支持大属性空间和安全分级的KP-ABE  

作　　者：康萍 赵开强 刘彬 郭真 冯朝胜[1,2] 卿昱[3] KANG Ping;ZHAO Kai-qiang;LIU Bin;GUO Zhen;FENG Chao-sheng;QING Yu(College of Computer Science,Sichuan Normal University,Chengdu,Sichuan 610101,China;Network and Data Security Key Laboratory of Sichuan Province,University of Electronic Science and Technology of China,Chengdu,Sichuan 610054,China;The No.30 Institute of China Electronic Technology Corporation,Chengdu,Sichuan 610041,China)

机构地区：[1]四川师范大学计算机科学学院,四川成都610101 [2]电子科技大学网络与数据安全四川省重点实验室,四川成都610054 [3]中国电子科技集团公司第30研究所,四川成都610041

出　　处：《电子学报》2023年第9期2549-2557,共9页Acta Electronica Sinica

基　　金：国家自然科学基金(No.61373163);国防科技重点实验室基金(No.6142103010709)。

摘　　要：现有的KP-ABE(Key-Policy Attribute-Based Encryption)方案主要通过哈希函数实现对大属性空间的支持,安全性建立在随机预言模型下而非标准模型下;计算每个属性对应的密文子项或密钥子项,指数运算次数大于最大加密属性个数;不支持数据和用户安全分级.针对上述问题,本文提出了一种支持大属性空间和安全分级的KPABE方案.该方案通过编码函数而不是哈希函数将任意“属性名称:属性值”编码映射至有限域中的一个元素,实现对任意“属性名称:属性值”的支持并确保任意两个不同“属性名称:属性值”的编码值不同;结合强制访问控制思想,方案对密文和用户赋予不同的安全等级,只有用户安全等级不低于密文的安全等级时用户才能解密.最后对本文方案进行了安全性和性能分析,在标准模型下证明了该方案针对选择明文攻击是安全的;性能分析表明,所提出方案只需要进行2次指数运算,就能完成一个属性对应的密文子项或密钥子项的计算.The existing KP-ABE(Key-Policy Attribute-Based Encryption)scheme mainly supports large universe by using hash function,and the security is built under the random oracle model instead of the standard model;the number of exponentiation operations is greater than the maximum number of attributes at the time of encryption when calculating the ciphertext components or key components for each attribute;it does not support data and user security classification.To address the above problems,this paper proposes a KP-ABE scheme that supports large universe and security classification.The scheme maps arbitrary“attribute name:attribute value”to an element in the finite field through an encoding function instead of hash function,enabling support for any“attribute name:attribute value”and ensuring that any two different“attribute name:attribute value”combinations are encoded with different values;combined with the idea of mandatory access control,the scheme assigns different security levels to ciphertext and user,and only when the user security level is not lower than the security level of the ciphertext can the user decrypt it.The scheme is proved to be secure against chosen plaintext attacks under the standard model;the performance analysis shows that the proposed scheme only needs to perform two exponential operations to complete the computation of the ciphertext components or key components corresponding to one attribute.

关 键 词：KP-ABE 大属性空间 选择明文攻击 强制访问控制 安全分级 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]