本文選題：屬性基加密　切入點(diǎn)：密文提取　出處：《電子科技大學(xué)學(xué)報(bào)》2017年03期

【摘要】：在云外包存儲的背景下,針對外包存儲中共享敏感數(shù)據(jù)的定時(shí)刪除問題,提出基于雙重加密的敏感數(shù)據(jù)限時(shí)訪問方案。首先對稱加密待共享的敏感數(shù)據(jù)文件,隨后對加密后的文件進(jìn)行隨機(jī)分割提取,形成提取密文分量和封裝密文分量;然后采用限時(shí)屬性基加密算法對對稱密鑰和提取密文分量進(jìn)行加密,生成訪問控制對象;最后將訪問控制對象同封裝密文分量一同上傳至云服務(wù)器。通過該方案,授權(quán)用戶能夠在限時(shí)屬性基加密的訪問時(shí)限窗口中解密訪問控制對象,獲取對稱密鑰和提取密文分量,并合成原始密文,恢復(fù)明文。訪問時(shí)限窗口過期后,任何用戶都無法屬性基解密訪問控制對象,獲取對稱密鑰,恢復(fù)明文,從而實(shí)現(xiàn)敏感數(shù)據(jù)的定時(shí)刪除。通過敵手攻擊模型,分析并證明了該方案的安全性。
[Abstract]:Under the background of cloud outsourcing storage, aiming at the problem of timing deletion of shared sensitive data in outsourced storage, a time-limited access scheme of sensitive data based on double encryption is proposed. Firstly, the sensitive data files to be shared are encrypted symmetrically. Then the encrypted files are randomly partitioned and extracted to form the extracted ciphertext components and encapsulated ciphertext components, and then the symmetric key and the extracted ciphertext components are encrypted by the time-limited attribute base encryption algorithm to generate access control objects. Finally, the access control object is uploaded to the cloud server with the encapsulated ciphertext component. With this scheme, the user can decrypt the access control object in the access time window encrypted by the time-limited attribute base, obtain the symmetric key and extract the ciphertext component. After the expiration of the access time window, no user can decrypt the access control object, obtain the symmetric key, restore the plaintext, and realize the timing deletion of sensitive data. The security of the scheme is analyzed and proved.
【作者單位】： 電子科技大學(xué)信息與軟件工程學(xué)院;
【基金】：國家自然科學(xué)基金(61520106007)
【分類號】：TP399

【參考文獻(xiàn)】

相關(guān)期刊論文 前2條

1 姚志強(qiáng);熊金波;馬建峰;李琦;劉西蒙;;云計(jì)算中一種安全的電子文檔自毀方案[J];計(jì)算機(jī)研究與發(fā)展;2014年07期

2 熊金波;姚志強(qiáng);馬建峰;李鳳華;劉西蒙;;面向網(wǎng)絡(luò)內(nèi)容隱私的基于身份加密的安全自毀方案[J];計(jì)算機(jī)學(xué)報(bào);2014年01期

【共引文獻(xiàn)】

相關(guān)期刊論文 前10條

1 陳偉;王q，

本文編號：1674121