一种基于中国剩余定理的密钥分配方案

讨论了针对如何在数据库加密系统中进行密钥分配，并给出了一种易于实现的密钥分配方案。该方案不要求用户拥有其能访问的所有数据类的密钥，只要求用户掌握由中国剩余定理计算出的用户类密钥。当用户访问系统时，系统可以根据用户类密钥很快计算出其能访问的所有数据类的密钥。在该密钥分配方案中，数据类的增加或删除、用户类的增加或删除和用户权限的变更都变得很容易实现。     

基于代理的即时属性撤销KP-ABE方案

属性撤销是属性基加密方案在实际应用中亟须解决的问题,已有支持间接撤销模式的可撤销属性基加密方案存在撤销延时或需要更新密钥及密文等问题。为此,提出一种间接模式下基于代理的支持属性即时撤销的密钥策略属性基加密方案,该方案不需要用户更新密钥及重加密密文,通过在解密过程中引入代理实现撤销管理,减轻了授权机构的工作量,其要求代理为半可信,不支持为撤销用户提供访问权限及解密密文。分析结果表明,该方案支持细粒度访问控制策略,并且可以实现系统属性的撤销、用户的撤销及用户的部分属性撤销。     

外包数据库的安全访问控制机制

通过对外包数据库双层加密方案的分析,指出存在授权用户可以将资源访问授权给其他非授权用户的安全缺陷,为此,提出一个改进的安全外包数据访问控制方案。该方案利用二元一次函数诱导产生加密密钥。为适应访问控制策略动态变化,防止非授权用户访问资源,通过双重加密实现授权访问动态变化。分析结果表明,改进方案能够克服外包数据库双层加密方案的安全缺陷,可实现策略动态更新,是一个安全高效的访问控制方案。     

基于动态重加密的云存储权限撤销优化机制——DR-PRO

针对云存储服务中用户访问权限撤销计算与带宽代价过大、复杂度过高等问题,提出一种基于动态重加密的云存储权限撤销优化机制(DR-PRO)。首先,以密文策略的属性加密体制(CP-ABE)的密文访问控制方案作为理论背景,利用(k,n)门限方案,将数据信息划分成若干块,动态地选取某一数据信息块实现重加密;然后,依次通过数据划分、重构、传输、提取以及权限撤销等子算法完成用户访问权限撤销实现过程。理论分析与测试仿真表明,在保证云存储服务用户数据高安全性的前提下:与懒惰重加密机制相比,DR-PRO的用户访问权限撤销的计算与带宽代价在数据文件变化情况下的平均下降幅度是5%;与完全重加密机制相比,DR-PRO的用户访问权限撤销的计算与带宽代价在共享数据块变化情况下的平均下降幅度是20%。实验结果表明,DR-PRO在云存储服务中能够有效提高用户访问权限撤销的性能与效率。     

云计算环境下基于属性的撤销方案

针对云环境下密文策略属性基加密共享数据的访问权限撤销问题,提出了基于属性的撤销方案。方案中可信第三方从带有全局标识的用户属性集中查找满足密文访问结构的属性集,为该交集中的每个属性生成带有相同全局标识的密钥组件,通过组合密钥组件生成用户私钥。当发生撤销时,更新撤销用户属性的密钥组件并分发给拥有该属性的其他用户,同时生成对应的重加密密钥来对密文重加密。安全性分析和实验表明,本方案是选择明文攻击安全的,能有效实现属性的即时撤销,解决多授权结构密钥分发的同步问题。采用hash函数可使密文长度达到常数级,进一步减少资源开销,满足实际云环境中属性安全撤销的应用需求。     

基于时间因子的可撤销可追踪属性基加密方案

现有的属性基加密方案访问策略中较少涉及时间因子，用户为自己的数据设置访问策略时，无法对访问数据的用户拥有属性的时间进行限定，针对恶意泄露密钥的用户进行追踪并撤销也是属性基加密中的挑战性问题，现有的可撤销方案存在计算量太大、效率过低等缺陷。针对这些问题，提出一种基于时间因子的可撤销可追踪属性基加密方案，在用户密钥中分别标记用户获取属性的时间，访问策略中对用户获取属性最早/最迟时间进行限定，解密时对用户属性时间进行验证，丰富了系统的访问策略并实现了方案的后向安全，通过时间验证服务器对用户解密阶段进行管理，用户属性撤销时仅需要更新用户时间标记因子，用户撤销时仅需要删除时间因子，实现方案高效撤销和前向安全。最后，在DBDH假设下，所提方案是IND-CPA安全的。性能分析和实验结果表明，所提方案有较丰富的功能和较高的性能。     

