一种高效细粒度云存储访问控制方案

分析Hur等提出的数据外包系统中属性基访问控制方案,指出其存在前向保密性安全漏洞、更新属性群密钥效率低和系统存储量大等缺陷,并基于Hur等方案,提出一种新的高效细粒度云存储访问控制方案.新方案由完全可信机构而非云服务器生成属性群密钥,解决前向保密性问题.采用中国剩余定理实现用户属性撤销,将KEK树上覆盖属性群用户最小子树的求解转变为中国剩余定理同余方程组的求解,提高群密钥更新效率.采用密文策略的属性基加密方法加密用于加密明文的对称密钥而非明文本身,将访问控制策略变更的重加密过程转移到云端,实现属性级和用户级的权限撤销.分析表明,新方案具有更强的安全性,更高的群密钥更新效率和更小的存储量与计算量.     

支持连接关键词搜索的属性加密方案研究

基于属性的加密机制能够实现细粒度的访问控制,支持多用户数据共享。针对大部分基于属性的可搜索加密方案存在效率低下、密钥易泄露以及仅支持单关键词搜索的问题,提出了一个支持连接关键词搜索的属性加密方案。该方案采用线性秘密共享矩阵实现访问控制,将秘密共享和恢复操作在一个与参与方属性关联的矩阵中进行,通过矩阵运算减少了计算量。在陷门生成阶段,避免直接将用户密钥提交给云服务器,保证了用户密钥的安全性。基于多项式方程实现了连接关键词搜索,缩小了搜索范围,提升了用户的搜索体验,严格的安全性分析证明方案能够达到抵抗关键字攻击安全。     

支持高效撤销的属性加密方案

属性加密(Attribute-BasedEncryption,ABE)将密钥和密文与一系列属性相关联,被广泛应用于云计算的访问控制中。针对现有撤销方案效率低下的问题,提出一种更高效、细粒度的访问控制方案。方案中采用的访问结构可以表达任意涉及布尔运算符的访问策略;在加密过程中,构建一种属性用户组随机密钥分发方法,并结合ABE实现双重加密,将所有撤销操作转化成属性级别细粒度的撤销;新方案的数据始终以密文形式存在于服务器上,降低了对服务器的安全限制,可以将大部分密文重加密任务转移给云服务器执行,有效利用云服务器的计算能力,提升系统的运行效率,减少通信开销。     

基于区块链的多关键字细粒度可搜索加密方案

密文策略下基于属性的关键字搜索(CP-ABKS)技术可以对加密的数据实现细粒度控制和检索.现有CP-ABKS方案较少考虑云服务器的恶意行为和搜索过程的公平支付,且通常只支持单关键字密文检索.对此,文章提出基于区块链的多关键字细粒度可搜索加密方案.利用密文策略下基于属性的加密技术满足多用户检索,实现了细粒度访问控制和访问...     

基于组密钥服务器的加密文件系统的设计和实现

网络存储技术在方便数据共享的同时带来了新的安全隐患,加密文件系统通过密码学方法保证存储在不受用户直接控制的服务器上的文件数据的机密性和完整性.现有的针对共享加密文件系统的密钥管理方法不能同时满足安全性、灵活性和高效性的需求.该文提出了加密文件系统GKS-CFS.引入可信的组密钥服务器(GKS)集中管理文件加密密钥,GKS上可以实施灵活的访问控制策略.通过使用访问控制块和锁盒子,降低了对GKS的计算和存储需求,使之可以用硬件实现来增强安全性;通过文件数据的分块加密和密钥版本技术,降低了权限撤销的开销.作者在Lustre上实现了GKS-CFS的原型系统并进行了测试.测试结果表明,由于避免使用了公钥密码算法,和其他系统相比,GKS-CFS的普通文件操作中的密码学操作开销减少了一个数量级,顺序读写和随机文件操作的性能分别平均降低了42.0%和8.4%.     

