西安电子科技大学学报

• 研究论文 • 上一篇    下一篇

利用LWE问题构造的多机构属性基加密方案

闫玺玺1;刘媛1;李子臣2;汤永利1;叶青1   

  1. (1. 河南理工大学 计算机科学与技术学院,河南 焦作 454003;
    2. 北京印刷学院 信息工程学院,北京 102600)
  • 收稿日期:2017-10-09 发布日期:2018-09-25
  • 作者简介:闫玺玺(1985-),女,讲师,博士, E-mail:yanxx@hpu.edu.cn
  • 基金资助:

    国家自然科学基金资助项目(61300216);河南省科技厅资助项目(132102210123);河南省教育厅科研资助项目(16A520013);国家密码管理局“十三五”国家密码发展基金资助项目(MMJJ20170122)

Multi-authority attribute-based encryption scheme from LWE problem

YAN Xixi1;LIU Yuan1;LI Zichen2;TANG Yongli1;YE Qing1   

  1. (1. School of Computer Science and Technology, Henan Polytechnic Univ., Jiaozuo 454003, China;
    2. School of Information Engineering, Beijing Institute of Graphic Communication, Beijing 102600, China)
  • Received:2017-10-09 Published:2018-09-25

摘要:

由于大多属性基加密方案以双线性映射为基础,因此存储和计算代价较大,且无法抵抗量子攻击.针对上述问题,基于格上的带误差学习问题提出一种多机构属性基加密方案.该方案由多个属性机构管理不同的属性集,并分别为其权限内的用户分发密钥,保证安全性的同时提高系统整体效率;同时,运用Shamir门限秘密共享技术,采用访问树结构实现访问策略的与、或、门限3种操作,灵活性高.此外,该方案利用格理论替代双线性对,引入无维数增长的格基派生算法,提高了加解密速度,降低了用户私钥和密文的存储代价.经安全性分析证明,方案在标准模型下满足选择明文攻击安全.通过与其他方案的对比,表明该方案访问策略灵活,功能完善,系统性能优化,可以更好地应用于大规模分布式环境.

关键词: 属性基加密, 多机构, 格, 标准模型, 带误差学习, 访问树

Abstract:

Most ABE schemes are based on bilinear maps, which leads to a high cost of storage and communication, and which cannot resist quantum attacks. Thus, we propose an LWE-based multi-authority attribute-based encryption scheme. In this scheme, there are different attribute authorities which can manage different attribute sets and generate privacy keys for the users. It can ensure the safety and improve the efficiency of the system. In addition, the Shamir secret-sharing schemes technology is introduced to construct the access tree structure which can support “and”, “or” and “threshold” operations of attributes with a high flexibility. Besides, we use the lattice theory and the basis delegation without a dimension increase algorithm in our scheme, which can not only increase the speed of encryption and decryption, but can also reduce the storage cost of the user′s private key and ciphertext. Lastly, the scheme is proved to be secure against the chosen plaintext attack under the standard model. Compared with the existing related schemes, our scheme can improve prominently the flexibility of the access policy, and it also can achieve a better system performance. Therefore, our scheme is more effective in the large scale distributed environment.

Key words: attribute based encryption, multi-authority, lattices, standard model, learning with errors, access tree