An innovative key agreement protocol with complex attribute authentication based on blockchain

【Author】 Hu, Shengzhou; Li, Wenhao; Zhong, Tingting; He, Hua

【Source】PEER-TO-PEER NETWORKING AND APPLICATIONS

【影响因子】3.488

【Abstract】In cloud environment, attribute-based key agreement (AB-KA) protocol can be applied in the practical scenario of achieving session key by mutual attribute authentication. The adopted attribute-based encryption (ABE) technology for attribute authentication in the traditional AB-KA protocols only depict the simple operation of attributes, such as AND, OR, Threshold, etc. The traditional ABE access structures, just like polynomial function, Linear Secret Sharing Scheme (LSSS), AND-gate etc., hardly depict the complex attribute relationships. Hence, the existing protocols based on such ABE schemes cannot depict the entities' authentication of complex attribute relations, such as that the average value of 30 attributes is greater than or equal to 80. For solving the problem, we introduce the technology of attribute predicate (AP) for enhancing the entity authentication function. AP constructs the comprehensive attribute calculation with various operations, such as arithmetic operations, relational operations, string operations, etc. Besides, there is another problem, that is, the power of attribute authority (AA) in traditional AB-KA protocol is highly concentrated, which easily suffers from single point failure or privacy leakage. Blockchain has the advantages of decentralization, anti-tamper, traceability and distributed database. To effectively prevent the security problems in the single centralized authorization mode and avoid the corresponding performance bottleneck, we tried to apply consortium blockchain (CB) to construct AB-KA protocol. A two-party key agreement protocol with and-gate attribute-predicate encryption on blockchain (AG-APE-BC-KA) was proposed in the paper. Attribute-based access control processes can be traced by recording and viewing the access authorization and access processes via the CB technology. The proposed scheme adopted AP to depict more general and flexible attribute relationship for generating the session key of communication users. It also enhanced the tracking of AA's authority and data security on cloud storage. Under the decision q-parallel bilinear Diffie-Hellman exponent (q-PBDHE) hypothesis, the protocol is securely proved to be true under the attribute-based BJM (Black-Johnson-Menezes) model. The protocol with CB has high efficiency and better security. In particular, it completely satisfies many scenarios needing the complex attribute authentication.

【Keywords】Attribute predication encryption; Key agreement; And-gate multi-value; Protocol; Blockchain

【发表时间】2023 2023 MAY 22

【收录时间】2023-06-08

【文献类型】

【主题类别】

--