Blockchain-Based Attribute Proxy Re-Encryption Data Sharing Scheme

doi:10.3778/j.issn.1002-8331.2205-0115

Abstract

Abstract: The rapid growth of data has put forward new requirements for data management methods. Aiming at the problems of centralized data storage and the difficulty of data sharing in traditional data management methods, this paper proposes a data security sharing scheme based on blockchain and attribute agent re-encryption. Firstly, to solve the problem of secure data sharing, the original data after symmetric encryption is stored in ciphertext chain, the key and index information is stored in index chain, and the secure sharing of key information on the index chain is completed by re-encrypting the data attributes proxy. It meets the user’s demand for fine-grained data access control, realizes multi-user decryption authority authorization, and ensures the security of data sharing process. Then, the distributed key generation method is designed and updated periodically to avoid the centralized hosting problem and disclosure risk of encryption key management. Finally, through the comparison and simulation with the existing attribute agent re-encrypted data sharing scheme, the security and efficiency of this scheme are verified.

Key words: blockchain, proxy re-encryption, attribute based encryption, data sharing

摘要： 数据的快速增长对数据管理方式提出了新的要求，针对传统数据管理方式中存在的数据存储中心化、数据共享困难等问题，提出了一种基于区块链的属性代理重加密数据共享方案。对于数据安全共享问题，利用密文链存储对称加密后数据原文，索引链存储对称密钥、索引信息等，通过对索引链上数据属性代理重加密完成链上关键信息的安全共享，满足用户细粒度数据访问控制需求，实现多用户解密权限授权，确保数据共享过程的安全性。构造符合区块链网络的分布式密钥生成方法并进行时间周期性更新，避免加密密钥管理存在的中心化托管问题和泄露风险。进行仿真实验并与同类属性代理重加密数据共享方案进行对比，结果表明该方案在保证安全性的前提下具有较高的效率。

关键词: 区块链, 代理重加密, 属性基加密, 数据共享

ZHAI Sheping, TONG Tong, BAI Xifang. Blockchain-Based Attribute Proxy Re-Encryption Data Sharing Scheme[J]. Computer Engineering and Applications, 2023, 59(8): 270-279.

翟社平, 童彤, 白喜芳. 基于区块链的属性代理重加密数据共享方案[J]. 计算机工程与应用, 2023, 59(8): 270-279.

