共查询到18条相似文献,搜索用时 65 毫秒
1.
2.
3.
在要求高效的密钥管理和中等的安全性的情况下,基于身份公钥密码已成为代替基于证书的公钥密码的一个很好的选择.本文在基于身份系统中,引入少数几个采用公钥证书实体充当裁决者,从而提出混合可验证加密签名的概念,并在Cheon基于身份签名体制的基础上,构造了一个有效的混合可验证加密签名体制;随后,本文讨论了混合可验证加密签名体制的安全模型,并在随机谕示模型下,基于双线性映射的计算性Diffie-Hellman问题难解性假设,证明本文体制是可证安全的.本文体制可用于构造基于身份的优化公平签名交换协议,这在电子商务等领域有着广泛的应用. 相似文献
4.
5.
基于属性加密算法解决了外包环境下数据的安全存储和细粒度访问控制问题,但广泛使用的移动设备难以满足该算法在加密时的性能要求.针对该问题,提出一种支持加密外包的基于属性加密方案.该方案将共享访问策略按照访问树的特点构造为一般矩阵的等价矩阵,将其构造及加密外包给云加密服务器,使得客户端仅需要3次指数运算即可完成一次加密.实验... 相似文献
6.
在加密邮件系统中,公钥可搜索加密技术可以有效地解决在不解密的情况下搜索加密邮件的问题。针对公钥可搜索加密复杂的密钥管理问题,该文在加密邮件系统中引入了基于身份的密码体制。针对可搜索加密的离线关键字猜测攻击问题,该文采用了在加密关键字和生成陷门的同时进行认证,并且指定服务器去搜索加密电子邮件的方法。同时,在随机预言机模型下,基于判定性双线性Diffie-Hellman假设,证明方案满足陷门和密文不可区分性安全。数值实验结果表明,在陷门生成和关键字密文检测阶段,该方案与现有方案相比在计算效率上较高。
相似文献7.
已有的支持在线/离线加密和外包解密的基于属性加密的方案可实现细粒度访问控制和数据保密性,但无法实现同一属性之间的层次关系的表达和数据防篡改,并且终端需要在离线加密之前确定用户的访问结构,每次加密都需重新生成中间密文.针对上述问题,本文提出了一种支持离线/在线加密及可验证外包解密的CP-WABE(Ciphertext-Policy Weighted Attribute-Based Encryption)方案.该方案通过权重集合来实现同一属性层次关系的灵活表达,可实现一次离线加密就产生不同访问结构的数据的中间密文,在线仅需要少量开销就可完成加密,同时对外包解密的正确性进行了验证.最后对方案进行了安全性和性能分析,实验仿真也表明了本文对比相关方案更具优势. 相似文献
8.
针对现有的应用于基于属性加密方案的安全模指数外包算法存在会降低安全性、验证概率低、外包计算结果可能出错等问题,利用改进的安全模指数外包算法,提出一种支持可验证加解密外包的CP-ABE(Ciphertext-Policy Attribute-Based Encryption)方案.将属性相关密钥子项外包,将共享密文子项的一半计算任务外包,并对所有的外包结果进行验证.理论分析和实验结果都表明,和现有相关方案相比,无论在密钥生成时,还是在加密时,所提出方案的授权机构和用户客户端的计算量都有明显减少.安全性分析表明,所提出的方案达到CPA(Chosen Plaintext Attack)安全. 相似文献
9.
10.
随着云计算的发展,云计算模式变得越来越受到推崇:数据拥有者外包他们的数据给公共云服务提供者并使得特定用户能够恢复出存储在云端的这些数据。然后,这种计算模式也给云端数据的安全和隐私带来了挑战。基于属性的加密(ABE)技术能够被用来设计细粒度的访问控制系统,它提供了解决云端数据安全和隐私的方法。具有细粒度访问控制系统的外包属性基加密方案(OABE)能够通过外包繁重的计算给云服务提供者(CSP),极大地减少访问云端加密数据的用户的计算代价。然而,随着存储在云端的数据量变得越来越大,高效地查询过程遇到了阻碍。提出一个新的密码学概念,称之为具有外包密钥生成以及外包解密的能实现关键字搜索功能的属性基加密方案(KSF-OABE)。 相似文献
11.
Due to the problem of high cost and limited scalability of dedicated hardware middleboxes,it is popular for enterprises to outsource middleboxes as software processes to the cloud service provider.In the current network function outsourcing schemes,the cloud service provider requires the enterprise’s communication traffic and network strategy which poses a serious threat to the enterprise’s piracy.Based on prefix-preserving encryption,a privacy preserving network function outsourcing system was proposed.Compared with other similar schemes,the system not only realizes the privacy protection of communication traffic,but also has higher throughput and lower delay. 相似文献
12.
In order to support fine-grained attribute revocation in data outsourcing systems,an attribute-based encryption scheme with efficient revocation in indirect revocation model was proposed.The model of ABE supporting attribute revocation was given,and a concrete scheme was constructed which proved its security under the standard model.Compared to the existing related schemes,the size of ciphertext and private/secret key is reduced,and the new scheme achieves fine-grained and immediate attribute revocation which is more suitable for the practical applications. 相似文献
13.
14.
Cloud computing provides a convenient way of content trading and sharing. In this paper, we propose a secure and privacy-preserving digital rights management (DRM) scheme using homomorphic encryption in cloud computing. We present an efficient digital rights management framework in cloud computing, which allows content provider to outsource encrypted contents to centralized content server and allows user to consume contents with the license issued by license server. Further, we provide a secure content key distribution scheme based on additive homomorphic probabilistic public key encryption and proxy re-encryption. The provided scheme prevents malicious employees of license server from issuing the license to unauthorized user. In addition, we achieve privacy preserving by allowing users to stay anonymous towards the key server and service provider. The analysis and comparison results indicate that the proposed scheme has high efficiency and security. 相似文献
15.
16.
17.
M. Vijayakumar 《International Journal of Communication Systems》2023,36(1):e5361
Wireless communication has been adapted for a variety of difficulties as a result of recent developments in sensor networks. The sensors are meant to communicate with network nodes located at a distance and to adapt to various conditions. In addition, Internet of Things (IoT) devices are becoming a part of WSN and are being tailored to various healthcare systems. Nonetheless, the presence of massive nodes and rogue nodes makes transmitting data packets difficult. The procedure, however, confronts a number of obstacles, including data security, continuous monitoring, and routing issues. A variety of ideas are explored to help with the situation, but they all have flaws. A network statistics-based routing and path orient data encryption system has been developed to address this problem (NSR-PDE). The strategy focuses on keeping track on patients and providing strong, decisive support systems. The model is created to access data stored on cloud servers and allows for the monitoring of multiple patients in different locations. The model begins by monitoring the whole bodily states of patients in real time using dedicated equipment. Such monitored characteristics are provided over a variety of channels, with route selection based on the patient's class and the type of information being transmitted. The approach calculates the network constraint secure route measure (NCSRM), which is calculated using route information, node behavior, and physical attributes. Similarly, data transmission is protected by path orient data encryption (PDE), which ensures data security according on the route's type and conditions. 相似文献