CN112671543A - Public verifiable outsourcing attribute-based encryption method based on block chain - Google Patents
Public verifiable outsourcing attribute-based encryption method based on block chain Download PDFInfo
- Publication number
- CN112671543A CN112671543A CN202011568809.6A CN202011568809A CN112671543A CN 112671543 A CN112671543 A CN 112671543A CN 202011568809 A CN202011568809 A CN 202011568809A CN 112671543 A CN112671543 A CN 112671543A
- Authority
- CN
- China
- Prior art keywords
- key
- user
- ciphertext
- trusted authority
- attribute
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a block chain-based publicly verifiable outsourcing attribute-based encryption method, which not only tracks a secret key of a malicious user, but also cancels the malicious user, meanwhile, can update a ciphertext in time, can publicly verify outsourcing decryption, and provides forward security of a mechanism. The invention comprises the following steps: A. initializing a system; B. encrypting; C. generating a secret key; D. decrypting; E. outsourcing key generation; F. outsourcing conversion; G. outsourcing decryption; H. and tracing the identity of the user.
Description
Technical Field
The invention relates to a public verifiable outsourcing attribute-based encryption method based on a block chain.
Background
Over the past few decades, with the continued development of the internet of things (IoT), traditional internet of things systems may face challenges in efficiency and system security. First, since the amount of data transmitted between the internet of things device and the conventional cloud server is large, the cloud server suffers from transmission delay and service quality degradation. Second, sensitive data must be encrypted before uploading to the cloud server, and fine-grained access control must be supported when sharing sensitive data. Finally, a malicious cloud server may tamper with sensitive data, thereby preventing the internet of things device from accessing the data correctly.
With respect to the first problem, fog calculation is a suitable technique that can solve the problem well. The fog computing is located between the IoT devices and the traditional centralized cloud infrastructure, and the fog nodes are closer to the IoT devices than the cloud servers. Thus, IoT systems using fog computing may ensure that real-time web applications and devices are enabled with less delay and sufficient computing resources.
In addition, cipher text policy attribute based encryption (CP-ABE), which is a promising encryption primitive, can effectively solve the second problem, and is generally used for implementing fine-grained cryptographic access control of data in the cloud. However, due to the limited storage and computing capabilities of the internet of things devices, the CP-ABE with outsourced decryption function is more suitable for the internet of things scenario. Most existing CP-ABE schemes with outsourced decryption only allow the original decryptor to check if the third party agent has returned the correct translation ciphertext when verifying the decryption result. In this case, once dispute is made about the decryption result, the decryption key must be revealed to the arbiter. Thus, the CP-ABE with outsourced decryption functionality must achieve public verifiability of the decryption result. Also, the conventional CP-ABE still has a problem in that a malicious user may leak its own decryption key to others, and the malicious user does not bear the risk of being traced and revoked.
In view of the above, it is therefore necessary to design a CP-ABE scheme that supports the tracing and revocation of malicious users and that can publicly authenticate the decryption of outsources.
Disclosure of Invention
The invention aims to overcome the defects in the prior art, and provides a reasonably designed block chain-based publicly verifiable outsource attribute-based encryption method, which not only tracks the secret key of a malicious user, but also cancels the malicious user, meanwhile, can update the ciphertext in time, can publicly verify the decryption of the outsource, and provides the forward security of the mechanism.
The technical scheme adopted by the invention for solving the problems is as follows:
a block chain-based publicly verifiable outsourcing attribute-based encryption method is characterized by comprising the following steps: the method comprises the following steps:
A. initializing a system: the trusted authority generates a global public key and a master key according to the security parameters and the whole attribute set, and publishes the global public key and the unfamiliar master key;
B. encryption: the data owner encrypts the message and generates a ciphertext according to the global public key, the access structure and the overlay list;
C. and (3) key generation: the trusted authority generates a decryption key according to the global public key, the identity information of the user and the user attribute set, and sends the decryption key to the data user;
D. and (3) decryption: the user decrypts the ciphertext into a message by using the decryption key;
E. and (3) outsourcing key generation: the user converts the decryption key into a conversion key and a retrieval key according to the decryption key, sends the conversion key to the fog node and stores the retrieval key by the user;
F. and (3) outsourcing conversion: the fog node outsourcing the ciphertext into a conversion ciphertext according to the global public key, the ciphertext and the conversion key, and then sending the conversion ciphertext to a data user;
G. and (3) outsourcing decryption: the user generates a message according to the retrieval key, the ciphertext and the conversion ciphertext;
H. tracing the identity of the user: the trusted authority outputs user identity information or error information according to the global public key, the minimum coverage list and the decryption key;
I. and (3) ciphertext updating: the trusted authority generates an updated ciphertext according to the global public key, the ciphertext and the minimum coverage list; and the trusted authority sends the updated ciphertext to the fog node.
