An Attribute Based Weight Encryption Method for Realizing Fine-grained Attribute Revocation

A fine-grained and attribute technology, applied to the public key and key distribution of secure communication, which can solve the problems of long ciphertext length, increased system communication burden, and inability to update user access rights in time.

Active Publication Date: 2020-11-03
芽米科技(广州)有限公司
View PDF11 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the actual application environment, there are unavoidable situations such as attribute expiration, key leakage, and attribute permission change; however, most existing attribute-based encryption methods often affect the system when revoking a user's attribute permission. other users who have this attribute in the database, it is difficult to revoke the user's attribute permissions efficiently and fine-grained; as a result, when the user's attribute permissions change, the user's access permissions cannot be updated in time to ensure that they cannot use the original key to decrypt the ciphertext
[0003] Wang Pengpian et al. (a CP-ABE scheme that supports complete fine-grained attribute revocation [J]. Journal of Software, 2012, 23(10):2805-2816) proposed a CP that supports complete fine-grained attribute revocation in 2012. -ABE method; this method uses composite order bilinear groups, introduces the idea of ​​double system encryption and binary tree, and can realize the function of fine-grained attribute revocation; this method includes four stages: initialization, key generation, encryption, and decryption; when When the user's attribute permission is revoked, the encryption party uses the re-encryption algorithm to process the existing ciphertext, so that the user whose attribute permission has been revoked cannot use the original key to decrypt the file corresponding to the ciphertext
However, the decryption process of this method requires a lot of time-consuming composite order bilinear pairing operations, and the efficiency is not high; in addition, the length of the ciphertext generated by this method is longer, reaching (3|B|+2r+2)| G 1 |bit, where |B| represents the number of attributes declared in the access policy, r represents the number of revocation events, and |G 1 |Indicates the length of elements in the exchange group on the elliptic curve, which greatly increases the communication burden of the system, so it is less practical
[0004] Shi et al. (Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation[J]. Information Sciences, 2015, 295:221-231) proposed a key-policy-based attribute-based encryption that supports direct attribute revocation based on multi-linear mapping. Encryption method; however, this method can only realize the revocation of all user attributes, and the revocation granularity is relatively coarse; and this method requires a large number of multi-linear pairing operations in the process of encryption, re-encryption, and decryption, and the efficiency of attribute revocation is low; therefore, it is not applicable In environments with limited computing resources
In addition, the way that the decryption policy is bound to the user key, and the attribute is bound to the ciphertext limits the flexibility and practicability of the method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach

[0039] A specific embodiment of the present invention is an attribute-based re-encryption method for fine-grained attribute revocation, the steps of which are:

[0040] A. System initialization

[0041] A1. The system center SA selects a prime number q with a length of 160 bits to construct the cyclic group G on the q-order elliptic curve and the q-order base domain cyclic group Y; and the elements in the cyclic group G on the q-order elliptic curve and the q-order base domain There is a bilinear mapping relationship between the elements in the cyclic group Y, that is, y=e(g 1 , g 2 ); among them, g 1 Represents an element in the cyclic group G on the elliptic curve of order q, g 2 Represents another element in the cyclic group G on the q-order elliptic curve, y is an element in the q-order base domain cyclic group Y, and e(·,·) represents a bilinear mapping operation;

[0042] A2. The system center SA selects two random numbers smaller than the prime number q and non-zero...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an attribute-based re-encryption method for realizing fine-grained attribute revocation, which belongs to the field of information security. The steps mainly include: A, system initialization, B, encryption, C, re-encryption: C1, user revocation information, C2, First re-encryption, C3, subsequent re-encryption. The present invention introduces the attribute revocation list. When the attribute revocation occurs in the system, the encryption party can only calculate and update the sub-ciphertext corresponding to the revocation attribute through the re-encryption algorithm, without resetting the sub-ciphertext corresponding to the non-revocation attribute. Performing calculations reduces the computational complexity, and at the same time does not affect the access permissions of other users who have not been revoked, and realizes fine-grained attribute permission revocation. In the process of re-encryption, file re-encryption is realized through simple doubling operation and modular exponent operation, which avoids complicated and time-consuming composite order bilinear operation and multi-linear operation, and its calculation complexity is low and revocation efficiency is high .

Description

technical field [0001] The invention relates to an attribute-based re-encryption method for realizing fine-grained attribute revocation. Background technique [0002] The vigorous development of cloud computing and other big data applications has solved the current calculation and storage problems of massive information and data; the arrival of the cloud computing era shows that information technology is rapidly moving towards the road of scale, intensification and specialization. However, cloud computing has problems such as unstable security boundaries, separation of data storage usage rights, and easy disclosure of user privacy information; therefore, how to protect data confidentiality and realize anonymous identity authentication and access control functions has become a very realistic and urgent problem to be solved . Attribute-based (attribute-based) encryption scheme uses attributes to divide users in a fine-grained manner; and uses specific access policies to encry...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L9/30
CPCH04L9/0863H04L9/0869H04L9/0891H04L9/3066
Inventor 张文芳刘旭东王小敏陈桢
Owner 芽米科技(广州)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products