Information Technology Reference
In-Depth Information
in the LSSS to the actual set of attributes. For each message
M
, the ciphertext
C
is calculated per Equations (3.16) and (3.17). Ciphertext
C
is then stored in
the cloud.
When a user
U
u
requests a ciphertext from the cloud, the cloud transfers
the requested ciphertext
C
using the ssh protocol. The decryption algorithm
returns plaintext message
M
if the user has a valid set of attributes.
System initialization
: Select a prime
p
, generator
g
of
G
, groups
G
and
G
T
of order
p
, a map
e
:
G
×
G
→
G
T
, and a hash function
H
: {0, 1}* →
G
that maps the identities of users to
G
. Each AA
A
j
∈A has a set of
attributes
L
j
. The attributes disjoint (
L
i
∩
L
j
= φ for
i
≠
j
). Each AA
also chooses two random exponents α
i
y
, ∈ . The secret key of
i
q
AA
A
j
is
{
}
SK
j
=
α ,
y
,
iL
∈
.
(3.13)
i
i
j
The public key of AA
A
j
is published:
{
}
(
)
α
i
y
PK
j
=
e gg
,
,
gi
,
∈
L
.
(3.14)
i
j
Key generation and distribution by KDCs
: User
U
u
receives a set of attri-
butes
I
[
j
,
u
] from AA
A
j
and corresponding secret key
sk
i
,
u
for each
i
∈
I
[
j
,
u
]:
()
y
α
sk
=
gHu
i
,
(3.15)
i
iu
,
where α
i
,
y
i
∈
SK
[
j
]. Note that all keys are delivered to the user
securely using the user's public key, such that only that user can
decrypt it using its secret key.
Encryption by sender
: The sender decides about the access tree and
encrypts message
M
as follows:
h
∈ , with
s
as its first entry;
h
is the number of leaves in the access tree
(equal to the number of rows in the corresponding matrix
R
).
1. Choose a random seed
s
∈ and a random vector
v
q
q
2. Calculate λ
x
=
R
x
·
v
, where
R
x
is a row of
R.
h
∈ with 0 as the irst entry.
3.
Choose a random vector
w
q
4. Calculate ω
x
=
R
x
·
w
5. For each row
R
x
of
R
, choose a random ρ
x
∈ .
q
6. The following parameters are calculated:
Search WWH ::
Custom Search