Research On Proxy Re-encryption For Cloud Data Security Sharing

Cloud computing has become a solution for data maintenance due to its flexibility and effectiveness.However,it faces challenges in security and privacy.While encryption technology can protect the privacy and security of data,its inherent ”all-or-nothing” nature hinders data sharing.It is worth mentioning the proxy re-encryption technology can realize flexible sharing of encrypted data.This technology allows the proxy to transform the outsourced encrypted data by data owners to cloud servers into encrypted data that data users can decrypt.During this process,the proxy cannot obtain any information about the corresponding plaintext in the ciphertext.However,existing proxy re-encryption schemes have the following unresolved issues: 1)lack of ciphertext search capability,2)high computational overhead due to complex bilinear operations,3)limitations in access control,4)dynamic(revocation and addition of receiver groups),and 5)privacy concerns regarding the identities of receivers.For solving the above problems,this dissertation makes an indepth research on the computational efficiency and functionality of proxy re-encryption scheme:(1)For the multi-hop proxy re-encryption scheme does not have data search,computing overhead,access control limitations,the dissertation proposes a blockchain-based lightweight autonomous path proxy re-encryption scheme with the equality test(BLAPPRE-ET).The scheme combines the characteristics of proxy re-encryption technology and equality testing technology,which allowing the data owner to encrypt their data through the public key encryption mechanism,and the generated ciphertext and trapdoor are uploaded to the smart contract.The smart contract performs an equality test to determine whether two different ciphertexts come from the same message.The scheme can also realize the secure proxy access with priority,where the data owner selects multiple trusted data users based on the test results,and specifys the priority of decryption permissions according to the reputation val-ues of the data users,and then entrusts the smart contract to delegate the decryption permissions to different data users according to the priority.In addition,based on the divisible computational Diffie Hellman(DCDH)assumption,this scheme is secure under the chosen ciphertext attack in the random oracle model.Compared with other similar schemes,Performance analysis shows that the proposed BLAPPREET scheme achieves rich functions and low computational overhead.(2)For the revocation of members and the addition of new members in the data recipient group,the dissertation proposes a dynamic identity-based broadcast proxy re-encryption scheme(DIB-BPRE).The scheme introduces the cloud server as a proxy to share one-to-many data on the encrypted data of the data owner,and can revoke a set of data receivers specified by the data owner from the re-encrypted key.Based on the standard(f,G,F)-GDHE assumption,this scheme achieves the security under the chosen plaintext attack in the random oracle model.Meanwhile,the data owner replaces the public key of public key infrastructure certificate with his unique identity to identify the receiver,so as to avoid the storage and verification of the certificate.Finally,the performance analysis and experimental analysis show that the proposed scheme has good efficiency and practicability in terms of performance.(3)For identity privacy protection issues for data receiver group members,the dissertation proposes a certificateless broadcast proxy re-encryption(CL-BPRE)supporting privacy protection.The scheme embeds certificateless encryption mechanism into broadcast proxy re-encryption scheme to prevent malicious key generation center from disclosing the key of data users,and realize one to many data sharing.In addition,Lagrange interpolation theorem is used to protect the identity privacy of the data receiver in the process of data sharing.The proposed scheme is based on the qbilinear Diffie-Hellman inversion(q-BDHI)assumption,which is proved to be able to achieve security under the chosen ciphertext attack in the random oracle model.Finally,the CL-BPRE scheme and other similar schemes are analyzed theoretically and experimentally in terms of function and performance.The results show that CL-BPRE can achieve efficient decryption.