云链协同的属性代理重加密工业互联网数据共享方案

信息安全研究 ›› 2025, Vol. 11 ›› Issue (5): 427-.

云链协同的属性代理重加密工业互联网数据共享方案

李悦1冯景瑜1王侃2张文波1

1(西安邮电大学网络空间安全学院西安710121)
2(空军工程大学教研保障中心西安710051)

出版日期:2025-06-03 发布日期:2025-06-03
通讯作者: 李悦硕士研究生.主要研究方向为工业互联网安全、密码学应用. 1360453287@qq.com
作者简介:李悦硕士研究生.主要研究方向为工业互联网安全、密码学应用. 1360453287@qq.com 冯景瑜博士，教授.主要研究方向为工业互联网安全、零信任内网安全. fengjy@xupt.edu.cn 王侃硕士，工程师.主要研究方向为信息安全. 124543383@qq.com 张文波博士，副教授.主要研究方向为工业互联网安全、数据安全. 51717551@qq.com

Industrial Internet Data Sharing Scheme with Attributebased #br# Proxy Reencryption in Cloudchain Collaboration#br#

Li Yue1, Feng Jingyu1, Wang Kan2, and Zhang Wenbo1

1(School of Cyberspace Security, Xi’an University of Posts and Telecommunications, Xi’an 710121)
2(Teaching and Research Support Center, Air Force Engineering University, Xi’an 710051)

Online:2025-06-03 Published:2025-06-03

摘要/Abstract

摘要： 工业互联网是新一代信息技术与工业系统全方位深度融合的应用生态,通过数据共享可以实现对工业领域各类资源的统筹管理和调配.针对工业互联网数据共享过程中存在的隐私泄露问题，提出一种云链协同的属性代理重加密工业互联网数据共享方案，云中存储海量工业数据密文，链上解决数据安全共享过程中的计算与元数据密文存储问题.结合无证书公钥密码体制，构造可避免私钥托管的密文策略属性基加密的密钥生成算法.设计信任评估共识算法，在区块链网络中选取可信度较高的节点作为代理，解决传统代理重加密中的代理半可信问题.安全分析表明该方案满足关键字安全性和抗共谋攻击性.性能与仿真对比实验结果表明，该方案具有更优的功能与更高的效率，对工业互联网数据共享具有适用性.

关键词: 云存储, 区块链, 工业互联网, 属性代理重加密, 数据安全共享

Abstract: The industrial Internet is an application ecology of new generation information technology and industrial system in an allround and deep integration. Through data sharing, it can realize the overall management and allocation of various resources in the industrial field. Aiming at the problem of privacy leakage in the process of industrial Internet data sharing, this paper proposes a cloudchain collaborative attributebased proxy reencryption industrial Internet data sharing scheme, which stores massive industrial data ciphertext in the cloud, and solves the problem of computing and metadata ciphertext storage in the process of data security sharing on the blockchain. Construct a key generation algorithm that can avoid private key escrow by combining certificateless public key cryptography with ciphertext policy attributebased encryption. Design a trust evaluation consensus algorithm to select nodes with high credibility as proxies in blockchain networks, solving the semitrust problem of traditional proxy reencryption. The security analysis shows that the proposed scheme satisfies keyword security and resistance to collusion attacks. The performance and simulation results show that the scheme in this paper has better functions and higher efficiency, and applicability for industrial Internet data sharing.

Key words: cloud storage, blockchain, industrial Internet, attributebased proxy reencryption, data security sharing

中图分类号:

TP393.0

李悦, 冯景瑜, 王侃, 张文波, . 云链协同的属性代理重加密工业互联网数据共享方案[J]. 信息安全研究, 2025, 11(5): 427-.

