【摘要】 针对区块链数据共享中存在的粗粒度访问控制问题，提出一种基于属性撤销密文策略属性基加密的区块链数据访问控制方法。在现有方案基础上进行改造，引入预解密过程，结合属性撤销列表实现属性实时撤销；基于非对称群下的DBDH困难问题假设进行安全性证明；基于超级账本Fabric进行系统设计，结合星际文件系统采用链上链下存储方式解决区块链容量不足和系统效率问题。实验结果表明，所提方案撤销属性时无需更新密钥密文重复上链，仅需要6次Pairing操作进行预解密和解密，且在大规模属性集下，预解密时间和解密时间平均保持在百毫秒左右的常量级上，实现区块链数据高效、细粒度的访问控制。更多还原

【Abstract】 To solve the problems of coarse-grained access control in blockchain data sharing, a blockchain data access control method based on attribute revocation ciphertext policy attribute based encryption was proposed. Based on the existing scheme, the pre decryption process was introduced. Combined with the attribute revocation list, the real-time revocation of the attribute was realized. The security was proved based on the assumption of decisional bilinear Diffie-Hellman problem under asymmetric group. The system was designed based on the Hyperledger Fabric. Combined with the interstellar file system, the on chain and off chain storage method was adopted to solve the problems of insufficient capacity and system efficiency of the blockchain. The experimental result shows that the proposed scheme does not require updating the key ciphertext and repeatedly storing in the blockchain when revoking attributes. And, the proposed scheme only needs 6 Pairing operations for pre decryption and decryption. In addition, under the large-scale attribute set, the pre decryption time and decryption time are kept at a constant level of about 100 milliseconds on average, which ensures the efficient operation of the blockchain system and realizes the fine-grained access control of blockchain data.更多还原