A Ring Learning with Errors-Based Ciphertext-Policy Attribute-Based Proxy Re-Encryption Scheme for Secure Big Data Sharing in Cloud Environment.

IF 2.6 4区计算机科学 Q2 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS

Big Data Pub Date : 2024-10-01 Epub Date: 2022-04-11 DOI:10.1089/big.2021.0301

Juyan Li, Jialiang Peng, Zhiqi Qiao

{"title":"A Ring Learning with Errors-Based Ciphertext-Policy Attribute-Based Proxy Re-Encryption Scheme for Secure Big Data Sharing in Cloud Environment.","authors":"Juyan Li, Jialiang Peng, Zhiqi Qiao","doi":"10.1089/big.2021.0301","DOIUrl":null,"url":null,"abstract":"<p><p>Owing to the huge volume of big data, users generally use the cloud to store big data. However, because the data are out of the control of users, sensitive data need to be protected. The ciphertext-policy attribute-based encryption scheme can not only effectively control the access of big data, but also decrypt the ciphertext as long as the user's attributes satisfy the access structure of ciphertext, so as to realize one to many big data sharing. When the user's attributes do not satisfy the access structure of ciphertext, the attribute-based proxy re-encryption scheme can be used for big data sharing. The ciphertext-policy attribute-based proxy re-encryption (CP-ABPRE) scheme combines the characteristics of the ciphertext-policy attribute-based encryption scheme and proxy re-encryption scheme. In a CP-ABPRE scheme, on the one hand, the data owner can use the ciphertext-policy attribute-based encryption scheme to encrypt the big data for cloud storage, to realize the access control of the big data. On the other hand, the proxy (cloud service provider) can convert ciphertext under one access structure into ciphertext under another access structure, thus realizing big data sharing between users of different attribute sets. In this article, we modify the existing attribute-based encryption scheme based on Ring Learning With Errors (RLWE), add re-encryption key generation algorithm, re-encryption ciphertext generation algorithm, and re-encryption ciphertext decryption algorithm, and construct CP-ABPRE scheme. In the construction of the re-encryption key, we introduce a random vector and hide the vector in the key by threshold technology. Finally, a CP-ABPRE scheme supporting threshold access structure is constructed based on RLWE. Compared with the existing attribute-based proxy re-encryption schemes, our scheme has smaller public parameters, can encrypt multiple plaintext bits at a time, and can resist selective access structure and chosen plaintext attack, so it is more suitable for big data sharing in cloud environment.</p>","PeriodicalId":51314,"journal":{"name":"Big Data","volume":null,"pages":null},"PeriodicalIF":2.6000,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Big Data","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1089/big.2021.0301","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2022/4/11 0:00:00","PubModel":"Epub","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}

引用次数: 0

Abstract

Owing to the huge volume of big data, users generally use the cloud to store big data. However, because the data are out of the control of users, sensitive data need to be protected. The ciphertext-policy attribute-based encryption scheme can not only effectively control the access of big data, but also decrypt the ciphertext as long as the user's attributes satisfy the access structure of ciphertext, so as to realize one to many big data sharing. When the user's attributes do not satisfy the access structure of ciphertext, the attribute-based proxy re-encryption scheme can be used for big data sharing. The ciphertext-policy attribute-based proxy re-encryption (CP-ABPRE) scheme combines the characteristics of the ciphertext-policy attribute-based encryption scheme and proxy re-encryption scheme. In a CP-ABPRE scheme, on the one hand, the data owner can use the ciphertext-policy attribute-based encryption scheme to encrypt the big data for cloud storage, to realize the access control of the big data. On the other hand, the proxy (cloud service provider) can convert ciphertext under one access structure into ciphertext under another access structure, thus realizing big data sharing between users of different attribute sets. In this article, we modify the existing attribute-based encryption scheme based on Ring Learning With Errors (RLWE), add re-encryption key generation algorithm, re-encryption ciphertext generation algorithm, and re-encryption ciphertext decryption algorithm, and construct CP-ABPRE scheme. In the construction of the re-encryption key, we introduce a random vector and hide the vector in the key by threshold technology. Finally, a CP-ABPRE scheme supporting threshold access structure is constructed based on RLWE. Compared with the existing attribute-based proxy re-encryption schemes, our scheme has smaller public parameters, can encrypt multiple plaintext bits at a time, and can resist selective access structure and chosen plaintext attack, so it is more suitable for big data sharing in cloud environment.

查看原文本刊更多论文

一种用于云环境中安全大数据共享的基于错误环学习的密文策略属性代理重加密方案。

由于大数据量巨大，用户通常使用云来存储大数据。但是，由于数据超出了用户的控制范围，因此需要保护敏感数据。基于密文策略属性的加密方案不仅可以有效控制大数据的访问，而且只要用户的属性满足密文的访问结构，就可以对密文进行解密，从而实现一对多的大数据共享。当用户的属性不满足密文的访问结构时，基于属性的代理再加密方案可以用于大数据共享。基于密文策略属性的代理再加密（CP-ABPRE）方案结合了基于密文策略内容的加密方案和代理再加密方案的特点。在CP-ABPRE方案中，一方面，数据所有者可以使用基于密文策略属性的加密方案对云存储的大数据进行加密，以实现对大数据的访问控制。另一方面，代理（云服务提供商）可以将一种访问结构下的密文转换为另一种访问架构下的密文，从而实现不同属性集用户之间的大数据共享。在本文中，我们修改了现有的基于错误环学习（RLWE）的基于属性的加密方案，增加了重加密密钥生成算法、重加密密文生成算法和重加密密文解密算法，并构造了CP-ABPRE方案。在重新加密密钥的构造中，我们引入了一个随机向量，并利用阈值技术将向量隐藏在密钥中。最后，基于RLWE构造了一种支持门限接入结构的CP-ABPRE方案。与现有的基于属性的代理重加密方案相比，我们的方案具有较小的公共参数，可以一次加密多个明文比特，并且可以抵抗选择性访问结构和选择明文攻击，因此更适合云环境下的大数据共享。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Big Data COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-COMPUTER SCIENCE, THEORY & METHODS

CiteScore

9.10

自引率

2.20%

发文量

期刊介绍： Big Data is the leading peer-reviewed journal covering the challenges and opportunities in collecting, analyzing, and disseminating vast amounts of data. The Journal addresses questions surrounding this powerful and growing field of data science and facilitates the efforts of researchers, business managers, analysts, developers, data scientists, physicists, statisticians, infrastructure developers, academics, and policymakers to improve operations, profitability, and communications within their businesses and institutions. Spanning a broad array of disciplines focusing on novel big data technologies, policies, and innovations, the Journal brings together the community to address current challenges and enforce effective efforts to organize, store, disseminate, protect, manipulate, and, most importantly, find the most effective strategies to make this incredible amount of information work to benefit society, industry, academia, and government. Big Data coverage includes: Big data industry standards, New technologies being developed specifically for big data, Data acquisition, cleaning, distribution, and best practices, Data protection, privacy, and policy, Business interests from research to product, The changing role of business intelligence, Visualization and design principles of big data infrastructures, Physical interfaces and robotics, Social networking advantages for Facebook, Twitter, Amazon, Google, etc, Opportunities around big data and how companies can harness it to their advantage.