一种改进条件广播代理重加密的数据共享方案

翟社平; 陆娴婧; 霍媛媛; 杨锐

doi:10.19665/j.issn1001-2400.20230410

您当前的位置：

首页 >

文章列表页 >

一种改进条件广播代理重加密的数据共享方案

计算机科学与技术&网络空间安全 | 更新时间：2024-06-03

- 一种改进条件广播代理重加密的数据共享方案
- Improved data sharing scheme based on conditional broadcast proxy re-encryptionn
- 西安电子科技大学学报 2024年51卷第2期页码：224-238
- 作者机构：
  
  1. 西安邮电大学计算机学院,陕西西安 710121
  2. 西安邮电大学陕西省网络数据分析与智能处理重点实验室,陕西西安 710121
- 作者简介：
  
  [ "翟社平(1971—),男,教授,E-mail:[email protected]; " ]
  [ "陆娴婧(1998—),女,西安邮电大学硕士研究生,E-mail:[email protected]; " ]
  [ "霍媛媛(1998—),女,西安邮电大学硕士研究生,E-mail:[email protected]; " ]
  [ "杨锐(1976—),女,讲师,E-mail:[email protected]" ]
- 基金信息：
  
  国家自然科学基金(61373116);工业化和信息化部通信软科学项目(2018-R-26);陕西省重点研发项目(2022GY-038);陕西省教育厅科学研究计划(18JK0697);陕西省社会科学基金(2016N008);西安市社会科学规划基金(17X63);陕西省大学生创新创业训练计划(202211664016);西安邮电大学研究生创新基金(CXJJYL2021050)
- DOI：10.19665/j.issn1001-2400.20230410
  中图分类号： TP309
- 纸质出版日期：2024-4-20，
  
  网络出版日期：2023-9-8，
  
  收稿日期：2023-2-16，
扫描看全文
翟社平, 陆娴婧, 霍媛媛, 等. 一种改进条件广播代理重加密的数据共享方案[J]. 西安电子科技大学学报, 2024,51(2):224-238.

Sheping ZHAI, Xianjing LU, Yuanyuan HUO, et al. Improved data sharing scheme based on conditional broadcast proxy re-encryptionn[J]. Journal of Xidian University, 2024,51(2):224-238.
翟社平, 陆娴婧, 霍媛媛, 等. 一种改进条件广播代理重加密的数据共享方案[J]. 西安电子科技大学学报, 2024,51(2):224-238. DOI： 10.19665/j.issn1001-2400.20230410.

Sheping ZHAI, Xianjing LU, Yuanyuan HUO, et al. Improved data sharing scheme based on conditional broadcast proxy re-encryptionn[J]. Journal of Xidian University, 2024,51(2):224-238. DOI： 10.19665/j.issn1001-2400.20230410.

摘要

传统的条件广播代理重加密数据共享方式过度依赖不可信第三方代理商

存在效率低、数据安全和隐私泄露等问题。针对以上问题

提出了一种将条件广播代理重加密与区块链共识机制相结合的信息安全保障方案。首先

为解决单个代理商的单点故障以及合谋攻击问题

所提方案使用区块链节点轮流担任代理商节点

同时利用融合信誉机制的委托权益证明共识算法筛选出高信誉度的代理商节点参与重加密过程

大大降低了单点故障和合谋攻击的风险。其次

针对代理商节点对重加密密钥使用的高权限问题

引入门限密钥思想

将重加密密钥分割为多个片段

这些片段分布于不同的代理商节点上。通过这种方式

任何单个代理商节点都无法单独完成数据的解密

从而有效提高了重加密过程的安全性。最后

通过对方案的安全性、正确性和可信度进行分析

表明提出的方案能有效解决传统方案中的安全隐患。仿真实验结果证明

与现有数据共享方案相比

所提方案在保障数据安全方面具有明显优势

同时计算成本较低。

Abstract

Traditional conditional broadcast proxy re-encryption data sharing approaches over-rely on untrustworthy third-party proxy servers

which leads to issues of a low efficiency

data security and privacy leaks.To address the above problems

this paper proposes an information security protection scheme that combines conditional broadcast proxy re-encryption with blockchain consensus mechanisms.First

to solve the single point of failure and collusion attacks of individual proxy servers

this scheme uses blockchain nodes to take turns to act as proxy servers.At the same time

it selects high-credibility proxy servers to participate in re-encryption through the Delegated Proof of Stake(DPoS) consensus algorithm that integrates credibility mechanisms

greatly reducing the risks of the single point of failure and collusion attacks.Second

to address the high permission issue of proxy servers using re-encryption keys

this paper introduces the threshold cryptosystem concept and splits the re-encryption key into multiple fragments distributed across different proxy servers.In this way

any single proxy server is unable to decrypt data independently

thus effectively improving the security of the re-encryption process.Finally

through the analysis of the security

correctness and credibility of the scheme

it is demonstrated that this scheme can effectively solve security vulnerabilities in traditional schemes.Related simulation experimental results also prove that compared with existing data sharing schemes

this scheme has significant advantages in ensuring data security while having lower computational costs.

关键词

条件广播代理重加密门限密钥区块链共识机制

Keywords

conditional broadcast proxy re-encryptionthreshold keyblockchainconsensus mechanism

references

沈剑, 周天祺, 曹珍富. 云数据安全保护方法综述[J]. 计算机研究与发展, 2021, 58(10):2079-2098.

SHEN Jian, ZHOU Tianqi, CAO Zhenfu. Overview of Cloud Data Security Protection Methods[J]. Journal of Computer Research and Development, 2021, 58(10):2079-2098.

DONG H D, KANG L, LIN P J, et al. Privacy Protection for Blockchains with Account and Multi-Asset Model[J]. China Communications, 2019, 16(6):69-79.

LIU J, JIANG W, SUN R, et al. Conditional Anonymous Remote Healthcare Data Sharing over Blockchain[J]. IEEE Journal of Biomedical and Health Informatics, 2023, 27(5):2231-2242.

BLAZE M, BLEUMER G, STRAUSS M. Divertible Protocols and Atomic Proxy Cryptography[C]//International Conference on the Theory and Application of Cryptographic Techniques. Berlin:Springer,1998:127-144.

SHAO J, CAO Z. CCA-Secure Proxy Re-Encryption without Pairings[C]//International Conference on Public Key Cryptography. Berlin:Springer,2009:357-376.

LUO S, SHEN Q N, CHEN Z. Fully Secure Unidirectional Identity-Based Proxy Re-Encryption[C]//International Conference on Information Security and Cryptology. Berlin:Springer,2012:109-126.

LIANG K, LIU J K, WONG D S, et al. An Efficient Cloud-Based Revocable Identity-Based Proxy Re-Encryption Scheme for Public Clouds Data Sharing[C]//European Symposium on Research in Computer Security. Berlin:Springer,2014:257-272.

RAWAL B S. Proxy Re-Encryption Architect for Storing and Sharing of Cloud Contents[J]. International Journal of Parallel,Emergent and Distributed Systems, 2020, 35(3):219-235.

QIAN X, YANG Z, WANG S H, et al. A No-Pairing Proxy Re-Encryption Scheme for Data Sharing in Untrusted Cloud[C]//International Conference on Artificial Intelligence and Security. Berlin:Springer,2019:85-96.

CHU C K, WENG J, CHOW S S, et al. Conditional Proxy Broadcast Re-Encryption[C]//Australasian Conference on Information Security and Privacy. Berlin:Springer,2009:327-342.

XU P, JIAO T, WU Q, et al. Conditional Identity-Based Broadcast Proxy Re-Encryption and Its Application to Cloud Email[J]. IEEE Transactions on Computers, 2016, 65(1):66-79.

LIU Y, REN Y, GE C, et al. A CCA-Secure Multi-Conditional Proxy Broadcast Re-Encryption Scheme for Cloud Storage System[J]. Journal of Information Security and Applications, 2019,47:125-131.

CHEN Z, CHEN J, MENG W. A New Dynamic Conditional Proxy Broadcast Re-Encryption Scheme for Cloud Storage and Sharing[C]//2020 IEEE Intl Conf on Dependable,Autonomic and Secure Computing,Intl Conf on Pervasive Intelligence and Computing,Intl Conf on Cloud and Big Data Computing,Intl Conf on Cyber Science and Technology Congress. Piscataway:IEEE, 2020: 569-576.

李兆斌, 赵洪, 魏占祯. 无双线性对的门限条件匿名代理重加密方案[J]. 电子与信息学报, 2021, 43(11):3350-3358.

LI Zhaobin, ZHAO Hong, WEI Zhanzhen. Threshold-Based Pairing-Free Conditional Anonymous Proxy Re-Encryption Scheme[J]. Journal of Electronics & Information Technology, 2021, 43(11):3350-3358.