The step A of the invention specifically comprises the following steps:
a1, firstly, the trusted authority receives a whole attribute set U, and selects the order according to an implicit security parameter lambdaTwo multiplication cycle groups with prime number p and generator gAndand a bilinear mapThe trusted authority then initializes an empty user revocation list L and a full binary treeAfter initialization, the trusted authority assigns the user's identity to the full binary treeOn leaf nodes of the binary treeNumbering each node according to a breadth-first search method, wherein the numbering of the root node is 0, and d is used to represent a binary treeSo that the maximum number of users is | Num | ═ 2dThe number of nodes of the binary tree is 2| Num | -2, so the number of the last leaf node of the binary tree is 2| Num | -2;
a2, the trusted authority selects two random numbers alpha,whereinIs a p-order integer ring; the trusted authority then likewise selects five random numbers g, u, v, d,
a3, for each attribute value i epsilon U, the trusted authority selects a random numberWhereinIs a positive integer ring of order p and computes an attribute public key component associated with the attribute value
A4, the trusted authority randomly selects an anti-collision hash functionThe hash function can map a message m or a random message m' to oneAn element of (a);
a5 for binary treeIn each node, the trusted authority randomly selects a random numberThen generating a master key componentAlso concurrently generating a binary tree public key component associated with the user identity
A6, selecting a probability encryption scheme (Enc, Dec) by the trusted authority, wherein Enc is an encryption function, and Dec is a decryption function;
a7, the trusted authority publishes the public key PK, and does not publish the master key MSK.
The step B of the invention specifically comprises the following steps:
b1 data owner selects an access structureWhere M is an access matrix of order l n, and p is an access matrix capable of converting M into MiMapping algorithm to an attribute, where MiIs the ith row of the access matrix M; the data owner then selects two random secret indices s,and sets two random column vectors v ═ s, v2,...,vn) And v ═ s ', v'2,...,v′n) WhereinFinally, for each MiThe data owner calculates the effective share λ associated with the secret exponents s and si=MiX v and λ'i=Mi×v′;
B2, data owner selects information m to be encrypted and randomly selected information m', and calculates and accesses structureAssociated ciphertext componentC1=m·e(g,g)αs,C′1=gs,C″1=gas,C2=m′·e(g,g)αs′,C′2=gs′And C ″)2=gas′,
B3、Upon receipt of the latest overlay list cover (L) sent by the trusted authority, the data owner generates the ciphertext component associated with the overlay list cover (L)
B4, and finally, the generated ciphertext CT is:
b5, once the fog node receives the data owner's ciphertext, the fog node will call an intelligent contract, and after the intelligent contract is generated, the fog node broadcasts the transaction to other fog nodes for consensus verification.
The step C of the invention specifically comprises the following steps:
c1, selecting a random number by credible organizationAnd generating a random number f ═ Enc using a probabilistic encryption scheme with a symmetric key of kk(lx) Wherein l isxIs a leaf node associated with the user identity;
c2, the trusted authority first generates a key component associated with the user property set S: k1=f,K3=gbAnd K4=gab,
C3, selecting a random number by the trusted authorityAnd generating a key element associated with the user identity uidAndwhere x ∈ path (uid) andgate (l), and path (uid) is the path number between the binary tree from the root node to the leaf node of the associated user uid, then the trusted authority generates the key component associated with the user identity uid:K6=gw,
c4, the trusted authority generates a key SK and sends the key SK to the data user, wherein:
SK={K1,K2,K3,K4,Ki,K5,K6,K7,K8}。
the step D of the invention specifically comprises the following steps:
d1, find two constants ciAnd c'iCan make two equationsThe method comprises the following steps that (1) the attribute mapping set I is { I | rho (I) ∈ S };
d2, the data consumer first computes two decryption components:
d3, the data user then calculates two plaintext blocks m ═ C1/Y′1And m ═ C2/Y′2And determining the ciphertext componentAnd ciphertext verification parameter component uH(m)vH(m′)And d is equal or not, if equal, the message m is returned, and if not, the operation is interrupted.
