基于云雾计算的可追踪可撤销密文策略属性基加密方案

针对资源受限的边缘设备在属性基加密中存在的解密工作开销较大,以及缺乏有效的用户追踪与撤销的问题,提出了一种支持云雾计算的可追踪可撤销的密文策略属性基加密(CP-ABE)方案.首先,通过对雾节点的引入,使得密文存储、外包解密等工作能够放在距离用户更近的雾节点进行,这样既有效地保护了用户的隐私数据,又减少了用户的计算开销;...

Traceable and revocable ciphertext-policy attribute-based encryption scheme based on cloud-fog computing

Focusing on the large decryption overhead of the resource limited edge devices and the lack of effective user tracking and revocation in attribute-based encryption, a traceable and revocable Ciphertext-Policy Attribute-Based Encryption (CP-ABE) scheme supporting cloud-fog computing was proposed. Firstly, through the introduction of fog nodes, the ciphertext storage and outsourcing decryption were able to be carried out on fog nodes near the users, which not only effectively protected users' private data, but also reduced users' computing overhead. Then, in response to the behaviors such as user permission changes, users intentionally or unintentionally leaking their own keys in the attribute-based encryption system, user tracking and revocation functions were added. Finally, after the identity of malicious user with the above behaviors was tracked through the algorithm, the user would be added to the revocation list, so that user's access right was cancelled. The performance analysis shows that the decryption overhead at the user end is reduced to one multiplication and one exponential operation, which can save large bandwidth and decryption time for users; at the same time, the proposed scheme supports the tracking and revocation of malicious users. Therefore, the proposed scheme is suitable for data sharing of devices with limited computing resources in cloud-fog environment.