电子与信息学报
電子與信息學報
전자여신식학보
JOURNAL OF ELECTRONICS & INFORMATION TECHNOLOGY
2015年
9期
2225-2231
,共7页
李拴保%王雪瑞%傅建明%张焕国
李拴保%王雪瑞%傅建明%張煥國
리전보%왕설서%부건명%장환국
云计算%环签名%访问结构%验证%共谋
雲計算%環籤名%訪問結構%驗證%共謀
운계산%배첨명%방문결구%험증%공모
Cloud computing%Ring signature%Access structure%Verify%Collusion
密钥信息泄露是互联云服务难题之一,为解决该问题,该文提出一种基于属性环签名的用户密钥撤销方案。该方案以互联云的用户密文访问方法为研究对象,论述了无属性泄露的密文矩阵映射机制,多授权者自主扩展属性集生成密钥,从而令云服务提供者(CSP)无法获得用户完整属性,达到消除属性存储负载的目的。另外,该方案以撤销环与单调张成算法为基础设计用户签名验证撤销机制,令CSP、授权者与用户共同组成属性环,接受CSP定义密文访问结构,用户签名只有通过源CSP验证才能访问密文,授权者撤销部分属性失效用户解密密钥,从而达到权限撤销不影响其它用户访问的目的。该方案以密文策略属性基加密(CP-ABE)与单调张成算法为基础设计多用户组合属性共谋抵抗机制,用以保护属性的机密性。最后,给出该方案通信成本和计算效率的性能分析,用以验证该方法的有效性。
密鑰信息洩露是互聯雲服務難題之一,為解決該問題,該文提齣一種基于屬性環籤名的用戶密鑰撤銷方案。該方案以互聯雲的用戶密文訪問方法為研究對象,論述瞭無屬性洩露的密文矩陣映射機製,多授權者自主擴展屬性集生成密鑰,從而令雲服務提供者(CSP)無法穫得用戶完整屬性,達到消除屬性存儲負載的目的。另外,該方案以撤銷環與單調張成算法為基礎設計用戶籤名驗證撤銷機製,令CSP、授權者與用戶共同組成屬性環,接受CSP定義密文訪問結構,用戶籤名隻有通過源CSP驗證纔能訪問密文,授權者撤銷部分屬性失效用戶解密密鑰,從而達到權限撤銷不影響其它用戶訪問的目的。該方案以密文策略屬性基加密(CP-ABE)與單調張成算法為基礎設計多用戶組閤屬性共謀牴抗機製,用以保護屬性的機密性。最後,給齣該方案通信成本和計算效率的性能分析,用以驗證該方法的有效性。
밀약신식설로시호련운복무난제지일,위해결해문제,해문제출일충기우속성배첨명적용호밀약철소방안。해방안이호련운적용호밀문방문방법위연구대상,논술료무속성설로적밀문구진영사궤제,다수권자자주확전속성집생성밀약,종이령운복무제공자(CSP)무법획득용호완정속성,체도소제속성존저부재적목적。령외,해방안이철소배여단조장성산법위기출설계용호첨명험증철소궤제,령CSP、수권자여용호공동조성속성배,접수CSP정의밀문방문결구,용호첨명지유통과원CSP험증재능방문밀문,수권자철소부분속성실효용호해밀밀약,종이체도권한철소불영향기타용호방문적목적。해방안이밀문책략속성기가밀(CP-ABE)여단조장성산법위기출설계다용호조합속성공모저항궤제,용이보호속성적궤밀성。최후,급출해방안통신성본화계산효솔적성능분석,용이험증해방법적유효성。
Key information leakage is one of the most serious problems in Intercloud service, to solve this problem, a scheme of user key revocation on attribute-based ring signatures is proposed. Focused on user ciphertext access in Intercloud, the mechanism of ciphertext matrixes mapping without attribute leakage is discussed, multi-authority can extend attribute sets for generation key, then full user attributes can not be acquired by Cloud Service Providers (CSP), thus overhead on attribute storage is reduced. In addition, user signature verification revocation based on revocable ring and monotone span programs is designed, which constitutes ring of CSPs, authorities and users. Receiving CSP can define ciphertext access structure, users can access ciphertext through source CSP verifying, and authorities can remove decryption key from attribute-lost users without affecting any other users. The mechanism of collusion resistance with integrating attributes on the basis of Ciphertext-Policy Attribute Base Encryption (CP-ABE) and monotone span programs is discussed, with which user attribute confidentiality can be protected from leakage. Finally, to prove the effectiviness of the proposed model, the performance analysis of communication cost and computational efficiency are verified.
