Hong Hanshu, Sun Zhixin
Key Laboratory of Broadband Wireless Communication and Sensor Network Technology, Ministry Education, Nanjing University of Posts and Telecommunications, Nanjing, China.
Springerplus. 2016 Feb 19;5:131. doi: 10.1186/s40064-016-1765-9. eCollection 2016.
Attribute based encryption (ABE) has been widely applied for secure data protection in various data sharing systems. However, the efficiency of existing ABE schemes is not high enough since running encrypt and decrypt algorithms need frequent bilinear pairing operations, which may occupy too much computing resources on terminal devices. What's more, since different users may share the same attributes in the system, a single user's private key exposure will threaten the security and confidentiality of the whole system. Therefore, to further decrease the computation cost in attribute based cryptosystem as well as provide secure protection when key exposure happens, in this paper, we firstly propose a high efficient key-insulated ABE algorithm without pairings. The key-insulated mechanism guarantees both forward security and backward security when key exposure or user revocation happens. Besides, during the running of algorithms in our scheme, users and attribute authority needn't run any bilinear pairing operations, which will increase the efficiency to a large extent. The high efficiency and security analysis indicate that our scheme is more appropriate for secure protection in data sharing systems.
基于属性的加密(ABE)已在各种数据共享系统中广泛应用于安全数据保护。然而,现有ABE方案的效率不够高,因为运行加密和解密算法需要频繁进行双线性配对操作,这可能会在终端设备上占用过多计算资源。此外,由于不同用户可能在系统中共享相同属性,单个用户的私钥泄露将威胁整个系统的安全性和保密性。因此,为了进一步降低基于属性的密码系统中的计算成本,并在密钥泄露发生时提供安全保护,在本文中,我们首先提出了一种高效的无配对密钥绝缘ABE算法。密钥绝缘机制在密钥泄露或用户撤销发生时保证前向安全性和后向安全性。此外,在我们方案的算法运行过程中,用户和属性授权机构无需运行任何双线性配对操作,这将在很大程度上提高效率。高效性和安全性分析表明,我们的方案更适合数据共享系统中的安全保护。
