CP-ABE中的動態金鑰更新與委託機制

Hui-Chung Ho; 何慧忠

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/51743

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	賴飛羆(Feipei Lai)
dc.contributor.author	Hui-Chung Ho	en
dc.contributor.author	何慧忠	zh_TW
dc.date.accessioned	2021-06-15T13:47:24Z	-
dc.date.available	2016-02-16
dc.date.copyright	2016-02-16
dc.date.issued	2015
dc.date.submitted	2015-11-16
dc.identifier.citation	[1] Sahai, A. and Waters, B., 2005, “Fuzzy identity-based encryption,” in Advances in Cryptology–Eurocrypt 2005, volume 3494, pages 457–473. Springer. [2] Bethencourt, J., Sahai, A., and Waters, B., 2007, “Ciphertext-policy attribute-based encryption,” in Proceedings of the 2007 IEEE Symposium on Security and Privacy. IEEE Computer Society, pp. 321–334. [3] Goyal, V., Pandey, O., Sahai, A. and B. Waters, 2006, “Attribute-based Encryption For fine-Grained Access Control of Encrypted Data,” Proceedings of the 13th ACM Conference on Computer and Communications Security, pages 89–98. [4] Pirretti M., Traynor, P., McDaniel, P. and Waters, B., 2006, “Secure attribute-based systems,” in Proceedings of the 13th ACM Conference on Computer and Communications Security, ser. CCS ’06. New York, NY, USA: ACM, pp. 99–1. [5] Xu, Z. and Martin, K.M., 2012, “Dynamic user revocation and key refreshing for attribute-based encryption in cloud storage,” in Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on, pp. 844–849. [6] Blaze, M., Bleumer, G. and Strauss, M., 1998, “Divertible protocols and atomic proxy cryptography,” in In EUROCRYPT. Springer-Verlag, pp. 127–144. [7] Shinde, M.V. and Hingoliwala, H.A., 2015, “Secure Cloud Storage using Multi Attribute Authority with Multi Central Authority,” Volume 3 Issue 4, International Journal on Recent and Innovation Trends in Computing and Communication (IJRITCC), ISSN: 2321-8169, PP: 1797 – 1801. [8] Yang, K., Jia, X.h., Ren, K., Zhang, B.,and Xie, R.t., 2013, “DAC-MACS:Effective Data Access Control for Multiauthority Cloud Storage Systems,” IEEE Transaction on Information Forensics and Security, Vol.8,No.11,Nov 2013. [9] Touati, L. and Challal, Y., 2015, “Batch-Based CP-ABE with Attribute Revocation Mechanism for the Internet of Things”. [10] Jahid, S. and Borisov, N., 2012, “PIRATTE: Proxy-based Immediate Revocation of ATTribute-based Encryption,”. [11] Hur, J.; Koo, D.; Hwang, S.O. and Kang, K., 2013, “Removing escrow from ciphertext policy attribute-based encryption.”, Computers & Mathematics with Applications 65 (9), 1310-1317.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/51743	-
dc.description.abstract	Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a useful asymmetric encryption algorithm compared to traditional asymmetric cipher key systems. It enables encrypted data to be stored on cloud server with every of them retaining their own access permissions without the need of additionally define access control permission on the cloud server. In highly dynamic and heterogeneous cloud environment it is a challenging task to maintain data protections by just utilizing fine-grained access policy of CP-ABE. User rights management is made harder to implement on such systems without user interventions. Currently there is no solution from the cryptosystem that supports efficient and direct key update and user revocations. Besides, backward secrecy and forward secrecy are not supported in the CP-ABE cryptosystem. Existing revocation methods are not encouraged to deploy in large cloud environment due to their high key processing overhead upon new user joining, revoked or being assigned with a new group key. In this paper, we proposed a method to dynamically authorize the users. The key feature of our model is the users do not have to involve in key revocation process. Our model utilizes different user authentication sessions to restrict their keys to a particular session and this approach could achieve direct user revocations within a group. The operation does not require re-encryption of existing ciphertext. Our method supports backward and (perfect) forward secrecy and is escrow-free. Lastly, we present that our method is efficient in the situation where users are changing groups frequently and our method is secured under chosen identity key attack.	en
dc.description.provenance	Made available in DSpace on 2021-06-15T13:47:24Z (GMT). No. of bitstreams: 1 ntu-104-R02922138-1.pdf: 8435391 bytes, checksum: 7a5523ef5769255c65cd384556eccbbc (MD5) Previous issue date: 2015	en
dc.description.tableofcontents	1 Introduction 1 1.1 Cloud Storage 1 1.2 Security Issues 1 2 Ciphertext-Policy Attribute-Based Encryption 4 2.1 History 4 2.2 CP-ABE Scheme 5 2.2.1 Bilinear Map 7 2.2.2 Access structure 7 2.2.3 Construction 9 2.2.3.1 Setup 9 2.2.3.2 Encryption 10 2.2.3.3 KeyGen 11 2.2.3.4 Decryption 12 2.2.4 Architecture 14 2.3 Limitations 15 2.3.1 Backward Secrecy 16 2.3.2 Forward Secrecy 18 2.3.3 Revocation 19 2.3.4 Key Escrow 20 2.4 Motivation 21 2.5 Expected Achievements 22 3 Dynamic Key Update & Delegation in CP-ABE 23 3.1 Overview of DKUD 23 3.2 Related Work 24 3.3 Contributions 26 3.4 DKUD Scheme 27 3.4.1 Architecture 27 3.4.1.1 Assumptions 28 3.4.1.2 List of Notations 28 3.4.1.3 Initialization 30 3.4.1.4 Document Sharing 32 3.4.2 Construction 41 3.4.2.1 List of Notations 41 3.4.2.2 [1/6] Setup 45 3.4.2.3 [2/6] Encryption 46 3.4.2.4 [3/6] KeyGen 47 3.4.2.5 [4/6] KeyUpdate 48 3.4.2.6 [5/6] KeyDelegate 49 3.4.2.7 [6/6] Decryption – 1/2 50 3.4.2.8 [6/6] Decryption – 2/2 52 3.4.3 Security Analysis of DKUD 53 3.4.3.1 DBDH Assumption 53 3.4.3.2 Security Game 54 3.4.3.3 Security Proof 55 4 Conclusion 58 5 Future Work 58 6 References 60
dc.language.iso	en
dc.subject	密文策略?性加密	zh_TW
dc.subject	金鑰更新	zh_TW
dc.subject	使用者權限註銷	zh_TW
dc.subject	動態授權	zh_TW
dc.subject	權限控管	zh_TW
dc.subject	CP-ABE	en
dc.subject	Access Control	en
dc.subject	Key update	en
dc.subject	User revocation	en
dc.subject	Dynamically authorize	en
dc.subject	Forward secrecy	en
dc.title	CP-ABE中的動態金鑰更新與委託機制	zh_TW
dc.title	Dynamic Key Update & Delegation In CP-ABE	en
dc.type	Thesis
dc.date.schoolyear	104-1
dc.description.degree	碩士
dc.contributor.oralexamcommittee	蕭旭君(Hsu-Chun Hsiao),陳澤雄(Ze-Xiong Chen),鐘玉芳(Yu-Fang Chung),周憲政(Hsian-Cheng Chou)
dc.subject.keyword	權限控管,金鑰更新,使用者權限註銷,動態授權,密文策略?性加密,	zh_TW
dc.subject.keyword	Access Control,Key update,User revocation,Dynamically authorize,Forward secrecy,CP-ABE,	en
dc.relation.page	61
dc.rights.note	有償授權
dc.date.accepted	2015-11-18
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	資訊工程學研究所	zh_TW
顯示於系所單位：	資訊工程學系

文件中的檔案：

檔案	大小	格式
ntu-104-1.pdf 未授權公開取用	8.24 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。