面向公有云的支持快速解密的CP-ABE方案  被引量：1

作　　者：邹莉萍 冯朝胜[1] 秦志光[2,3] 袁丁[1] 罗王平 李敏[1,3] ZOU Li-Ping;FENG Chao-Sheng;QIN Zhi-Guang;YUAN Ding;LUO Wang-Ping;LI Min(School of Computer Science,Sichuan Normal University,Chengdu 610101,China;School of Information&Software Engineering,University of Electronic Science and Technology of China,Chengdu 610054,China;Network and Data Security Key Laboratory of Sichuan Province(University of Electronic Science and Technology of China),Chengdu 610054,China)

机构地区：[1]四川师范大学计算机科学学院,四川成都610101 [2]电子科技大学信息与软件工程学院,四川成都610054 [3]网络与数据安全四川省重点实验室(电子科技大学),四川成都610054

出　　处：《软件学报》2020年第6期1817-1828,共12页Journal of Software

基　　金：国家自然科学基金(61373163);国家科技支撑计划(2014BAH11F02,2014BAH11F01);四川省科技支撑计划(2015GZ079);网络与数据安全四川省重点实验室开放课题(NDSMS201606);四川省教育厅重点项目(17ZA0322)。

摘　　要：现有的密文策略基于属性加密CP-ABE(ciphertext-policy attribute-based encryption)算法普遍在解密时存在计算量过大、计算时间过长的问题,该问题造成CP-ABE难以应用和实施.针对该问题,将计算外包引入到方案的设计之中,提出一种面向公有云的基于Spark大数据平台的CP-ABE快速解密方案.在该方案中,专门根据CP-ABE的解密特点设计了解密并行化算法;利用并行化算法,将计算量较大的叶子节点解密和根节点解密并行化;之后,将并行化任务交给Spark集群进行处理.计算外包使得绝大多数解密工作由云服务器完成,用户客户端只需进行一次指数运算;而并行化处理则提高了解密速度.安全性分析表明,所提出的方案在一般群模型和随机预言模型下能对抗选择明文攻击.Most of existing CP-ABE(ciphertext-policy attribute-based encryption)schemes have such problems as over-computation and a long calculation time in decryption,which make them difficult to be applied and implemented.To solve this problem,the computation outsourcing is introduced into the design of CP-ABE scheme,a Spark-platform-based CP-ABE scheme with fast decryption for public cloud is proposed.In this scheme,the decryption parallelization algorithm is designed based on the decryption feature of CP-ABE,with which,decryption at both leaf node and root node with over-computation is parallelized.Then,the parallelization tasks are handed over to the Spark cluster.The computation outsourcing makes the most decryption computation done by cloud servers,while the user client only needs an exponential operation,and parallelization greatly improves the speed of decryption.Security analysis shows that the proposed scheme can fight against chosen plaintext attack under both the generic group model and the random oracle model.

关 键 词：快速解密 解密外包 密文策略基于属性加密 访问树 Spark平台 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]