Step E of the invention specifically comprises the following steps:
e1, selecting a random number z by a user, and generating a conversion key component K'1=K1,AndK′7=K7,K′8=K8;
e2, the user sends the generated transformation key TK to the cloud node, and the user saves the retrieval key RK, wherein:
TK={K′1,K′2,K′3,K′4,K′i,K′5,K′6,K′7,K′8},RK={z}。
in step F of the present invention, the fog node calculates two converted ciphertext components as follows:
the step G of the invention specifically comprises the following steps:
g1, the user first verifies the information received, ifOr W1≠C1Or W2≠C2If the verification is successful, the operation is interrupted, otherwise, the verification is passed;
g2, if the verification is passed, the user computes two plaintext messages:
g3, user calculating two verification plaintext components V1=uH(m),V2=vH(m′)And will V1And V2Sending to the fog node, then the fog node calls the intelligent contract, and the intelligent contract is verifiedAnd plaintext verification parameter component V1V2d are equal.
Step H of the present invention specifically comprises the following steps:
h1, firstly, the trusted authority firstly judges whether the format of the inputted public key SK is correct, if so, the operation is interrupted;
h2, if the format of the public key SK is correct, the trusted authority searches for lxWhether the user identity uid exists in the minimal coverage list cover (L) or not is judged, if so, the user identity uid is returned, otherwise, a false user identity uid is returned;
h3, the trusted authority updates the latest revocation list L' ═ L utou { uid }.
The steps of the invention specifically comprise the following steps:
i1, selecting a random number by the trusted authorityAnd computing an updated binary tree public key component associated with the user identity
I2, the trusted authority calculates the updated ciphertext component:
and computes two ciphertext components associated with the overlay list (L) after updatingAndthen an updated ciphertext is generated:
i3, the trusted authority then sends the updated ciphertext and the revocation list L' to the fog node, which recalls the intelligent contract to store the latest ciphertext hash.
Compared with the prior art, the invention has the following advantages and effects: 1. the invention combines outsourcing decryption with the block chain, realizes the public verifiability of the outsourcing decryption result on the premise of ensuring that the fog node can not obtain any information about the plaintext, and simultaneously can effectively prevent the cloud server from tampering the ciphertext and the user maliciousness of 35820; 2. the method has the advantages that the malicious users are tracked, revoked and updated in time, the identity information of the users is distributed to leaf nodes in the binary tree, and once the malicious users are tracked, the malicious users are added into a revocation list, so that the malicious users are tracked and revoked; 3. the outer package decryption information is disclosed through a block chain technology, so that the public verifiability of the outer package decryption attribute-based encryption is realized; 4. the delay problem of a traditional centralized cloud server architecture is solved based on a three-layer system architecture of 'Internet of things equipment-fog nodes-cloud servers'; 5. the method can provide higher privacy protection requirements for users, has higher efficiency, and is convenient for the use of mobile equipment with limited bandwidth and resources.
Drawings
FIG. 1 is a schematic diagram of an overview of a binary tree according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail below by way of examples with reference to the accompanying drawings, which are illustrative of the present invention and are not to be construed as limiting the present invention.
