[1]江健豪,蒋睿,裴蓓,等.基于NTRU格的云数据可撤销属性基加密方案[J].东南大学学报(自然科学版),2020,50(6):1052-1061.[doi:10.3969/j.issn.1001-0505.2020.06.009]
 Jiang Jianhao,Jiang Rui,Pei Bei,et al.Revocable attribute-based encryption based on NTRU lattices for cloud data[J].Journal of Southeast University (Natural Science Edition),2020,50(6):1052-1061.[doi:10.3969/j.issn.1001-0505.2020.06.009]
点击复制

基于NTRU格的云数据可撤销属性基加密方案()
分享到:

《东南大学学报(自然科学版)》[ISSN:1001-0505/CN:32-1178/N]

卷:
50
期数:
2020年第6期
页码:
1052-1061
栏目:
信息与通信工程
出版日期:
2020-11-20

文章信息/Info

Title:
Revocable attribute-based encryption based on NTRU lattices for cloud data
作者:
江健豪1蒋睿1裴蓓2吴松洋2
1东南大学网络空间与安全学院, 南京210096; 2信息网络安全公安部重点实验室, 上海200031
Author(s):
Jiang Jianhao1 Jiang Rui1 Pei Bei2 Wu Songyang2
1School of Cyber Science and Engineering, Southeast University, Nanjing 210096, China
2Key Lab of Information Network Security, Ministry of Public Security, Shanghai 200031, China
关键词:
属性基加密 抗量子计算攻击 NTRU格 环上误差学习 属性撤销
Keywords:
attribute-based encryption(ABE) anti-quantum computing attacks number theory research unit(NTRU)lattices learning with error problem over rings(R-LWE) attribute revocation
分类号:
TN918.4
DOI:
10.3969/j.issn.1001-0505.2020.06.009
摘要:
针对现有基于离散对数求解难题的云数据加密方案无法抵御量子计算攻击并同时实现安全有效的属性撤销问题,提出一种基于NTRU格的云数据可撤销密文策略属性基加密方案RNL-ABE.首先将基于NTRU格的加密算法与属性基加密结合以抵御量子计算攻击,实现细粒度访问控制和安全属性撤销,避免重新进行密钥分发;改进密钥结构,防止系统中的合法用户、撤销用户、外部攻击者之间实施共谋攻击.最后基于环上误差学习难题(R-LWE),对RNL-ABE方案进行了形式化证明,并与同类型方案进行了仿真性能比较.结果表明:RNL-ABE方案在选择属性集模型下能够抵御量子计算攻击并实现安全的属性撤销;相比其他同类型方案,所提出方案在效率上更具有优势,计算和通信开销均减少50%以上.
Abstract:
Aiming at the problem that the existing cloud data encryption schemes based on discrete logarithm solution were unable to resist quantum computing attacks and realize secure and effective attribute revocation at the same time, a new revocable ciphertext-policy attribute-based encryption(CP-ABE)scheme based on number theory research unit(NTRU)lattices for cloud data, called the RNL-ABE, was proposed. First, an encryption algorithm based on NTRU lattices was combined with attribute-based encryption to resist quantum computing attacks. And the fine-grained access control and the security attribute revocation were realized to avoid key re-distribution. Collusion attacks among legal users, revoked users and online intruders were defended by improving key structure. Finally, the RNL-ABE scheme was formally proved based on the learning with error problem over ring(R-LWE), and the simulation performances were compared with those of similar schemes. The results show that the RNL-ABE scheme can resist the quantum computing attacks and realize secure attribute revocation on the selective-set model. Compared with other similar schemes, the proposed scheme has more advantages in the efficiency, and the computing cost and communication cost are reduced by more than 50%.

