支持大属性集合的抗泄露属性基加密机制

Leakage-resilient attribute-based encryption scheme with large universe

周彦伟 ¹徐然 ¹乔子芮 ²杨坤伟 ¹杨波¹

扫码查看

作者信息

1. 陕西师范大学计算机科学学院,西安 710062
2. 西安邮电大学网络空间安全学院,西安 710121
折叠

摘要

现实环境中各种泄露攻击的存在,使得攻击者能够获得用户秘密信息的部分泄露,导致密码算法的传统安全性在有泄露攻击的环境下不再成立.为进一步防止泄露攻击对数据安全性的危害,密码学研究者提出了一系列具有抗泄露攻击能力的密码算法.属性基加密(attribute-based encryption,ABE)机制由于其能为数据提供细粒度的访问控制能力,在现实环境中得到了广泛的关注和应用.然而,在现有抗泄露ABE机制的构造中,其系统公开参数的尺寸与其所能支持属性集合的大小成正比,导致其无法在大属性集环境中使用.为进一步增强抗泄露ABE机制的实用性和适用性,本文提出了支持大属性集合的抗泄露ABE机制的新型构造方法.为获得更优的计算效率,本文首先在素数阶群上提出了支持大属性集合的抗泄露ABE机制的构造方法,并基于判定的并行双线性Diffie-Hellman指数假设证明了该方案的安全性,同时通过性能分析表明该方案具有较优的计算、存储和通信效率.为获得更紧致的形式化安全性证明过程,本文随后在合数阶群上提出了支持大属性集合的抗泄露ABE机制的构造方法,并基于合数阶群上改进的子群判定假设证明了该方案的安全性.此外,本文还对上述两种抗泄露ABE机制的基本性能进行了对比和分析

Abstract

Various leakage attacks in the actual environment allow attackers to obtain partial leakage of user secret information from cryptographic algorithms,resulting in traditional security no longer maintaining security in environments with leakage attacks.Cryptography researchers have proposed a series of cryptographic algorithms with leakage resilience to prevent the harm of leakage attacks on data security.The attribute-based encryption(ABE)scheme has received widespread attention and application in real-world environments due to its ability to provide fine-grained access control for data.However,in constructing existing leakage-resilient ABE schemes,the size of the system's public parameters is directly proportional to the size of the attribute set it can support,making it unable to be used in large attribute set environments.This paper proposes a new construction method for the leakage-resilient ABE scheme that supports large attribute sets.Firstly,to achieve better computational efficiency,this paper proposes a construction method for a leakage-resilient ABE scheme that supports large attribute sets on prime order groups and proves the security of this scheme based on the q-parallel bilinear Diffie Hellman exponent assumption.At the same time,performance analysis shows that our scheme has better computational,storage,and communication efficiency.Finally,to obtain a tight formal security proof,this paper proposes a construction method for a leakage ABE scheme that supports large attribute sets on composite order groups.It proves the security of the above scheme based on the improved assumption of subgroup determination on composite order groups.

关键词

泄露容忍性/属性基加密机制/大属性集合/辅助输入泄露

Key words

leakage-resilience/attribute-based encryption/large universe/auxiliary input leakage

引用本文复制引用

出版年

2024

中国科学F辑

中国科学院,国家自然科学基金委员会

中国科学F辑

CSTPCD北大核心

影响因子：1.438

ISSN：1674-5973

段落导航