Unlock instant, AI-driven research and patent intelligence for your innovation.

Traceable comparison attribute encryption method based on multiple authorization centers

A technology of attribute encryption and authorization center, applied in the field of cryptography, can solve problems such as large computing overhead, high overhead, and single-point performance bottlenecks, so as to speed up identity verification and secret key generation, reduce burden, and avoid single-point performance bottlenecks Effect

Active Publication Date: 2021-10-08
HANGZHOU NORMAL UNIVERSITY
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The present invention aims to overcome the problem of high overhead as data increases in the prior art, provides a traceable and comparative attribute encryption method based on multiple authorization centers, and proposes a layered authorization center structure, including a central authorization center and Multiple independent attribute authorization centers solve the performance bottleneck in the attribute-based ciphertext retrieval algorithm of the traditional single authorization center, that is, the problem of large computational overhead caused by authorized user certificate authentication and key distribution to the authorization center
[0008] The second invention purpose of the present invention is to solve the problem of single-point performance bottleneck of a single central authority, not only allowing arbitrary attribute authority to perform partial key generation operations, central authority to perform final key generation, but also allow central authority to track Malicious Attribute Authorization Center

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Traceable comparison attribute encryption method based on multiple authorization centers
  • Traceable comparison attribute encryption method based on multiple authorization centers
  • Traceable comparison attribute encryption method based on multiple authorization centers

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0102] This embodiment provides a traceable comparison attribute encryption method based on multiple authorization centers, such as figure 1 As shown, in the following system model, five entities are mainly involved: Central Authorization Center (Central Authority, CA), Attribute Authorization Center (Attribute Authorities, AAs), user (data user, DU), data owner (data owner , DO) and cloud service provider (cloud service provider, CSP).

[0103] CA: CA is the key generation management center of the system. Generate unique identifiers and certificates for AAs and DUs. And after receiving the intermediate key from the AA to verify the DU, generate the final key for the DU. In addition to this, CAs can also track down malicious AAs that generate intermediate keys for suspicious DUs.

[0104] AA: Each AA has sufficient storage and computing power to independently verify any user. AA will verify its certificate according to the attributes submitted by DU, and generate the corre...

Embodiment 2

[0154] Such as figure 2 As shown, the structure of the access policy model in this embodiment is an access policy tree.

[0155] In the access policy of CP-ABE / KP-ABE, there are always some attributes expressed as a range value, for example: "{age>18}". Ranged values ​​of properties like this are not comparable using Boolean functions. Because the result of comparing "{age=20}" and "{age>18}" with the Boolean function is inconsistent. Unless the range value is changed to a union, such as: "{age=19}"V"{age=20}"V...V"{age=100}". But this method will increase linearly as the data increases.

[0156] Our scheme adopts 0-encoding and 1-encoding methods for the attributes of this range of values. We assume an n-bit binary number x.

[0157] x=x 1 x 2 ...x n ∈{0,1} n

[0158] 0 encoding: convert x to a set if x i (i≤n) is equal to 0, and x i Change to 1, and then use the number of the first i digits as an element.

[0159] x x 0 ={x 1 x 2 ...x i-1 1|x i =0,1≤i≤n} ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a traceable comparison attribute encryption method based on multiple authorization centers, which overcomes the problems of high overhead along with data increase and single-point performance bottleneck of a single central authorization center in the prior art. The method comprises the following steps: S1, initializing a system; S2, encrypting the data; S3, performing user verification and final data generation; S4, decrypting the data; S5, performing tracking. The invention provides an effective 0 coding and 1 coding method, the comparable attribute can be used for any comparison, the method is suitable for an ABE system, the expanded storage overhead is halved averagely, the overhead calculation amount of encryption and decryption is greatly reduced, the central authorization center and the attribute authorization center are adopted, the burden of the central authorization center is reduced, the identity verification and secret key generation of the user are accelerated, the single-point performance bottleneck is avoided, and a tracking mechanism is added to supervise the attribute authorization center.

Description

technical field [0001] The invention relates to the technical field of cryptography, in particular to an encryption method for traceable and comparative attributes based on multiple authorization centers. Background technique [0002] Attribute-based encryption (ABE) is a hot research topic in the field of cryptography in recent years. It provides a flexible way to perform fine-grained access control, and can flexibly manage the association between ciphertexts and users' effective security keys. Therefore, ABE is applicable to many situations, such as cloud computing, cloud medical services, social network and so on. [0003] There are two different implementation methods of ABE: key policy attribute-based encryption (KP-ABE) and ciphertext policy attribute-based encryption (CP-ABE). The main difference between these two categories is the method of embedding access policies. In KP-ABE, the access policy is embedded in the user's security key, and the ciphertext is associa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L9/08H04L29/06
CPCH04L9/3268H04L9/0861H04L9/0877H04L9/0838H04L9/0836H04L9/0869H04L9/3247H04L63/10H04L63/0435
Inventor 孟倩梁焯阳陈克非沈忠华王付群张仁军胡宸
Owner HANGZHOU NORMAL UNIVERSITY