In this embodiment, a block chain-based encryption method for publicly verifiable outsourcing attribute bases specifically includes the following steps:
A. initializing a system: the trusted authority generates a global public key PK and a master key MSK according to the implicit security parameter lambda and the overall attribute set U; the method specifically comprises the following steps:
a1, firstly, the trusted authority receives a whole attribute set U, and selects two multiplication cycle groups with the order of prime number p and generation element g according to an implicit safety parameter lambdaAndand a bilinear mapThe trusted authority then initializes an empty user revocation list L and a full binary treeAfter initialization, the trusted authority assigns the user's identity to the full binary treeOn leaf nodes of the binary treeNumbering each node according to a breadth-first search method, wherein the numbering of the root node is 0, and d is used to represent a binary treeSo that the maximum number of users is | Num | ═ 2dNode of binary treeThe number of points is 2| Num | -2, so the number of the last leaf node of the binary tree is 2| Num | -2;
a2, the trusted authority selects two random numbers alpha,whereinIs a p-order integer ring. The trusted authority then likewise selects five random numbers g, u, v, d,
a3, for each attribute value i epsilon U, the trusted authority selects a random numberWhereinIs a positive integer ring of order p and computes an attribute public key component associated with the attribute value
A4, the trusted authority randomly selects an anti-collision hash functionThe hash function can map a message m or a random message m' to oneAn element of (a);
a5 for binary treeIn each node, the trusted authority randomly selects a random numberThen generating a master key componentAlso concurrently generating a binary tree public key component associated with the user identity
A6, selecting a probability encryption scheme (Enc, Dec) by the trusted authority, wherein Enc is an encryption function and Dec is a decryption function. The scheme is a symmetric encryption scheme, which can map the user identity uid toAnd returns a different result each time encrypted using the symmetric key k;
a7, trusted authority publishes public key PK, and does not publish master key MSK:
B. encryption: the data owner accesses the structure according to the global public key PK, message mAnd an overlay list cover (L), wherein overlay list cover (L) is a set of node numbers of a minimum overlay set associated with user revocation list L, and then encrypts message m and generates ciphertext CT; the method specifically comprises the following steps:
b1 data owner selects an access structureWhere M is an access matrix of order l n, and p is an access matrix capable of converting M into MiMapping to a map of attributesRay algorithm, in which MiIs the ith row of the access matrix M; the data owner then selects two random secret indices s,and sets two random column vectors v ═ s, v2,...,vn) And v ═ s ', v'2,...,v′n) WhereinAndthe part is a selected random number; finally, for each MiThe data owner calculates the effective share λ associated with the secret exponents s and si=MiX v and λ'i=Mi×v′;
B2, data owner selects information m to be encrypted and randomly selected information m', and calculates and accesses structureAssociated ciphertext componentC1=m·e(g,g)αs,C′1=gs,C″1=gas,C2=m′·e(g,g)αs′,C′2=gs′And are and
b3, when the data owner receives the latest overlay list cover (L) sent by the trusted authority, the data owner generates the ciphertext component associated with the overlay list cover (L)
B4, and finally, the generated ciphertext CT is:
b5, once the fog node receives the data owner's ciphertext, the fog node will call an intelligent contract, and after the contract is generated, the fog node broadcasts the transaction to other fog nodes for consensus verification.
C. And (3) key generation: the trusted authority generates a decryption key SK according to the global public key PK, the identity information uid of the user and the user attribute set S; the method specifically comprises the following steps:
c1, selecting a random number by credible organizationAnd generating a random number f ═ Enc using a probabilistic encryption scheme with a symmetric key of kk(lx) Wherein l isxIs a leaf node associated with the user identity;
c2, the trusted authority first generates a key component associated with the property set S: k1=f,K3=gbAnd K4=gab,
C3, selecting a random number by the trusted authorityAnd generating a key element associated with the user identity uidAndwhere x ∈ path (uid) andgate (l), and path (uid) is the path number between the binary tree from the root node to the leaf node of the associated user uid, then the trusted authority generates the key component associated with the user identity uid:K6=gw,
c4, the trusted authority generates a key SK and sends the key SK to the data user:
SK={K1,K2,K3,K4,Ki,K5,K6,K7,K8}。
D. and (3) decryption: the user decrypts the ciphertext CT into a message m by using the decryption key SK; the method specifically comprises the following steps:
d1, find two constants ciAnd c'iCan make two equationsThe method comprises the following steps that (1) the attribute mapping set I is { I | rho (I) ∈ S };
d2, the data consumer first computes two decryption components:
d3, the data user then calculates two plaintext blocks m ═ C1/Y′1And m ═ C2/Y′2And determining the ciphertext componentAnd ciphertext verification parameter component uH(m)vH(m′)And d is equal or not, if equal, the message m is returned, and if not, the operation is interrupted.
