摘要: 針對屬性加密方案中的運行效率和屬性更新問題,提出了一種基于環(huán)上誤差學(xué)習(xí)問題(Learning With Error over Ring,RLWE)的可撤銷分層屬性加密方案。方案通過多等級的門限秘密共享矩陣將屬性進行分層,權(quán)限等級高的屬性恢復(fù)秘密的能力大于權(quán)限等級低的屬性,且高權(quán)限等級不可被替代;另外,方案實現(xiàn)了屬性級的用戶撤銷,基于第三方機構(gòu)通過控制用戶對屬性陷門的獲取降低了系統(tǒng)的計算開銷。該方案能抵抗用戶合謀攻擊且滿足隨機預(yù)言機模型下的選擇明文安全,與現(xiàn)有方案對比,在實現(xiàn)了屬性分層的同時增加了屬性撤銷的功能,并在多項式環(huán)上進行運算,提高了加解密效率,對實際應(yīng)用場景有更好的適應(yīng)性。
中圖分類號: TP309.7 文獻標識碼: A DOI: 10.19358/j.issn.2096-5133.2021.08.002 引用格式: 郭凱陽,韓益亮,吳日銘。 基于RLWE的可撤銷分層屬性加密方案[J].信息技術(shù)與網(wǎng)絡(luò)安全,2021,40(8):9-16.
Revocable hierarchical attribute-based encryption scheme from RLWE
Guo Kaiyang1,2,Han Yiliang1,2,Wu Riming1,2
(1.College of Cryptographic Engineering,Engineering University of PAP,Xi′an 710086,China; 2.Key Laboratory of PAP for Cryptology and Information Security,Xi′an 710086,China)
Abstract: Aiming at the problems of operation efficiency and attribute update in attribute encryption scheme, this paper proposes a revocable hierarchical attribute encryption scheme based on learning with error over ring(RLWE). The attributes are layered by multi-level threshold secret sharing matrix. The ability of recovering secret of attribute with high privilege level is greater than that of attribute with low privilege level, and the attribute with high privilege level can not be replaced. In addition, based on the third-party mechanism, the system reduces the computing cost by controlling the users to obtain the attribute trapdoor. The scheme can resist user collusion attack and satisfies the chosen plaintext security under random oracle model. Compared with the existing schemes, this scheme not only realizes the revocability of attributes, but also adds the function of attribute hierarchy, and performs operations on the polynomial ring, which improves the efficiency of encryption and decryption, and has better adaptability to practical application scenarios.
Key words : attribute-based encryption;attribute revocation;hierarchical;lattice
0 引言
在信息時代與大數(shù)據(jù)時代的背景下,當今網(wǎng)絡(luò)中的信息量呈現(xiàn)爆炸式的增長,網(wǎng)絡(luò)信息安全問題引起了人們的廣泛關(guān)注,密碼技術(shù)作為保障信息安全的關(guān)鍵技術(shù)之一,其研究發(fā)展也越來越受到重視。1976年Diffle和Hellman提出了公鑰密碼思想體制[1],解決了對稱密碼體制中密鑰管理代價高、功能單一等問題,但是隨著需求發(fā)展,傳統(tǒng)基于公鑰基礎(chǔ)設(shè)施的加密機制也遇到了一些瓶頸,為了提高效率,Shamir于1984年提出了基于身份的加密機制(Identity-Based Encryption,IBE)[2],在此基礎(chǔ)上,Sahai和Waters進一步提出了屬性加密機制[3]。屬性加密機制實現(xiàn)了一對多的加密模式且具有靈活的訪問結(jié)構(gòu),通常分為密文策略屬性加密(Ciphertext-Policy Attribute Based Encryption,CP-ABE)和密鑰策略屬性加密(Key-Policy Attribute Based Encryption,KP-ABE)[4]。為了完善屬性加密機制的功能,發(fā)掘其潛在的應(yīng)用前景,田有亮等人提出了基于屬性加密的區(qū)塊鏈數(shù)據(jù)溯源算法[5];劉建華等人在屬性加密的基礎(chǔ)上提出了支持密文檢索的云存儲方案[6];王崢等人提出了霧計算中用戶和屬性可撤銷的訪問控制方案[7];汪金苗等人基于多授權(quán)的屬性加密設(shè)計了面向區(qū)塊鏈的隱私保護和訪問控制方案[8]。
