Attribute-based encryption method for multiple authority centers
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
An attribute encryption and multi-organization technology, applied in the field of computer security, can solve the problem of low user decryption efficiency
Active Publication Date: 2014-03-05
NANJING UNIV OF POSTS & TELECOMM
View PDF2 Cites 50 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
However, all decryption operations in this scheme are concentrated on the client side, which will lead to
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0066] Such as figure 1 As shown, the module of the present invention is mainly divided into five modules of system initialization, key calculation, encryption, decryption, and attribute revocation, and its specific implementation steps are as follows:
[0067] 1. System initialization
[0068] 1) CA center initialization.
[0069] After user user and AA pass the authentication of CA, they will receive the globally unique identity UID and AID issued by CA, and then randomly select u∈Z p , to generate a public key for the user and the private key SK UID = Z UID , where Z UID , u UID ∈ Z P .
[0070] 2) Each AA is initialized.
[0071] Each AA calculates a key version number VK for itself through the AAGen() method AID = α AID , and then calculate the public key for the attribute X managed by AA The public key of attribute X can be obtained by the owner.
[0072] 3) The data owner is initialized.
[0073] The data owner randomly selects β,r∈Z p Generate master k...
Embodiment 2
[0133] Such as figure 2 As shown, the present invention proposes a kind of attribute encryption method of multi-institution center, and it comprises the following steps:
[0134] Step 1: System initialization: after passing through the identity verification of the CA center, the initialization key is generated;
[0135] Step 2: Key calculation: AA center calculates the user's public-private key pair for data encryption and decryption operations;
[0136] Step 3: Encryption: After the data owner performs the encryption operation, upload the ciphertext to the cloud;
[0137] Step 4: Decryption: After the client submits part of the private key, pre-decryption processing is performed, the processed ciphertext is sent to the client, and the final decryption operation is performed;
[0138] Step 5: Attribute revocation: When a user's attribute is revoked, perform key update and data re-encryption operations to ensure that data is not illegally obtained.
[0139] Among them, in t...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The invention discloses an attribute-based encryption method for multiple institutional centers. According to the method, CP-ABE is expanded to a plurality of authorities, and trust and workload of single authority are dispersed to all the authorities of a system, so that the safety and decryption efficiency of the system are improved. The method comprises the steps that system initialization is conducted, namely, a generated secret key is initialized after authentication of a CA center is passed; secret key calculation is conducted, namely, an AA center calculates a public/private key pair of a user, wherein the public/private key pair is used for data encryption and decryption operation; encryption is conducted, namely, a data owner uploads the ciphertext to a cloud terminal after conducting encryption operation; decryption is conducted, a user terminal executes pre-decryption processing after submitting a part of private keys, the processed ciphertext is sent to the user terminal, and finial decryption operation is executed; the attribute is cancelled, namely, after the attribute of one user is cancelled, secret key update and data re-encryption operation are executed, and it is ensured that the data are not be obtained illegally.
Description
technical field [0001] The invention relates to the technical field of computer security, in particular to an attribute encryption method of a multi-organization center. Background technique [0002] Attribute-based Encryption (ABE) is a public-key encryption mechanism emerging in recent years, and it is an extension of the identity encryption method. In attribute encryption, the user's identity is described by a series of attributes. Only when the user's identity attribute meets the access policy defined by the system can the plaintext be decrypted. [0003] When Sahai and Waters proposed the attribute encryption mechanism for the first time, Goyal et al. divided the ABE mechanism into key policy (Key-Policy Attribute-based Encryption, KP-ABE) and ciphertext policy (Ciphertext-Policy Attribute-based Encryption, CP- ABE). In KP-ABE, the ciphertext is related to the attribute set, and the user key is related to the access tree structure. The message sender only encrypts the...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.