基于跨链的医疗数据安全共享方案

医疗机构之间的医疗数据共享对于实现跨医院诊断并促进医学研究发展有着举足轻重的作用.为了解决医疗机构之间医疗数据共享困难的问题,我们提出了一种基于跨链的医疗数据安全共享方案.采用中继链、跨链网关和数据链结合的跨链架构,结合AES和CP-ABE加密算法进行细粒度的医疗数据访问控制.同时利用可搜索加密技术实现医疗数据的安全搜索.为缓解区块链的计算存储开销,将IPFS和区块链相结合,链下存储密文,链上存储密文地址和密钥.通过安全性分析和实验证明,该方案在医疗数据安全共享方面具有可行性.     

一种适用于云雾结合环境的数据细粒度加密及共享方案（英文）

随着物联网、5G以及6G移动通信网络的快速发展,相应的加密算法需要同时适应云计算和雾计算环境,还需要具备包括属性撤销机制在内的细粒度加密功能,并且具备抵抗共谋攻击的能力.然而,目前这些理论及技术问题的研究还有待进一步发展和完善.本文提出一种适用于云雾集合环境的数据细粒度加密及共享方案(NDSS-FC),面向云雾计算综合环境,借鉴密文策略属性基加密(CP-ABE)算法结构,可以实现细粒度的加密访问控制,可以实现安全的属性撤销,可以动态地管理用户,可以实现外包解密以及抵抗共谋攻击.首先,通过设计雾节点构造新型CP-ABE结构,以保证云雾结合环境下安全的数据共享,并且通过雾节点为计算资源受限的用户执行外包解密服务.其次,通过结合新型CP-ABE结构与单向函数树(OFT)技巧,以分享、更新群密钥的方式保证安全的属性撤销.再次,通过多项式分发版本密钥,以计算、更新版本密钥的方式保证动态用户管理.再次,通过在用户密钥中嵌入随机因子,以抵抗共谋攻击.最后,性能分析和形式化证明显示NDSS-FC方案安全高效.     

云环境中层次化的轻量级访问控制方案

属性基加密能够实现密文数据的细粒度访问控制,有效地解决云环境中的数据共享问题。针对计算能力受限设备难以高效地完成属性基加密过程中大量计算的问题,提出一种云环境中层次化的轻量级访问控制方案。该方案通过引入虚拟属性和双密钥将大部分耗时的加解密计算安全地转移至云服务器,并对访问结构进行优化。数据分享者对访问结构具有层次关系的多份数据只需加密一次,同时数据请求者可以根据其属性解密部分或全部密文。安全性分析和性能评估表明该方案能够实现云环境中高效和细粒度的密文数据访问控制,使得用户端计算开销显著降低,且在整个执行过程中不会造成数据泄露。     

加密电子病历数据共享方案

为了实现电子病历数据的细粒度访问控制以及安全存储与共享,提出了一种基于属性的云链协同存储的电子病历共享方案。该方案用对称加密算法加密电子病历,用基于密文策略的属性基加密算法加密对称密钥,用可搜索加密算法加密关键字。电子病历密文存储在医疗云上,安全索引存储在联盟链上。该方案使用可搜索加密技术实现关键字的安全搜索,使用代理重加密技术实现用户属性的撤销。经安全性证明,该方案能够实现密文的安全性和关键字的安全性。数值模拟实验结果表明,该方案是有效的。     

支持策略隐藏的加密云存储访问控制机制

使用密码技术对云存储数据实施机密性保护和访问控制,是当前云计算安全研究的重要内容.选择加密(Selective Encryption)技术根据访问控制策略产生密钥推导图来分发密钥,在保证云存储数据机密性和细粒度访问控制的前提下,具有简化文件存储加密、系统密钥量少的优势.然而,已有选择加密方案需要完全或部分地公开访问控制策略,以用于密钥推导;该信息反映了用户/文件之间的授权访问关系,泄露用户隐私.基于现有的研究工作,本文提出了一个新的访问控制策略隐藏机制,在支持加密云存储数据的细粒度访问控制和高效密钥分发的前提下,能更好地隐藏访问控制策略信息;而且在密钥获取计算速度上有明显优势.     