基于云雾计算的可追踪可撤销密文策略属性基加密方案

针对资源受限的边缘设备在属性基加密中存在的解密工作开销较大,以及缺乏有效的用户追踪与撤销的问题,提出了一种支持云雾计算的可追踪可撤销的密文策略属性基加密（CP-ABE）方案。首先,通过对雾节点的引入,使得密文存储、外包解密等工作能够放在距离用户更近的雾节点进行,这样既有效地保护了用户的隐私数据,又减少了用户的计算开销;其次,针对属性基加密系统中用户权限变更、用户有意或无意地泄露自己密钥等行为,加入了用户的追踪和撤销功能;最后,通过算法追踪到做出上述行为的恶意用户身份后,将该用户加入撤销列表,从而取消该用户访问权限。性能分析表明,所提方案用户端的解密开销降低至一次乘法运算和一次指数运算,能够为用户节省大量带宽与解密时间,且该方案支持恶意用户的追踪与撤销。因此所提方案适用于云雾环境下计算资源受限设备的数据共享。     

支持属性撤销的可验证外包的多授权属性加密方案

针对云存储中基于多授权属性加密（MA-ABE）访问控制方案存在数据使用者解密开销大,同时缺乏有效属性撤销的问题,提出了一种支持属性撤销的可验证外包的多授权属性加密方案。首先,利用可验证外包技术,降低数据使用者的解密开销,同时验证数据的完整性。然后,利用双线性映射保护访问策略,防止数据拥有者身份泄露。最后,利用每个属性的版本密钥实现立即的属性撤销。安全性分析表明所提方案在标准模型中判定性的q双线性Diffie-Hellman指数假设下是安全的,同时满足了前向安全性和抗合谋攻击。性能分析表明所提方案在功能性和计算开销两方面都具有较好的优势,因此所提方案更适用于云存储下多授权属性加密环境。     

外包环境下格上可撤销的属性基加密方案

属性基加密机制的"一对多"分发特点使其在外包环境中得到了广泛的应用,然而用户的属性经常会发生动态的变化。因此,针对数据外包环境下属性基加密体制中属性撤销的问题,结合Yan等人提出的属性基加密方案,提出一种外包环境下格上可撤销的密文策略属性基加密方案。方案利用格上LWE问题构建加解密算法,可抵抗量子攻击。采用树形表示单调的访问结构,实现灵活的细粒度访问策略。另外,借助数据外包管理服务器,进行属性密钥的更新和密文的更新,实现属性的即时撤销。方案被证明满足选择属性及选择明文攻击下安全。通过对比分析表明,方案在性能方面有显著的提升,且支持属性即时撤销,更加符合外包环境中用户动态变化需求,如社交网络平台等。     

一种大属性域版本控制的云安全用户属性动态撤销策略

密文策略属性基加密(ciphertext-policy attribute-based encryption, CP-ABE)作为一种一对多的数据加密技术,因能实现密文数据安全和细粒度的权限访问控制而引起学术界的广泛关注。尽管目前在该领域已取得了一些研究成果,然而,大多数CP-ABE方案均基于小属性域,系统属性同时被多个用户共享而难以实现动态的属性撤销,现有的属性撤销机制在功能复杂性、计算高效性、以及抗合谋攻击安全性方面存在的问题都成为它在实际应用中的障碍。针对上述问题,提出一种大属性域版本控制的云安全用户属性动态撤销策略。该方案在密文策略属性加密中构造属性及用户版本密钥,通过更新属性版本密钥实现用户属性撤销,更新用户版本密钥实现用户撤销。由此避免了基于重加密实现撤销带来的计算和通信开销。该方案基于q-DBPBDHE假设,在随机预言模型下证明是静态性安全的。最后,对方案进行了性能分析与实验验证,实验结果表明:在保证密文前后向安全性的前提下,该方案可以实现动态的用户属性撤销和用户撤销且可以抵制多重合谋攻击,较同类方案本文方案具有较优的功能特性和计算效率。此外,所提方案基于大属性域,在实际...     

