摘要
为解决已有云外包方案中数据存储安全性和用户身份泄露的问题,提出一个用于云服务的时效访问匿名策略属性加密方案TA3ES(Time-limited access of anonymous attribute encryption scheme).该方案保留云外包方案提升系统运行效率的优点,实现加密者指定访问结构的盲化处理,不仅可支持细粒度的访问控制,还支持数据的时效访问.该方案引入匿名的属性,新增DT(Dec-Tra)算法,对密文进行部分解密之后传输,大幅度减少用户运算量,在密文和密钥中设置时间期限T控制数据的自动销毁,显著提高数据安全性和用户隐私的保护能力.方案给出形式化和具体的描述,并做了正确性和匿名性分析以及在adaptively-CCA模型下复杂性假设的安全性证明.最后,通过和现有的相关优秀方案进行对比,进一步论证本方案的优势.
To solve the problem of data storage security and user identity leakage in the existing cloud outsourcing scheme,an age-limited access of an anonymous attribute encryption scheme (TA3ES) for cloud services is proposed.The scheme preserves the advantage of the cloud outsourcing scheme to improve the efficiency of the system operation,and achieves the access structure specified by the encryptor,which not only supports fine-grained access control,but also supports data access.This scheme introduces the anonymous attribute,adds DT (Dec-Tra) algorithm,decrypts the ciphertext after partial deciphering,greatly reduces the amount of user computation,sets the time period T in the ciphertext and key to control the automatic destruction of data,Significantly improve data security and user privacy protection.The formal and concrete description is given,and the correctness and anonymity are analyzed,and the security proof based on the complexity assumption is given in the model.Finally,by comparing with the existing relevant excellent programs,the advantage of the scheme is further proved.
出处
《小型微型计算机系统》
CSCD
北大核心
2018年第2期225-229,共5页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61202370)资助
上海市教委科研创新项目(14YZ110)资助
中国博士后科学基金项目(2014M561512)资助
关键词
云外包
隐藏访问策略
属性基加密
复杂性假设
细粒度访问
访问结构
cloud computing
hidden access policy
attribute based encryption
complexity hypothesis
fine -grained access access structure
