CN112087422A - Outsourcing access control method based on attribute encryption in edge calculation - Google Patents

Abstract

The invention discloses an outsourcing access control method based on attribute encryption in edge computing, which encrypts user data participating in shared data behaviors in edge computing by adopting an attribute encryption method so as to protect the privacy of the data. According to the characteristics of wide distribution and considerable computing power of fog computing, the computing burden of a data owner and a consumer is reduced by adopting a method of outsourcing encryption and decryption to a fog server. The invention has the advantages that: compared with the existing encryption algorithm, the attribute encryption can protect the privacy information of the group users more simply and effectively, achieves fine-grained access control on data, and has practical feasibility. The method fully considers the problem of resource limitation of the mobile terminal in the edge computing environment, and has strong use value; the method partially hides the access strategy which possibly reveals sensitive information, and better protects the privacy information of the user.

Description

An outsourced access control method based on attribute encryption in edge computing

technical field

The invention belongs to the field of network communication, and specifically proposes an outsourcing access control method based on attribute encryption in edge computing.

Background technique

Edge computing is widely used in modern social life, but untrusted edge devices may lead to data security and privacy protection issues. Therefore, some encryption methods are needed to protect the security of data, but general traditional encryption methods are not suitable for edge computing, because in edge computing, the receiving group is often dynamic, and many data are accessed by a group of users, which can only be accessed by a certain group of users. These properties are described, and data access does not need to be controlled on a per-connection basis. On the other hand, the encryption and decryption of the existing encryption methods are computationally expensive, and mobile devices usually have limited computing resources and cannot support highly complex encryption algorithms.

Attribute encryption is a research hotspot in the field of privacy protection today. Compared with existing encryption algorithms, attribute encryption can protect the privacy information of group users more simply and effectively, and implement fine-grained access control to data, which is practically feasible. Outsourcing the task of encrypting and decrypting highly complex computing data to a fog server with more powerful computing power enables mobile devices to perform encryption and decryption with only simple calculations. At the same time, in order to prevent some external observers or attackers from learning the user's sensitive information through the access control policy in attribute encryption, it is necessary to hide the access control policy. Therefore, the access control method based on attribute encryption in edge computing is beneficial to the security of shared data and the privacy of user information, and reduces the computational burden of users.

SUMMARY OF THE INVENTION

Aiming at the problems of data security and privacy protection of edge devices in existing edge computing, the invention proposes an outsourcing access control method based on attribute encryption in edge computing.

The technical scheme of the present invention is:

An outsourced access control method based on attribute encryption in edge computing, the method includes the following steps:

Step 1: The trusted authority initializes the entire system, including assigning corresponding roles to each user, generating relevant parameters such as public keys, keys, and conversion keys, and sending the parameters to each role in the system;

Step 2: The data owner applies for an encryption request to the nearest fog server, verifies and integrates the results returned by the fog server, and then uploads the integrated ciphertext to the cloud server;

Step 3: The data consumer applies for the ciphertext to the cloud server, and sends the obtained ciphertext to the nearest fog server to apply for partial outsourcing decryption. After the partial decrypted ciphertext is obtained, the correctness verification is performed, and finally the plaintext is obtained by simple decryption.

Further, an outsourced access control method based on attribute encryption in edge computing, the step 1 is specifically:

Step 1-1: The trusted authority first selects the number of attributes in the system, and selects a bilinear map D=(p, G, GT, e), where P is the order of G and GT; then select a random Three generators g, h, u and exponent α (α∈Zp); public public key parameters:

PK={D,e(g,g)α,g,h,u,H,L,KDF1};

Among them, H is the anti-collision hash function, KDF1 is the key derivation function, and set the master key: MSK=(PK,α);

Step 1-2: The trusted authority selects random K+1 numbers (r,r ₁ ,...,r _k )∈Zp, according to the master key MSK and a set of attributes S={A ₁ ,· ··,A _n }, calculate K ₀ =g ^α u ^r , K ₁ =g ^r , K _i,2 =g ^ri , K _i,3 =(uh ^Ai ) ^ri , and generate the private key:

SK=(S,PK,K ₀ ,K ₁ ,{K _i,2 ,K _i,3 } _i∈[1,k] );

根据私钥SK计算转换密钥TK如下：Steps 1-3: Random selection of trusted authorities

The conversion key TK is calculated according to the private key SK as follows:

K' ₀ =g ^α/τ u ^r/τ , K' ₁ =g ^r/τ , K' _i,2 =g ^ri/τ , K' _i,3 =(uh ^Ai ) ^ri/τ

When the system goes to outsourced decryption, the conversion key TK is sent to the fog server that needs to perform part of the decryption task; and the recovery key is set as follows:

RK=(TK,τ)

Sent to the data consumer for final decryption.

