Optimization And Application Of Attribute Based Encryption Mechanism In Mobile Cloud

With the development of cloud computing,data processing in the cloud has become the current trend.When using data sharing and other functions in the cloud environment,due to the complexity and insecure factors of the network environment,data needs to be protected and access controlled,which requires the use of encryption mechanism.Encryption based on ciphertext policy attributes(CP-ABE)is a widely used encryption mechanism,which can set access rights according to the user's attributes and ensure data security.However,the traditional attribute encryption schemes have heavy computation,high energy consumption,and bottlenecks of access control.In view of the above problems,this dissertation proposes the following three improvement plans.The main research contents are as follows:1.When the user's access rights are revoked,the traditional attribute encryption scheme cannot effectively solve the problem of changing the key and re-encrypting all the data,so its calculation is complex and the cost is high.Based on the improvement of CP-ABE process,the revocation of user rights does not require the user with a new access policy to revoke the data,nor does it require the data to be re-encrypted,which significantly reduces the computing cost of rights revocation.The security analysis shows that the scheme has good security and anti-collusion.2.In attribute-based online/offline encryption schemes,plaintext encryption and decryption are crucial.In traditional encryption schemes,the key is usually generated by the key generation center.Once the key generation center data leakage,our data security will not be able to guarantee.This dissertation proposes a double key center mechanism to secure encryption keys.Users can choose important data for double encryption to ensure the security of information.At the same time,we provide the decryption outsourcing service in decryption process,the complex part of the decryption process is outsourced to computation,while on our mobile devices only simple computation is required to achieve efficient decryption.3.Aiming at the singleness of attribute encryption mechanism in user authorization management of enterprise information management scheme,we propose a two-factor authentication scheme,which can manage user access rights according to time and user key,and improve the flexibility of document management.