一种支持快速加密的基于属性加密方案  被引量：8

作　　者：罗王平 冯朝胜[1,2] 邹莉萍 袁丁[1] 吴唐美 李敏[1] 王广杰 LUO Wang-Ping;FENG Chao-Sheng;ZOU Li-Ping;YUAN Ding;WU Tang-Mei;LI Min;WANG Guang-Jie(School of Computer Science,Sichuan Normal University,Chengdu 610101,China;Visual Computing&Virtual Reality Key Laboratory of Sichuan Province(Sichuan Normal University),Chengdu 610101,China;Sichuan Normal University Technology Park Development Co.,Ltd,Chengdu 610066,China)

机构地区：[1]四川师范大学计算机科学学院,四川成都610101 [2]可视化计算与虚拟现实四川省重点实验室(四川师范大学),四川成都610101 [3]四川师大科技园发展有限公司,四川成都610066

出　　处：《软件学报》2020年第12期3923-3936,共14页Journal of Software

基　　金：国家自然科学基金(61373163);国家科技支撑计划(2014BAH11F02);四川省科技支撑计划(2015GZ079);四川师范大学研究生优秀论文培育基金(川师研[2018]3号-38);国防科技重点实验室项目(6142103010709)。

摘　　要：基于属性加密算法因含有大量耗时的指数运算和双线性对运算,一些方案提出将加密外包给云服务器.然而这些方案并没有给出外包加密在云服务器中的并行计算方法,而且还存在用户保管私钥过多、授权中心生成用户私钥成本过大的问题.针对这些问题,提出一种基于Spark大数据平台的快速加密与共享方案.在该方案中,根据共享访问树的特点设计加密并行化算法,该算法将共享访问树的秘密值分发和叶子节点加密并行化之后交给Spark集群处理,而用户客户端对每个叶子节点仅需要一次指数运算;此外,用户私钥的属性计算也外包给Spark集群,授权中心生成一个用户私钥仅需要4次指数运算,并且用户仅需要保存一个占用空间很小的密钥子项.Attribute-based encryption algorithm contains a large number of time-consuming exponential operations and bilinear pairing operations,therefore,some schemes propose to outsource encryption to the cloud server.However,these schemes do not provide the parallel computing method of outsourcing encryption on cloud servers.Besides,in these schemes,user manages too many private keys and the authorization center generates a private key for the user with excessive cost.To solve these problems,a fast encryption and sharing scheme based on the Spark big data platform is proposed.In this scheme,an encryption parallelization algorithm is designed according to the characteristics of the sharing access tree,with which,distribution of secret value of the sharing access tree and encryption at leaf node are parallelized.Then,the parallelization tasks are handed over to the Spark cluster.As a result,user client needs only one exponent operation for each leaf node.In addition to this,the private key attribute computation is also outsourced to the Spark cluster.In proposed scheme,the authorization center generates a user private key requiring only four exponential and users only need to save a key sub-item with small space.

关 键 词：基于属性加密 加密外包 快速加密 Spark平台 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]