Further, an outsourced access control method based on attribute encryption in edge computing, the step 2 is specifically:

Step 2-1: After the data owner sends the outsourced encryption request, the fog server F1, one of the two closest to the user, selects four random numbers x _i ', y _i ', λ _i ', s'∈Z _p , according to The public key parameter PK, which has been published, calculates C ₀ '=gs ^' ,

生成中间密文IT1如下：

The intermediate ciphertext IT1 is generated as follows:

IT1=(s',C' ₀ ,{x' _i ,y' _i ,λ' _i ,C' _i,1 ,C' _i,2 } _i∈[1,K] );

and send IT1 to the data owner;

生成中间密文IT2如下：Step 2-2: After the data owner sends the outsourced encryption request, the fog server F2, one of the two closest to the user, selects four random numbers x _i '', y _i '', λ _i '', s''∈Z _p , according to The public key parameter PK, which has been published, calculates C ₀ ”= g ^s” ,

The intermediate ciphertext IT2 is generated as follows:

IT2=(s”,C″ ₀ ,{x″ _i ,y″ _i ,λ″ _i ,C″ _i,1 ,C″ _i,2 } _i∈[1,K] );

and send IT2 to the data owner;

Step 2-3: After receiving IT1 and IT2, the data owner integrates IT1 and IT2 into an intermediate ciphertext IT as follows:

IT=(s,C ₀ ,{x _i ,y _i ,λ _i ,C _i,1 ,C _i,2 } _i∈[1,K] )

根据访问结构为(A,ρ,τ)，计算

C_i，3＝b_i-λ_i，C_i，4＝τ_ρ(i)y_i-x_iy_i，C_i，5＝-y_i,其中A是一个λ×n矩阵,ρ是A每一行A_i映射的属性名称,τ＝{τ_ρ(1),...,τ_ρ(λ)},即属性值ρ(i)的集合；再利用密钥导出函数KDF1计算出SSk,设置

d为SSk的长度；最后得出完整密文如下：Then randomly select v2,...,vn∈Zp, set the vector

According to the access structure as (A,ρ,τ), calculate

C _i,3 =b _i -λ _i , C _i,4 =τ _ρ(i) y _i -x _i y _i , C _i,5 = -y _i , where A is a λ×n matrix and ρ is A The attribute name of each row of A _i mapping, τ={τ _ρ(1) ,...,τ _ρ(λ) }, that is, the set of attribute values ρ(i); then use the key derivation function KDF1 to calculate SSk, set up

d is the length of SSk; finally the complete ciphertext is obtained as follows:

and send it to the cloud server.

Further, an outsourced access control method based on attribute encryption in edge computing, the step 3 is specifically:

Step 3-1: The data consumer obtains the ciphertext CT from the cloud server and sends it to the nearest fog server F3 to apply for partial decryption; the fog server F3 uses the conversion key TK obtained from the trusted authority to perform partial decryption, recovery and encapsulation the key:

Set the partially decrypted ciphertext and return it to the data consumer;

是否满足，如果满足，则用恢复密钥进行最后的解密：Step 3-2: After the data consumer gets the partially decrypted ciphertext, the correctness verification of the decryption outsourcing is performed first, and the verification

Whether it is satisfied, if it is satisfied, use the recovery key for final decryption:

Compared with the prior art, the technical advantages of the present invention are:

1. Protects the security of user-shared data without the user spending a high amount of computation and communication overhead;

2. Using the method of partially concealing the access control policy to realize data sharing with data consumers without revealing the sensitive information of the data owner;

3. Compared with the existing attribute encryption outsourcing methods, it achieves better performance in the correctness of outsourcing results and participant privacy protection.

Description of drawings

FIG. 1 is a mechanism block diagram of the present invention.

Figure 2. The time spent in generating the outsourced key and the change in the number of attributes.

Figure 3. Time graph of encrypted outsourcing computation.

Figure 4. Time graph of outsourced computation for decryption.

Figure 5. The time diagram of encryption calculation on the client side.

Figure 6 is a diagram of the time spent in the decryption calculation at the user end.