Revocable attribute-based encryption from standard lattices

Attribute-based encryption (ABE) is an attractive extension of public key encryption, which provides fine-grained and role-based access to encrypted data. In its key-policy flavor, the secret key is associated with an access policy and the ciphertext is marked with a set of attributes. In many practical applications, and in order to address scenarios where users become malicious or their secret keys are compromised, it is necessary to design an efficient revocation mechanism for ABE. However, prior works on revocable key-policy ABE schemes are based on classical number-theoretic assumptions, which are vulnerable to quantum attacks. In this work, we propose the first revocable key-policy ABE scheme that offers an efficient revocation mechanism while maintaining fine-grained access control to encrypted data. Our scheme is based on the learning with errors (LWE) problem, which is widely believed to be quantum-resistant. Our scheme supports polynomial-depth policy function and has short secret keys, where the size of the keys depends only on the depth of the supported policy function. Furthermore, we prove that our scheme satisfies selective revocation list security in the standard model under the LWE assumption.     

Access control scheme with tracing for outsourced databases

To manage dynamic access control and deter pirate attacks on outsourced databases, a dynamic access control scheme with tracing is proposed. In our scheme, we introduce the traitor tracing idea into outsource databases, and employ a polynomial function and filter function as the basic means of constructing encryption and decryption procedures to reduce computation, communication, and storage overheads. Compared to previous access control schemes for outsourced databases, our scheme can not only protect sensitive data from leaking and perform scalable encryption at the server side without shipping the outsourced data back to the data owner when group membership is changed, but also provide trace-and-revoke features. When malicious users clone and sell their decryption keys for profit, our scheme can trace the decryption keys to the malicious users and revoke them. Furthermore, our scheme avoids massive message exchanges for establishing the decryption key between the data owner and the user. Compared to previously proposed publickey traitor tracing schemes, our scheme can simultaneously achieve full collusion resistance, full recoverability, full revocation, and black-box traceability. The proof of security and analysis of performance show that our scheme is secure and efficient.     

车联网中支持直接撤销的外包属性签名方案

数字签名在应对车联网中数据窜改威胁时扮演着重要作用,然而现有的签名方案面临着灵活性、效率、隐私保护、用户密钥管理等诸多问题,难以在车联网中释放潜力。针对这些问题,提出了一个面向车联网的直接可撤销外包属性签名方案。该方案使用了基于线性秘密分享的签名策略机制,赋予车联网用户在签名生成和验证方面的灵活性和隐私保护。此外,设计了一种高效的用户密钥直接撤销机制,以提供对用户的实时撤权。所提方案还构造了一种外包验证方法,从而显著降低了验证者的计算和存储开销。安全性分析结果表明,所提方案在选择消息攻击下具有不可伪造性,并且能够抵抗合谋攻击。实验结果表明了该方案相较于其他方案的优势及其在车联网中的实用性。     

基于仲裁的SM9标识加密算法

SM9-IBE是我国于2016年发布的标识加密算法行业标准.标识加密算法以用户的标识(如邮件地址、身份证号等)作为公钥,从而降低系统管理用户密钥的复杂性.然而,标识加密算法的密钥撤销和更新问题却变得更加困难.此外,SM9算法的结构特殊使得已有技术无法完全适用于该算法.为此,本文提出一种基于仲裁的SM9标识加密算法,可快...     

可追踪并撤销叛徒的属性基加密方案

属性基加密(ABE)是一种有效地对加密数据实现细粒度访问控制的密码学体制.在ABE系统中,存在恶意用户(或叛徒)泄露私钥生成盗版解码器,并将其分发给非法用户的问题.现有的解决方案仅能追查到密钥泄漏者的身份,但不能将其从ABE系统中撤销.文中提出了一种既可追踪又可撤销叛徒的属性基加密方案(ABTR).首先,给出一个具有扩展通配符的属性基加密方案(GWABE),基于3个3素数子群判定假设,采用双系统加密方法证明该GWABE方案是完全安全的.然后,利用完全子树构架将GWABE转化成ABTR方案,并证明该ABTR方案是完全安全的,且用户私钥长度是固定的.而此前的可追踪叛徒的ABE方案仅满足选择安全性.     

