多授权机构下可撤销叛徒的属性基加密方案

计算机工程与应用 ›› 2015, Vol. 51 ›› Issue (3): 79-84.

多授权机构下可撤销叛徒的属性基加密方案

钟云捷1，2，曾国荪1，2，马海英1，3

1.同济大学计算机科学与技术系，上海 201804
2.嵌入式系统与服务计算教育部重点实验室，上海 201804
3.南通大学计算机科学与技术学院，江苏南通 226019

出版日期:2015-02-01 发布日期:2015-01-28

Multi-authority attribute-based encryption scheme for traitor

ZHONG Yunjie1，2, ZENG Guosun1，2, MA Haiying1，3

1.Department of Computer Science and Technology, Tongji University, Shanghai 201804, China
2.Embedded System and Service Computing Key Lab of Ministry of Education, Shanghai 201804, China
3.College of Computer Science and Technology, Nantong University, Nantong, Jiangsu 226019, China

Online:2015-02-01 Published:2015-01-28

摘要/Abstract

摘要： 针对单授权机构下属性基加密方案中的密钥滥用问题，以及加密机制本身存在的效率和安全问题，研究一种在多授权机构下可对非法用户（或叛徒）进行撤销的属性基加密方案。在单授权机构下属性基加密方案的基础上，利用双线性映射和线性秘密共享方案等来实现多个授权机构相互协作而不需要中央机构控制，并结合完全子树架构将用户映射到二叉树上来提高撤销叛徒的效率，将单授权方案转化成多授权机构下的可撤销叛徒的属性基加密方案MA-TRABE，还分析了该方案的抗串谋攻击安全性和多授权机构下的安全性。根据电子商务安全支付的需要，设计了MA-TRABE的实际应用。

关键词: 属性基加密, 多授权机构, 叛徒撤销, 完全子树架构

Abstract: Due to the key-abuse problem in the single authority attribute-based encryption, as well as the efficiency and security issues because of the encryption mechanism, this paper studies a multi-authority attribute-based encryption which can implement the revocation of unauthorized users（or traitors）. Using bilinear mapping and linear secret sharing scheme to implement the interaction of multiple authorities without the need for a central authority, as well as combing with the complete subtree structure to map the users to a binary tree for efficiency improvement of traitor revocation, the paper transfers a single authority scheme into a multi-authority attribute-based encryption scheme for traitor revocation called MA-TRABE. It also analyzes the security under collusion attack and multi-authority circumstances. According to the needs of security payment in the e-commerce, the practical application of MA-TRABE is designed.

Key words: attribute-based encryption, multi-authority, traitor verocation, complete subtree structure

钟云捷1，2，曾国荪1，2，马海英1，3. 多授权机构下可撤销叛徒的属性基加密方案[J]. 计算机工程与应用, 2015, 51(3): 79-84.

ZHONG Yunjie1，2, ZENG Guosun1，2, MA Haiying1，3. Multi-authority attribute-based encryption scheme for traitor[J]. Computer Engineering and Applications, 2015, 51(3): 79-84.

[1]	李玲，王峥，李娜. 雾计算中支持计算外包的访问控制方案[J]. 计算机工程与应用, 2021, 57(6): 81-87.
[2]	余波，台宪青，马治杰. 云计算环境下基于属性和信任的RBAC模型研究[J]. 计算机工程与应用, 2020, 56(9): 84-92.
[3]	彭维平，郭凯迪，宋成，闫玺玺. 面向外包数据的可追踪防泄漏访问控制方案[J]. 计算机工程与应用, 2020, 56(6): 117-125.
[4]	古丽米热·尔肯，努尔买买提·黑力力. 基于CP-ABE重加密的敏感数据访问控制限制方案[J]. 计算机工程与应用, 2020, 56(18): 69-76.
[5]	石宇清，凌捷. 隐藏访问策略的可追踪属性基加密方案[J]. 计算机工程与应用, 2020, 56(16): 75-83.
[6]	谭跃生，章世杨，王静宇. 基于多授权中心的CP-ABE属性撤销方案[J]. 计算机工程与应用, 2019, 55(13): 78-84.
[7]	储转转，王志伟. 改进的属性撤销权重属性基加密方案[J]. 计算机工程与应用, 2018, 54(3): 82-86.
[8]	于启红1，2，李继国2. 支持属性撤销且抗泄漏的密文策略属性基加密[J]. 计算机工程与应用, 2016, 52(20): 29-38.