西安电子科技大学学报 ›› 2022, Vol. 49 ›› Issue (2): 135-145.doi: 10.19665/j.issn1001-2400.2022.02.016

• 计算机科学与技术 & 网络空间安全 • 上一篇    下一篇

抗属性篡改的去中心化密文数据安全共享

曾辉祥1(),习宁1(),谢晴晴2(),吕静1(),崔志浩1(),马建峰1()   

  1. 1.西安电子科技大学 网络与信息安全学院,陕西 西安 710126
    2.江苏大学 计算机科学与通信工程学院,江苏 镇江 212013
  • 收稿日期:2022-01-06 出版日期:2022-04-20 发布日期:2022-05-31
  • 通讯作者: 习宁
  • 作者简介:曾辉祥(1996—),男,西安电子科技大学硕士研究生,E-mail: hxzeng_20@stu.xidian.edu.cn;|谢晴晴(1990—),女,博士,E-mail: xieqq@ujs.edu.cn;|吕 静(1997—),女,硕士,E-mail: lvj@stu.xidian.edu.cn;|崔志浩(1996—),男,硕士,E-mail: cuizhihao3@qq.com;|马建峰(1963—),男,教授,博士,E-mail: jfma@mail.xidian.edu.cn
  • 基金资助:
    国家自然科学基金(92167203);国家重点研发计划(2018YFE0207600)

Decentralized ciphertext sharing based on blockchain

ZENG Huixiang1(),XI Ning1(),XIE Qingqing2(),LV Jing1(),CUI Zhihao1(),MA Jianfeng1()   

  1. 1. School of Cyber Engineering,Xidian University,Xi’an 710126,China
    2. School of Computer Science and Communication Engineering,Jiangsu University,Zhenjiang 212013,China
  • Received:2022-01-06 Online:2022-04-20 Published:2022-05-31
  • Contact: Ning XI

摘要:

智能设备间的相互协同丰富了智能家居的各类应用,而设备间信息交互与共享使得用户的数据面临着窃取及篡改的安全威胁。基于密文策略的属性加密机制(CP-ABE),在对云服务商保密的同时实现了云端跨用户、设备的数据安全共享。但是,智能设备资源受限以及属性管理服务器单点失效的风险给传统的密文数据安全共享方法带来了严峻的挑战。为此,基于区块链和可验证外包解密技术,提出了一种基于区块链的去中心化的密文数据安全共享方案。该方法以属性中心为节点构建联盟链网络,通过区块链记录属性与密文信息,实现了用户属性的去中心化管理,保障了访问属性的不可篡改性。在此基础上,结合外包解密CP-ABE技术,减少了智能设备的计算量,提高了共享的效率。实验及分析结果表明,该方案在保证数据共享安全性的同时,能够有效降低智能设备的计算开销。

关键词: 智能家居, 数据共享, 区块链, 访问控制, 密文策略属性基加密

Abstract:

The cooperation between smart devices has greatly enriched various applications of smart homes.Due to the frequent information sharing between devices,users' data suffer from security threats such as data theft and tampering.The ciphertext-policy attribute-based encryption (CP-ABE) scheme realizes the secure sharing of cloud data across users and devices while keeping confidential to the cloud service provider.However,the limited resources of smart devices and the risk of a single point of failure in the attribute management server have brought serious challenges to the traditional secure sharing of ciphertext data.Therefore,we propose a decentralized ciphertext data security sharing scheme based on the block chain and outsourcing decryption CP-ABE.We construct a consortium blockchain network with attribute centers as nodes and record attribute and ciphertext information through the blockchain.The blockchain realizes the decentralized management on user’s attributes,on the basis of which,combined with the outsourcing decryption CP-ABE technology,the computation of smart devices is reduced and the efficiency of sharing is improved.Experimental and analytical results show that the scheme can reduce the computing burden of smart devices and ensure the security of data sharing.

Key words: smart home, data sharing, blockchain, access control, ciphertext-policy attribute-based encryption

中图分类号: 

  • TP391