CN101150394B - User end extension method for subset difference/layered subset difference mechanism - Google Patents
User end extension method for subset difference/layered subset difference mechanism Download PDFInfo
- Publication number
- CN101150394B CN101150394B CN200610113331A CN200610113331A CN101150394B CN 101150394 B CN101150394 B CN 101150394B CN 200610113331 A CN200610113331 A CN 200610113331A CN 200610113331 A CN200610113331 A CN 200610113331A CN 101150394 B CN101150394 B CN 101150394B
- Authority
- CN
- China
- Prior art keywords
- key
- difference
- subclass
- user side
- tree
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
This invention discloses an expading method for user terminals of a subset difference/hierarchical subset difference system including: setting up an expanded logic ciphered key tree with an expanded user terminal as the leaf node, merging the expanded tree with the original tree before expansion to form expanded ciphered key trees, distributing independent key labels for other sub-trees and nodes to set up a key system with unchanged key label and system of the original user terminal before expansion, setting up pre-distributed keys of the expanded user terminals with unchanged pre-distrubuted keys of the user terminals before expansion, encrypting M and setting up broadcast information transmitted in channels when transmiting tip to any subset of the user terminal, which analyzes and deciphers the broadcast information to get cleartext of M.
Description
Technical field
The present invention relates to a kind of method that a classified information is given the random subset of user side of on broadcasting and multicast channel, transmitting safely, be particularly related to a kind of subclass difference (Subset Difference, abbreviate SD as)/the machine-processed user side extended method of layering subclass difference (Layered Subset Difference abbreviates LSD as).
Background technology
Broadcast enciphering (broadcast encryption) technology is meant and only adopts one-way channel, need not the key management distribution mechanisms that two-way handshake communication just can be broadcasted classified information to the random subset of large-scale consumer.The development of broadcast encryption mechanisms can be divided into according to structure type: based on the broadcast encryption mechanisms of matrix type structure with based on two stages of broadcast encryption mechanisms of tree.Calendar year 2001, D.Naor, M.Naor and Lotspiech unite and proposed a kind of new tree type broadcast encryption mechanisms: subclass difference (Subset Difference) method abbreviates NNL mechanism or SD mechanism as.This mechanism covers by adopting the difference subclass, and the key expense of compromised communication overhead and user side has improved key distribution efficient, is applicable to real system.Halevi D and Shamir A have proposed layering subclass difference (Layered Subset Difference, abbreviate LSD as) mechanism, carry out secondary and split by SD mechanism being split the difference subclass that obtains, reduced the cipher key number that user side needs safe storage, reduced the key expense.
But SD mechanism and LSD mechanism all are to be that the logic key tree that leaf node is set up a static state comes the preassignment key of distributing user with all user sides, therefore the problem that existence can't the extending user end.
Summary of the invention
Thereby the objective of the invention is to solve subclass difference/layering subclass differential mechanism since based on static keys tree distributing user preassignment key can't the extending user end problem, the user side extended method of a kind of subclass difference/layering subclass differential mechanism is provided.
To achieve these goals, the invention provides the user side extended method of a kind of subclass difference/layering subclass differential mechanism, comprise the steps:
1) user side with all expansions is that leaf node is set up expansion logic key tree, i.e. expansion tree;
2) with previous step rapid 1) expansion tree and expansion before the primary key tree (original tree) of system merge, make up the user key tree after the expansion;
3) key-label and the cipher key system in the primary key tree is constant, for other nodes and other subtree distributing independent key-labels, sets up cipher key system;
4) the preassignment key of system subscriber terminal is constant before the expansion, the key-label of the node that the road from the root node of this cipher key system to the node of user side correspondence in all cipher key systems that the preassignment key of the user side of expansion belongs to for this user side hangs;
When 5) transmission classified information M gives the random subset S of user side, classified information M is encrypted, construct the broadcast of in channel, transmitting;
6) treatment mechanism of user side is: according to the preassignment key described broadcast is resolved deciphering, obtain the plaintext M of classified information.