Detailed ways

The present invention will be further described below with reference to the accompanying drawings and specific embodiments.

According to the technical characteristics of edge computing and attribute encryption, the present invention designs an outsourcing access control method based on attribute encryption in edge computing, and focuses on solving the following two problems:

(1) When the data owner sends the ciphertext to the cloud server, the access control policy and the ciphertext will be sent together, and other participants may infer the sensitive information of the attributes of the data consumer according to the access control policy, which makes it subject to The problem of key information leakage.

(2) Existing attribute encryption outsourcing methods lack the verifiable consideration of encryption and decryption outsourcing.

The main idea of the present invention is to combine attribute encryption and edge computing to realize data security of shared data and privacy protection of participants.

Specifically, an outsourced access control method based on attribute encryption in edge computing, the method includes the following steps:

Step 1: The trusted authority initializes the entire system, including assigning corresponding roles to each user, generating relevant parameters such as public keys, keys, and conversion keys, and sending the parameters to each role in the system;

Step 1-1: The trusted authority first selects the number of attributes in the system, and selects a bilinear map D=(p, G, GT, e), where P is the order of G and GT; then select a random Three generators g, h, u and exponent α (α∈Zp); public public key parameters:

PK={D,e(g,g)α,g,h,u,H,L,KDF1};

Among them, H is the anti-collision hash function, KDF1 is the key derivation function, and set the master key: MSK=(PK,α);

Step 1-2: The trusted authority selects random K+1 numbers (r,r ₁ ,...,r _k )∈Zp, according to the master key MSK and a set of attributes S={A ₁ ,· ··,A _n }, calculate K ₀ =g ^α u ^r , K ₁ =g ^r , K _i,2 =g ^ri , K _i,3 =(uh ^Ai ) ^ri , and generate the private key:

SK=(S,PK,K ₀ ,K ₁ ,{K _i,2 ,K _i,3 } _i∈[1,k] );

根据私钥SK计算转换密钥TK如下：Steps 1-3: Random selection of trusted authorities

The conversion key TK is calculated according to the private key SK as follows:

K' ₀ =g ^α/τ u ^r/τ , K' ₁ =g ^r/τ , K' _i,2 =g ^ri/τ , K' _i,3 =(uh ^Ai ) ^ri/τ

When the system goes to outsourced decryption, the conversion key TK is sent to the fog server that needs to perform part of the decryption task; and the recovery key is set as follows:

RK=(TK,τ)

Sent to the data consumer for final decryption.

Step 2: The data owner applies for an encryption request to the nearest fog server, verifies and integrates the results returned by the fog server, and then uploads the integrated ciphertext to the cloud server;

生成中间密文IT1如下：Step 2-1: After the data owner sends the outsourced encryption request, the fog server F1, one of the two closest to the user, selects four random numbers x _i ', y _i ', λ _i ', s'∈Z _p , according to The public key parameter PK, which has been published, calculates C ₀ '=gs ^' ,

The intermediate ciphertext IT1 is generated as follows:

IT1=(s',C' ₀ ,{x' _i ,y' _i ,λ' _i ,C' _i,1 ,C' _i,2 } _i∈[1,K] );

and send IT1 to the data owner;

生成中间密文IT2如下：Step 2-2: After the data owner sends the outsourced encryption request, the fog server F2, one of the two closest to the user, selects four random numbers x _i '', y _i '', λ _i '', s''∈Z _p , according to The public key parameter PK, which has been published, calculates C ₀ ”= g ^s” ,

The intermediate ciphertext IT2 is generated as follows:

IT2=(s”,C″ ₀ ,{x″ _i ,y″ _i ,λ″ _i ,C″ _i,1 ,C″ _i,2 } _i∈[1,K] );

and send IT2 to the data owner;

Step 2-3: After receiving IT1 and IT2, the data owner integrates IT1 and IT2 into an intermediate ciphertext IT as follows:

IT=(s,C ₀ ,{x _i ,y _i ,λ _i ,C _i,1 ,C _i,2 } _i∈[1,K] )

