| 一种支持分级用户访问的文件分层CP-ABE方案 |
| |
| 引用本文: | 刘帅南,刘彬,郭真,冯朝胜,秦志光,卿昱. 一种支持分级用户访问的文件分层CP-ABE方案[J]. 软件学报, 2023, 34(7): 3329-3342 |
| |
| 作者姓名: | 刘帅南 刘彬 郭真 冯朝胜 秦志光 卿昱 |
| |
| 作者单位: | 四川师范大学 计算机科学学院, 四川 成都 610101;四川师范大学 计算机科学学院, 四川 成都 610101;网络与数据安全四川省重点实验室(电子科技大学), 四川 成都 610054;中国电子科技集团公司第三十研究所, 四川 成都 610041 |
| |
| 基金项目: | 国防科技重点实验室基金(6142103010709);国家自然科学基金(61373163) |
| |
| 摘 要: | 文件分层的密文策略基于属性的加密(FH-CP-ABE)方案实现了同一访问策略的多层次文件加密,节省了加解密的计算开销和密文的存储开销.然而,目前的文件分层CP-ABE方案不支持分级用户访问,且存在越权访问的问题.为此,提出一种支持分级用户访问的文件分层CP-ABE方案.在所提方案中,通过构造分级用户访问树,并重新构造密文子项以支持分级用户的访问需求,同时消除用户进行越权访问的可能性.安全性分析表明,所提方案能够抵御选择明文攻击.理论分析和实验分析均表明,与相关方案相比,所提方案在计算和存储方面具有更高的效率.
|
| 关 键 词: | 基于属性的加密 文件分层 分级用户访问 越权访问 选择明文攻击 |
| 收稿时间: | 2021-04-14 |
| 修稿时间: | 2021-06-21 |
File Hierarchy CP-ABE Scheme Supporting Graded User Access |
| |
| LIU Shuai-Nan,LIU Bin,GUO Zhen,FENG Chao-Sheng,QIN Zhi-Guang,QING Yu. File Hierarchy CP-ABE Scheme Supporting Graded User Access[J]. Journal of Software, 2023, 34(7): 3329-3342 |
| |
| Authors: | LIU Shuai-Nan LIU Bin GUO Zhen FENG Chao-Sheng QIN Zhi-Guang QING Yu |
| |
| Affiliation: | School of Computer Science, Sichuan Normal University, Chengdu 610101, China;School of Computer Science, Sichuan Normal University, Chengdu 610101, China;Network and Data Security Key Laboratory of Sichuan Province (University of Electronic Science and Technology of China), Chengdu 610054, China; The 30th Research Institute of China Electronics Technology Group Corporation, Chengdu 610041, China |
| |
| Abstract: | The file hierarchy ciphertext policy attribute-based encryption (FH-CP-ABE) scheme realizes multi-level files encryption with the single access policy, which saves the computation cost of encryption and decryption and the storage cost of ciphertext. Nevertheless, the existing file hierarchy CP-ABE scheme cannot support graded user access, while suffers due to the unauthorized access. For this reason, a file hierarchy CP-ABE scheme that supports graded user access is proposed. In the proposed scheme, the graded user access tree is constructed, and the ciphertext subsections are reconstructed to support the access requirements of graded users, thus eliminate the possibility of users to conduct unauthorized access. The security analysis shows that the proposed scheme can resist selective chosen-plaintext attack. Both theoretical and experimental analyses show that the proposed scheme is more efficient in terms of computation and storage compared to related scheme. |
| |
| Keywords: | attribute-based encryption (ABE) file hierarchy (FH) graded user access unauthorized access selective chosen-plaintext attack |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
