摘要
google英语在线翻译摘要
在传统的医疗服务中,病人的健康信息需要在线或离线发送给医务人员,这既不便捷又效率低下.近年来发展起来的基于云的个人健康档案(PHR)系统集中存储、管理个人健康信息,合法用户可以在任何时间、任何地点访问网络,共享信息.为了保护信息与个人隐私,个人健康信息拥有者在将信息上传到云端服务器之前,需要加密消息.同时为了实现对消息的访问控制,信息拥有者需要对加密信息附加访问策略.去中心多授权机构属性基加密(ABE)方案是一种高效且灵活的加密机制,该机制不需要权威中心(CA)以及多个授权机构之间的合作来共同产生公开参数.然而最近的研究工作表明,已有的大多数方案在隐私保护性和安全性方面都存在缺陷.如何构造一个具有隐私保护功能且可以抵抗用户合谋攻击的去中心属性基加密方案仍是一个具有挑战性的问题.
本文针对这些问题展开研究,设计了抗合谋攻击的去中心属性基加密,具体工作如下:
5777
1.分析了Y.Rahulamathavam 等人方案的漏洞,提出了一种对他们方案的有效攻击模型.攻击结果表明该方案不能抵抗合谋攻击.随后,提出了一个新的保护隐私的去中心密钥策略ABE(KP-ABE)方案,该方案避免了现有的线性攻击,实现了抗用户的合谋攻击.在标准模型下,该方案的安全性被归约到判定性的双线性Diffie-Hellman假设(DBDH).仿真实验结果表明该方案的计算效率比已有方案有明显提高.
2.提出了一种用于PHR安全共享的保护隐私的去中心密文策略ABE方案(CP-ABE),该方案利用匿名密钥发布协议来隐藏用户的身份信息,无需知道用户身份为用户生成正确的解密密钥.此外,该方案利用单向匿名密钥协议来隐藏访问策略中的属性.该方案基于Lewko和Waters的方案,不仅保持了原方案的安全性,并移除了随机预言机.最后,该方案的安全性被归约到简单的静态假设.
关键词:属性基加密,去中心,隐私保护,可证明安全,多授权机构
I
西安电子科技大学硕士学位论文abed
II
same
ABSTRACT
ABSTRACT
In traditional medical rvices, the health information of patients needs to be nt to medical staff online or offline, which is neither convenient nor efficient. The cloud-bad personal health record (PHR) system developed in recent years centrally stores and manages personal health information,
and legitimate urs can access the network and share information at any time and any place. In order to protect information and personal privacy, the personal health information owner needs to encrypt the message before uploading the information to the cloud rver. At the same time, for the sake of achieving access control of the message, the information owner needs to attach an access policy to the encrypted information. Decentralized multi-authority attribute-bad encryption (ABE) is an efficient and flexible encryption mechanism that does not require the central authority and cooperation among the multiple authorities to jointly generate public parameters. However, recent rearch works show that most of the existing schemes have defects in privacy protection and curity. How to construct a decentralized attribute-bad encryption scheme with privacy prerving and resistance to ur collusion is still a challenge problem.
For the issues, the works done in this paper are as follows:
1. The vulnerability of the Y.Rahulamathavam et al. 's scheme was analyzed and an effective collusion attack on their scheme was propod. The attack results show that the scheme cannot resist collusion attacks.Subquently, a new privacy-prerving decentralized KP-ABE is propod, which avoids the existing linear attacks and achieves the ur collusion avoidance.Under the standard model, the curity of the scheme is reduced to decisional bilinear Diffie-Hellman assu
tdi是什么意思mption.The simulation results show that the computational efficiency of the scheme is significantly improved compared with the existing scheme.
2. A privacy-prerving decentralized CP-ABE scheme for cure sharing of PHR is propod, where the anonymous cret key issuing protocol is ud to hide the ur's identity information without knowing the ur identity to generate the correct decryption key for the ur. In addition, the scheme employs a one-way anonymous key agreement to hide the attributes in access policy. Bad on Lewko and Waters's scheme, the prented scheme keeps the curity of the original one and removes the random oracle. Finally, the curity of the scheme is reduced to simple static assumptions.
西安电子科技大学硕士学位论文thorne
Keywords: Attribute-Bad Encryption, Decentralized, Privacy-Prerving, Provable Security, Multi-Authority
插图索引
爱迪国际插图索引
图1.1 单授权机构属性基加密系统 (2)
图1.2 多授权机构属性基加密系统 (2)
图1.3 去中心属性基加密系统 (4)
总会计师图2.1 属性基加密系统 (13)
图3.1 匿名的密钥交互协议 (26)
图3.2 加密时间对比图 (30)
图3.3 解密时间消耗对比 (31)
摸门
图4.1 PHR的系统模型 (34)
图4.2 DCP-ABE中的匿名密钥交互协议 (38)pr是什么
V
