分层的属性加密机制研究
发布时间:2018-12-16 09:49
【摘要】:属性加密机制是一种支持多对多模式的新型公钥加密。在属性加密机制中,身份信息不再只是由一个元素来表示,而是添加了一个灵活的访问结构,该访问结构由若干个属性以及门限组合而成,当且仅当访问结构和属性集合相匹配时,才能够成功解密。属性加密机制的最大优点是,不需要具体指定由谁解密,只要接收方符合相应条件便可解密。通常,属性加密机制被分为两大类:基于密钥策略的属性加密机制和基于密文策略的属性加密机制。本论文将以基于密钥策略的属性加密机制为主要研究对象。本论文首先对属性加密机制进行了系统的介绍,属性加密机制可分为基本属性加密机制,基于密钥策略的属性加密机制,基于密文策略的属性加密机制以及将属性集分层的属性加密机制,在本论文中对这四种属性加密机制进行了十分详细的描述。其次,着重介绍了基于密钥策略的属性加密机制和将属性集分层的属性加密机制,基于密钥策略的属性加密机制的主要优点是它添加了一个访问结构,该访问结构可以使得访问控制更加灵活,将属性集分层的属性加密机制的优点是可以解决由于广泛的配对操作产生的效率低下的问题,提高了算法的效率。因为未分层的属性加密在密钥生成的过程中每一个属性都需要对应一个生成的子密钥,而对于分层的属性加密来说只需要拥有几个属性所共同祖先节点的属性,并生成这个祖先节点的属性的密钥就可以了。最后,在前述归纳整理工作的基础上,提出了一种改进的分层的基于密钥策略的属性加密方案,该方案:(1)将访问结构引入到方案中,该访问结构是嵌入到密钥中的,由密钥的持有人对该结构进行控制,使得访问控制的灵活性提高了。(2)将属性集中的属性分成树状结构,每个属性不再是一个单独的个体,同一棵属性树间的属性相互联系,若x为一棵属性树中的一个节点,那么同一棵属性树中深度比x大的节点的属性它都具备,因此就不需要一对一的配对操作,若要一个用户拥有若干个同一棵属性树中深度比x大的节点的属性,则不需要每个属性都具备,只需拥有x节点的属性即可,其优点是解决了属性加密由于广泛的配对操作产生的效率低下的问题。(3)进行了安全性证明以及效率分析。
[Abstract]:Attribute encryption mechanism is a new type of public key encryption supporting many-to-many modes. In the attribute encryption mechanism, identity information is no longer represented by an element, but a flexible access structure is added, which is composed of several attributes and thresholds. If and only if the access structure matches the attribute set, it can be decrypted successfully. The biggest advantage of the attribute encryption mechanism is that it does not need to specify who decrypts, so long as the receiver meets the corresponding conditions can be decrypted. Generally, attribute encryption is divided into two categories: attribute encryption based on key policy and attribute encryption based on ciphertext policy. This thesis will focus on the attribute encryption mechanism based on key policy. This paper firstly introduces the attribute encryption mechanism. The attribute encryption mechanism can be divided into basic attribute encryption mechanism and attribute encryption mechanism based on key policy. The attribute encryption mechanism based on ciphertext policy and the attribute encryption mechanism based on stratification of attribute set are described in detail in this paper. Secondly, the attribute encryption mechanism based on key policy and attribute encryption mechanism based on attribute set are introduced. The main advantage of attribute encryption mechanism based on key policy is that it adds an access structure. This access structure can make access control more flexible. The advantage of attribute encryption mechanism is that it can solve the problem of low efficiency caused by extensive pairing operation and improve the efficiency of the algorithm. Because unstratified attribute encryption requires a generated subkey for each attribute during key generation, for hierarchical attribute encryption, only the attributes of the ancestor nodes shared by several attributes are required. And generate the key for the attribute of the ancestor node. Finally, an improved hierarchical attribute encryption scheme based on key policy is proposed on the basis of the above work. (1) access structure is introduced into the scheme, and the access structure is embedded in the key. By controlling the structure by the key holder, the flexibility of access control is improved. (2) the attributes in the attribute set are divided into tree structure, each attribute is no longer a separate individual, If x is a node in an attribute tree, then the attributes of the nodes in the same attribute tree that are deeper than x have them, so there is no need for a one-to-one pairing operation. For a user to have several attributes of nodes deeper than x in the same attribute tree, you do not need to have each attribute; you simply have the attributes of the x node Its advantage is to solve the problem that attribute encryption is inefficient due to extensive matching operations. (3) Security proof and efficiency analysis are carried out.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TN918.4
本文编号:2382152
