计算机工程与应用 ›› 2018, Vol. 54 ›› Issue (19): 72-76.DOI: 10.3778/j.issn.1002-8331.1712-0018

• 网络、通信与安全 • 上一篇    下一篇

移动云计算中基于身份的轻量级加密方案

王占君1,马海英2,3,王金华1   

  1. 1.南通大学 理学院,江苏 南通 226019
    2.南通大学 计算机科学与技术学院,江苏 南通 226019
    3.南洋理工大学 计算机科学工程学院,新加坡 639815
  • 出版日期:2018-10-01 发布日期:2018-10-19

identity-based lightweight encryption scheme in mobile cloud computing

WANG Zhanjun1, MA Haiying2,3, WANG Jinhua1   

  1. 1.School of Science, Nantong University, Nantong, Jiangsu 226019, China
    2.College of Computer Science and Technology, Nantong University, Nantong, Jiangsu 226019, China
    3.School of Computer and Science Engineering, Nanyang Technological University, Singapore 639815
  • Online:2018-10-01 Published:2018-10-19

摘要: 针对移动云计算中数据安全和移动用户的隐私保护问题,结合在线离线和外包解密技术,对基于身份加密机制(IBE)中加密和解密算法进行扩展,提出了一种可外包解密的基于身份在线离线加密方案,并证明其安全性,构造出适合于移动云计算环境中轻量级设备保护隐私数据的方案。为了减少移动终端运行IBE的加密和解密开销,利用在线离线技术将IBE的加密分解为离线和在线两个阶段,使得移动设备仅需执行少量简单计算即可生成密文;在此基础上,利用外包解密技术,修改IBE的密钥生成算法和解密算法,增加一个密文转化算法,将解密的大部分复杂计算外包给云服务器,移动设备仅计算一个幂乘运算即可获得明文。与现有IBE方案的性能相比,该方案具有较少的加解密开销,适合于轻量级移动设备。

关键词: 移动云计算, 基于身份加密, 在线离线, 外包解密, 轻量级设备

Abstract: For the problems of data security and privacy of users in the mobile cloud computing, this paper modifies the encryption and decryption algorithms in Identity-Based Encryption(IBE) by introducing the offline/online and the outsourcing decryption, then proposes an Identity-Based Online/Offline Encryption scheme with Outsourcing Decryption(IBOOE-OD), and proves its security. The IBOOE-OD is very suitable for lightweight devices to protect privacy data in mobile cloud computing environment. To reduce the costs of encryption and decryption in IBE for mobile devices, firstly, the encryption of IBE is decomposed into offline and online two phases by the online/offline technology, such that mobile devices can perform simple calculations to generate a ciphertext. Secondly, this paper uses the outsourcing technology to modify the key generation and decryption algorithms, and adds a ciphertext transformation algorithm, so that it can outsource the majority work of decryption to the cloud services and the mobile devices can perform one exponentiation to obtain plaintext. Compared with the performances of the existing IBE schemes, the scheme has the less amount of encryption and decryption costs and is very suitable for lightweight mobile devices.

Key words: mobile cloud computing, Identity-Based Encryption(IBE), online-offline, outsourcing decryption, lightweight device