一种适合云数据共享的身份代理重加密方案
目前云数据安全存储方案中,数据拥有者加密数据上传到云中,但却不能很好地支持加密数据分享,尤其是分享给多个用户时,可扩展性不强。针对这个问题提出一种基于身份的代理重加密方案,该方案不需要云完全可信但却又能灵活地进行数据安全共享。在具体构造上,结合基于身份的加密,用一个强不可伪造的一次签名方案使被转换后的密文具有公开验证性,且能达到被转换后的密文在标准模型下具有选择密文安全性。由于该类方案无须使用公钥证书、能支持细粒度的访问控制且可扩展性较好,因此可以较好地适用于安全云数据共享。...
Saved in:
| Published in | 计算机应用研究 Vol. 33; no. 11; pp. 3450 - 3454 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | Chinese |
| Published |
武警工程大学 网络与信息安全武警部队重点实验室,西安,710086
2016
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 1001-3695 |
| DOI | 10.3969/j.issn.1001--3695.2016.11.055 |
Cover
| Summary: | 目前云数据安全存储方案中,数据拥有者加密数据上传到云中,但却不能很好地支持加密数据分享,尤其是分享给多个用户时,可扩展性不强。针对这个问题提出一种基于身份的代理重加密方案,该方案不需要云完全可信但却又能灵活地进行数据安全共享。在具体构造上,结合基于身份的加密,用一个强不可伪造的一次签名方案使被转换后的密文具有公开验证性,且能达到被转换后的密文在标准模型下具有选择密文安全性。由于该类方案无须使用公钥证书、能支持细粒度的访问控制且可扩展性较好,因此可以较好地适用于安全云数据共享。 |
|---|---|
| Bibliography: | 51-1196/TP cloud storage secure; data sharing; proxy re-encryption; standard model; publicly verifiable Currently most of the solutions of cloud data security storage required the data owner encrypted his data before out- sourcing the data to the cloud, but this method couldn't support flexible data sharing, especially for the multi-user setting. Aimed at solving this problem, this paper proposed a new identity based proxy re-encryption scheme, which didn't need the cloud to be completely trusted, but could also be used to share the data safely. In the concrete construction, this paper used a strongly non-forgeable signature scheme to let the encrypted ciphertexts be publicly verifiable, this scheme could also be cho- sen ciphertext secure in the standard model. For the proposed scheme can be used without certificate, support fine-grained ac- cess control and be very scalable, thus it can be used for secure data sharing in the cloud. Zheng Zhiheng, Zhang Minqing, Wang Xu'an ( Key Laboratory of Network & Informat |
| ISSN: | 1001-3695 |
| DOI: | 10.3969/j.issn.1001--3695.2016.11.055 |