Computer Engineering and Applications ›› 2023, Vol. 59 ›› Issue (8): 270-279.DOI: 10.3778/j.issn.1002-8331.2205-0115

• Network, Communication and Security • Previous Articles     Next Articles

Blockchain-Based Attribute Proxy Re-Encryption Data Sharing Scheme

ZHAI Sheping, TONG Tong, BAI Xifang   

  1. 1.School of Computer Science, Xi’an University of Posts and Telecommunications, Xi’an 710121, China
    2.Shaanxi Key Laboratory of Network Data Analysis and Intelligent Processing, Xi’an University of Posts and Telecommunications, Xi’an 710121, China
  • Online:2023-04-15 Published:2023-04-15

基于区块链的属性代理重加密数据共享方案

翟社平,童彤,白喜芳   

  1. 1.西安邮电大学 计算机学院,西安 710121
    2.西安邮电大学 陕西省网络数据分析与智能处理重点实验室,西安 710121

Abstract: The rapid growth of data has put forward new requirements for data management methods. Aiming at the problems of centralized data storage and the difficulty of data sharing in traditional data management methods, this paper proposes a data security sharing scheme based on blockchain and attribute agent re-encryption. Firstly, to solve the problem of secure data sharing, the original data after symmetric encryption is stored in ciphertext chain, the key and index information is stored in index chain, and the secure sharing of key information on the index chain is completed by re-encrypting the data attributes proxy. It meets the user’s demand for fine-grained data access control, realizes multi-user decryption authority authorization, and ensures the security of data sharing process. Then, the distributed key generation method is designed and updated periodically to avoid the centralized hosting problem and disclosure risk of encryption key management. Finally, through the comparison and simulation with the existing attribute agent re-encrypted data sharing scheme, the security and efficiency of this scheme are verified.

Key words: blockchain, proxy re-encryption, attribute based encryption, data sharing

摘要: 数据的快速增长对数据管理方式提出了新的要求,针对传统数据管理方式中存在的数据存储中心化、数据共享困难等问题,提出了一种基于区块链的属性代理重加密数据共享方案。对于数据安全共享问题,利用密文链存储对称加密后数据原文,索引链存储对称密钥、索引信息等,通过对索引链上数据属性代理重加密完成链上关键信息的安全共享,满足用户细粒度数据访问控制需求,实现多用户解密权限授权,确保数据共享过程的安全性。构造符合区块链网络的分布式密钥生成方法并进行时间周期性更新,避免加密密钥管理存在的中心化托管问题和泄露风险。进行仿真实验并与同类属性代理重加密数据共享方案进行对比,结果表明该方案在保证安全性的前提下具有较高的效率。

关键词: 区块链, 代理重加密, 属性基加密, 数据共享