可撤销动静态属性的车联网属性基加密方法

发布时间：2018-04-04 19:56

本文选题：车联网　切入点：属性基加密　出处：《计算机研究与发展》2017年11期

【摘要】：车载自组织网络(vehicular ad hoc network,VANET)(也称车联网)数据安全共享通常采用群加密方式,高速移动的车载终端给群组构建和群密钥管理带来困难.密文策略属性基加密(ciphertext-policy attribute-based encryption,CP-ABE)为车联网通信安全带来了新的解决方案,但是传统的CPABE方案解密计算复杂度高,属性撤销需要整个密文进行全部更新,策略树的构建不够灵活,导致在车联网中的应用受限.为了解决上述问题,围绕车联网云存储数据安全分享,设计可撤销动静态属性的属性基加密方案.将动态属性和静态属性分开管理,构建组合策略树,引入解密代理将高复杂度的属性基解密过程的主要部分外包到服务端,车辆终端通过中央和本地认证中心进行属性撤销和动态属性更新.可撤销动静态属性的车联网属性基加密方案是安全的,在空间和加解密时间复杂度上较传统CP-ABE算法具有优势,实验还分析了车载终端解密、属性撤销和系统并发等性能.
[Abstract]:Group encryption is usually used in the data security sharing of vehicular ad hoc network (VANETN). The high-speed mobile vehicle terminal brings difficulties to group construction and group key management.Ciphertext policy attribute base encryption (ciphertext-policy attribute-based encryption CP-ABE) has brought a new solution to the security of vehicle network communication. However, the traditional CPABE scheme has high computational complexity in decryption, the attribute revocation needs the entire ciphertext to be completely updated, and the construction of the policy tree is not flexible.This results in limited application in vehicle networking.In order to solve the above problem, an attribute based encryption scheme is designed to undo the dynamic and static attributes around the secure sharing of vehicle network cloud storage data.The dynamic and static attributes are managed separately, the composite policy tree is constructed, and the decryption agent is introduced to outsource the main part of the high complexity attribute base decryption process to the server.The vehicle terminal carries on the attribute revocation and the dynamic attribute update through the central and the local certification center.The attribute base encryption scheme with detachable dynamic and static attributes is secure and has advantages over the traditional CP-ABE algorithm in space and encryption and decryption time complexity. The performance of vehicle terminal decryption, attribute revocation and system concurrency are also analyzed in the experiment.
【作者单位】：桂林电子科技大学广西云计算与大数据协同创新中心;桂林电子科技大学认知无线电与信息处理教育部重点实验室;
【基金】：国家自然科学基金项目(61661015,61572148) 认知无线电与信息处理教育部重点实验室基金项目(CRKL160101) 广西云计算与大数据协同创新中心基金项目(YD16801)~~
【分类号】：TN918.4;U495

【相似文献】