E. And (3) outsourcing key generation: the user converts the decryption key SK into a conversion key TK and a retrieval key RK according to the decryption key SK; the method specifically comprises the following steps:
e1, selecting a random number z by a user, and generating a conversion key component K'1=K1,AndK′7=K7,K′8=K8;
e2, the user sends the generated transformation key TK to the cloud node and the user saves the retrieval key RK:
TK={K′1,K′2,K′3,K′4,K′i,K′5,K′6,K′7,K′8},
RK={z}。
F. and (3) outsourcing conversion: the fog node converts the ciphertext CT outsourced into a conversion ciphertext CT' according to the public key PK, the ciphertext CT and the conversion key TK, andthe fog node then sends the converted ciphertext CT' to the data user.
Wherein the fog node computes two transformed ciphertext components:
G. and (3) outsourcing decryption: the user generates a message m according to the retrieval key RK, the ciphertext CT and the conversion ciphertext CT'; the method specifically comprises the following steps:
g1, the user first verifies the information received, ifOr W1≠C1Or W2≠C2If the verification is successful, the operation is interrupted, otherwise, the verification is passed;
g2, if the verification is passed, the user computes two plaintext messages:
g3, user calculating two verification plaintext components V1=uH(m),V2=vH(m′)And will V1And V2Sending the information to a fog node, then calling an intelligent contract by the fog node, and verifying the intelligent contractAnd plaintext verification parameter component V1V2d are equal to achieve public verifiability of the algorithm.
H. Tracing the identity of the user: the trusted authority outputs user identity information uid or error information according to the global public key PK, the minimum coverage list cover (L) and the decryption key SK; the method specifically comprises the following steps:
h1, firstly, the trusted authority firstly judges whether the format of the input key SK is correct, and if the format is wrong, the operation is interrupted;
h2, if SK format is correct, trusted authority searches for lxWhether it is in the minimum coverage list cover (l), if it is, returning the user identity uid, otherwise, returning a false user identity uid, wherein the false user identity uid can never be returnedPresent in the system;
h3, the trusted authority updates the latest revocation list L' ═ L utou { uid }.
I. And (3) ciphertext updating: the trusted authority generates an updated ciphertext CT 'according to the global public key PK, the ciphertext CT and the minimum overlay list cover (L'); the method specifically comprises the following steps:
i1, selecting a random number by the trusted authorityAnd computing an updated binary tree public key component associated with the user identity
I2, the trusted authority calculates the updated ciphertext component:
and computes two ciphertext components associated with the overlay list (L) after updatingAndthen an updated ciphertext is generated:
i3, the trusted authority then sends the updated ciphertext and the revocation list L' to the fog node, which recalls the intelligent contract to store the latest ciphertext hash.
The entities involved in the invention comprise a trusted authority, a data owner, a fog node, a cloud storage provider, a data user and a block chain.
A trusted authority, considered to be fully trusted, for generating a global public key PK and a master key MSK for a system, which also has a revocation list L of users and a binary treeMeanwhile, the trusted authority only sends the revocation list L and the minimum coverage list cover (L') to the cloud node and the data owner respectively, but does not disclose the whole binary tree, which is beneficial to protecting the privacy of the data user.
And the data user sets an access structure for encrypting the message by himself, encrypts the message by using the system, and uploads the encrypted ciphertext to the fog node.
And the fog node is considered as semi-trusted, maintains a revocation list L of users, when a data user requests to access data, the data user sends the request to the fog node, and after receiving the request, if the data user is not in the revocation list L and the attribute set S is matched with the access structure, the fog node forwards the request to a trusted authority, and finally, the fog node also plays a role in packaging and sending some key information to the block chain.
The cloud storage provider, which is also considered semi-trusted, is responsible for storing the ciphertext from the fog node, and then also stores the ciphertext in the location AdressCTAnd returning to the fog node.
And the data users, each of which has an identity mark uid, communicate data requests and data verification of the data users by sending data description information to the fog node.
