党乾龙1,,,
王剑锋2,
刘振华1
1.西安电子科技大学数学与统计学院 ??西安 ??710071
2.西安电子科技大学网络与信息安全学院 ??西安 ??710071
基金项目:国家自然科学基金(61702401, 61472470),中国博士后科学基金(2017M613083)
详细信息
作者简介:马华:女,1963年生,教授,研究方向为网络与信息安全
党乾龙:男,1993年生,硕士生,研究方向为网络与信息安全
王剑锋:男,1985年生,讲师,研究方向为应用密码学、云安全和数据外包
刘振华:男,1978年生,教授,研究方向为云计算中的密码理论与安全协议、密文数据的再处理
通讯作者:党乾龙 xidianqldang@163.com
中图分类号:TP309计量
文章访问数:1115
HTML全文浏览量:384
PDF下载量:53
被引次数:0
出版历程
收稿日期:2017-10-10
修回日期:2018-11-14
网络出版日期:2018-11-19
刊出日期:2019-02-01
Efficient Ciphertext Deduplication and Auditing Scheme with Attribute-based Encryption
Hua MA1,Qianlong DANG1,,,
Jianfeng WANG2,
Zhenhua LIU1
1. School of Mathematics and Statistics, Xidian University, Xi’an 710071, China
2. School of Network and Information Security, Xidian University, Xi’an 710071, China
Funds:The National Natural Science Foundation of China (61702401, 61472470), The China Postdoctoral Science Foundation (2017M613083)
摘要
摘要:针对当前支持去重的属性加密方案既不支持云存储数据审计,又不支持过期用户撤销,且去重搜索和用户解密效率较低的问题,该文提出一种支持高效去重和审计的属性加密方案。该方案引入了第3方审计者对云存储数据的完整性进行检验,利用代理辅助用户撤销机制对过期用户进行撤销,又提出高效去重搜索树技术来提高去重搜索效率,并通过代理解密机制辅助用户解密。安全性分析表明该方案通过采用混合云架构,在公有云达到IND-CPA安全性,在私有云达到PRV-CDA安全性。性能分析表明该方案的去重搜索效率更高,用户的解密计算量较小。
关键词:属性加密/
数据去重/
审计/
用户撤销/
代理解密
Abstract:Existing attribute-based deduplication schemes can support neither auditing of cloud storage data nor revocation of expired users. On the other hand, they are less efficient for deduplication search and users decryption. In order to solve these problems, this paper proposes an efficient deduplication and auditing Attribute-Based Encryption (ABE) scheme. A third-party auditor is introduced to verify the integrity of cloud storage data. Through an agent auxiliary user revocation mechanism, the proposed scheme supports the revocation of expired users. Effective deduplication search tree is put forward to improve the search efficiency, and the proxy decryption mechanism is used to assist users to decrypt. Finally, the security analysis shows that the proposed scheme can achieve IND-CPA security in the public cloud and PRV-CDA security in the private cloud by resorting to the hybrid cloud architecture. The performance analysis shows that the deduplication search is more efficient and the computation cost of user encryption is smaller.
Key words:Attribute-Based Encryption (ABE)/
Data deduplication/
Auditing/
Users revocation/
Proxy decryption
PDF全文下载地址:
https://jeit.ac.cn/article/exportPdf?id=5b555ac8-f638-45e0-aa5a-cc6c0915144a