参考文献/References:

[1] Sahai A, Waters B. Fuzzy identity-based encryption[C]// 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. May 22-26, 2005, Aarhus, Denmark. Berlin: Springer Berlin Heidelberg, 2005, 3494: 457-473. DOI: 10.1007/11426639_27.
[2] Shamir A. Identity-based cryptosystems and signature schemes[M]//Advances in Cryptology. Berlin, Heidelberg: Springer Berlin Heidelberg,1984: 47-53. DOI:10.1007/3-540-39568-7_5.
[3] Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption[C]//2007 IEEE Symposium on Security and Privacy(SP ’07). May 20-23, 2007, Berkeley, CA, USA.New York: IEEE, 2007: 321-334. DOI:10.1109/SP.2007.11.
[4] Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]//CCS’ 06: Proceedings of the 13th ACM Conference on Computer and Communications Security. Alexandria, Virginia, USA, 2006: 89-98. DOI:10.1145/1180405.1180418.
[5] Chang S C, Wu J L. A privacy-preserving cloud-based data management system with efficient revocation scheme[C]//2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies(PDCAT). December 18-20, 2017, Taipei, China.New York: IEEE, 2017: 1-8. DOI:10.1109/PDCAT.2017.00011.
[6] Li J G, Yao W, Zhang Y C, et al. Flexible and fine-grained attribute-based data storage in cloud computing[J].IEEE Transactions on Services Computing, 2017, 10(5): 785-796. DOI:10.1109/TSC.2016.2520932.
[7] Li J G, Yao W, Zhang Y C, et al. Flexible and fine-grained attribute-based data storage in cloud computing[J].IEEE Transactions on Services Computing, 2017, 10(5): 785-796. DOI:10.1109/TSC.2016.2520932.
[8] Li J G, Yao W, Han J G, et al. User collusion avoidance CP-ABE with efficient attribute revocation for cloud storage[J].IEEE Systems Journal, 2018, 12(2): 1767-1777. DOI:10.1109/JSYST.2017.2667679.
[9] Xiong H, Zhang H, Sun J F. Attribute-based privacy-preserving data sharing for dynamic groups in cloud computing[J]. IEEE Systems Journal, 2019, 13(3): 2739-2750. DOI:10.1109/JSYST.2018.2865221.
[10] Xue L, Yu Y, Li Y N, et al. Efficient attribute-based encryption with attribute revocation for assured data deletion[J]. Information Sciences, 2019, 479: 640-650. DOI:10.1016/j.ins.2018.02.015.
[11] Shor P W. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer[J]. SIAM Journal on Computing, 1997, 26(5): 1484-1509. DOI:10.1137/s0097539795293172.
[12] Ajtai M. Generating hard instances of lattice problems(extended abstract)[C]//Proceedings of the Twenty-eighth Annual ACM Symposium on Theory of Computing-STOC’ 96. May 22-24, 1996. Philadelphia, Pennsylvania, USA. New York: ACM Press, 1996: 99-108. DOI:10.1145/237814.237838.
[13] López-Alt A, Tromer E, Vaikuntanathan V. On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption[C]//Proceedings of the 44th Symposium on Theory of Computing-STOC’ 12. May 19-22, 2012. New York, USA. New York: ACM Press, 2012: 1219-1234. DOI:10.1145/2213977.2214086.
[14] Lyubashevsky V, Peikert C, Regev O. On ideal lattices and learning with errors over rings[M]//Advances in Cryptology—EUROCRYPT 2010. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010: 1-23. DOI:10.1007/978-3-642-13190-5_1.
[15] Gentry C, Peikert C, Vaikuntanathan V. Trapdoors for hard lattices and new cryptographic constructions[C]// 14th Annual ACM International Symposium on Theory of Computing. May 17-20, 2008. Victoria, Canada. New York: ACM Press, 2008: 197-206. DOI:10.1145/1374376.1374407.
[16] Ducas L, Lyubashevsky V, Prest T. Efficient identity-based encryption over NTRU lattices[M]//Advances in Cryptology—ASIACRYPT 2014. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014: 22-41. DOI:10.1007/978-3-662-45608-8_2.
