摘要
针对当前云数据下多数加密方案的解密过度依赖双线性映射、解密效率不高等问题,文章提出一种基于可问责属性即可撤销的加密方案。该方案采用单属性权威架构,解密过程不再依赖双线性映射,从而降低了解密开销;基于属性群组思想建立属性即可撤销机制,降低密文重加密的运算复杂度;以权威属性构建问责列表,并在私钥中嵌入用户信息,借助解密用户信息验证机制,快速问责恶意用户。将文章所提加密方案与其他4种同类加密方案进行性能对比,结果表明,该加密方案在保证安全性的前提下,不仅实现了属性的即时撤销和恶意用户的问责,还大大降低了撤销开销和解密开销。
In view of the problem that most encryption schemes in the current cloud big data over relies on bilinear mapping for decryption and low decryption efficiency, a revocable encryption scheme based on accountability attribute was proposed. Firstly, the scheme adopted single attribute authority architecture, and the decryption process no longer depended on bilinear mapping, and the decryption overhead was reduced. Secondly, establishing an attribute revocation mechanism based on the attribute group idea, reducing the computational complexity of ciphertext re-encryption. Thirdly, the accountability list was constructed with authoritative attributes, and the user information was embedded in the private key.With the help of decryption user information verification mechanism, malicious users were accountable quickly. Finally, the performance of this encryption scheme was compared with the other four similar encryption schemes. The results show that compared with the other four encryption schemes, this encryption scheme not only realizes the immediate revocation of attributes and the accountability of malicious users, but also greatly reduces the revocation and decryption overhead.
作者
张淑清
蔡志文
ZHANG Shuqing;CAI Zhiwen(School of Traffic Management Engineering,Guangxi Police College,Nanning 530022,China;Traffic Engineering Science Research Institute of Nanning Public Security Bureau,Nanning 530015,China)
出处
《信息网络安全》
CSCD
北大核心
2021年第12期70-77,共8页
Netinfo Security
基金
广西工业与信息化发展专项资金项目[2019-450000-65-03-025941]。
关键词
云数据
属性加密
问责机制
属性撤销
访问控制
cloud data
attribute encryption
accountability mechanism
attribute revocation
access control
