Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A Ring Learning with Errors-Based Ciphertext-Policy Attribute-Based Proxy Re-Encryption Scheme for Secure Big Data Sharing in Cloud Environment
Big Data ( IF 4.6 ) Pub Date : 2022-04-11 , DOI: 10.1089/big.2021.0301 Juyan Li 1, 2, 3 , Jialiang Peng 1, 3 , Zhiqi Qiao 1, 3
Big Data ( IF 4.6 ) Pub Date : 2022-04-11 , DOI: 10.1089/big.2021.0301 Juyan Li 1, 2, 3 , Jialiang Peng 1, 3 , Zhiqi Qiao 1, 3
Affiliation
Owing to the huge volume of big data, users generally use the cloud to store big data. However, because the data are out of the control of users, sensitive data need to be protected. The ciphertext-policy attribute-based encryption scheme can not only effectively control the access of big data, but also decrypt the ciphertext as long as the user's attributes satisfy the access structure of ciphertext, so as to realize one to many big data sharing. When the user's attributes do not satisfy the access structure of ciphertext, the attribute-based proxy re-encryption scheme can be used for big data sharing. The ciphertext-policy attribute-based proxy re-encryption (CP-ABPRE) scheme combines the characteristics of the ciphertext-policy attribute-based encryption scheme and proxy re-encryption scheme. In a CP-ABPRE scheme, on the one hand, the data owner can use the ciphertext-policy attribute-based encryption scheme to encrypt the big data for cloud storage, to realize the access control of the big data. On the other hand, the proxy (cloud service provider) can convert ciphertext under one access structure into ciphertext under another access structure, thus realizing big data sharing between users of different attribute sets. In this article, we modify the existing attribute-based encryption scheme based on Ring Learning With Errors (RLWE), add re-encryption key generation algorithm, re-encryption ciphertext generation algorithm, and re-encryption ciphertext decryption algorithm, and construct CP-ABPRE scheme. In the construction of the re-encryption key, we introduce a random vector and hide the vector in the key by threshold technology. Finally, a CP-ABPRE scheme supporting threshold access structure is constructed based on RLWE. Compared with the existing attribute-based proxy re-encryption schemes, our scheme has smaller public parameters, can encrypt multiple plaintext bits at a time, and can resist selective access structure and chosen plaintext attack, so it is more suitable for big data sharing in cloud environment.
中文翻译:
一种基于错误的密文策略基于属性的代理重加密方案的环学习云环境下安全大数据共享
由于大数据量巨大,用户普遍使用云端存储大数据。但是,由于数据不受用户控制,因此需要保护敏感数据。基于密文策略属性的加密方案不仅可以有效控制大数据的访问,而且只要用户的属性满足密文的访问结构,就可以解密密文,从而实现一对多的大数据共享。当用户的属性不满足密文的访问结构时,可以采用基于属性的代理重加密方案进行大数据共享。基于密文策略属性的代理重加密(CP-ABPRE)方案结合了基于密文策略属性的加密方案和代理重加密方案的特点。在 CP-ABPRE 方案中,一方面,数据拥有者可以使用基于密文策略属性的加密方案对大数据进行加密以供云存储,实现对大数据的访问控制。另一方面,代理(云服务提供者)可以将一种访问结构下的密文转换为另一种访问结构下的密文,从而实现不同属性集用户之间的大数据共享。在本文中,我们对现有的基于错误的环学习(RLWE)的基于属性的加密方案进行了修改,增加了重加密密钥生成算法、重加密密文生成算法和重加密密文解密算法,并构造了CP- ABPRE 方案。在重加密密钥的构造中,我们引入了一个随机向量,并通过门限技术将向量隐藏在密钥中。最后,基于RLWE构建支持门限访问结构的CP-ABPRE方案。与现有的基于属性的代理重加密方案相比,我们的方案具有较小的公共参数,可以同时加密多个明文位,并且可以抵抗选择性访问结构和选择明文攻击,因此更适合于大数据共享。云环境。
更新日期:2022-04-11
中文翻译:
一种基于错误的密文策略基于属性的代理重加密方案的环学习云环境下安全大数据共享
由于大数据量巨大,用户普遍使用云端存储大数据。但是,由于数据不受用户控制,因此需要保护敏感数据。基于密文策略属性的加密方案不仅可以有效控制大数据的访问,而且只要用户的属性满足密文的访问结构,就可以解密密文,从而实现一对多的大数据共享。当用户的属性不满足密文的访问结构时,可以采用基于属性的代理重加密方案进行大数据共享。基于密文策略属性的代理重加密(CP-ABPRE)方案结合了基于密文策略属性的加密方案和代理重加密方案的特点。在 CP-ABPRE 方案中,一方面,数据拥有者可以使用基于密文策略属性的加密方案对大数据进行加密以供云存储,实现对大数据的访问控制。另一方面,代理(云服务提供者)可以将一种访问结构下的密文转换为另一种访问结构下的密文,从而实现不同属性集用户之间的大数据共享。在本文中,我们对现有的基于错误的环学习(RLWE)的基于属性的加密方案进行了修改,增加了重加密密钥生成算法、重加密密文生成算法和重加密密文解密算法,并构造了CP- ABPRE 方案。在重加密密钥的构造中,我们引入了一个随机向量,并通过门限技术将向量隐藏在密钥中。最后,基于RLWE构建支持门限访问结构的CP-ABPRE方案。与现有的基于属性的代理重加密方案相比,我们的方案具有较小的公共参数,可以同时加密多个明文位,并且可以抵抗选择性访问结构和选择明文攻击,因此更适合于大数据共享。云环境。
京公网安备 11010802027423号