参考文献

［1］董贵山, 张文科, 罗影, 等. 工业互联网密码应用研究［J］. 信息安全研究, 2022, 8(6): 554562［2］Ghazouani S, Slimani Y. A survey on cloud service description［J］. Journal of Network and Computer Applications, 2017, 91: 6174［3］冯政鑫, 唐寅, 韩磊, 等. 基于区块链的敏感数据安全共享方案［J］. 信息安全研究, 2022, 8(4): 364373［4］Agrawal H, Sharma M. Implementation and analysis of various symmetric cryptosystems［J］. Indian Journal of science and Technology, 2010, 3(12): 11731176［5］Lozupone V. Analyze encryption and public key infrastructure (PKI)［J］. International Journal of Information Management, 2018, 38(1): 4244［6］Mittal S, Bansal A, Gupta D, et al. Using identitybased cryptography as a foundation for an effective and secure cloud model for ehealth［JOL］. Computational Intelligence and Neuroscience, 2022 ［20250411］. https:doi.org10.115520227016554［7］Qu H, Yan Z, Lin X, et al. Certificateless public key encryption with equality test［J］. Information Sciences, 2018, 462: 7692［8］Zhang Y, Deng R H, Xu S, et al. Attributebased encryption for cloud computing access control: A survey［J］. ACM Computing Surveys (CSUR), 2020, 53(4): 141［9］Liu Y, Ren Y, Wang Q, et al. The development of proxy reencryption［J］. Journal of Cybersecurity, 2020, 2(1): 18［10］Liang K, Au M H, Liu J K, et al. A secure and efficient ciphertextpolicy attributebased proxy reencryption for cloud data sharing［J］. Future Generation Computer Systems, 2015, 52(11): 95108［11］Wungpornpaiboon G, Vasupongayya S. Twolayer ciphertextpolicy attributebased proxy reencryption for supporting PHR delegation［C］ Proc of the 2015 Int Computer Science and Engineering Conference (ICSEC). Piscataway, NJ: IEEE, 2015: 16［12］Doshi N. An enhanced approach for CPABE with proxy reencryption in IoT paradigm［J］. Jordanian Journal of Computers and Information Technology, 2022, 8(3): 232242［13］Jiang Y, Susilo W, Mu Y, et al. Ciphertextpolicy attributebased encryption supporting access policy update and its extension with preserved attributes［J］. International Journal of Information Security, 2017, 17(1): 116［14］Li J, Yu Q, Zhang Y, et al. Keypolicy attributebased encryption against continual auxiliary input leakage［J］. Information Sciences, 2019, 470: 175188［15］Guo S, Zeng Y, Wei J, et al. Attributebased reencryption scheme in the standard model［J］. Wuhan University Journal of Natural Sciences, 2008, 13(5): 621625［16］Liang K, Fang L, Susilo W, et al. A ciphertextpolicy attributebased proxy reencryption with chosenciphertext security［C］ Proc of the 5th Int Conf on Intelligent Networking and Collaborative Systems. Piscataway, NJ: IEEE, 2013: 552559［17］Chung P S, Liu C W, Hwang M S. A study of attributebased proxy reencryption scheme in cloud environments［J］. International Journal of Network Security, 2014, 16(1): 113［18］Kawai Y. Outsourcing the reencryption key generation: Flexible ciphertextpolicy attributebased proxy reencryption［C］ Proc of the 11th Int Conf on Information Security Practice and Experience. Berlin: Springer, 2015: 301315［19］Yasumura Y, Imabayashi H, Yamana H. Attributebased proxy reencryption method for revocation in cloud storage: Reduction of communication cost at reencryption［C］ Proc of the 3rd IEEE Int Conf on Big Data Analysis (ICBDA). Piscataway, NJ: IEEE, 2018: 312318［20］Shi Y, Liu J, Han Z, et al. Attributebased proxy reencryption with keyword search［J］. PloS One, 2014, 9(12): e116325［21］Zhang Y, Li J, Chen X, et al. Anonymous attributebased proxy reencryption for access control in cloud computing［J］. Security and Communication Networks, 2016, 9(14): 23972411［22］Xu X L, Zhang Q T, Zhou J L. NCMACPABE: Noncentered multiauthority proxy reencryption based on CPABE for cloud storage systems［J］. Journal of Central South University, 2017, 24(4): 807818［23］陈曦, 李勇, 李如先. 一种支持细粒度授权的数据安全共享方案［J］. 信息安全研究, 2023, 9(7): 667674［24］Ge C, Susilo W, Baek J, et al. A verifiable and fair attributebased proxy reencryption scheme for data sharing in clouds［J］. IEEE Trans on Dependable and Secure Computing, 2021, 19(5): 29072919［25］Zou J, Ye B, Qu L,et al. A proofoftrust consensus protocol for enhancing accountability in crowdsourcing services［J］. IEEE Trans on Services Computing, 2018, 12(3): 429445［26］Feng J, Zhao X, Chen K, et al. Towards randomhonest miners selection and multiblocks creation: Proofofnegotiation consensus mechanism in blockchain networks［J］. Future Generation Computer Systems, 2022, 105: 248258

