Research On CP-ABE Algorithm In Cloud Computing Environment

In the era of cloud computing and big data,there is a large mount of data that needs to be stored,and data needs to be accessed by a large number of users.With the rapid development of cloud computing and big data,the requirement of data storage and access is more stringent.It is not only necessary to realize data confidentiality,but also to facilitate data sharing.The most common way to ensure the confidentiality of data is encryption.The traditional public key encryption mechanism is a one-to-one encryption mode that guarantees the confidentiality of data,but it cannot share data in multi-user and massive data scenarios.As an emerging encryption algorithm,attribute-based encryption(ABE)can realize data sharing while ensuring data confidentiality,which satisfies the requirements of cloud computing and big data.At present,the academic community has conducted a lot of research on ABE.But there are still some problems in ABE,including the following aspects: First,the privacy leakage caused by access control structure in ABE,because the access control structure contains sensitive information of users.The malicious user will get the user's information through the access control structure,which will cause privacy leakage.Secondly,the key escrow caused by the trusted third party in the ABE will greatly threaten the security of the key.Third,the attribute needs to be dynamically revoked.It is important to construct a property revocable scheme because of the dynamic of the property collection.Based on the summary of the existing research results,this paper conducts deep research on cipher-policy attribute-based encryption.The main work includes the following:(1)Propose an attribute encryption scheme based on group signature.The group signature is introduced in the traditional attribute encryption scheme,and the group signature is applied to the access control structure in the ABE scheme,and the attribute nodes in the access control structure are added to the group to realize the hiding of the attributes.When a user accesses data,if the user's access conditions are met,the verifier can only know that the visitor meets the access control rules,but cannot know the specific attribute members in the group,and hides the attributes in the access control structure,preventing the privacy leakage caused by the access control structure.And meet the indistinguishability under the choice of plaintext attack.(2)Propose an attribute encryption scheme without trusted third party under the semi-honest model.Currently,in the cloud storage environment,the key generation of the ciphertext-based attribute encryption scheme(CP-ABE)requires atrusted third party,which leads to the problem of key escrow.This paper proposes a CP-ABE scheme without trusted third parties under a semi-honest model.The generation of the key in the solution requires the attribute authority to negotiate with the cloud server,and neither party can obtain the key separately,which solves the inherent drawbacks of the key generated by the trusted third party,improves the security,and at the same time,the semi-honest model is more in line with actual needs.(3)Propose a property revocation CP-ABE scheme based on multiple authorization agencies.A single authority has low operational efficiency,a high risk of being attacked,and a risk of user key leakage.In this paper,the LSSS matrix is used as the access control structure,and the key version number is introduced to realize the attribute revocation under the multi-authorization mechanism.At the same time,the outsourcing technology is used to greatly reduce the user's computational overhead.