根据访问结构为(A,ρ,τ)，计算

C_i，3＝b_i-λ_i，C_i，4＝τ_ρ(i)y_i-x_iy_i，C_i，5＝-y_i,其中A是一个λ×n矩阵,ρ是A每一行A_i映射的属性名称,τ＝{τ_ρ(1),...,τ_ρ(λ)},即属性值ρ(i)的集合；再利用密钥导出函数KDF1计算出SSk,设置

d为SSk的长度；最后得出完整密文如下：Then randomly select v2,...,vn∈Zp, set the vector

According to the access structure as (A,ρ,τ), calculate

C _i,3 =b _i -λ _i , C _i,4 =τ _ρ(i) y _i -x _i y _i , C _i,5 = -y _i , where A is a λ×n matrix and ρ is A The attribute name of each row of A _i mapping, τ={τ _ρ(1) ,...,τ _ρ(λ) }, that is, the set of attribute values ρ(i); then use the key derivation function KDF1 to calculate SSk, set up

d is the length of SSk; finally the complete ciphertext is obtained as follows:

and send it to the cloud server.

Step 3: The data consumer applies for the ciphertext to the cloud server, and sends the obtained ciphertext to the nearest fog server to apply for partial outsourcing decryption. After the partial decrypted ciphertext is obtained, the correctness verification is performed, and finally the plaintext is obtained by simple decryption.

Step 3-1: The data consumer obtains the ciphertext CT from the cloud server and sends it to the nearest fog server F3 to apply for partial decryption; the fog server F3 uses the conversion key TK obtained from the trusted authority to perform partial decryption, recovery and encapsulation the key:

Set the partially decrypted ciphertext and return it to the data consumer;

是否满足，如果满足，则用恢复密钥进行最后的解密：Step 3-2: After the data consumer gets the partially decrypted ciphertext, the correctness verification of the decryption outsourcing is performed first, and the verification

Whether it is satisfied, if it is satisfied, use the recovery key for final decryption:

The present invention uses charm framework and PBC library to simulate the process shown in Figure 1 in Ubuntu, and tests the performance of the proposed method. We set 10 different access policies, the number of attribute values N was increased from 10 to 100, and each instance was repeated 10 times and averaged. All instances are kept completely independent of each other during the experiment, and the time is measured in seconds and milliseconds.

In order to reflect the advantages of the PPAC (Privacy Access Control) method proposed by the present invention, the existing traditional attribute encryption outsourcing method OABE (Outsourcing ABE Encryption) is compared. Only outsourced decryption is performed in OABE, and the outsourced result is not verified for correctness.

Figure 2 shows the results of the time spent running to generate the outsourced key. As can be seen from the figure, as the number of system attribute values increases, the time spent on outsourcing the key also increases, and it increases linearly. The calculation amount of encryption and decryption is related to the number of attributes set by the system. As shown in Figure 3 and Figure 4, the number of attributes continues to increase, and the calculation time also increases. We evaluate the performance of the algorithm in PPAC by calculating the time spent on encryption and decryption at the user end. In terms of user experience, the less time spent, the better. Figure 5 shows that the time spent in the encryption calculation on the client side increases almost linearly with the increase of the number of attributes. Our scheme is feasible in terms of the calculation time on the client side, which is slightly higher than the time spent in the original OABE scheme. The reason for this It is the verification function that verifies the correctness of the result returned by encryption, which will bring some additional computational cost.

Figure 6 shows the time spent on the encryption calculation on the user side. From the figure, it can be found that our solution is feasible in terms of the computing time on the user side, which is also slightly higher than the time spent by the original OABE case. The reason for this is that The verification function that decrypts the returned result for correctness verification will bring some additional computational cost.

To sum up, it can be seen that the method PPAC proposed in the present invention can not only protect the security of shared data and user privacy in edge computing, but also greatly reduce the computing burden of users.

The preferred embodiments of the present invention have been described in detail above, but the present invention is not limited to the specific details of the above-mentioned embodiments. Within the scope of the technical concept of the present invention, various equivalent exchanges (such as quantity, shape, etc.) can be performed on the technical solutions of the present invention. , position, etc.), these equivalent transformations all belong to the protection of the present invention.

Claims (4)

1. an outsourcing access control method based on attribute encryption in edge computing, is characterized in that this method comprises the following content: Step 1: The trusted authority initializes the entire system, including assigning corresponding roles to each user, generating relevant parameters such as public keys, keys, and conversion keys, and sending the parameters to each role in the system; Step 2: The data owner applies for an encryption request to the nearest fog server, verifies and integrates the results returned by the fog server, and then uploads the integrated ciphertext to the cloud server; Step 3: The data consumer applies for the ciphertext to the cloud server, and sends the obtained ciphertext to the nearest fog server to apply for partial outsourcing decryption. After the partial decrypted ciphertext is obtained, the correctness verification is performed, and finally the plaintext is obtained by simple decryption. 2. the outsourcing access control method based on attribute encryption in a kind of edge computing according to claim 1, is characterized in that, described step 1 is specifically: Step 1-1: The trusted authority first selects the number of attributes in the system, and selects a bilinear map D=(p, G, GT, e), where P is the order of G and GT; then select a random Three generators g, h, u and exponent α (α∈Zp); public public key parameters: PK={D,e(g,g)α,g,h,u,H,L,KDF1}; Among them, H is the anti-collision hash function, KDF1 is the key derivation function, and set the master key: MSK=(PK,α); Step 1-2: The trusted authority selects random K+1 numbers (r,r ₁ ,...,r _k )∈Zp, according to the master key MSK and a set of attributes S={A ₁ ,· ··,A _n }, calculate K ₀ =g ^α u ^r , K ₁ =g ^r , K _i,2 =g ^ri , K _i,3 =(uh ^Ai ) ^ri , and generate the private key: SK=(S,PK,K ₀ ,K ₁ ,{K _i,2 ,K _i,3 } _i∈[1,k] ); Steps 1-3: Random selection of trusted authorities

The conversion key TK is calculated according to the private key SK as follows: K' ₀ =g ^α/τ u ^r/τ , K' ₁ =g ^r/τ , K' _i,2 =g ^ri/τ , K' _i,3 =(uh ^Ai ) ^ri/τ When the system goes to outsourced decryption, the conversion key TK is sent to the fog server that needs to perform part of the decryption task; and the recovery key is set as follows: RK=(TK,τ) Sent to the data consumer for final decryption. 3. the outsourcing access control method based on attribute encryption in a kind of edge computing according to claim 1, is characterized in that, described step 2 is specifically: Step 2-1: After the data owner sends the outsourced encryption request, the fog server F1, one of the two closest to the user, selects four random numbers x _i ', y _i ', λ _i ', s'∈Z _p , according to The public key parameter PK, which has been published, calculates C ₀ '=gs ^' ,

The intermediate ciphertext IT1 is generated as follows: IT1=(s',C' ₀ ,{x' _i ,y' _i ,λ' _i ,C' _i,1 ,C' _i,2 } _i∈[1,K] ); and send IT1 to the data owner; Step 2-2: After the data owner sends the outsourced encryption request, the fog server F2, one of the two closest to the user, selects four random numbers x _i '', y _i '', λ _i '', s''∈Z _p , according to The public key parameter PK, which has been published, calculates C ₀ ”= g ^s” ,

The intermediate ciphertext IT2 is generated as follows: IT2=(s”,C” ₀ ,{x” _i ,y” _i ,λ” _i ,C” _i,1 ,C” _i,2 } _i∈[1,K] ); and send IT2 to the data owner; Step 2-3: After receiving IT1 and IT2, the data owner integrates IT1 and IT2 into an intermediate ciphertext IT as follows: IT=(s,C ₀ ,{x _i ,y _i ,λ _i ,C _i,1 ,C _i,2 } _i∈[1,K] ) Then randomly select v2,...,vn∈Zp, set the vector

According to the access structure as (A,ρ,τ), calculate

C _i,3 =b _i -λ _i , C _i,4 =τ _ρ(i) y _i -x _i y _i , C _i,5 = -y _i , where A is a λ×n matrix and ρ is A The attribute name of each row of A _i mapping, τ={τ _ρ(1) ,...,τ _ρ(λ) }, that is, the set of attribute values ρ(i); then use the key derivation function KDF1 to calculate SSk, set up

d is the length of SSk; finally the complete ciphertext is obtained as follows:

and send it to the cloud server. 4. the outsourcing access control method based on attribute encryption in a kind of edge computing according to claim 1, described step 3 is specifically: Step 3-1: The data consumer obtains the ciphertext CT from the cloud server and sends it to the nearest fog server F3 to apply for partial decryption; the fog server F3 uses the conversion key TK obtained from the trusted authority to perform partial decryption, recovery and encapsulation the key:

Set the partially decrypted ciphertext and return it to the data consumer; Step 3-2: After the data consumer gets the partially decrypted ciphertext, the correctness verification of the decryption outsourcing is performed first, and the verification

Whether it is satisfied, if it is satisfied, use the recovery key for final decryption:

Images