Attribute-based encryption of LSSS access structure with expressive dynamic attributes based on consortium blockchain

IF 1.8 4区计算机科学 Q3 TELECOMMUNICATIONS

Annals of Telecommunications Pub Date : 2023-05-18 DOI:10.1007/s12243-023-00949-8

Shengzhou Hu, Tingting Zhong, Hua He, Wenhao Li

{"title":"Attribute-based encryption of LSSS access structure with expressive dynamic attributes based on consortium blockchain","authors":"Shengzhou Hu, Tingting Zhong, Hua He, Wenhao Li","doi":"10.1007/s12243-023-00949-8","DOIUrl":null,"url":null,"abstract":"<div><p>Attribute-based encryption (ABE) allows users to encrypt and decrypt data based on attributes. It realizes fine-grained access control and can effectively solve the one-to-many encryption and decryption problem in open cloud application. Linear secret sharing scheme (LSSS) is the common access structure with a matrix on the attributes in ABE schemes, which may depict AND, OR, threshold operations, etc. However, LSSS access structure does not depict the complex and dynamic access policy of attributes, such as the complicated relationship of different attributes and the generation of dynamic attributes. It severely restricts the expansion of the practical application of ABE. Besides, there exists another problem; attribute authority (AA) in traditional ABE has a concentration of power and easily suffers from single-point failure or privacy leakage for being attacked or corrupted. Blockchain is a decentralized, tamper-free, traceable, and multi-party distributed database technology. Consortium blockchain (CB) is a partially centralized blockchain, whose openness is between the public blockchain and the private blockchain. In this paper, an ABE scheme on LSSS access structure with expressive dynamic attributes (EDA) based on CB (LSSS-EDA-ABE-CB) was proposed to resolve the above issues. EDA can construct the comprehensive attribute calculation expressions by conducting various operations, such as arithmetic operations, relational operations, and string operations. In virtue of the application of EDA, the proposed scheme can reconstruct new composite attributes to realize the dynamic adjustment of attributes. A partitioning method of EDA avoids one attribute appearing in two different EDA expressions. The CB technology enhanced the authority and trustworthiness of AA by openly recording AA’s attribute key distributions in CB transactions. The scheme in the paper was proven CPA-secure under the decision q-PBDHE assumption in standard model in the CB application environment. The scheme provides a more general data access policy and maintains the fine-grained character of ABE simultaneously. Finally, the security and performance analysis shows that the proposed scheme is secure and highly efficient.</p></div>","PeriodicalId":50761,"journal":{"name":"Annals of Telecommunications","volume":null,"pages":null},"PeriodicalIF":1.8000,"publicationDate":"2023-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Annals of Telecommunications","FirstCategoryId":"94","ListUrlMain":"https://link.springer.com/article/10.1007/s12243-023-00949-8","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}

引用次数: 0

Abstract

Attribute-based encryption (ABE) allows users to encrypt and decrypt data based on attributes. It realizes fine-grained access control and can effectively solve the one-to-many encryption and decryption problem in open cloud application. Linear secret sharing scheme (LSSS) is the common access structure with a matrix on the attributes in ABE schemes, which may depict AND, OR, threshold operations, etc. However, LSSS access structure does not depict the complex and dynamic access policy of attributes, such as the complicated relationship of different attributes and the generation of dynamic attributes. It severely restricts the expansion of the practical application of ABE. Besides, there exists another problem; attribute authority (AA) in traditional ABE has a concentration of power and easily suffers from single-point failure or privacy leakage for being attacked or corrupted. Blockchain is a decentralized, tamper-free, traceable, and multi-party distributed database technology. Consortium blockchain (CB) is a partially centralized blockchain, whose openness is between the public blockchain and the private blockchain. In this paper, an ABE scheme on LSSS access structure with expressive dynamic attributes (EDA) based on CB (LSSS-EDA-ABE-CB) was proposed to resolve the above issues. EDA can construct the comprehensive attribute calculation expressions by conducting various operations, such as arithmetic operations, relational operations, and string operations. In virtue of the application of EDA, the proposed scheme can reconstruct new composite attributes to realize the dynamic adjustment of attributes. A partitioning method of EDA avoids one attribute appearing in two different EDA expressions. The CB technology enhanced the authority and trustworthiness of AA by openly recording AA’s attribute key distributions in CB transactions. The scheme in the paper was proven CPA-secure under the decision q-PBDHE assumption in standard model in the CB application environment. The scheme provides a more general data access policy and maintains the fine-grained character of ABE simultaneously. Finally, the security and performance analysis shows that the proposed scheme is secure and highly efficient.

Abstract Image

查看原文本刊更多论文

基于联盟区块链的LSSS访问结构的属性加密

基于属性的加密（ABE）允许用户根据属性对数据进行加密和解密。它实现了细粒度的访问控制，可以有效地解决开放云应用中的一对多加密解密问题。线性秘密共享方案（LSSS）是ABE方案中常见的在属性上有矩阵的访问结构，可以描述AND、OR、阈值运算等。然而，LSSS访问结构并没有描述属性的复杂动态访问策略，例如不同属性之间的复杂关系和动态属性的生成。这严重制约了ABE实际应用的拓展。此外，还存在另一个问题；传统ABE中的属性权威（AA）具有权力集中性，容易遭受单点故障或隐私泄露的攻击或破坏。区块链是一种去中心化、无篡改、可追溯和多方分布式数据库技术。联盟区块链（CB）是一种部分集中的区块链，其开放性介于公共区块链和私有区块链之间。针对上述问题，本文提出了一种基于CB的具有表达动态属性的LSSS访问结构（EDA）的ABE方案（LSSS-EDA-ABE-CB）。EDA可以通过进行算术运算、关系运算和字符串运算等各种运算来构造综合属性计算表达式。借助EDA的应用，该方案可以重构新的复合属性，实现属性的动态调整。EDA的一种划分方法避免了一个属性出现在两个不同的EDA表达式中。CB技术通过公开记录AA在CB交易中的属性密钥分布，增强了AA的权威性和可信度。在CB应用环境中，在标准模型的决策q-PBDHE假设下，证明了本文的方案是CPA安全的。该方案提供了一种更通用的数据访问策略，同时保持了ABE的细粒度特性。最后，安全性和性能分析表明，该方案安全高效。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Annals of Telecommunications 工程技术-电信学

CiteScore

5.20

自引率

5.30%

发文量

审稿时长

4.5 months

期刊介绍： Annals of Telecommunications is an international journal publishing original peer-reviewed papers in the field of telecommunications. It covers all the essential branches of modern telecommunications, ranging from digital communications to communication networks and the internet, to software, protocols and services, uses and economics. This large spectrum of topics accounts for the rapid convergence through telecommunications of the underlying technologies in computers, communications, content management towards the emergence of the information and knowledge society. As a consequence, the Journal provides a medium for exchanging research results and technological achievements accomplished by the European and international scientific community from academia and industry.