支持密钥隔离的属性代理重加密方案  被引量:1

Attribute-based Proxy Re-encryption Scheme with Key Insulation

在线阅读下载全文

作  者:刘艳[1,2] 段茹[1,2] 琚名扬 LIU Yan-;DUAN Ru;JU Ming-yang(Liaoning Engineering Laboratory of Beidou High-precision Location Service,Dalian University,Dalian 116622,China;School of Information Engineering,Dalian University,Dalian 116622,China)

机构地区:[1]大连大学辽宁省北斗高精度位置服务技术工程实验室,辽宁大连116622 [2]大连大学信息工程学院,辽宁大连116622

出  处:《小型微型计算机系统》2020年第3期598-602,共5页Journal of Chinese Computer Systems

基  金:辽宁省重点研发计划指导项目(2017104014)资助.

摘  要:基于属性的代理重加密方案能够实现数据共享与访问控制,十分适合当前的云计算.但其仍缺少向前的安全保护,存在着权限变更带来的密钥泄露的问题,为此本文将密钥隔离机制扩展到基于属性的代理重加密系统中.通过引入密钥隔离的方式,将系统时间参数与用户私钥计算结合,使得方案具有时间安全性.同时将定期对私钥进行刷新,避免权限过期用户与代理服务器对密文非法窃取,最终实现数据安全共享的同时有时限的访问控制.实验分析表明方案在随机预言模型下是安全的,可抗合谋攻击.Attribute-based proxy re-encryption scheme enables data sharing and access control,which is very suitable for current cloud computing. However,it still lacks forward security protection and has the problem of key exposure caused by the change of privilege.This paper extends the key-insulated mechanism to attribute-based proxy re-encryption scheme. By introducing key insulation,the system time parameter is combined with the calculation of the user’s private key,so that the solution has time-bounded security. At the same time,the private key will be refreshed periodically to avoid the illegal stealing of ciphertext by users and proxy servers whose privileges expire. The scheme finally realizes data security sharing and time-bound access control. Experimental analysis shows that the proposed scheme is safe under the random oracle model and can defense collusive attacks.

关 键 词:云计算 密钥泄露 属性加密 代理重加密 密钥隔离 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象