In technique scheme, further, broadcast is made up of three parts described in the described step 5): ciphertext M ', disjoint difference subclass { S that S is split into
I, jAnd encrypt respectively with the difference key after random key K; The construction method of the broadcast of transmitting in channel is: utilize and generate ciphertext M ' behind the random key K secret encryption message M, the disjoint difference subclass { S that splits into S
I, jCorresponding difference key difference encrypted random keys K.
Further, S is split into disjoint difference subclass { S
I, jMethod comprise: the user side that progressively shifts out each expansion in system key tree is the subtree of leaf node, carries out the fractionation of subclass according to subclass difference/layering subclass differential mechanism again.
Further, user side u comprises the processing method of described broadcast in the described step 6): the difference subclass in the described broadcast is partly resolved, and (m n) makes u ∈ S to find the difference subclass
M, n, wherein, u represents user side, (m, n) expression difference subclass; Preassignment cipher key calculation according to user side oneself goes out S again
M, nCorresponding difference key, the key after utilizing this difference key to the encryption in the described broadcast is partly deciphered and is calculated random key K, and deciphering obtains the plaintext of classified information M to the ciphertext M ' in the described broadcast to utilize random key K at last.
Further, repeating said steps 1)---step 6), can carry out the repeatedly expansion of system subscriber terminal.
Compared with prior art, the invention has the advantages that:
1) solved the problem that subclass difference/layering subclass differential mechanism can't the extending user end, on the basis of preassignment key that does not influence the original user of system and decryption processing, can be dynamically the user side of expanding system in bulk;
2) extended method of the present invention is transparent to the original user of system, and the original user of system is not aware of the existence of extending user.
Description of drawings
User key tree when Fig. 1 is the extending user end makes up schematic diagram;
Fig. 2 is for splitting into random subset S disjoint difference in collection { S
I, jFlow chart.
Fig. 3 is for to split into disjoint difference subclass { S with random subset S
I, jThe method schematic diagram.
Embodiment
Below in conjunction with the drawings and specific embodiments the present invention is described in further detail:
Before method of the present invention is described, at first subclass difference/layering subclass differential mechanism is carried out simple declaration.Subclass difference (SD) mechanism is that leaf node is set up key tree with all user sides, in this key tree, and node v
iAnd v
j(wherein, v
iBe v
jAncestor node) difference subclass S
I, jExpression,
Be one of each subtree definition of key tree independently cipher key system and distributing independent key-label.The characteristics of this cipher key system are in any one cipher key system, a known node v
iLabel, just can calculate descendants's node v of all these nodes
jLabel and difference subclass S
I, jCorresponding difference key, but when the label of the ancestor node of a node is unknown, the label of this node and difference key are exactly pseudorandom. and the preassignment cipher key calculation that each user side u can preserve by oneself go out the difference key that difference subspace set pair that all u belong to is answered, the preassignment key of user side u is the label of the node that this road of node from this cipher key system root node to the u correspondence hangs in all cipher key systems of belonging to of this user side. when transmitting a classified information safely and give the random subset S of user side, only S need be divided into disjoint difference subclass, the difference key of answering with these difference subspace set pairs is encrypted this classified information respectively and is transferred out. and the user side that mandate arranged goes out the difference key that its difference subspace set pair that belongs to is answered according to the preassignment cipher key calculation of own preservation, just can be to the classified information after encrypting being deciphered with this difference key, the plaintext .LSD mechanism that obtains classified information is carried out the secondary fractionation by the difference subclass that SD mechanism is obtained, having reduced user side, to need the cipher key number .SD mechanism of safe storage and LSD mechanism all be to be that the logic key tree that leaf node is set up a static state comes the preassignment key of distributing user with all user sides, therefore has the i.e. problem of the logic key tree regrowth of static state of user side expansion.
Describe in further detail below in conjunction with the user side extended method of the drawings and specific embodiments subclass difference of the present invention/layering subclass differential mechanism.
When system initially set up, promptly before the extending user end, server was that preassignment key and encrypted transmission classified information are set up, distributed to all original users (user before the expansion) according to SD/LSD mechanism.
During the extending user end, make up user key tree and preassignment key by the method that merges expansion tree and original tree.Supposing the system has been expanded t user side (t is 〉=0 integer, and t=0 represents that system did not expand user side), and this moment, the system key tree was T, and then the construction step set of the user key behind the t+1 time extending user end is:
1) user side with all expansions is that leaf node is set up logic key tree T ' completely;
2) be left subtree with T, T ' is combined into a new logic key tree T for right subtree with these two key trees ";
3) keep the cipher key system and the key-label of all subtrees among the T and node constant, be T " other nodes and other subtree distributing independent key-labels, create a mechanism according to the key of SD/LSD and to set up cipher key system;
4) the preassignment key of original user end is constant.The key-label of the node that the road from the root node of this cipher key system to the node of user side correspondence in all cipher key systems that the preassignment key of extending user end belongs to for this user side hangs.
Behind the t+1 time extending user end, the user key of system tree is exactly key tree T ".
User side of every expansion, server are just used the user key tree that said method is set up system, distribute the preassignment key of extending user end.Because the preassignment key of original user side remains unchanged, the decryption processing mechanism of original user side is constant.
With the first half among Fig. 1 (a) part is example, and when system initially set up (t=0), user's set was
The user key tree of system is root for root node
0Tree T
0(representing with white nodes in the drawings).When the terminal extension user is t=1 for the first time, with the user side set of expansion
The member is root ' for leaf node to setting up root node
1Key tree T '
1(representing with dark node in the drawings).Merge T
0And T '
1, obtaining root node is root
1Bearing-age tree T
1Keep T
0In cipher key system and key-label constant, be T
1Other nodes and other subtree distributing independent key-labels, set up cipher key system, i.e. U according to SD/LSD mechanism
0Middle member's preassignment key is according to key tree T
0The SD/LSD preassignment key of setting up, U
1Middle member's preassignment key is according to key tree T
1The SD/LSD preassignment key of setting up.The rest may be inferred, and the user key tree that makes up during t=2 is shown in the latter half among Fig. 1 (b) part.
When transmission classified information M gives the random subset S of user side, classified information M is encrypted, construct the broadcast of in channel, transmitting.The user side extended method of subclass difference according to claim 1/layering subclass differential mechanism, it is characterized in that, the construction method of the broadcast of transmitting in channel is: generate ciphertext M ' after utilizing random key K to encrypt M, the disjoint difference subclass { S that splits into S
I, jCorresponding difference key encrypts K respectively, described broadcast is made up of three parts: disjoint difference subclass S that ciphertext M ', S split into
I, jWith the key K after the secret key encryption of usefulness difference.
Server security ground transmission classified information M is for the process of the random subset S of user side:
1, server is selected a random key K that classified information M is encrypted and is generated ciphertext M ', cryptographic algorithm F
KExpression, i.e. M '=F
K(M);
2, in described user key tree, S is divided into disjoint difference subclass
And calculate { S
I, jThe difference key of correspondence
3, with described difference key
Respectively the key K of encrypting private information is encrypted and transferred out, encrypt number of times and be the number of the disjoint difference subclass that is divided into, cryptographic algorithm E
The difference keyExpression.
Then the broadcast that makes up of server is by ciphertext M ', the difference subclass S that S splits into
I, jForm with this three part of key K after the secret key encryption of usefulness difference:
In having expanded t user's system, use U
n(0≤n≤t) represents user's set (U of the n time expansion respectively
0Be the original user set), T
nExpression U
nCorresponding user key tree (T
nRoot node v
nExpression), then server S is divided into disjoint difference subclass method as shown in Figure 2: at first allow T
n=T
t, v
n=v
t, carry out following operating procedure then repeatedly, from T
nIn shift out subtree, the difference subclass that increase to split is until subtree T
nRoot node v
nBe exactly T
0Root node v
0:
(1) if key tree T
nRoot node v
nNot T
0Root node v
0, then with T
nLeft subtree T
N-1Shift out, with T
N-1Root node v
N-1Be v
nLeft child node, and with v
N-1Being designated does not have the node of authorizing, and according to SD/LSD mechanism S is being shifted out T
N-1Key tree T
nIn the authorized user set of having split into disjoint difference subclass
The number of the subclass that splits is m
n
(2) as tree T
nRoot node v
nBe original user set U
0Affiliated subtree T
0Root node v
0The time, according to the method for splitting of SD/LSD mechanism to S at key tree T
nIn the authorized user set of having split into disjoint difference subclass
The number of the subclass that splits is m
0
In having expanded t user's system, the process that server is divided into disjoint difference subclass with S as shown in Figure 3.Use respectively
Represent
Corresponding difference key, then the broadcast of server structure is:
For user side u, the broadcast that it receives is:
Because the preassignment key of original user side is constant, therefore the treatment mechanism of original user side can not change, user side u does not need to know oneself to be the original user side or the user side of expansion, and the treatment mechanism of user side is the same in its treatment mechanism and the SD/LSD mechanism:
(a) user side u partly resolves the difference subclass in the described broadcast, finds i
j (n)Make
(when can not find i
j (n)Make
The time, when promptly u was not in having user's S set of authorizing the reception classified information, u finished dealing with to described broadcast, does not carry out following step).
(b) the preassignment cipher key calculation of preserving from user side u i
j (n)Corresponding difference key
(d) pass through with key K M ' deciphering: D
K(M ') obtains private message M.
Because the difference subclass that server end will have user's set of mandate to be divided into is non-intersect, then u at most only belongs to one of them subclass, can only obtain a result in the promptly above-mentioned first step at most.
It should be noted last that, although above embodiment is only unrestricted in order to technical scheme of the present invention to be described. with reference to embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that, technical scheme of the present invention is made amendment or is equal to replacement, the spirit and scope that do not break away from technical solution of the present invention, it all should be encompassed in the middle of the claim scope of the present invention.
Claims (5)
1. the user side extended method of subclass difference/layering subclass differential mechanism comprises the steps:
1) user side with all expansions is that leaf node is set up expansion logic key tree;
2) with previous step rapid 1) expansion logic key tree and expansion before the primary key tree of system merge, make up the user key tree after the expansion;
3) key-label and the cipher key system in the primary key tree is constant, for other nodes and other subtree distributing independent key-labels, sets up cipher key system;
4) the preassignment key of system subscriber terminal is constant before the expansion, the key-label of the node that the road from the root node of this cipher key system to the node of user side correspondence in all cipher key systems that the preassignment key of the user side of expansion belongs to for this user side hangs;
When 5) transmission classified information M gives the random subset S of user side, classified information M is encrypted, construct the broadcast of in channel, transmitting;
6) treatment mechanism of user side is: according to the preassignment key described broadcast is resolved deciphering, obtain the plaintext of classified information M.
2. according to the user side extended method of the described subclass difference of claim 1/layering subclass differential mechanism, it is characterized in that, the broadcast of transmitting in channel described in the described step 5) is made up of three parts: ciphertext M ', disjoint difference subclass { S that described random subset S is split into
I, jAnd encrypt respectively with the difference key after random key K; The construction method of described broadcast is: utilize and generate ciphertext M ' behind the random key K secret encryption message M, the disjoint difference subclass { S that splits into S
I, jCorresponding difference key difference encrypted random keys K.
3. according to the user side extended method of the described subclass difference of claim 2/layering subclass differential mechanism, it is characterized in that, S is split into disjoint difference subclass { S
I, jMethod comprise: the user side that progressively shifts out each expansion in system key tree is the subtree of leaf node, carries out the fractionation of subclass according to subclass difference/layering subclass differential mechanism again.
4. according to the user side extended method of claim 1,2 or 3 described subclass difference/layering subclass differential mechanisms, it is characterized in that, user side comprises the processing method of described broadcast in the described step 6): the difference subclass in the described broadcast is partly resolved, find difference subclass { S
I, jMake u ∈ S
M, n, wherein, u represents user side; Preassignment cipher key calculation according to user side oneself goes out S again
M, nCorresponding difference key, the key after utilizing this difference key to the encryption in the described broadcast is partly deciphered and is calculated random key K, and deciphering obtains the plaintext of classified information M to the ciphertext M ' in the described broadcast to utilize random key K at last.
5. according to the user side extended method of the described subclass difference of claim 1/layering subclass differential mechanism, it is characterized in that, also comprise: by repeating said steps 1)---step 6) realizes the repeatedly expansion of system subscriber terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200610113331A CN101150394B (en) | 2006-09-22 | 2006-09-22 | User end extension method for subset difference/layered subset difference mechanism |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200610113331A CN101150394B (en) | 2006-09-22 | 2006-09-22 | User end extension method for subset difference/layered subset difference mechanism |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101150394A CN101150394A (en) | 2008-03-26 |
CN101150394B true CN101150394B (en) | 2010-05-12 |
Family
ID=39250750
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200610113331A Expired - Fee Related CN101150394B (en) | 2006-09-22 | 2006-09-22 | User end extension method for subset difference/layered subset difference mechanism |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101150394B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102394744B (en) * | 2011-11-10 | 2014-04-16 | 香港应用科技研究院有限公司 | System of using broadcast encryption to carry out content distribution and method thereof |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1359574A (en) * | 1999-07-06 | 2002-07-17 | 松下电器产业株式会社 | Distributed group key management scheme for secure many-to-many communication |
-
2006
- 2006-09-22 CN CN200610113331A patent/CN101150394B/en not_active Expired - Fee Related
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1359574A (en) * | 1999-07-06 | 2002-07-17 | 松下电器产业株式会社 | Distributed group key management scheme for secure many-to-many communication |
Also Published As
Publication number | Publication date |
---|---|
CN101150394A (en) | 2008-03-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101217362B (en) | RFID communication security mechanism established based on dynamic randomization DRNTRU public key encryption system | |
Boneh et al. | Function-private identity-based encryption: Hiding the function in functional encryption | |
Li et al. | Privacy-aware attribute-based encryption with user accountability | |
Derler et al. | Revisiting proxy re-encryption: forward secrecy, improved security, and applications | |
CN108880801B (en) | Distributed attribute-based encryption method for supporting fine-grained attribute revocation in lattice manner | |
Huang et al. | Cryptosystem using chaotic keys | |
Wang et al. | A key-policy attribute-based encryption scheme with constant size ciphertext | |
CN101150395B (en) | A L4 encryption method of double group of encrypted authorization management system | |
Abusukhon et al. | New direction of cryptography: A review on text-to-image encryption algorithms based on RGB color value | |
US20080075287A1 (en) | Method and apparatus for tracing the source of decryption keys used by a decoder | |
Xu et al. | Efficient ciphertext-policy attribute-based encryption with blackbox traceability | |
CN101873214A (en) | Method for generating, encrypting and decrypting key in broadcast encryption as well as device | |
CN108880796A (en) | It is a kind of for server efficiently based on the outsourcing decryption method of encryption attribute algorithm | |
CN104836657A (en) | Identity anonymity-based broadcast encryption method having efficient decryption characteristic | |
CN106533656A (en) | Key multilayer mixed encryption/decryption method based on WSN | |
CN101170404A (en) | Method for secret key configuration based on specified group | |
Lian et al. | Large universe ciphertext-policy attribute-based encryption with attribute level user revocation in cloud storage. | |
Gay et al. | Tight adaptively secure broadcast encryption with short ciphertexts and keys | |
Al-Arjan et al. | Intelligent security in the era of AI: The key vulnerability of RC4 algorithm | |
CN114095171A (en) | Identity-based wearable proxy re-encryption method | |
Albu-Rghaif et al. | A data structure encryption algorithm based on circular queue to enhance data security | |
FU et al. | Secure personal data sharing in cloud computing using attribute-based broadcast encryption | |
CN101150394B (en) | User end extension method for subset difference/layered subset difference mechanism | |
JP2002152189A (en) | Open key distributing method, and open key transmitting device and open key receiving device used for the same method | |
Touati et al. | Instantaneous proxy-based key update for cp-abe |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100512 Termination date: 20110922 |