[1]赵东东,石乐义,谢云飞.基于 CP-ABE 的工业控制系统加密传输方案[J].计算机技术与发展,2022,32(10):94-99.[doi:10. 3969 / j. issn. 1673-629X. 2022. 10. 016]
 ZHAO Dong-dong,SHI Le-yi,XIE Yun-fei.Encrypted Transmission Scheme of Industrial Control System Based on CP-ABE[J].,2022,32(10):94-99.[doi:10. 3969 / j. issn. 1673-629X. 2022. 10. 016]
点击复制

基于 CP-ABE 的工业控制系统加密传输方案()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
32
期数:
2022年10期
页码:
94-99
栏目:
网络空间安全
出版日期:
2022-10-10

文章信息/Info

Title:
Encrypted Transmission Scheme of Industrial Control System Based on CP-ABE
文章编号:
1673-629X(2022)10-0094-06
作者:
赵东东1 石乐义12 谢云飞2
1. 中国石油大学(华东) 海洋与空间信息学院,山东 青岛 266580;
2. 中国石油大学(华东) 计算机科学与技术学院,山东 青岛 266580
Author(s):
ZHAO Dong-dong1 SHI Le-yi12 XIE Yun-fei2
1. School of Oceanography and Space Informatics,China University of Petroleum,Qingdao 266580,China;
2. School of Computer Science and Technology,China University of Petroleum,Qingdao 266580,China
关键词:
工业控制系统密文策略属性基加密密文定长解密外包DBDH 假设
Keywords:
industrial control systemciphertext - policy attribute - based encryptionconstant ciphertext length decryption outsourcingDBDH assumption
分类号:
TP309. 7
DOI:
10. 3969 / j. issn. 1673-629X. 2022. 10. 016
摘要:
针对工业控制系统的数据传输安全性, 结合工业控制系统信息网络架构部署,采用高级加密标准( AES) 加密工业数据, 采用密文策略属性基加密 ( CP-ABE) 算法加密 AES 的密钥。 利用 CP-ABE 算法实现了一种加密密文为定长的方案,随着密钥属性的增加,实现 AES 密钥的密文定长的功能,减小了存储空间;同时在解密的过程中,将大部分计算开销外包给云服务器,降低了用户端访问数据的解密时间,用户通过计算验证码的形式,验证云服务器解密数据的正确性。 最后,从安全性和性能开销方面对方案进行了详细的介绍,基于 DBDH 假设,证明了该方案在标准模型中是选择明文安全的,并通过理论分析和实验对比结果得出该方案在解密阶段具有用户端访问数据时间短的优势,能够为大规模的工业控制系统提供一种高效的数据加密传输方案。
Abstract:
For the data transmission security of industrial control system, combined with the deployment of industrial control system information network architecture,advanced encryption standard ( AES) is used to encrypt industrial data,and ciphertext policy attribute base encryption? ?( CP-ABE) algorithm is used to encrypt AES key. Using CP-ABE algorithm,a scheme of encrypting ciphertext with fixed length is realized. With the increase of key attributes,the ciphertext length of AES key is fixed and the storage space is reduced. At the same time, in the process of decryption, most of the computing overhead is outsourced to the cloud server, which reduces the decryption time of the data accessed by the user. The user verifies the correctness of the data decrypted by the cloud server in the form of calculation verification code. Finally,the scheme is introduced in detail from the aspects of security and performance overhead. Based on the DBDH assumption, it is proved that the scheme selects plaintext security in the standard model. Through theoretical analysis and experimental comparison results,it is concluded that the scheme has the advantage of short data access time at the user end in the decryption stage. It can provide an efficient data encryption transmission scheme for large-scale industrial control system.

相似文献/References:

[1]胡建华,刘鑫朝,李辉.基于. NET的动态实时曲线的绘制方法[J].计算机技术与发展,2013,(03):179.
 HU Jian-hua,LIU Xin-chao,LI Hui.Method of Dynamic Real-time Curve Drawing Based on . Net[J].,2013,(10):179.
[2]刘知竹,冯璐,荀鹏,等.基于分散化序列的联网 ICS 设备搜索技术[J].计算机技术与发展,2018,28(11):1.[doi:10.3969/ j.issn.1673-629X.2018.11.001]
 LIU Zhi-zhu,FENG Lu,XUN Peng,et al.Networked ICS Device Search Technique Based on Dispersed Sequence[J].,2018,28(10):1.[doi:10.3969/ j.issn.1673-629X.2018.11.001]
[3]刘 俊,陈 慧,王 军.基于区块链的 ICS 数据安全策略研究[J].计算机技术与发展,2021,31(01):149.[doi:10. 3969 / j. issn. 1673-629X. 2021. 01. 027]
 LIU Jun,CHEN Hui,WANG Jun.Research on Data Security Strategy of ICS Based on Blockchain[J].,2021,31(10):149.[doi:10. 3969 / j. issn. 1673-629X. 2021. 01. 027]
[4]姚 旭,王 钢,任秀勤,等.基于发电厂控制系统的工控蜜罐设计与实现[J].计算机技术与发展,2022,32(10):114.[doi:10. 3969 / j. issn. 1673-629X. 2022. 10. 019]
 YAO Xu,WANG Gang,REN Xiu-qin,et al.Design and Implementation of Industrial Control Honeypot Based on Power Plant Control System[J].,2022,32(10):114.[doi:10. 3969 / j. issn. 1673-629X. 2022. 10. 019]
[5]韩子彬.选煤厂工控网络安全实验分析[J].计算机技术与发展,2022,32(S2):162.[doi:10. 3969 / j. issn. 1673-629X. 2022. S2. 029]
 HAN Zi-bin.Experimental Analysis of Industrial Control Network Security in Coal Preparation Plant[J].,2022,32(10):162.[doi:10. 3969 / j. issn. 1673-629X. 2022. S2. 029]
[6]郑铁军,王 齐,张宏杰,等.基于组合扫描的无状态工控设备资产探测方法[J].计算机技术与发展,2023,33(07):98.[doi:10. 3969 / j. issn. 1673-629X. 2023. 07. 015]
 ZHENG Tie-jun,WANG Qi,ZHANG Hong-jie,et al.Stateless Industrial Control Equipment Asset Detection Method Based on Combined Scanning[J].,2023,33(10):98.[doi:10. 3969 / j. issn. 1673-629X. 2023. 07. 015]

更新日期/Last Update: 2022-10-10