[Abstract]:Attribute encryption mechanism is a new type of public key encryption supporting many-to-many modes. In the attribute encryption mechanism, identity information is no longer represented by an element, but a flexible access structure is added, which is composed of several attributes and thresholds. If and only if the access structure matches the attribute set, it can be decrypted successfully. The biggest advantage of the attribute encryption mechanism is that it does not need to specify who decrypts, so long as the receiver meets the corresponding conditions can be decrypted. Generally, attribute encryption is divided into two categories: attribute encryption based on key policy and attribute encryption based on ciphertext policy. This thesis will focus on the attribute encryption mechanism based on key policy. This paper firstly introduces the attribute encryption mechanism. The attribute encryption mechanism can be divided into basic attribute encryption mechanism and attribute encryption mechanism based on key policy. The attribute encryption mechanism based on ciphertext policy and the attribute encryption mechanism based on stratification of attribute set are described in detail in this paper. Secondly, the attribute encryption mechanism based on key policy and attribute encryption mechanism based on attribute set are introduced. The main advantage of attribute encryption mechanism based on key policy is that it adds an access structure. This access structure can make access control more flexible. The advantage of attribute encryption mechanism is that it can solve the problem of low efficiency caused by extensive pairing operation and improve the efficiency of the algorithm. Because unstratified attribute encryption requires a generated subkey for each attribute during key generation, for hierarchical attribute encryption, only the attributes of the ancestor nodes shared by several attributes are required. And generate the key for the attribute of the ancestor node. Finally, an improved hierarchical attribute encryption scheme based on key policy is proposed on the basis of the above work. (1) access structure is introduced into the scheme, and the access structure is embedded in the key. By controlling the structure by the key holder, the flexibility of access control is improved. (2) the attributes in the attribute set are divided into tree structure, each attribute is no longer a separate individual, If x is a node in an attribute tree, then the attributes of the nodes in the same attribute tree that are deeper than x have them, so there is no need for a one-to-one pairing operation. For a user to have several attributes of nodes deeper than x in the same attribute tree, you do not need to have each attribute; you simply have the attributes of the x node Its advantage is to solve the problem that attribute encryption is inefficient due to extensive matching operations. (3) Security proof and efficiency analysis are carried out.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TN918.4
【相似文献】
相关期刊论文 前10条
1 金永涛 ,白焰;新颖的子目录加密机制[J];电脑编程技巧与维护;1994年08期
2 金永涛 ,白焰;新颖的子目录加密机制[J];电脑编程技巧与维护;1994年02期
3 李建峰;谈信用卡系统中的信息加密机制[J];电脑与信用卡;1996年04期
4 石军;;城市轨道交通信号系统网络传输安全加密机制讨论[J];科技信息;2013年06期
5 单康康;江肖强;;混合加密机制降低计算复杂度[J];中国教育网络;2011年Z1期
6 武蓓;王劲林;倪宏;陈君;;一种广播加密机制的树再生长方法[J];计算机工程;2007年22期
7 张衡,张玉芳;具有加密机制的防火墙在零售行业中的应用[J];计算机工程与设计;2005年08期
8 崔国华,洪帆,付小青,胡伦骏;数据库系统中一种更安全的加密机制[J];华中理工大学学报;2000年07期
9 李尚;纵姝洁;肖汉;;一种XML报警消息的加密机制研究[J];微计算机信息;2008年24期
10 谢学智;李春晓;;属性加密机制在电子政务中的应用[J];中国科技论文;2013年01期
相关会议论文 前3条
1 赵洋;秦志光;蓝天;王佳昊;;基于可验证加密机制的多方公平交换协议[A];全国网络与信息安全技术研讨会论文集(下册)[C];2007年
2 周香凝;;一种支持快速查询的敏感数据加密机制[A];计算机技术与应用进展——全国第17届计算机科学与技术应用(CACIS)学术会议论文集(下册)[C];2006年
3 单康康;江肖强;;混合加密机制在DNSSEC中的应用研究[A];中国高等教育学会教育信息化分会第十次学术年会论文集[C];2010年
相关重要报纸文章 前1条
1 马云飞;WLAN安全要等一年[N];中国计算机报;2003年
相关硕士学位论文 前2条
1 张冠群;分层的属性加密机制研究[D];西安电子科技大学;2014年
2 王雅宁;数字集群通信系统加密机制的研究[D];哈尔滨工业大学;2006年
,本文编号:2382152
本文链接:https://www.wllwen.com/kejilunwen/wltx/2382152.html
