云存储密文的静态性增大了攻击者通过获取密钥破解密文的概率,而基于密钥分发和重加密的密文密钥更新则开销过大.针对此问题,提出一种支持高效密文密钥同步演化的安全数据共享方案(CKSE-SDS),通过在广播加密中引入密码学累加器构造支持时间周期性跳变的拟态变换因子,并基于密文及密钥的动态分割与融合实现高效的密文密钥同步演化,从而减少了加密过程和私钥分发的确定性,增大了攻击者利用安全漏洞获取密文密钥并破解密文的难度.理论分析及安全性证明表明,该方案在支持数据安全高效访问条件下,可有效降低攻击者攻击成功的概率,提升系统的主动安全防御能力.%The static property of stored ciphertext in cloud increases the probability that an attacker can crack the ciphertext by obtaining a key, while ciphertext and key updates based on key distribution and re-encryption are exces-sively expensive. For this problem, a secure data sharing scheme supporting efficient synchronous evolution for ciphertext and key (CKSE-SDS) was proposed. By introducing cryptography accumulator in broadcast encryption, mim-icry transformation factor could be constructed supporting time-hopping periodically and efficient synchronous evolution for ciphertext and key could be achieved based on dynamic segmentation and fusion of ciphertext and key, which reduced certainty in the process of encryption and key distribution and increased the difficulty for attackers exploiting security vulnerabilities to obtain key to crack ciphertext as well. Theoretical analysis and security proofs show that the proposed scheme can support secure and efficient data access as well as reduce the probability of a successful attack effectively for an attacker, which can also enhance the system's active security defense capability.
展开▼
