基于区块链的属性代理重加密数据共享方案  被引量：13

作　　者：翟社平 童彤[1] 白喜芳 ZHAI Sheping;TONG Tong;BAI Xifang(School of Computer Science,Xi’an University of Posts and Telecommunications,Xi’an 710121,China;Shaanxi Key Laboratory of Network Data Analysis and Intelligent Processing,Xi’an University of Posts and Telecommunications,Xi’an 710121,China)

机构地区：[1]西安邮电大学计算机学院,西安710121 [2]西安邮电大学陕西省网络数据分析与智能处理重点实验室,西安710121

出　　处：《计算机工程与应用》2023年第8期270-279,共10页Computer Engineering and Applications

基　　金：国家自然科学基金(61373116);工业和信息化部通信软科学项目(2018-R-26);陕西省重点研发计划项目(2022GY-038);陕西省教育厅科学研究计划项目(18JK0697);陕西省社会科学基金(2016N008);西安市社会科学规划基金(17X63);陕西省大学生创新创业训练计划项目(S202111664013)。

摘　　要：数据的快速增长对数据管理方式提出了新的要求,针对传统数据管理方式中存在的数据存储中心化、数据共享困难等问题,提出了一种基于区块链的属性代理重加密数据共享方案。对于数据安全共享问题,利用密文链存储对称加密后数据原文,索引链存储对称密钥、索引信息等,通过对索引链上数据属性代理重加密完成链上关键信息的安全共享,满足用户细粒度数据访问控制需求,实现多用户解密权限授权,确保数据共享过程的安全性。构造符合区块链网络的分布式密钥生成方法并进行时间周期性更新,避免加密密钥管理存在的中心化托管问题和泄露风险。进行仿真实验并与同类属性代理重加密数据共享方案进行对比,结果表明该方案在保证安全性的前提下具有较高的效率。The rapid growth of data has put forward new requirements for data management methods.Aiming at the problems of centralized data storage and the difficulty of data sharing in traditional data management methods,this paper proposes a data security sharing scheme based on blockchain and attribute agent re-encryption.Firstly,to solve the problem of secure data sharing,the original data after symmetric encryption is stored in ciphertext chain,the key and index information is stored in index chain,and the secure sharing of key information on the index chain is completed by re-encrypting the data attributes proxy.It meets the user’s demand for fine-grained data access control,realizes multi-user decryption authority authorization,and ensures the security of data sharing process.Then,the distributed key generation method is designed and updated periodically to avoid the centralized hosting problem and disclosure risk of encryption key management.Finally,through the comparison and simulation with the existing attribute agent re-encrypted data sharing scheme,the security and efficiency of this scheme are verified.

关 键 词：区块链 代理重加密 属性基加密 数据共享 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]