李兆斌, 张璐, 赵洪, 等. 基于无证书的门限条件代理重加密方案[J]. 北京邮电大学学报, 2023, 46(1):44-49.

LI Zhaobin, ZHANG Lu, ZHAO Hong, et al. Certificateless Threshold-Based Conditional Proxy Re-Encryption Scheme[J]. Journal of Beijing University of Posts and Telecommunications, 2023, 46(1):44-49.

WU L Q, HAN Y L, YANG X Y, et al. Identity-Based Threshold Proxy Re-Encryption Scheme from Lattices and Its Applications[J]. Frontiers of Information Technology & Electronic Engineering, 2022, 23(2):258-278.

杨亚涛, 蔡居良, 张筱薇, 等. 基于SM9算法可证明安全的区块链隐私保护方案[J]. 软件学报, 2019, 30(6):1692-1704.

YANG Yatao, CAI Juliang, ZHANG Xiaowei, et al. Proven Secure Blockchain Privacy Protection Scheme Based on SM9 Algorithm[J]. Journal of Software, 2019, 30(6):1692-1704.

曾辉祥, 习宁, 谢晴晴, 等. 抗属性篡改的去中心化密文数据安全共享[J]. 西安电子科技大学学报, 2022, 49(2):135-145.

ZENG Huixiang, XI Ning, XIE Qingqing, et al. Decentralized Ciphertext Sharing Based on Blockchain[J]. Journal of Xidian University, 2022, 49(2):135-145.

李雪莲, 张夏川, 高军涛, 等. 支持属性和代理重加密的区块链数据共享方案[J]. 西安电子科技大学学报, 2022, 49(1):1-16.

LI Xuelian, ZHANG Xiachuan, GAO Juntao, et al. A Blockchain Data Sharing Scheme That Supports Attribute and Proxy Re-Encryption[J]. Journal of Xidian University, 2022, 49(1):1-16.

翟社平, 汪一景, 陈思吉. 区块链技术在电子病历共享的应用研究[J]. 西安电子科技大学学报, 2020, 47(5):103-112.

ZHAI Sheping, Wang Yijing, CHEN Siji. Research on the Application of Blockchain Technology in the Sharing of Electronic Medical Records[J]. Journal of Xidian University, 2020, 47(5):103-112.

杨小东, 席婉婷, 王嘉琪, 等. 基于签密和区块链的车联网电子证据共享方案[J]. 通信学报, 2021, 42(12):236-246. DOI:10.11959/j.issn.1000-436x.2021237http://doi.org/10.11959/j.issn.1000-436x.2021237

YANG Xiaodong, XI Wanting, WANG Jiaqi, et al. Electronic Evidence Sharing Scheme of Internet of Vehicles Based on Signcryption and Blockchain[J]. Journal on Communications, 2021, 42(12):236-246. DOI:10.11959/j.issn.1000-436x.2021237http://doi.org/10.11959/j.issn.1000-436x.2021237

LI Q, ZHOU Y. Research and Application Based on A.Shamir’s(t,n) Threshold Secret Sharing Scheme[C]//7th International Conference on Computer Science and Education. Piscataway:IEEE,2012:671-674.

付瑶瑶, 李盛恩. 授权股份证明共识机制的改进方案[J]. 计算机工程与应用, 2020, 56(19):48-54. DOI:10.3778/j.issn.1002-8331.1906-0312http://doi.org/10.3778/j.issn.1002-8331.1906-0312

FU Yaoyao, LI Sheng'en. Improved Scheme of Delegated Proof of Stake Consensus Mechanism[J]. Computer Engineering and Applications, 2020, 56(19):48-54. DOI:10.3778/j.issn.1002-8331.1906-0312http://doi.org/10.3778/j.issn.1002-8331.1906-0312

XIANG L, QIN Y, SHI P, et al. Transfer Mechanism of Data Decryption Authority in Joint Cloud Computing[C]//2021 IEEE International Conference on Joint Cloud Computing(JCC). Piscataway:IEEE, 2021: 38-43.

REN Y, LIU Y, QIAN C. A Fine-Grained Conditional Proxy Broadcast Re-Encryption Policy for File Sharing System[C]//12th EAI International Conference on Mobile Multimedia Communications. Gent:EAI,2019:1-13.

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

一种面向区块链验证节点的声誉证明共识机制

一种区块链驱动的生物启发式威胁检测方法

支持受控共享的医疗数据隐私保护方案

一种支持内嵌数据处理的合约漏洞修复方案

车联网中区块链辅助的紧急消息信任评估方案