素数阶群上属性可重复的多授权机构基于属性的加密方案.docVIP

素数阶群上属性可重复的多授权机构基于属性的加密方案 摘要：针对目前多授权机构基于属性的加密方案（MAABE）限制每个属性在访问结构中只能出现一次，而属性重复编码必将导致系统效率降低的问题，提出了一种素数阶群上属性可重复的多授权机构密文策略（MACPABE）方案。首先基于对偶配对空间和线性秘密共享等技术，在素数阶群上构建了一个MACPABE方案；然后通过引入qParallel BDHE假设，解决了经典对偶系统加密证明过程依赖一个统计意义假设，而该假设只有在访问结构中属性不重复出现才能成立的问题，构建一系列两两不可区分的攻击游戏证明该方案在标准模型下是自适应安全的；最后通过性能分析说明，与另两种素数阶群上构建的自适应安全MACPABE方案相比，在不考虑属性重复的情况下，该方案解密速度随着参与属性数量的增加分别提高了20%～40%和0%～50%，在真实应用环境中的性能优势更大。 关键词：基于属性的加密；多授权机构；属性可重复；素数阶；标准模型 中图分类号： TP309.7 文献标志码：A 英文标题 Attribute repeatable multiauthority attributebased encryption scheme on prime order group LI Zuohui*， YANG Mengmeng， CHEN Xingyuan Information Engineering University， Zhengzhou Henan 450001， china Abstract： Since previous MultiAuthority AttributeBased Encryption （MAABE） schemes limit each attribute to appear only once in the access structure， and suffer from superfluous computation overhead on repetitive encoding technique， an adaptively secure and unrestricted MultiAuthority CiphertextPolicy ABE （MACPABE） scheme was proposed on prime order groups. Firstly， based on dual pairing vector space and linear secretsharing schemes technology， an MACPABE scheme was constructed on prime order groups. Then， qParallel BDHE （Bilinear DiffieHellman Exponent） assumption was introduced to solve the problem that classical dual system encryption depends on a statistical hypothesis which requires each attribute to appear only once in the access structure， and a series of attacking games indistinguishable from each other was designed to prove that this scheme was adaptively secure in the standard model. Finally， performance analysis indicated that in comparison with another two adaptively secure MACPABE schemes on prime order groups， the speed of decryption was obviously improved by nearly 20%-40% and 0%-50% respectively as the number of participating attributes increasing， without considering the attribute repetition. This scheme is more efficient in real applications. 英文关键词Key words： AttributeBased Encryption （ABE）； multiauthority； attrib