And the block chain, wherein the fog node stores information on the block chain through an intelligent contract, such as: hash of the ciphertext, hash of the updated ciphertext, public key, etc.
In addition, it should be noted that the specific embodiments described in the present specification may be different in the components, the shapes of the components, the names of the components, and the like, and the above description is only an illustration of the structure of the present invention. Equivalent or simple changes in the structure, characteristics and principles of the invention are included in the protection scope of the patent. Various modifications, additions and substitutions for the specific embodiments described may be made by those skilled in the art without departing from the scope of the invention as defined in the accompanying claims.
Claims (10)
1. A block chain-based publicly verifiable outsourcing attribute-based encryption method is characterized by comprising the following steps: the method comprises the following steps:
A. initializing a system: the trusted authority generates a global public key and a master key according to the security parameters and the whole attribute set, and publishes the global public key and the unfamiliar master key;
B. encryption: the data owner encrypts the message and generates a ciphertext according to the global public key, the access structure and the overlay list;
C. and (3) key generation: the trusted authority generates a decryption key according to the global public key, the identity information of the user and the user attribute set, and sends the decryption key to the data user;
D. and (3) decryption: the user decrypts the ciphertext into a message by using the decryption key;
E. and (3) outsourcing key generation: the user converts the decryption key into a conversion key and a retrieval key according to the decryption key, sends the conversion key to the fog node and stores the retrieval key by the user;
F. and (3) outsourcing conversion: the fog node outsourcing the ciphertext into a conversion ciphertext according to the global public key, the ciphertext and the conversion key, and then sending the conversion ciphertext to a data user;
G. and (3) outsourcing decryption: the user generates a message according to the retrieval key, the ciphertext and the conversion ciphertext;
H. tracing the identity of the user: the trusted authority outputs user identity information or error information according to the global public key, the minimum coverage list and the decryption key;
I. and (3) ciphertext updating: the trusted authority generates an updated ciphertext according to the global public key, the ciphertext and the minimum coverage list; and the trusted authority sends the updated ciphertext to the fog node.
2. The blockchain-based publicly verifiable outsourced attribute-based encryption method of claim 1, wherein: the step A specifically comprises the following steps:
a1, firstly, the trusted authority receives a whole attribute set U, and selects two multiplication cycle groups with the order of prime number p and generation element g according to an implicit safety parameter lambdaAndand a bilinear mapThe trusted authority then initializes an empty user revocation list L and a full binary treeAfter initialization, the trusted authority assigns the user's identity to the full binary treeOn leaf nodes of the binary treeNumbering each node according to a breadth-first search method, wherein the numbering of the root node is 0, and d is used to represent a binary treeSo that the maximum number of users is | Num | ═ 2dThe number of nodes of the binary tree is 2| Num | -2, so the number of the last leaf node of the binary tree is 2| Num | -2;
a2, selecting two random numbers by trusted authorityWhereinIs a p-order integer ring; the trusted authority then likewise selects five random numbers
A3, for each attribute value i epsilon U, the trusted authority selects a random numberWhereinIs a positive integer ring of order p and computes an attribute public key component associated with the attribute value
A4, the trusted authority randomly selects an anti-collision hash functionThe hash function can map a message m or a random message m' to oneAn element of (a);
a5 for binary treeIn each node, the trusted authority randomly selects a random numberThen generating a master key componentAlso concurrently generating a binary tree public key component associated with the user identity
A6, selecting a probability encryption scheme (Enc, Dec) by the trusted authority, wherein Enc is an encryption function, and Dec is a decryption function;
a7, the trusted authority publishes the public key PK, and does not publish the master key MSK.