A secure and efficient Ciphertext-Policy Attribute-Based Proxy Re-Encryption for cloud data sharing

Proxy Re-Encryption (PRE) is a useful cryptographic primitive that allows a data owner to delegate the access rights of the encrypted data stored on a cloud storage system to others without leaking the information of the data to the honest-but-curious cloud server. It provides effectiveness for data sharing as the data owner even using limited resource devices (e.g. mobile devices) can offload most of the computational operations to the cloud. Since its introduction many variants of PRE have been proposed. A Ciphertext-Policy Attribute-Based Proxy Re-Encryption (CP-ABPRE), which is regarded as a general notion for PRE, employs the PRE technology in the attribute-based encryption cryptographic setting such that the proxy is allowed to convert an encryption under an access policy to another encryption under a new access policy. CP-ABPRE is applicable to many network applications, such as network data sharing. The existing CP-ABPRE systems, however, leave how to achieve adaptive CCA security as an interesting open problem. This paper, for the first time, proposes a new CP-ABPRE to tackle the problem by integrating the dual system encryption technology with selective proof technique. Although the new scheme supporting any monotonic access structures is built in the composite order bilinear group, it is proven adaptively CCA secure in the standard model without jeopardizing the expressiveness of access policy. We further make an improvement for the scheme to achieve more efficiency in the re-encryption key generation and re-encryption phases.     

Chosen-ciphertext secure bidirectional proxy re-encryption schemes without pairings

Proxy re-encryption (PRE) is a useful primitive that allows a semi-trusted proxy to transform a ciphertext encrypted under one key into an encryption of the same plaintext under another key. A PRE scheme is bidirectional if the proxy is able to transform ciphertexts in both directions. In ACM CCS’07, Canetti and Hohenberger presented a bidirectional PRE scheme with chosen-ciphertext security, which captures the indistinguishability of ciphertexts even if the adversary has access to the standard decryption oracle as well as a re-encryption oracle and a re-encryption key oracle. They also left an important open problem to come up with a chosen-ciphertext secure PRE scheme without pairings. To resolve this problem, we propose a bidirectional PRE scheme without pairings, and prove its chosen-ciphertext security under the computational Diffie-Hellman assumption in the random oracle model. Based on this scheme, we further present a non-transitive bidirectional PRE scheme, in which the proxy alone cannot re-delegate the decryption rights.     

Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers

With rapid development of cloud computing, more and more enterprises will outsource their sensitive data for sharing in a cloud. To keep the shared data confidential against untrusted cloud service providers (CSPs), a natural way is to store only the encrypted data in a cloud. The key problems of this approach include establishing access control for the encrypted data, and revoking the access rights from users when they are no longer authorized to access the encrypted data. This paper aims to solve both problems. First, we propose a hierarchical attribute-based encryption scheme (HABE) by combining a hierarchical identity-based encryption (HIBE) system and a ciphertext-policy attribute-based encryption (CP-ABE) system, so as to provide not only fine-grained access control, but also full delegation and high performance. Then, we propose a scalable revocation scheme by applying proxy re-encryption (PRE) and lazy re-encryption (LRE) to the HABE scheme, so as to efficiently revoke access rights from users.     

Sharing your privileges securely: a key-insulated attribute based proxy re-encryption scheme for IoT

Attribute based proxy re-encryption (ABPRE) combines the merits of proxy re-encryption and attribute based encryption, which allows a delegator to re-encrypt the ciphertext according to the delegatees’ attributes. The theoretical foundations of ABPRE has been well studied, yet to date there are still issues in schemes of ABPRE, among which time-bounded security and key exposure protection for the re-encryption keys are the most concerning ones. Within the current ABPRE framework, the re-encryption keys are generated independently of the system time segments and the forward security protection is not guaranteed when the users’ access privileges are altered. In this paper, we present a key-insulated ABPRE scheme for IoT scenario. We realize secure and fine-grained data sharing by utilizing attribute based encryption over the encrypted data, as well as adopting key-insulation mechanism to provide forward security for re-encryption keys and private keys of users. In particular, the lifetime of the system is divided into several time slices, and when system enters into a new slice, the user’s private keys need are required to be refreshed. Therefore, the users’ access privileges in our system are time-bounded, and both re-encryption keys and private keys can be protected, which will enhance the security level during data re-encryption, especially in situations when key exposure or privilege alternation happens. Our scheme is proved to be secure under MDBDH hardness assumptions as well as against collusion attack. In addition, the public parameters do not have to be changed during the evolution of users’ private keys, which will require less computation resources brought by parameter synchronization in IoT.     

可实现隐私保护的基于属性密文可搜索方案

针对现有的基于属性的密文可搜索方案存在隐私泄露问题以及当授权用户不在线时如何安全有效地将密文以及搜索权限委托给其他人的问题进行了研究,将隐藏访问结构的基于属性密文可搜索方案与代理重加密技术融合,提出了具有部分隐藏访问结构的支持代理重加密的功能的基于属性的密文检索方案。该方案不仅有效地解决了上述问题,而且还支持关键字的更新。最后在随机预言模型下基于DL(D-linear)假设和q-BDHE (decisional q-parallel bilinear Diffie-Hellman exponent)假设,证明了本方案的安全性。     

DECENT: Secure and fine-grained data access control with policy updating for constrained IoT devices

The Internet of Things (IoT) is a novel paradigm where many of the objects that surround us can be connected to the internet. Since IoT is always related to user’s personal information, it raises lot of data security and privacy issues. In this paper, we present a secure and fine-grained data access control scheme for constrained IoT devices and cloud computing based on hierarchical attribute-based encryption, which reduces the key management by introducing hierarchical attribute authorities. In order to relieve local computation burden, we propose an outsourced encryption and decryption construction by delegating most of laborious operations to gateway and cloud server. Further, our scheme achieves efficient policy updating, which allows the sender device to update access policies without retrieving and re-encrypting the data. The security and performance analysis results show that our scheme is secure and efficient.     

云环境下的基于属性和重加密的密钥管理

在云计算环境中如何安全地存储数据是云计算面临的挑战之一。加密是解决云计算中数据存储安全问题最主要的方法,而加密的一个保密性问题是密钥管理。提出了云环境下的基于属性和重加密的密钥管理方案。云服务提供商对不同用户进行重加密时,可以一次为一组用户重加密,从而减少了重加密的个数。数据拥有者可以对组用户生成和发送重加密密钥,而数据请求者可以使用属性集对应的一个密钥解密多个数据拥有者的数据,从而能减少两者的密钥发送量,降低密钥管理的难度,提高方案的效率。最后,对方案的安全性和性能进行了分析     

New Constructions for Identity-Based Unidirectional Proxy Re-Encryption

We address the cryptographic topic of proxy re-encryption (PRE), which is a special public-key cryptosystem. A PRE scheme allows a special entity, known as the proxy, to transform a message encrypted with the public key of a delegator (say Alice), into a new ciphertext that is protected under the public key of a delegatee (say Bob), and thus the same message can then be recovered with Bob’s private key. In this paper, in the identity-based setting, we first investigate the relationship between so called mediated encryption and unidirectional PRE. We provide a general framework which converts any secure identity-based unidirectional PRE scheme into a secure identity-based mediated encryption scheme, and vice versa. Concerning the security for unidirectional PRE schemes, Ateniese et al. previously suggested an important property known as the master secret security, which requires that the coalition of the proxy and Bob cannot expose Alice’s private key. In this paper, we extend the notion to the identity-based setting, and present an identity-based unidirectional PRE scheme, which not only is provably secure against the chosen ciphertext attack in the standard model but also achieves the master secret security at the same time.     

Efficient bidirectional proxy re-encryption with direct chosen-ciphertext security

Proxy re-encryption (PRE) allows a semi-trusted proxy to convert a ciphertext originally intended for a user into another ciphertext of the same message intended for another user, and the proxy, however, cannot learn anything about the message encrypted. In previous papers, in order to achieve the CCA2-security, a common method for constructing PRE schemes was to apply the paradigm of using strongly-unforgeable one-time signature which transforms a selective-identity, CPA-secure identity-based encryption (IBE) scheme into a CCA-secure cryptosystem. In this paper, we propose a direct design of the bidirectional CCA-secure PRE scheme, which makes a direct use of the underlying IBE structure and does not need any auxiliary signature mechanism. Our construction is efficient and suitable for further designing multi-user PRE schemes. Its security is proved on the base of the decisional bilinear Diffie-Hellman assumption in the standard model.