| 面向可变用户群体的可搜索属性基加密方案 |
| |
| 引用本文: | 王经纬,宁建廷,许胜民,殷新春,陈海霞. 面向可变用户群体的可搜索属性基加密方案[J]. 软件学报, 2023, 34(4): 1907-1925 |
| |
| 作者姓名: | 王经纬 宁建廷 许胜民 殷新春 陈海霞 |
| |
| 作者单位: | 扬州大学信息工程学院, 江苏 扬州 225127;福建师范大学 计算机与网络空间安全学院, 福建 福州 350007;信息安全国家重点实验室(中国科学院 信息工程研究所), 北京 100093;扬州大学信息工程学院, 江苏 扬州 225127;扬州大学广陵学院, 江苏 扬州 225000 |
| |
| 基金项目: | 国家自然科学基金(62102090, 62032005, 61972094, 61902070); 福建省科协第二届青年人才托举工程 |
| |
| 摘 要: | 为解决属性基加密方案中用户撤销繁琐、密文更新计算开销大的问题,提出一种面向可变用户群体的可搜索属性基加密方案.利用二叉树管理撤销列表,当需要撤销用户时,可信中心只要将其加入撤销列表,并通知云服务器更新部分密文,提高了用户撤销的效率.考虑到利用二叉树实现用户撤销会导致系统中用户数量存在上限,当某个二叉树叶结点所代表的用户被撤销后,只要更新二叉树中设置的随机值,其他用户就可以重复使用该结点.基于配对计算为用户提供密文搜索功能,并保证被撤销的用户无法搜索密文.安全性分析表明,该方案在随机谕言模型下满足选择明文不可区分安全性.性能分析和实验数据表明,该方案相比于同类方案,计算开销更小.
|
| 关 键 词: | 用户撤销 访问控制 属性基加密 秘密共享 二叉树 |
| 收稿时间: | 2021-11-04 |
| 修稿时间: | 2022-03-26 |
Searchable Attribute-based Encryption Scheme for Dynamic User Groups |
| |
| WANG Jing-Wei,NING Jian-Ting,XU Sheng-Min,YIN Xin-Chun,CHEN Hai-Xia. Searchable Attribute-based Encryption Scheme for Dynamic User Groups[J]. Journal of Software, 2023, 34(4): 1907-1925 |
| |
| Authors: | WANG Jing-Wei NING Jian-Ting XU Sheng-Min YIN Xin-Chun CHEN Hai-Xia |
| |
| Affiliation: | School of Information Engineering, Yangzhou University, Yangzhou 225127, China;College of Computer and Cyber Security, Fujian Normal University, Fuzhou 350007, China;State Key Laboratory of Information Security (Institute of Information Engineering, Chinese Academy of Sciences), Beijing 100093, China;School of Information Engineering, Yangzhou University, Yangzhou 225127, China;Guangling College of Yangzhou University, Yangzhou 225000, China |
| |
| Abstract: | To improve the performance of user revocation and ciphertext update, a searchable attribute-based encryption scheme for dynamic user groups is proposed. A binary tree is applied to manage the revocation list. The user revocation will be achieved by adding revoked users to the revocation list and informing the cloud server to update the ciphertexts. To relieve the limitation of the number of system users, the nodes of the user binary tree will be re-used by new users if the random values in the nodes could be updated when user revocation occurs. Besides, a ciphertext search function, based on bilinear pairing, is provided and all revoked users are not allowed to perform the search algorithm. The security analysis proves that the proposed scheme is IND-CPA secure under the random oracle model. The performance analysis shows that the proposed scheme outperforms other existing solutions in terms of computational overhead. |
| |
| Keywords: | user revocation access control attribute-based encryption secret sharing binary tree |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
