論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available
博碩士論文 etd-0719118-134048 詳細資訊
Title page for etd-0719118-134048
論文名稱 Title |
植基於謂詞加密且具屬性隱藏並支援匿名分享之存取機制 Attribute Hiding Access Control with Anonymous Sharing Using Predicate Encryption |
||
系所名稱 Department |
|||
畢業學年期 Year, semester |
語文別 Language |
||
學位類別 Degree |
頁數 Number of pages |
50 |
|
研究生 Author |
|||
指導教授 Advisor |
|||
召集委員 Convenor |
|||
口試委員 Advisory Committee |
|||
口試日期 Date of Exam |
2018-07-13 |
繳交日期 Date of Submission |
2018-08-19 |
關鍵字 Keywords |
匿名性、匿名分享、屬性隱藏、謂詞加密、存取控制 Anonymity, Attribute Hiding, Predicate Encryption, Access Control, Anonymous Sharing |
||
統計 Statistics |
本論文已被瀏覽 5632 次,被下載 0 次 The thesis/dissertation has been browsed 5632 times, has been downloaded 0 times. |
中文摘要 |
在現代社會中,我們越發依賴雲端伺服器來提供存儲空間和服務。 但是在增進生活的便利性的同時,我們可能會因為使用了雲端服務而喪失了隱私。 最自然的解決方法就是將存儲在雲端的個人資訊進行加密,但由於加密過後的資訊難以搜索,因此也會妨礙數據的處理。 謂詞加密是可搜索加密的一個子集,它提供了一種通過利用與某些屬性關聯的密鑰來搜索加密數據的方法。 然而,這並不能保證我們的網路活動還是能保持匿名性,因為資訊仍然可能通過搜尋或搬動數據而洩露。 在本論文中,我們首先建立了如何通過匿名路由和不可鏈接操作來確保網路隱私。 然後我們提出一個使用謂詞加密並支援匿名分享的存取控制系統。 我們同時也證明了此系統屬性隱藏功能的安全性證明並提出其可能的應用。 |
Abstract |
In modern society we rely greatly on cloud servers to provide storage and service. However, through our usage of cloud services, privacy may come as a cost to our convenience. Encrypting contents stored in the cloud is a natural solution to protect our personal information, but it also hinders the handling of data since it is difficult to search over encrypted information. Predicate encryption, a sub-set of searchable encryption, offers a way to search encrypted data through utilizing a secret key associated with a certain set predicate. However this does not guarantee online anonymity since information could still be leaked through the handling of data. In this thesis we first establish the steps to ensure online privacy through anonymous routing and unlinkable operations. We then propose an access control system that supports anonymous sharing using predicate encryption. We give security proof on the attribute hiding features and possible applications of our scheme. |
目次 Table of Contents |
論文審定書 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i 論文授權書 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iii Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v 摘要 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii List of Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Chapter 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Chapter 2 Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.1 Privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.1.1 Anonymous Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1.2 Unlinkable Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.1.3 Total Anonymity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.2 Pairings and Complexity Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.2.1 The Non-Trivial Factoring of N Problem . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3 Predicate Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.3.1 Security Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Chapter 3 Related Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.1 Boneh et al.’s PKE with Keyword Search . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.2 Katz et al.’s Inner Product Predicate Encryption . . . . . . . . . . . . . . . . . . . . 11 3.3 Okamoto et al.’s HPE for Inner-Products . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.4 Li et al.’s APKS over Encrypted Data . . . . . . . . . . . . . . . . . . . . . . . . . . 13 3.5 Oblivious Transfer/Private Information Retrieval . . . . . . . . . . . . . . . . . . . . . 14 3.6 Ring Signature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Chapter 4 Our Construction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.1 Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.2 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 4.2.1 Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 4.2.2 Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 4.2.3 Generating Token . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 4.2.4 Query . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 4.2.5 Rerandomizing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 4.3 Correctness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 Chapter 5 Applications of Our Construction . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.1 Access Rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.1.1 Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.1.2 Writing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.1.3 Editing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 5.1.4 Deletion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 5.2 Our System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.2.1 Initializing the Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.2.2 Retrieving Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.2.3 Preparing Files and Tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 5.2.4 Adding to the Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 5.2.5 Sharing Access Rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 5.2.6 A Simple Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 Chapter 6 Security Proof . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 6.1 Threat Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 6.1.1 Security of Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 6.1.2 Security of Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 6.1.3 Security of Rerandomized Tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Chapter 7 Comparisons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Chapter 8 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 |
參考文獻 References |
[1] Steven Musil Alfred Ng. Equifax data breach may affect nearly half the us population. https://www.cnet.com/news/equifax-data-leak-hits-nearly-half-of-the-us-population/. Published:2017-09-07. [2] Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. Public key encryption with keyword search. In Advances in Cryptology - EUROCRYPT 2004, pages 506–522. Springer Berlin Heidelberg, 2004. [3] Dan Boneh, Eu-Jin Goh, and Kobbi Nissim. Evaluating 2-dnf formulas on ciphertexts. In Proceedings of the Second International Conference on Theory of Cryptography, pages 325–341. Springer-Verlag, 2005. [4] Dan Boneh and Brent Waters. Conjunctive, subset, and range queries on encrypted data. IACR Cryptology ePrint Archive, 2006:287, 2006. [5] Jonathan Katz, Amit Sahai, and Brent Waters. Predicate encryption supporting disjunctions, polynomial equations, and inner products. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 146–162. Springer, 2008. [6] Ming Li, Shucheng Yu, Ning Cao, and Wenjing Lou. Authorized private keyword search over encrypted data in cloud computing. In Distributed Computing Systems (ICDCS), 2011 31st International Conference on, pages 383–392. IEEE, 2011. [7] Mix. Dutch police secretly ran a huge dark web drug marketplace for a month. https://thenextweb.com/insider/2017/07/20/police-fbi-drug-dark-web-market/. Published: 2017-07-20. [8] Tatsuaki Okamoto and Katsuyuki Takashima. Hierarchical predicate encryption for innerproducts. In International Conference on the Theory and Application of Cryptology and Information Security, pages 214–231. Springer, 2009. [9] Andrea Peterson. ebay asks 145 million users to change passwords after data breach. https://www.washingtonpost.com/news/the-switch/wp/2014/05/21/ebay-asks-145-million-users-to-change-passwords-after-data-breach/. Published: 2014-05-21. [10] Ryan Knutson Robert McMillan and Deepa Seetharaman. Yahoo discloses new breach of 1 billion user accounts. https://www.wsj.com/articles/yahoo-discloses-new-breach-of-1-billion-user-accounts-1481753131. Updated: 2016-12-15. [11] Dawn Xiaodong Song, David Wagner, and Adrian Perrig. Practical techniques for searches on encrypted data. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, pages 44–. IEEE Computer Society, 2000. |
電子全文 Fulltext |
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。 |
紙本論文 Printed copies |
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。 開放時間 available 已公開 available |
QR Code |
國立中山大學 圖書與資訊處 │ 諮詢服務:2452 論文審查小組 │ 服務信箱 │ 系統開發維運:圖資處知識創新組
Office of Library and Information Services, National Sun Yat-sen University │ Contact Us : 2452 Thesis Format Review Team , Mail │ Development and operations : Knowledge Innovation Division, LIS