【摘要】：屬性加密機(jī)制是一種支持多對(duì)多模式的新型公鑰加密。在屬性加密機(jī)制中,身份信息不再只是由一個(gè)元素來表示,而是添加了一個(gè)靈活的訪問結(jié)構(gòu),該訪問結(jié)構(gòu)由若干個(gè)屬性以及門限組合而成,當(dāng)且僅當(dāng)訪問結(jié)構(gòu)和屬性集合相匹配時(shí),才能夠成功解密。屬性加密機(jī)制的最大優(yōu)點(diǎn)是,不需要具體指定由誰解密,只要接收方符合相應(yīng)條件便可解密。通常,屬性加密機(jī)制被分為兩大類:基于密鑰策略的屬性加密機(jī)制和基于密文策略的屬性加密機(jī)制。本論文將以基于密鑰策略的屬性加密機(jī)制為主要研究對(duì)象。本論文首先對(duì)屬性加密機(jī)制進(jìn)行了系統(tǒng)的介紹,屬性加密機(jī)制可分為基本屬性加密機(jī)制,基于密鑰策略的屬性加密機(jī)制,基于密文策略的屬性加密機(jī)制以及將屬性集分層的屬性加密機(jī)制,在本論文中對(duì)這四種屬性加密機(jī)制進(jìn)行了十分詳細(xì)的描述。其次,著重介紹了基于密鑰策略的屬性加密機(jī)制和將屬性集分層的屬性加密機(jī)制,基于密鑰策略的屬性加密機(jī)制的主要優(yōu)點(diǎn)是它添加了一個(gè)訪問結(jié)構(gòu),該訪問結(jié)構(gòu)可以使得訪問控制更加靈活,將屬性集分層的屬性加密機(jī)制的優(yōu)點(diǎn)是可以解決由于廣泛的配對(duì)操作產(chǎn)生的效率低下的問題,提高了算法的效率。因?yàn)槲捶謱拥膶傩约用茉诿荑�生成的過程中每一個(gè)屬性都需要對(duì)應(yīng)一個(gè)生成的子密鑰,而對(duì)于分層的屬性加密來說只需要擁有幾個(gè)屬性所共同祖先節(jié)點(diǎn)的屬性,并生成這個(gè)祖先節(jié)點(diǎn)的屬性的密鑰就可以了。最后,在前述歸納整理工作的基礎(chǔ)上,提出了一種改進(jìn)的分層的基于密鑰策略的屬性加密方案,該方案:(1)將訪問結(jié)構(gòu)引入到方案中,該訪問結(jié)構(gòu)是嵌入到密鑰中的,由密鑰的持有人對(duì)該結(jié)構(gòu)進(jìn)行控制,使得訪問控制的靈活性提高了。(2)將屬性集中的屬性分成樹狀結(jié)構(gòu),每個(gè)屬性不再是一個(gè)單獨(dú)的個(gè)體,同一棵屬性樹間的屬性相互聯(lián)系,若x為一棵屬性樹中的一個(gè)節(jié)點(diǎn),那么同一棵屬性樹中深度比x大的節(jié)點(diǎn)的屬性它都具備,因此就不需要一對(duì)一的配對(duì)操作,若要一個(gè)用戶擁有若干個(gè)同一棵屬性樹中深度比x大的節(jié)點(diǎn)的屬性,則不需要每個(gè)屬性都具備,只需擁有x節(jié)點(diǎn)的屬性即可,其優(yōu)點(diǎn)是解決了屬性加密由于廣泛的配對(duì)操作產(chǎn)生的效率低下的問題。(3)進(jìn)行了安全性證明以及效率分析。
[Abstract]:Attribute encryption mechanism is a new type of public key encryption supporting many-to-many modes. In the attribute encryption mechanism, identity information is no longer represented by an element, but a flexible access structure is added, which is composed of several attributes and thresholds. If and only if the access structure matches the attribute set, it can be decrypted successfully. The biggest advantage of the attribute encryption mechanism is that it does not need to specify who decrypts, so long as the receiver meets the corresponding conditions can be decrypted. Generally, attribute encryption is divided into two categories: attribute encryption based on key policy and attribute encryption based on ciphertext policy. This thesis will focus on the attribute encryption mechanism based on key policy. This paper firstly introduces the attribute encryption mechanism. The attribute encryption mechanism can be divided into basic attribute encryption mechanism and attribute encryption mechanism based on key policy. The attribute encryption mechanism based on ciphertext policy and the attribute encryption mechanism based on stratification of attribute set are described in detail in this paper. Secondly, the attribute encryption mechanism based on key policy and attribute encryption mechanism based on attribute set are introduced. The main advantage of attribute encryption mechanism based on key policy is that it adds an access structure. This access structure can make access control more flexible. The advantage of attribute encryption mechanism is that it can solve the problem of low efficiency caused by extensive pairing operation and improve the efficiency of the algorithm. Because unstratified attribute encryption requires a generated subkey for each attribute during key generation, for hierarchical attribute encryption, only the attributes of the ancestor nodes shared by several attributes are required. And generate the key for the attribute of the ancestor node. Finally, an improved hierarchical attribute encryption scheme based on key policy is proposed on the basis of the above work. (1) access structure is introduced into the scheme, and the access structure is embedded in the key. By controlling the structure by the key holder, the flexibility of access control is improved. (2) the attributes in the attribute set are divided into tree structure, each attribute is no longer a separate individual, If x is a node in an attribute tree, then the attributes of the nodes in the same attribute tree that are deeper than x have them, so there is no need for a one-to-one pairing operation. For a user to have several attributes of nodes deeper than x in the same attribute tree, you do not need to have each attribute; you simply have the attributes of the x node Its advantage is to solve the problem that attribute encryption is inefficient due to extensive matching operations. (3) Security proof and efficiency analysis are carried out.
【學(xué)位授予單位】：西安電子科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TN918.4

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 金永濤 ,白焰;新穎的子目錄加密機(jī)制[J];電腦編程技巧與維護(hù);1994年08期

2 金永濤 ,白焰;新穎的子目錄加密機(jī)制[J];電腦編程技巧與維護(hù);1994年02期

3 李建峰;談信用卡系統(tǒng)中的信息加密機(jī)制[J];電腦與信用卡;1996年04期

4 石軍;;城市軌道交通信號(hào)系統(tǒng)網(wǎng)絡(luò)傳輸安全加密機(jī)制討論[J];科技信息;2013年06期

5 單康康;江肖強(qiáng);;混合加密機(jī)制降低計(jì)算復(fù)雜度[J];中國教育網(wǎng)絡(luò);2011年Z1期

6 武蓓;王勁林;倪宏;陳君;;一種廣播加密機(jī)制的樹再生長(zhǎng)方法[J];計(jì)算機(jī)工程;2007年22期

7 張衡,張玉芳;具有加密機(jī)制的防火墻在零售行業(yè)中的應(yīng)用[J];計(jì)算機(jī)工程與設(shè)計(jì);2005年08期

8 崔國華,洪帆,付小青,胡倫駿;數(shù)據(jù)庫系統(tǒng)中一種更安全的加密機(jī)制[J];華中理工大學(xué)學(xué)報(bào);2000年07期

9 李尚;縱姝潔;肖漢;;一種XML報(bào)警消息的加密機(jī)制研究[J];微計(jì)算機(jī)信息;2008年24期

10 謝學(xué)智;李春曉;;屬性加密機(jī)制在電子政務(wù)中的應(yīng)用[J];中國科技論文;2013年01期

相關(guān)會(huì)議論文 前3條

1 趙洋;秦志光;藍(lán)天;王佳昊;;基于可驗(yàn)證加密機(jī)制的多方公平交換協(xié)議[A];全國網(wǎng)絡(luò)與信息安全技術(shù)研討會(huì)論文集（下冊(cè)）[C];2007年

2 周香凝;;一種支持快速查詢的敏感數(shù)據(jù)加密機(jī)制[A];計(jì)算機(jī)技術(shù)與應(yīng)用進(jìn)展——全國第17屆計(jì)算機(jī)科學(xué)與技術(shù)應(yīng)用（CACIS）學(xué)術(shù)會(huì)議論文集（下冊(cè)）[C];2006年

3 單康康;江肖強(qiáng);;混合加密機(jī)制在DNSSEC中的應(yīng)用研究[A];中國高等教育學(xué)會(huì)教育信息化分會(huì)第十次學(xué)術(shù)年會(huì)論文集[C];2010年

相關(guān)重要報(bào)紙文章 前1條

1 馬云飛;WLAN安全要等一年[N];中國計(jì)算機(jī)報(bào);2003年

相關(guān)碩士學(xué)位論文 前2條

1 張冠群;分層的屬性加密機(jī)制研究[D];西安電子科技大學(xué);2014年

2 王雅寧;數(shù)字集群通信系統(tǒng)加密機(jī)制的研究[D];哈爾濱工業(yè)大學(xué);2006年

，

本文編號(hào)：2382152