | 2017-11-29 | 2020-08-04 | 重庆邮电大学 | Attribute key distribution method without trusted center |
CN108418784A (en) * | 2017-12-04 | 2018-08-17 | 重庆邮电大学 | A kind of distributed cross-domain authorization and access control method based on properties secret |
CN108418784B (en) * | 2017-12-04 | 2020-09-25 | 重庆邮电大学 | Distributed cross-domain authorization and access control method based on attribute password |
CN114363858A (en) * | 2022-03-21 | 2022-04-15 | 苏州浪潮智能科技有限公司 | Conversation and registration method, system and related components of cellular internet of vehicles cooperative communication |
CN114785622A (en) * | 2022-06-21 | 2022-07-22 | 深圳赛思鹏科技发展有限公司 | Access control method, device and storage medium for multi-identification network |
CN114785622B (en) * | 2022-06-21 | 2022-09-30 | 深圳赛思鹏科技发展有限公司 | Access control method, device and storage medium for multi-identification network |
Also Published As
Publication number | Publication date |
---|---|
CN105915333B (en) | 2019-08-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Xu et al. | Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation | |
Xu et al. | A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance | |
CN108600217B (en) | Cloud-based data authorization certainty updating method based on proxy re-encryption | |
CN104113408B (en) | It is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method | |
CN105554105B (en) | Multi-service and privacy protection oriented vehicle networking group key management method | |
CN105915333A (en) | High-efficiency secret key distribution method based on attribute encryption | |
Chow | A framework of multi-authority attribute-based encryption with outsourcing and revocation | |
Ying et al. | Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating | |
CN114219483B (en) | Method, equipment and storage medium for sharing block chain data based on LWE-CPBE | |
CN105007284B (en) | With the public audit method of secret protection in multi-manager group shared data | |
CN112104619A (en) | Data access control system and method based on outsourcing ciphertext attribute encryption | |
Zu et al. | New ciphertext-policy attribute-based encryption with efficient revocation | |
CN104363215A (en) | Encryption method and system based on attributes | |
CN105100083A (en) | Attribute-based encryption method and attribute-based encryption system capable of protecting privacy and supporting user Undo | |
CN107483205B (en) | A kind of the digital signature generation method and system of the private key secret based on encryption | |
CN107294718B (en) | Attribute-based encryption method for revocable key strategy in standard model | |
CN106059763A (en) | Attribute-based multi-mechanism hierarchical ciphertext-policy weight encryption method under cloud environment | |
Zhang et al. | Attribute-based data sharing with flexible and direct revocation in cloud computing | |
Shen et al. | Toward data privacy preservation with ciphertext update and key rotation for IoT | |
CN106209790A (en) | A kind of hiding Ciphertext policy efficiently can verify that outsourcing attribute base encryption method | |
Zhang et al. | Efficient and privacy-aware attribute-based data sharing in mobile cloud computing | |
Ming et al. | Efficient revocable multi-authority attribute-based encryption for cloud storage | |
Chen et al. | Fully secure ciphertext-policy attribute based encryption with security mediator | |
Li et al. | Provably secure unbounded multi‐authority ciphertext‐policy attribute‐based encryption | |
Li et al. | Certificateless online/offline signcryption scheme |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |