云存储环境下无密钥托管可撤销属性基加密方案研究

属性基加密因其细粒度访问控制在云存储中得到广泛应用。但原始属性基加密方案存在密钥托管和属性撤销问题。为解决上述问题,该文提出一种密文策略的属性基加密方案。该方案中属性权威与中央控制通过安全两方计算技术构建无密钥托管密钥分发协议解决密钥托管问题。通过更新属性版本密钥的方式达到属性级用户撤销,同时通过中央控制可以实现系统级用户撤销。为减少用户解密过程的计算负担,将解密运算过程中复杂对运算外包给云服务商,提高解密效率。该文基于q-Parallel BDHE假设在随机预言机模型下对方案进行了选择访问结构明文攻击的安全性证明。最后从理论和实验两方面对所提方案的效率与功能性进行了分析。实验结果表明所提方案无密钥托管问题,且具有较高系统效率。     

云计算中一种紧凑型的外包访问控制方案

密文策略的属性加密是实现云平台上安全的访问控制方案的最佳选择。然而,在大多数密文策略的属性加密方案中,用户密钥长度与属性的个数之间成线性关系;用户的解密时间与访问结构的复杂度成正比关系。为了减少用户密钥的存储和解密计算开销,本文提出一种面向云计算平台的紧凑型的外包访问控制方案。方案中的访问结构可以支持“与”、“或”以及“门限”三种策略。它仅采用简单的哈希和异或运算就可以验证用户外包解密返回的数据是否正确。在随机预言机模型中,基于aMSE-DDH难题,证明了方案是选择密文攻击安全的。分析表明,本文方案能够安全的实现云计算环境下的访问控制,尤其当用户终端设备受限时实现的访问控制。      

具有隐私保护的细粒度智能家居远程数据安全更新方案

针对现存智能家居软件更新方案中存在的粗粒度访问控制、单点服务失效、用户解密效率低下等问题,该文提出一种具有隐私保护的细粒度智能家居远程数据安全更新方案。该方案通过属性基加密技术实现了细粒度访问控制,并结合区块链和星际文件系统(IPFS)技术对数据进行存储。通过对访问策略进行隐藏,构造出一种策略隐藏的密文策略基于属性加密(CP-ABE)算法,进一步保护了用户的隐私。此外,通过设计面向轻量级用户的外包解密算法,所提方案有效减轻了轻量级用户的计算负担,并结合区块链和智能合约技术实现了外包解密过程的公平支付。最后,基于判定的双线性迪菲赫尔曼 (DBDH)假设,证明了所提方案是选择明文攻击下的不可区分 (IND-CPA)安全的。仿真实验结果表明,所提方案与现有方案相比终端用户解密成本和通信开销明显降低。     

多级访问安全下电网综合运维信息加密共享

常规加密共享方法发送信息密文时，选择的传输路径时延较大，导致信息的加密与解密时间开销较大，因此提出多级访问安全下电网综合运维信息加密共享方法。筛选属性集合满足多级访问控制树的合法用户，生成用户属性密钥。以16位字节为一组，划分运维信息明文数据。利用加密公钥和属性密钥，加密电网综合运维信息，生成密文数据。选择最优传输路径，传输密文数据块并优化密文块解密流程，实现运维信息共享。实验结果表明，所提出加密共享方法缩短了信息加密时间和解密时间，提高了数据加解密效率。     

移动社交网络中基于属性加密的隐私保护方案

为了保护用户在移动社交网络中的个人信息和交友偏好等隐私,该文提出支持外包解密的基于密文策略的属性基加密(CP-ABE)方案。在该方案中,将用户的交友偏好和自我描述分别生成属性列表,通过将交友偏好转换为密文控制策略,自我描述转化为属性密钥来隐藏属性,从而实现隐私保护。该方案提出了先匹配后解密的算法机制:社交平台对用户信息进行匹配验证,当满足相应的匹配条件时,该算法将计算量较大的双线性对运算外包给交友中心,之后用户再对密文解密。通过快速排除不匹配用户,避免了无效解密。外包解密在保护信息的同时,减少了移动设备的计算负担和通信开销。安全性分析表明,该方案是安全有效的,此外性能评估显示所提方案在计算和通信开销方面是高效且实用的。     

基于雾计算的权重OBDD访问结构属性密码体制研究

基于密文策略的属性密码体制在云存储中对于实现数据的安全分享和细粒度访问控制起到了关键性的作用,但基于密文策略的属性密码体制存在效率低、访问策略不灵活以及单一属性授权中心带来的单点失效威胁问题.对此,提出基于雾计算的权重有序二叉决策图(Ordered Binary Decision Diagram,OBDD)访问结构的属性密码体制.首先,所提方案把大部分运算外包给雾节点,有效地降低了用户端的计算开销;其次,采用多属性授权中心的方式以防止单点失效威胁;最后,所提方案采用基于权重的OBDD访问结构,不仅能由权重设置阈值以表达任何的布尔函数值,还能同时支持访问结构中属性的正负值的表达.安全性分析和性能分析结果表明,所提方案在判定性双线性Diffie-Hellman(DBDH)问题下满足选择明文安全,并且比其他方案更高效,具有使用价值.     

支持云代理重加密的CP-ABE方案

针对现有的面向CP-ABE(Ciphertext-Policy Attribute-Based Encryption)的代理重加密方案因代理方可以解密代理重加密密文且可以任意修改访问策略而难以支持云代理重加密的问题，本文提出支持云代理重加密的CPABE方案即CP-ABE-CPRE(CP-ABE Scheme with Cloud Proxy Re-Encryption)方案.该方案利用版本号标识不同阶段的私钥和密文来支持属性撤销，只有在用户私钥版本号和密文版本号相匹配且用户属性满足访问策略时，用户才能解密密文.当撤销用户属性时，云服务器无需修改访问策略就可以更新被撤销属性对应的保密值.该方案还通过懒惰更新和批量更新减少密文和用户私钥更新次数，提升更新效率.理论分析和实验结果分析都表明，CP-ABE-CPRE在计算开销和存储开销上均优于相关已有方案.安全性分析表明，CP-ABE-CPRE能够对抗针对性选择明文攻击（sCPA, selective Chosen Plaintext Attack）.     

基于区块链的多授权密文策略属性基等值测试加密方案

针对云环境下密文策略属性基加密方案中存在的密文检索分类困难与依赖可信第三方等问题,本文提出了一种基于区块链的多授权密文策略属性基等值测试加密方案．利用基于属性的等值测试技术,实现了支持属性级灵活授权的云端数据检索和分类机制,降低了数据用户对重复数据解密的计算开销．结合多授权属性基加密机制和区块链技术,实现了去中心化用户密钥生成．采用多属性授权机构联合分发密钥,有效抵抗用户和属性授权机构的合谋攻击．引入区块链和智能合约技术,消除了现有密文策略属性基密文等值测试方案中等值测试、数据存储与外包解密操作对可信云服务器的依赖．利用外包服务器执行部分解密计算,降低了用户本地的计算开销．将原始数据哈希和验证参数上传至区块链,保障外包服务器解密结果正确性和云端数据完整性．在随机预言模型下,基于判定性qparallel Bilinear Diffie-Hellman Exponent困难问题证明了本文方案在选择密文攻击下的单向性．与同类方案相比较,本文方案支持更多的安全属性,并具有较低的计算开销．     

属性可撤销且密文长度恒定的属性基加密方案

密文策略属性基加密（ciphertext-policy attribute-based encryption,CP-ABE）类似于基于角色访问控制,可以为云存储系统提供灵活细粒度的访问控制.但大多数CP-ABE方案中,密文长度与访问策略复杂度成正相关,系统属性同时被多个用户共享而导致属性难以被撤销.针对上述问题,本文提出一种支持属性撤销且密文长度恒定的属性基加密方案.该方案中每个用户的属性群密钥不能通用,可以有效抵抗撤销用户与未撤销用户的合谋攻击.为减少属性授权机构和数据拥有者的计算负担,属性撤销过程所需的计算量外包给数据服务管理者;同时该方案采用支持多值属性和通配符的"AND"门策略,实现了密文长度恒定.所提方案基于决策性q-BDHE（q-bilinear Diffie-Hellman exponent）假设对方案进行了选择明文攻击的安全性证明.最后对方案进行了理论分析与实验验证,分析结果表明本文方案可以有效抵制用户合谋攻击,增加了方案的安全性.同时所提方案在功能和计算效率方面具有一定优势,适用于实际应用情况.     

可验证外包解密的离线/在线属性基加密方案

属性基加密可以为雾-云计算中的数据提供机密性保护和细粒度访问控制,但雾-云计算系统中的移动设备难以承担属性基加密的繁重计算负担。为解决该问题,该文提出一种可验证外包解密的离线/在线属性基加密方案。该方案能够实现离线/在线的密钥生成和数据加密,同时支持可验证外包解密。然后,给出方案的选择明文攻击的安全证明和可验证性的安全证明。之后,该文将转换阶段所需双线性对的计算量降为恒定常数。最后,从理论和实验两方面对所提方案进行性能分析,实验结果表明该方案是有效且实用的。     

Secure personal data sharing in cloud computing using attribute-based broadcast encryption

The ciphertext-policy (CP) attribute-based encryption (ABE) (CP-ABE) emergings as a promising technology for allowing users to conveniently access data in cloud computing. Unfortunately, it suffers from several drawbacks such as decryption overhead, user revocation and privacy preserving. The authors proposed a new efficient and privacy-preserving attribute-based broadcast encryption (BE) (ABBE) named EP-ABBE, that can reduce the decryption computation overhead by partial decryption, and protect user privacy by obfuscating access policy of ciphertext and user's attributes. Based on EP-ABBE, a secure and flexible personal data sharing scheme in cloud computing was presented, in which the data owner can enjoy the flexibly of encrypting personal data using a specified access policy together with an implicit user index set. With the proposed scheme, efficient user revocation is achieved by dropping revoked user's index from the user index set, which is with very low computation cost. Moreover, the privacy of user can well be protected in the scheme. The security and performance analysis show that the scheme is secure, efficient and privacy-preserving.     

MACPABE: Multi-Authority-based CP-ABE with efficient attribute revocation for IoT-enabled healthcare infrastructure

The Internet of Things (IoT) technology along with cloud computing has gained much attention in recent years for its potential to upgrade conventional healthcare systems. Outsourcing healthcare data to a cloud environment from IoT devices is very essential as IoT devices are lightweight. To maintain confidentiality and to achieve fine-grained access control, the ciphertext policy attribute-based encryption (CP-ABE) technique is utilized very often in an IoT-based healthcare system for encrypting patients' healthcare data. However, an attribute revocation may affect the other users with the same attribute set, as well as the entire system due to its security concerns. This paper proposes a novel CP-ABE-based fine-grained access control scheme to solve the attribute revocation problem. The proposed technique includes multiple attribute authorities to reduce the work overhead of having a single authority in the traditional CP-ABE systems. In addition, the proposed scheme outsources the decryption process to a decryption assistant entity to reduce the decryption overhead of the end-users. To prove the efficiency of the proposed scheme, both formal security analysis and performance comparisons are presented in this paper. Results and discussion prove the effectiveness of the proposed scheme over some well-known schemes.     

云计算环境中支持隐私保护的数字版权保护方案简

针对云计算环境中数字内容安全和用户隐私保护的需求,提出了一种云计算环境中支持隐私保护的数字版权保护方案。设计了云计算环境中数字内容版权全生命周期保护和用户隐私保护的框架,包括系统初始化、内容加密、许可授权和内容解密4个主要协议;采用基于属性基加密和加法同态加密算法的内容加密密钥保护和分发机制,保证内容加密密钥的安全性;允许用户匿名向云服务提供商订购内容和申请授权,保护用户的隐私,并且防止云服务提供商、授权服务器和密钥服务器等收集用户使用习惯等敏感信息。与现有的云计算环境中数字版权保护方案相比,该方案在保护内容安全和用户隐私的同时,支持灵活的访问控制,并且支持在线和超级分发应用模式,在云计算环境中具有较好的实用性。     

Access control scheme with attribute revocation for SWIM

Access control scheme is proposed for System Wide Information Management (SWIM) to address the problem of attribute revocation in practical applications. Based on the attribute based encryption (ABE), this scheme introduces the proxy re-encryption mechanism and key encrypting key (KEK) tree to realize fine-grained access control with attribute revocation. This paper defines the attributes according to the status quo of civil aviation. Compared with some other schemes proposed before, this scheme not only shortens the length of ciphertext (CT) and private key but also improves the efficiency of encryption and decryption. The scheme can resist collusion attacks and ensure the security of data in SWIM.     

云环境下基于属性加密体制算法加速方案

云计算为租户提供存储、计算和网络服务，数据安全保护和租户间的数据共享与访问控制是其必不可少的能力。基于属性的加密体制是一种一对多的加密体制，可以根据用户属性实现细粒度访问控制，适用于云计算环境多租户数据共享。但现有的基于属性加密体制的算法效率较低，难以在实际环境中应用。分析了基于属性的加密体制的两种类型及其应用场景，提出一个基于属性加密体制算法的加速方案。通过实验表明，提出的方案可提高基于属性加密体制的密钥生成算法、加密算法和解密算法的效率。     

Privacy-preserving and efficient user matching based on attribute encryption in mobile social networks

With the rapid popularity of social networking platforms, users can be matched when sharing their profiles. However, there is a risk of leakage of sensitive user information during the user matching process, which leads to the lack of user privacy protection. In this paper, we propose a privacy protection scheme based on the encryption of hidden attributes during user matching in mobile social networks, which uses linear secret sharing scheme (LSSS) as the access structure based on ciphertext policy attribute-based encryption (CP-ABE), and the match server can perform friend recommendation by completing bi-directional attribute matching determination without disclosing user attribute information. In addition, the use of selective keywords protects the privacy of requesters and publishers in selecting keywords and selecting plaintext attacks. The scheme reduces the encryption and decryption overhead for users by dividing encryption into a preparation phase and an online phase and shifting most of the decryption overhead from the requester to the match server. The experimental results show that the scheme ensures user privacy while effectively reducing communication overhead.     

Multiuser access control searchable privacy‐preserving scheme in cloud storage

Searchable encryption scheme‐based ciphertext‐policy attribute‐based encryption (CP‐ABE) is a effective scheme for providing multiuser to search over the encrypted data on cloud storage environment. However, most of the existing search schemes lack the privacy protection of the data owner and have higher computation time cost. In this paper, we propose a multiuser access control searchable privacy‐preserving scheme in cloud storage. First, the data owner only encrypts the data file and sets the access control list of multiuser and multiattribute for search data file. And the computing operation, which generates the attribute keys of the users' access control and the keyword index, is given trusted third party to perform for reducing the computation time of the data owner. Second, using CP‐ABE scheme, trusted third party embeds the users' access control attributes into their attribute keys. Only when those embedded attributes satisfy the access control list, the ciphertext can be decrypted accordingly. Finally, when the user searches data file, the keyword trap door is no longer generated by the user, and it is handed to the proxy server to finish. Also, the ciphertext is predecrypted by the proxy sever before the user performs decryption. In this way, the flaw of the client's limited computation resource can be solved. Security analysis results show that this scheme has the data privacy, the privacy of the search process, and the collusion‐resistance attack, and experimental results demonstrate that the proposed scheme can effectively reduce the computation time of the data owner and the users.     

RLWE-based ciphertext-policy attribute proxy re-encryption

To solve LWE-based proxy re-encryption schemes cannot achieve fine-grained access and low efficiency problem,a ciphertext-policy attribute-based proxy re-encryption scheme was proposed.The scheme based on linear secret sharing scheme,RLWE and attribute encryption could shorten the key size,reduce the ciphertext space and improve the efficiency of encryption and decryption.At the same time,the linear secret sharing matrix was used as an access matrix to meet the requirements of authorized person fine-grained commissioning control and to resist the collusion between the agent and the authorized person.In addition,the proposed scheme is shown to be secure under the ring learning with errors assumption in the standard model.