云存储环境下基于CP-ASBE数据加密机制

doi:10.3969/j.issn.1000-1565.2016.04.015

河北大学学报(自然科学版) ›› 2016, Vol. 36 ›› Issue (4): 424-431.DOI: 10.3969/j.issn.1000-1565.2016.04.015

云存储环境下基于CP-ASBE数据加密机制

杨晓晖,丁文卿

收稿日期:2016-03-11 出版日期:2016-07-25 发布日期:2016-07-25
作者简介:杨晓晖(1975—),男,河北邢台人,河北大学教授,博士,主要从事分布计算与信息安全等方向研究. E-mail:yxh@hbu.edu.cn
基金资助:
国家科技支撑计划项目(2013BAK07B04);河北省自然科学基金资助项目(F2014201152)

CP-ASBE based data encryption mechanism for cloud storage

YANG Xiaohui,DING Wenqing

College of Computer Science and Technology, Hebei University, Baoding 071002, China

Received:2016-03-11 Online:2016-07-25 Published:2016-07-25

摘要/Abstract

摘要： 针对基于属性集合加密机制依赖一个授权中心进行密钥计算,容易成为系统安全瓶颈问题,提出基于多个属性授权机构的属性集合加密机制,提高密钥的安全性.授权中心由多个属性授权机构(attribute authority,AA)构成,每个AA负责管理部分属性集合,完整的密钥计算需要多个AA的参与,提高攻击难度.将该机制应用于云环境,对文件加密、密钥计算及文件解密进行分析,设计云存储环境下行之有效的数据加密机制,并对该机制的安全性及时间开销进行分析,实验表明该方法是可行的.

关键词: 云存储, CP-ASBE, 加密机制

Abstract: Attribute set encryption mechanism relies on an authorization center to generate key,which may easily become a system security bottleneck problem.So an authorization set encryption mechanism based on multiple attribute authorized institution is proposed.It can improve the security of the secret key.The authorization center consists of many attribute authorized institutions.To increase attack difficulty,many AA participate the complete key calculation.Each AA is responsible for managing some of the attributes set.In this paper,file encryption,key calculation and file decryption have been analyzed in cloud environ- ment.Data encryption mechanism has been efficiently designed under the cloud storage environment.The safety and overhead problems in the mechanism are also considered.Experiments indicated that the proposed method is effective.

Key words: cloud storage, CP-ASBE, encryption mechanism

中图分类号:

TP391

杨晓晖,丁文卿. 云存储环境下基于CP-ASBE数据加密机制[J]. 河北大学学报(自然科学版), 2016, 36(4): 424-431.

YANG Xiaohui,DING Wenqing. CP-ASBE based data encryption mechanism for cloud storage[J]. Journal of Hebei University (Natural Science Edition), 2016, 36(4): 424-431.

参考文献

[1] SAHAI A,WATERS B.Fuzzy Identity Based Encryption[J].Lecture Notes in Computer Science,2004,3494:457 - 473.DOI:10.1007/11426639_27.
[2] CHASE M.Multi-authority attribute based encryption[Z].The 4th Theory of Cryptograpthy Conference,Berlin Heidelberg,2007.DOI:10.1007/978-3-540-70936-7_28.
[3] LIN H,CAO Z,LIANG X,et al.Secure threshold multi-authority attribute based encryption without a central authority[J].Information Sciences,2010,180(13):2618-2632.DOI:10.1016/j.ins.2010.03.004.
[4] CHASE M,CHOW S S M.Improving privacy and security in multi-authority attribute-based encryption[Z].The 16th Association for Computing Machinery lonference on Computer and Communications Security,Chicago,2009.DOI:10.1145/1653662.1653678.
[5] LEWKO A,WATERS B.Decentralizing attribute-based encryption[Z].Advances in Cryptology-EUROCRYPT,Berlin Heidelberg,2011.DOI:10.1007/978-3-642-20465-4_31.
[6] TAEHO J,LI X,WAN Z,et al.Privacy preserving cloud data access with multi-authorities[Z].Infernational Conference on Compufer Communicafions,Turin,2013.DOI:10.1109/INFCOM.2013.6567070.
[7] YANG K,JIA X.Expressive,efficient and revocable data access control for multi-authority cloud storage[J].IEEE Transactions on Parallel and Distributed Systems,2014,25(7):1735-1744.DOI:10.1109/TPDS.2013.253.
[8] 关志涛,杨亭亭,徐茹枝,等.面向云存储的基于属性加密的多授权中心访问控制方案[J].通信学报,2015,36(6):142-1-142-11.DOI:10.11959/j.issn.1000-436x.2015142. GUAN Z T,YANG T T,XU R Z,et al.Multi-authority attribute-based encryption access control model for cloud storage[J].Journal on Communications,2015,36(6):142-1-142-11.DOI:10.11959/j.issn.1000-436x.2015142.
[9] 李谢华,张蒙蒙,刘鸿,等.基于MA-ABE的云存储访问控制方法[J].湖南大学学报,2015,42(10):133-140.DOI:10.16339/j.cnki.hdxbzkb.2015.10.022. LI X H,ZHANG M M,LIU H,et al.Multi-authority ABE for access control in cloud storage[J].Journal of Hunan University(Natural Sciences),2015,42(10):133-140.DOI:10.16339/j.cnki.hdxbzkb.2015.10.022
[10] BOBBA R,KHURANA H,PRABHAKARAN M.Attribute-sets:a practically motivated enhancement to attribute-based encryption[Z].European Symposium on Research in Computer Security,Berlin Heidelberg,2009.DOI:10.1007/978-3-642-04444-1_36.
[11] WAN Z G,LIU J,ROBERT H D.HASBE:A hierarchical attribute-based solution for flexible and scalable access control in cloud computing[J].IEEE Transactions on Information Forensics and Security,2012,7(2):743-754.DOI:10.1109/TIFS.2011.2172209.

云存储环境下基于CP-ASBE数据加密机制

CP-ASBE based data encryption mechanism for cloud storage

PDF (PC)

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 1

编辑推荐

Metrics

本文评价