[17] Hoffstein J, Pipher J, Silverman J H. NTRU: A ring-based public key cryptosystem[C]//Algorithmic Number Theory. Portland, USA, 1998: 267–288. DOI:10.1007/BFb0054868.
[18] Stehlé D, Steinfeld R. Making NTRU as secure as worst-case problems over ideal lattices[C]// Advances in Cryptology—EUROCRYPT 2011. Berlin, Heidelberg: Springer Berlin Heidelberg, 2011: 27-47. DOI:10.1007/978-3-642-20465-4_4.
[19] Soo Fun T, Samsudin A. Lattice ciphertext-policy attribute-based encryption from ring-LWE[C]//2015 International Symposium on Technology Management and Emerging Technologies(ISTMET).August 25-27, 2015, Langkawi, Malaysia. New York: IEEE, 2015: 258-262. DOI:10.1109/ISTMET.2015.7359040.
[20] Zhao J, Gao H Y. LSSS matrix-based attribute-based encryption on lattices[C]//2017 13th International Conference on Computational Intelligence and Security(CIS). December 15-18, 2017, Hong Kong, China.New York: IEEE, 2017: 253-257. DOI:10.1109/CIS.2017.00062.
[21] Liu Y, Wang L C, Li L X, et al. Secure and efficient multi-authority attribute-based encryption scheme from lattices[J]. IEEE Access, 2019, 7: 3665-3674. DOI:10.1109/ACCESS.2018.2888850.
[22] Gür K D, Polyakov Y, Rohloff K, et al. Practical applications of improved Gaussian sampling for trapdoor lattices[J]. IEEE Transactions on Computers, 2019, 68(4): 570-584. DOI:10.1109/TC.2018.2874479.
[23] Wang S P, Zhang X, Zhang Y L. Efficient revocable and grantable attribute-based encryption from lattices with fine-grained access control[J].IET Information Security, 2018, 12(2): 141-149. DOI:10.1049/iet-ifs.2017.0225.
[24] 张欣威, 张串绒, 尚福特. 可撤销属性的格基属性加密方案[J]. 空军工程大学学报(自然科学版), 2015, 16(3): 87-91. DOI:10.3969/j.issn.1009-3516.2015.03.018.
Zhang X W, Zhang C R, Shang F T. Revocable attribute-based encryption from lattice[J]. Journal of Air Force Engineering University(Natural Science Edition), 2015, 16(3): 87-91. DOI:10.3969/j.issn.1009-3516.2015.03.018. (in Chinese)
[25] 于金霞, 杨超超, 张棋超, 等. 外包环境下格上可撤销的属性基加密方案[J]. 计算机科学与探索, 2020, 14(2): 244-251. DOI:10.3778/j.issn.1673-9418.1901043.
Yu J X, Yang C C, Zhang Q C, et al. Revocable ciphertext-policy attribute-based encryption in data outsourcing systems from lattices[J]. Journal of Frontiers of Computer Science & Technology, 2020, 14(2): 244-251. DOI:10.3778/j.issn.1673-9418.1901043. (in Chinese)
[26] Zhao S Y, Jiang R, Bhargava B. RL-ABE: A revocable lattice attribute based encryption scheme based on R-LWE problem in cloud storage[J]. IEEE Transactions on Services Computing, 2020: 1. DOI:10.1109/tsc.2020.2973256.
[27] Hoffstein J, Howgrave-Graham N, Pipher J, et al. NTRUSign: Digital signatures using the NTRU lattice[M]//Topics in Cryptology—CT-RSA 2003. Berlin, Heidelberg: Springer Berlin Heidelberg, 2003: 122-140. DOI:10.1007/3-540-36563-x_9.
[28] Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security—CCS’ 06. October 30-November 3, 2006. Alexandria, Virginia, USA. New York: ACM Press, 2006: 89-98. DOI:10.1145/1180405.1180418.
[29] Lewko A, Waters B. Decentralizing attribute-based encryption[M]// Advances in Cryptology-EUROCRYPT 2011. Berlin, Heidelberg: Springer Berlin Heidelberg, 2011: 568-588. DOI:10.1007/978-3-642-20465-4_31.

备注/Memo

备注/Memo:
收稿日期: 2020-05-17.
作者简介: 江健豪(1995—),男,硕士生;蒋睿(联系人),男,博士,副教授,R.Jiang@seu.edu.cn.
基金项目: 国家自然科学基金资助项目(61372103)、江苏省自然科学基金资助项目(BK20201265)、信息网络安全公安部重点实验室开放课题资助项目(C19607)、江苏省计算机网络技术重点实验室资助项目.
引用本文: 江健豪,蒋睿,裴蓓,等.基于NTRU格的云数据可撤销属性基加密方案[J].东南大学学报(自然科学版),2020,50(6):1052-1061. DOI:10.3969/j.issn.1001-0505.2020.06.009.
更新日期/Last Update: 2020-11-20