3. The blockchain-based publicly verifiable outsourced attribute-based encryption method of claim 1, wherein: the step B specifically comprises the following steps:
b1 data owner selects an access structureWhere M is an access matrix of order l n, and p is an access matrix capable of converting M into MiMapping algorithm to an attribute, where MiIs the ith row of the access matrix M; the data owner then selects two random secret indicesAnd two random column vectors upsilon (s, upsilon) are set2,...,υn) And upsilon ' ═ s ', upsilon '2,...,υ′n) WhereinFinally, for each MiData owner calculation and privacyThe significant fraction λ of the correlation of the exponents s and si=MiX v and λ'i=Mi×v′;
B2, data owner selects information m to be encrypted and randomly selected information m', and calculates and accesses structureAssociated ciphertext componentC1=m·c(g,g)αs,C′1=gs,C″1=gas,C2=m′·e(g,g)αs′,C′2=gs′And C ″)2=gαs′,
B3, when the data owner receives the latest overlay list cover (L) sent by the trusted authority, the data owner generates the ciphertext component associated with the overlay list cover (L)
B4, and finally, the generated ciphertext CT is:
b5, once the fog node receives the data owner's ciphertext, the fog node will call an intelligent contract, and after the intelligent contract is generated, the fog node broadcasts the transaction to other fog nodes for consensus verification.
4. The blockchain-based publicly verifiable outsourced attribute-based encryption method of claim 1, wherein: the step C specifically comprises the following steps:
c1, selecting a random number by credible organizationAnd generating a random number f ═ Enc using a probabilistic encryption scheme with a symmetric key of kk(lx) Wherein l isxIs a leaf node associated with the user identity;
c2, the trusted authority first generates a key component associated with the user property set S: k1=f,K3=gbAnd K4=gab,
C3, selecting a random number by the trusted authorityAnd generating a key element associated with the user identity uidAndwhere x ∈ path (uid) andgate (l), and path (uid) is the path number between the binary tree from the root node to the leaf node of the associated user uid, then the trusted authority generates the key component associated with the user identity uid:K6=gw,
c4, the trusted authority generates a key SK and sends the key SK to the data user, wherein:
SK={K1,K2,K3,K4,Ki,K5,K6,K7,K8}。
5. the blockchain-based publicly verifiable outsourced attribute-based encryption method of claim 1, wherein: the step D specifically comprises the following steps:
D2, the data consumer first computes two decryption components:
6. The blockchain-based publicly verifiable outsourced attribute-based encryption method of claim 1, wherein: the step E specifically comprises the following steps:
e1, selecting a random number z by a user, and generating a conversion key component K'1=K1,AndK′7=K7,K′8=K8;
e2, the user sends the generated transformation key TK to the cloud node, and the user saves the retrieval key RK, wherein:
TK={K′1,K′2,K′3,K′4,K′i,K′5,K′6,K′7,K′s},RK={z}。
8. the blockchain-based publicly verifiable outsourced attribute-based encryption method of claim 1, wherein: the step G specifically comprises the following steps:
g1, the user first verifies the information received, ifOr W1≠C1Or W2≠C2If the verification is successful, the operation is interrupted, otherwise, the verification is passed;
g2, if the verification is passed, the user computes two plaintext messages:
9. The blockchain-based publicly verifiable outsourced attribute-based encryption method of claim 1, wherein: the step H specifically comprises the following steps:
h1, firstly, the trusted authority firstly judges whether the format of the inputted public key SK is correct, if so, the operation is interrupted;
h2, if the format of the public key SK is correct, the trusted authority searches for lxWhether the user identity uid exists in the minimal coverage list cover (L) or not is judged, if so, the user identity uid is returned, otherwise, a false user identity uid is returned;
h3, the trusted authority updates the latest revocation list L' ═ L utou { uid }.
