网络与信息安全学报2024,Vol.10Issue(2):81-94,14.DOI:10.11959/j.issn.2096-109x.2024023
支持属性立即撤销的可复用属性基签名及其密钥协商方案
Reusable attribute-based signature with attribute revocation and authenticated key agreement
摘要
Abstract
In the pursuit of establishing a unified model for fine-grained access control and secure data communication within a distributed microservices architecture,a verifier-policy attributed-based signature(VP-ABS)scheme,augmented with attribute revocation and an authenticated key agreement protocol,was proposed.This scheme was underpinned by Type-3 pairing.In this scheme,signatures generated by signers were linked solely to a subset of the signer's attributes and were disassociated from the access policy.This decoupling allowed for the reusability of the signer's signature across multiple access policies.Additionally,an attribute-Hash filter algorithm was introduced to facilitate a direct attribute revocation mechanism within the proposed VP-ABS scheme.This mechanism was designed to prevent users from authenticating with expired attributes.To further secure data communication,a mutually authenticated key agreement protocol was also proposed.This protocol was secure within the framework of the extended Canetti-Krawczyk(eCK)model and was built upon the foundation of the VP-ABS scheme.A rigorous unforgeability proof for the VP-ABS scheme was provided.Ultimately,theoretical comparisons and simulation experiments conducted at a 128-bit advanced encryption standard(AES)security level demonstrated that the proposed attribute-based authentication and secure communication scheme outperforms other contemporary schemes in terms of efficiency.关键词
细粒度访问控制/属性哈希过滤/属性撤销/解耦式属性基签名/互认证密钥协商/不可伪造性Key words
fine-grained access control/attributed Hash filter/attributed direct revocation/policy-decoupled attribute-based signature/mutually authenticated key agreement protocol/existentially unforgeable分类
信息技术与安全科学引用本文复制引用
张智烁,杨会喜,黄文,廖永建,周世杰..支持属性立即撤销的可复用属性基签名及其密钥协商方案[J].网络与信息安全学报,2024,10(2):81-94,14.基金项目
中央高校国产移动终端操作系统高安全性关键技术研究及方案设计(No.ZYGX2020ZB019)Research and Solution Design of High Security Key Technologies for Domestic Mobile Terminal Operating Systems(No.ZYGX2020ZB019) (No.ZYGX2020ZB019)