SAPDS: self-healing attribute-based privacy aware data sharing in cloud

This paper addresses the issue of data governance in a cloud-based storage system. To achieve fine-grained access control over the outsourced data, we propose Self-Healing Attribute-based Privacy Aware Data Sharing in Cloud (SAPDS). The proposed system delegates the key distribution and management process to a cloud server without seeping out any confidential information. It facilitates data owner to restrain access of the user with whom data has been shared. User revocation is achieved by merely changing one attribute associated with the decryption policy, instead of modifying the entire access control policy. It enables authorized users to update their decryption keys followed by each user revocation, making it self-healing, without ever interacting with the data owner. Computation analysis of the proposed system shows that data owner can revoke n′ users with the complexity of O(n′). Besides this, legitimate users can update their decryption keys with the complexity of O(1).     

Comment on “Privacy-preserving public auditing for non-manager group shared data”

Using cloud storage, users can remotely store their data without the burden on complicated local storage management and maintenance. However, users will no longer physically possess the storage of their data after they upload the data to the cloud. It is very natural for users to suspect whether their data stored in the cloud is intact. To help users efficiently check the integrity of the outsourced data, many public auditing schemes have been proposed. Recently, Huang et al. have proposed a privacy-preserving public auditing scheme for non-manager group shared data. In this paper, we find a security flaw in their auditing scheme. Even if the cloud has deleted or polluted the whole outsourced data, it still can pass the verification of the verifier. And then, we overcome this shortcoming by improving their scheme, which prevents the cloud forging a valid proof to pass the integrity auditing. Last, we perform the concrete implementation of our improved scheme and Huang et al. ’s scheme.

     

Provably Secure Role-Based Encryption with Revocation Mechanism

Role-Based Encryption (RBE) realizes access control mechanisms over encrypted data according to the widely adopted hierarchical RBAC model.In this paper,we present a practical RBE scheme with revocation mechanism based on partial-order key hierarchy with respect to the public key infrastructure,in which each user is assigned with a unique private-key to support user identification,and each role corresponds to a public group-key that is used to encrypt data.Based on this key hierarchy structure,our RBE scheme allows a sender to directly specify a role for encrypting data,which can be decrypted by all senior roles,as well as to revoke any subgroup of users and roles.We give a full proof of security of our scheme against hierarchical collusion attacks.In contrast to the existing solutions for encrypted file systems,our scheme not only supports dynamic joining and revoking users,but also has shorter ciphertexts and constant-size decryption keys.     

可追踪且可撤销的基于OBDD访问结构的CP-ABE方案

针对现有属性撤销方案中存在对恶意用户的不可追踪性、用户属性不能即时撤销的问题,提出了一种可追踪且可撤销的,基于有序二叉决策图(OBDD)访问结构的,高效、有表达力、可撤销的密文策略属性基加密(CP-ABE)方案。该方案实现了用户属性的即时撤销,也能对恶意用户进行追踪。同时,所提方案采用基于OBDD的访问结构,该类型的访问结构不仅能表示任何关于属性的布尔表达式,还能同时支持访问策略中属性的正负值。该方案将部分加/解密运算外包给代理服务器,从而降低用户的加/解密计算量。该方案基于DBDH假设,在标准模型下被证明是安全的。     

An efficient key management scheme for user access control in outsourced databases

Recently, researches on key management scheme for user access control in outsourced databases have been actively done. Because outsourced databases require dealing with a lot of users and data resources, an efficient key management scheme for reducing the number of authentication keys is required. However, the existing schemes have a critical problem that the cost of key management is rapidly increasing as the number of keys becomes larger. To solve the problem, we propose an efficient key management scheme for user access control in outsourced databases. For this, we propose an Resource Set Tree(RST)-based key generation algorithm to reduce key generation cost by merging duplicated data resources. In addition, we propose a hierarchical Chinese Remainder Theorem(CRT)-based key assignment algorithm which can verify a user permission to gain accesses to outsourced databases. Our algorithm can reduce key update cost because the redistribution of authentication keys is not required. We also provide the analytic cost models of our algorithms and verify the correctness of the theoretical analysis by comparing them with experiment results. Finally, we show from the performance analysis that the proposed scheme outperforms the existing schemes in terms of both key generation cost and update cost.