Research On Verifiable Policy Update Attribute-based Encryption Scheme In Cloud

Cloud computing is a rapidly developing and maturing technology in recent years,providing a variety of data storage and management services for various industries and individual users,and greatly changing the way data is shared.While cloud service providers provide convenient cloud products through continuous technology iteration,they also face many potential security risks.Massive amounts of data on the cloud contain enormous business value and are easy targets for external attacks and internal theft.Cloud server providers expect to provide services with even fewer resources,creating uncertainty about service quality while maximizing business interests.Cloud service providers cannot be fully trusted by users due to many internal and external security risks.Therefore,to guarantee the privacy and security of data on the cloud,promote the maturity and improvement of the security mechanism of cloud computing,and design data sharing and cloud service application schemes using secure and efficient technical means have become a hot research topic in academia.Attribute-based encryption provides a cryptography-based access control scheme for data sharing scenarios.Cloud computing technology is inseparable from attribute-based encryption,providing it with various functions such as ciphertext storage,outsourcing computation,and access policy update.While cloud computing technology facilitates the practical application of attribute-based encryption,it also introduces its potential security risks and trust issues.Therefore,it is important to study efficient attribute-based encryption schemes supporting computation result verification in untrustworthy cloud environments for secure applications of cloud computing.In addition,as the digitization of healthcare accelerates,the privacy and security of healthcare data in the process of sharing is of great concern to the industry.Attribute-based encryption has received more attention in the healthcare data sharing field by virtue of its features supporting access control and confidentiality assurance.Healthcare data sharing scenarios usually need to be deeply combined with cloud computing technology in practical applications;therefore,it is of great practical application value to study lightweight attribute-based encryption schemes in untrustworthy cloud environments to secure private data and promote the development of healthcare informatization in China.In this thesis,we take attribute-based encryption scheme as the basic research object and investigate the issues of access policy update,efficient outsourcing computation,ciphertext verification algorithm and security application of cloud computing technology respectively,mainly including the following.The outsourced attribute-based encryption scheme supporting policy update and instant ciphertext verification is proposed to address the problems of low access policy update efficiency,lack of common ciphertext verification means for data owners and system model relying on trusted cloud servers in attribute-based encryption.The scheme combines policy update with outsourced encryption to improve the policy update efficiency and designs an efficient ciphertext correctness verification algorithm for data owners to guarantee the data sharing and access control functions of the system.The security of the scheme is proved under the standard model.The functional analysis and performance comparison with similar schemes show that the proposed scheme has certain advantages in policy update and ciphertext verification efficiency.For the lack of third-party auditing of cloud server computation results in data sharing scenarios in untrustworthy cloud environments,a multi-authority authority attribute-based encryption scheme supporting ciphertext auditing is proposed.The outsourced encryption and outsourced decryption processes of the multi-authority scheme are designed considering the computational capabilities of the encryptor and the user of the data.Then,combined with the ciphertext correctness verification algorithm,a trusted third-party audit center authority is designed to audit the computation results of the cloud server,and the audit results are recorded and stored on the blockchain.The security of the scheme is proved under the oracle model.The functional analysis and performance comparison with similar schemes show that the proposed scheme meets the requirements for lightweight access control and verifiability in untrustworthy cloud environments.