密文长度固定的策略部分隐藏多授权机构CP-ABE方案  

作　　者：刘怡龙 许盛伟 岳梓岩 LIU Yilong;XU Shengwei;YUE Ziyan(School of Cyberspace Security,Beijing University of Posts and Telecommunications,Beijing 100876,China;Department of Cyberspace Security,Beijing Electronic Science and Technology Institute,Beijing 100070,China;Institute of Information Security,Beijing Electronic Science and Technology Institute,Beijing 100070,China)

机构地区：[1]北京邮电大学网络空间安全学院,北京100876 [2]北京电子科技学院网络空间安全系,北京100070 [3]北京电子科技学院信息安全研究所,北京100070

出　　处：《通信学报》2024年第8期20-36,共17页Journal on Communications

基　　金：国家重点研发计划基金资助项目(No.2022YFB3104402)。

摘　　要：针对现有访问策略隐藏的密文策略属性加密(CP-ABE)方案存在的安全性低、资源开销大的问题,提出了一种密文长度固定的策略部分隐藏多授权机构CP-ABE方案。首先,通过隐藏访问策略中的属性值,降低隐私数据泄露的风险;其次,通过固定密文长度和使用外包解密技术,减少用户的资源开销;最后,采用多授权机构管理机制,避免部署单一授权机构易产生的密钥托管问题。通过安全分析证明了方案在标准模型中满足选择明文攻击下的密文不可区分性,以及方案隐藏的访问策略和产生的外包密钥能够抵抗属性值猜测攻击。通过与已有方案的性能对比,证明了所提方案的总体资源开销更小。To solve the problems of low security and high resource overhead of existing hidden policy ciphertext policy attribute-based encryption(CP-ABE)schemes,a partially hidden policy multi-authority CP-ABE scheme with constant length ciphertext was proposed.Firstly,the values of the attributes in the access policy were hidden,enabling the pro‐posed scheme to reduce the risk of private data leakage.Secondly,by fixing the ciphertext length and using outsourcing decryption techniques,the resource overhead for the user was reduced in the proposed scheme.Finally,the multi-authority management mechanism was used so that the proposed scheme avoided the key escrow problem that can easily arise when using a single authoritative authority.The security analysis proves that the proposed scheme satisfies the in‐distinguishability under chosen plaintext attack in the standard model,as well as the scheme’s hidden access policy and the generated outsourcing key can resist attribute value guessing attack.The overall resource overhead of the proposed scheme is proven to be lower by comparing its performance with the existing schemes.

关 键 词：密文策略属性加密 策略部分隐藏 密文长度固定 多授权机构 外包解密 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]