[1]	曲爱妍, 符天枢, 张宏军, . 基于区块链的生物特征信息共享方案研究与实现[J]. 信息安全研究, 2025, 11(5): 402-.
[2]	张浩和, 韩刚, 杨甜甜, 黄睿, . 工业互联网中融入域适应的混合神经网络加密恶意流量检测[J]. 信息安全研究, 2025, 11(5): 457-.
[3]	韩刚, 杨甜甜, 罗维, . 一种支持动态验证的可搜索代理重加密方案[J]. 信息安全研究, 2025, 11(4): 311-.
[4]	杨睿成, 董国芳, 徐正楠, . 车载网中一种基于区块链的隐私保护数据聚合系统[J]. 信息安全研究, 2025, 11(4): 367-.
[5]	张学旺, 付佳丽, 姚亚宁, 张豪, . 基于Schnorr门限签名的区块链预言机方案[J]. 信息安全研究, 2025, 11(3): 282-.
[6]	檀钟盛, 陈春晖, 杨宏强, 陈学斌, . 基于改进公证人机制的跨链隐私共享研究[J]. 信息安全研究, 2025, 11(2): 146-.
[7]	谷占新, 马利民, 王佳慧, 张伟, . 基于区块链的电子病历安全高效共享方法[J]. 信息安全研究, 2025, 11(1): 74-.
[8]	张磊, 万昕元, 肖超恩, 王建新, 邓昊东, 郑玉崝, . 融合代理重加密和零知识证明的USB Key联盟链追溯系统[J]. 信息安全研究, 2025, 11(1): 81-.
[9]	徐放, . 云存储下商业秘密前置保护的意义和策略[J]. 信息安全研究, 2024, 10(E2): 191-.
[10]	孙杨, 陈晏鹏, 孙宗臣, 沈国栋, . 面向政务领域的可信数据交换系统设计与实现[J]. 信息安全研究, 2024, 10(E1): 146-.
[11]	张学旺, 罗欣悦, 雷志滔, 陈思宇, . 基于节点识别的改进拜占庭容错共识算法[J]. 信息安全研究, 2024, 10(9): 818-.
[12]	曾俊智, 许力, 尤玮婧, 左雨庭, . 基于多维信誉的区块链安全分片方案[J]. 信息安全研究, 2024, 10(8): 690-.
[13]	吴宇, 陈丹伟, . 基于区块链与代理重加密的数据安全共享技术研究[J]. 信息安全研究, 2024, 10(8): 719-.
[14]	檀钟盛, 陈春晖, . 基于非同质化代币的密封投标拍卖方案[J]. 信息安全研究, 2024, 10(8): 738-.
[15]	谢明东, 郝萌, 杨洪伟, 何慧, 张伟哲, . 零知识证明硬件加速研究综述[J]. 信息安全研究, 2024, 10(7): 594-.