10. The blockchain-based publicly verifiable outsourced attribute-based encryption method of claim 1, wherein: the step I specifically comprises the following steps:
i1, selecting a random number by the trusted authorityAnd computing an updated binary tree public key component associated with the user identity
I2, the trusted authority calculates the updated ciphertext component:
and computes two ciphertext components associated with the overlay list (L) after updatingAndthen an updated ciphertext is generated:
i3, the trusted authority then sends the updated ciphertext and the revocation list L' to the fog node, which recalls the intelligent contract to store the latest ciphertext hash.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011568809.6A CN112671543B (en) | 2020-12-25 | 2020-12-25 | Public verifiable outsourcing attribute-based encryption method based on block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011568809.6A CN112671543B (en) | 2020-12-25 | 2020-12-25 | Public verifiable outsourcing attribute-based encryption method based on block chain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112671543A true CN112671543A (en) | 2021-04-16 |
CN112671543B CN112671543B (en) | 2022-06-28 |
Family
ID=75409705
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011568809.6A Active CN112671543B (en) | 2020-12-25 | 2020-12-25 | Public verifiable outsourcing attribute-based encryption method based on block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112671543B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114143343A (en) * | 2021-11-25 | 2022-03-04 | 中南财经政法大学 | Remote access control system, control method, terminal and medium in fog computing environment |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190297063A1 (en) * | 2018-03-22 | 2019-09-26 | Cisco Technology, Inc. | Iaas-aided access control for information centric networking with internet-of-things |
CN110611662A (en) * | 2019-08-30 | 2019-12-24 | 徐州工业职业技术学院 | Attribute-based encryption-based fog collaborative cloud data sharing method |
CN110611571A (en) * | 2019-09-27 | 2019-12-24 | 上海电力大学 | Revocable access control method of smart grid system based on fog |
-
2020
- 2020-12-25 CN CN202011568809.6A patent/CN112671543B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190297063A1 (en) * | 2018-03-22 | 2019-09-26 | Cisco Technology, Inc. | Iaas-aided access control for information centric networking with internet-of-things |
CN110611662A (en) * | 2019-08-30 | 2019-12-24 | 徐州工业职业技术学院 | Attribute-based encryption-based fog collaborative cloud data sharing method |
CN110611571A (en) * | 2019-09-27 | 2019-12-24 | 上海电力大学 | Revocable access control method of smart grid system based on fog |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114143343A (en) * | 2021-11-25 | 2022-03-04 | 中南财经政法大学 | Remote access control system, control method, terminal and medium in fog computing environment |
CN114143343B (en) * | 2021-11-25 | 2024-04-19 | 中南财经政法大学 | Remote access control system, control method, terminal and medium in fog computing environment |
Also Published As
Publication number | Publication date |
---|---|
CN112671543B (en) | 2022-06-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11139951B2 (en) | Blockchain system and data processing method for blockchain system | |
Xue et al. | Provable data transfer from provable data possession and deletion in cloud storage | |
WO2018045568A1 (en) | Access control method oriented to cloud storage service platform and system thereof | |
US10880100B2 (en) | Apparatus and method for certificate enrollment | |
KR20200126321A (en) | How to securely execute smart contract actions in a trusted execution environment | |
Nirmala et al. | Data confidentiality and integrity verification using user authenticator scheme in cloud | |
WO2014114080A1 (en) | Method and system for data encryption protection | |
CN114650137B (en) | Decryption outsourcing method and system based on block chain and supporting strategy hiding | |
Subha et al. | Efficient privacy preserving integrity checking model for cloud data storage security | |
Bhandari et al. | A framework for data security and storage in Cloud Computing | |
CN113434875A (en) | Lightweight access method and system based on block chain | |
CN114244838B (en) | Encryption method and system, decryption method, device and equipment for block chain data | |
Mukundan et al. | Replicated Data Integrity Verification in Cloud. | |
Zhang et al. | Efficient Hierarchical and Time‐Sensitive Data Sharing with User Revocation in Mobile Crowdsensing | |
CN112671543B (en) | Public verifiable outsourcing attribute-based encryption method based on block chain | |
CN117528516A (en) | Cross-chain identity management method and system | |
CN113824713B (en) | Key generation method, system and storage medium | |
Ruj et al. | Securing cloud data | |
CN116248289A (en) | Industrial Internet identification analysis access control method based on ciphertext attribute encryption | |
Ding et al. | Secure Multi‐Keyword Search and Access Control over Electronic Health Records in Wireless Body Area Networks | |
CN111585756B (en) | Certificate-free cloud auditing method suitable for multi-copy-multi-cloud situation | |
CN112671729A (en) | Internet of vehicles oriented anonymous key leakage resistant authentication method, system and medium | |
Wu et al. | Verified CSAC-based CP-ABE access control of cloud storage in SWIM | |
Abraham et al. | Proving possession and retrievability within a cloud environment: A comparative survey | |
CN117648706B (en) | Access control method based on block chain and attribute encryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |