The current identity-based encryption based hidden credential can not support 1-N communication, endures no identity fuzzy and lefts open to conspiracy crack,which brings great limitation to its availability. In this paper,an attribute-based encryption based hidden credentials extended model was presented which solves those dilemmas of basic hidden credential system, meanwhile, the extended model keeps the advantages in protecting all the certificates, resources and strategies safe in trust negotiation. Since in ABE system, each participant has and only has one attribute-set certificate,the extended model significantly improves the efficiency of decryption process. On the other hand, through the random control in certificate issue process, the possibility of conspiracy crack is also eliminated. In addition, we described their performance,security and applications in detail. Finally,the farther research directions were suggested.%当前基于身份加密体系的隐藏证书无法实现一对多的信息传输,对身份信息不具备容错功能,且密文容易被共谋破解,这些缺点导致其在实际应用中受到诸多限制.提出了基于属性加密的隐藏证书扩展模型,解决了原隐藏证书技术存在的上述问题,并在信任协商过程中保留了隐藏证书技术对于证书、资源和策略的隐藏和保护功能.在扩展模型中加密和解密都是基于属性集合的,因此提升了交互双方的信息安全级别.另外,通过对属性集证书发放过程的随机性控制,消除了共谋破解的可能.同时,分析了该扩展模型的性能、安全性和应用场景等,最后指出了今后的研究方向.
展开▼