References

[1] NAKAMOTO S.Bitcoin：a peer-to-peer electronic cash system[EB/OL].（2018）[2022-03-02].https：//bitcoin.org/bitcoin.pdf.
[2] 曾诗钦，霍如，黄韬，等.区块链技术研究综述：原理、进展与应用[J].通信学报，2020，41（1）：134-151.
ZENG S Q，HUO R，HUANG T，et al.Survey of blockchain：principle，progress and application[J].Journal of Communications，2020，41（1）：134-151.
[3] 张奥，白晓颖.区块链隐私保护研究与实践综述[J].软件学报，2020，31（5）：1406-1434.
ZHANG A，BAI X Y.Summary of research and practice of blockchain privacy protection[J].Journal of Software，2020，31（5）：1406-1434.
[4] HALPERN J，TEAGUE V.Rational secret sharing and multiparty computation[C]//Proceedings of the 36th Annual ACM Symposium on Theory of Computing，Chicago，Jun 13-16，2004.New York，NY：ACM Press，2004：623-632.
[5] SONG D X，WAGNER D，PERRIG A.Practical techniques for searches on encrypted data[C]//Proceedings of the 2000 IEEE Symposium on Security and Privacy，Berkeley，May 14-17，2000.Piscataway，NJ：IEEE Press，2000：44-55.
[6] SAHAI A，WATERS B.Fuzzy identity-based encryption[C]//Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques，Bruges，May 14-18，2000.Berlin，German：Springer Press，2005：457-473.
[7] BLAZE M，BLEUMER G，STRAUSS M.Divertible protocols and atomic proxy cryptography[C]//Proceedings of the 22nd Annual International Conference on the Theory and Application of Cryptographic Techniques，Espoo，May 31-June 4，1998.Berlin，German：Springer Press，1998：127-144.
[8] ATENIESE G，FU K，GREEN M，et al.Improved proxy re-encryption schemes with applications to secure distributed storage[J].ACM Transactions on Information and System Security，2006，9（1）：1-30.
[9] GREEN M，ARENIESE G.Identity-based proxy re-encryption[C]//Proceedings of the 5th International Conference on Applied Cryptography and Network Security，Zhuhai，Jun 5-8，2007.Berlin，German：Springer Press，2007：288-306.
[10] JIAN W，DENG R H，DING X H，et al.Conditional proxy re-encryption secure against chosen-ciphertext attack[C]//Proceedings of the 4th International Symposium on Information，Computer，and Communications Security，Sydney，Mar 10-12，2009.New York，NY：ACM Press，2009：322-332.
[11] 牛淑芬，陈俐霞，李文婷，等.基于区块链的电子病历数据共享方案[J].自动化学报，2022，48（8）：2028-2038.
NIU S F，CHEN L X，LI W T，et al.Electronic medical record data sharing scheme based on blockchain[J].Acta Automatica Sinica，2022，48（8）：2028-2038.
[12] GOYAL V，PANDEY O，SAHAI A，et al.Attribute-based encryption for fine-grained access control of encrypted data[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security，Alexandria，Oct 30-Nov 3，2006.New York NY：ACM Press，2006：89-98.
[13] BETHENCOURT J，SAHAI A，WATERS B.Ciphertext-policy attribute-based encryption[C]//Proceedings of the 2007 IEEE Symposium on Security and Privacy，Berkeley，May 20-23，2007.Piscataway，NJ：IEEE Press，2007：321-334.
[14] CHEUNG L，NEWPORT C.Provably secure ciphertext policy ABE[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security，Alexandria.New York：ACM Press，2007：456-465.
[15] WATERS B.Ciphertext-policy attribute-based encryption：an expressive，efficient，and provably secure realization[C]//Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography，Taormina，Mar 6-9，2011.Berlin，German：Springer Press，2011：53-77.
[16] LIANG X H，CAO Z F，LIN H，et al.Attribute-based proxy re-encryption with delegating capabilities[C]//Proceedings of the 4th International Symposium on Information，Computer，and Communications Security，Sydney，Mar 10-12，2009.New York NY：ACM Press，2009：276-286.
[17] 梁艳丽，凌捷.基于区块链的云存储加密数据共享方案[J].计算机工程与应用，2020，56（17）：41-47.
LIANG Y L，LING J.Encrypted data sharing scheme in cloud storage based on blockchain[J].Computer Engineering and Applications，2020，56（17）：41-47.
[18] TIWARI D，GANGADHARAN G R.SecCloudSharing：secure data sharing in public cloud using ciphertext-policy attribute-based proxy re-encryption with revocation[J].International Journal of Communication Systems，2018，31（5）：1-28.
[19] HONG H S，SUN Z X.Sharing your privileges securely：a key-insulated attribute-based proxy re-encryption scheme for IoT[J].World Wide Web，2017，21（3）：595-607.
[20] 张小红，孙岚岚.属性代理重加密的区块链密文云存储共享研究[J].系统仿真学报，2020，32（6）：1009-1020.
ZHANG X H，SUN L L.Attribute proxy re-encryption for ciphertext storage sharing scheme on blockchain[J].Journal of System Simulation，2020，32（6）：1009-1020.
[21] YAO S M，DAYOT R V J，KIM H J，et al.A novel revocable and identity-based conditional proxy re-encryption scheme with ciphertext evolution for secure cloud data sharing[J].IEEE Access，2021，9（1）：42801-42816.
[22] 孙知信，张鑫，相峰，等.区块链存储可扩展性研究进展[J].软件学报，2021，32（1）：1-20.
SUN Z X，ZHANG X，XIANG F，et al.Survey of storage scalability on blockchain[J].Journal of Software，2021，32（1）：1-20.
[23] WEI L，CUI J，XU Y，et al.Secure and lightweight conditional privacy-preserving authentication for securing traffic emergency messages in VANETs[J].IEEE Transactions on Information Forensics and Security，2021，16：1681-1695.