Research And Application Of Attribute-based Encryption Scheme In Cloud Environment

In the era of big data,various data is growing rapidly,and increasing user demand for massive data storage and processing.Cloud servers are preferred by users due to their advantages such as large storage capacity,high efficiency and convenience.Since cloud servers are not fully trusted,data should be stored in ciphertext.Attribute-based encryption not only ensures the security of encrypted data,but also provides a finegrained access control policy.Only when the user satisfies the specified access policy can the data be decrypted successfully.However,there are many problems in the practical application,such as low computing efficiency,easy exposure of sensitive user information,and failure to track and revoke the malicious user who leaked the key.Aiming at the above problems and combining online/offline encryption,hybrid encryption,policy hiding,black/white box tracking and other technologies,this paper proposes three ciphertext policy attribute based encryption schemes.The main work contents are as follows:(1)To the problems of costly and coarse granularity of user attribute revocation,and how to track and revocation malicious users,this paper proposes a traceable and revocable attribute-based encryption scheme in cloud environment.The scheme adopts hybrid encryption algorithm to encrypt data,which not only improves the computational efficiency in the encryption stage,but also reduces the storage overhead of ciphertext.At the same time,the scheme achieves fine-grained attribute-level user revocation using broadcast encryption of subset difference algorithm in the subset coverage framework,and achieves the demand of tracking malicious users through the traceability of blackbox structure in the algorithm.We demonstrate that the scheme satisfies the indistinguishable security of the chosen plaintext attack under the standard model.(2)To the problems of dynamic changes of cloud user attributes and limited mobile device resources,this paper proposes an online/offline attribute-based encryption scheme that supports large universe in the cloud environment.The scheme expands the number of attributes to an exponential level,the attribute set does not need to be defined in the initial stage,and users can change their attributes at any time,which has good scalability.In addition,the scheme also handles part of the data in key generation and data encryption and decryption offline,and it also validates the results of packet decryption calculations,which not only ensures the data security but also greatly improves the computing efficiency,and it is more suitable for lightweight devices with limited resources.(3)To the problems of how to avoid the disclosure of patients’ health information and how to trace the malicious user who leaked the key in the smart medical system,this paper proposes an attribute encryption scheme that supports policy hiding.The scheme adopts a partially hidden access policy,dividing the patient’s attributes into attribute names and attribute values.During encryption,the access policy associated with the ciphertext contains only the attribute names to achieve the protection function of the patient’s sensitive information by hiding the attribute values.At the same time,the leaf node value of the binary tree is bound to user identity information so that the user information of a leaked key can be traced in the event of information leakage,this is useful for achieving fast and accurate traceability.The experimental results show that the scheme has certain practical application value.