Multi-authorization attribute-based encryption method and system without key escrow

An authorization attribute and key escrow technology, which is applied in the field of cloud computing security, can solve the problems of key escrow, data owners cannot manage cloud server data access, etc.

Active Publication Date: 2020-10-09
FUJIAN NORMAL UNIV
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, based on those servers may not be able to obtain an effective security mechanism, data owners cannot fully trust cloud servers to provide secure data access management
In attribute-based encryption (ABE) applications, the attribute authorization center AAs can generate the decryption key of all users, and can decrypt the ciphertext of all users without user participation, that is, there is a key escrow problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-authorization attribute-based encryption method and system without key escrow
  • Multi-authorization attribute-based encryption method and system without key escrow
  • Multi-authorization attribute-based encryption method and system without key escrow

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to make the purpose, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application.

[0052] Such as figure 1 As shown, the present invention discloses a multi-authorization attribute-based encryption system without key escrow, which includes five roles: user identity manager (IDM), attribute authorization center (AAs), data owner (DO), data User (DU) and Cloud Storage Server (CSS). Data user DU submits its legal identity information and commitment value to IDM. After the IDM successfully detects the identity of the DU, the IDM generates and returns the corresponding certificate containing the DU commitment value. When DU applies for a decryption key from AAs, it also submits the corresponding commitment value. After AAs successfully veri...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a multi-authorization attribute-based encryption method and system without key escrow, and the system comprises a user identity manager (IDM), an attribute authorization center(AAs), a data owner (DO), a data user (DU), and a cloud storage server (CSS). The method comprises the steps that the DU submits the legal identity information and commitment value of the DU to the IDM; after successfully detecting the identity of the DU, the IDM generates and returns a corresponding certificate containing the DU commitment value; when applying for a decryption key to the AAs, the DU is required to submit a corresponding commitment value; after successfully verifying the signature in the certificate, the AAs calculates a corresponding private key for the DU; the DO encryptsthe data and uploads the encrypted data to the CSS; and the DU downloads the corresponding ciphertext from the CSS and decrypts the ciphertext by using the private key of the DU. According to the method, the secret value of the embedded user is increased, the private key value of the legality authentication role is embedded and the like, so that the problem of key escrow is solved, and the problems of AAs collusion attack resistance and malicious user collusion attack resistance are also solved.

Description

technical field [0001] The invention relates to the technical field of cloud computing security, in particular to a multi-authorization attribute-based encryption method and system without key trusteeship. Background technique [0002] An important application of cloud computing services is data storage, where data owners upload data to the cloud for some special users. In order for those users to use that data, they must first obtain data access permissions. Data owners and data consumers do not interact directly. In order to protect the data confidentiality of data owners, many data encryption and data access control methods are adopted to prevent data resources from being used by unauthorized users. In a complex cloud computing environment, cloud servers are often manipulated by commercial organizations, which may provide data access to unauthorized users for some benefit. Therefore, based on the fact that those servers may not be able to obtain an effective security m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L9/32
CPCH04L63/0428H04L67/06H04L67/1097H04L9/3263H04L63/0823H04L63/10
Inventor 李继国张亦辰胡声洲杨书略章如愿康曌哲
Owner FUJIAN NORMAL UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap