Key Techniques Research On Attribute Based Cryptosystem

With the rapid development of information techniques and communication techniques, smart devices has already stepped into our lives quickly. Cloud computing, appeared as a new technique to provide fast, easy and on-demand network services, provides computing and storing ability to guarantee smart devices to be widely used. Although it provide convenience for our live, cloud computing causes great concern for user to use the technique because the ownership of the data and the management of the data have been separated. It is a challenge for us to provide data confidentiality and flexible access control simultaneously. Attribute based encryption acts as a new public key cryptosystem to solve this problem perfectly. Comparing with the existing traditional public key cryptosystem and identity based cryptosystem, the attribute based cryptosys-tem has the following advantages:firstly, attribute based cryptosystem uses attribute set to describe the user or the ciphertext, the encryptor does not need to know the decryptor’s identity in order to encrypt the data. Secondly, the attribute based cryptosystem can provide data confidentiality, data integrity and fine-grained ac-cess control. However, the existing attribute based cryptosystem cannot well be applied into the real scenario due to the following defects:Firstly, importance of the attributes. The existing schemes seldomly considers that the different attributes which have different importance or lie in the different hierarchies. Secondly, the communicational cost and communication overhead. Both the wireless bandwidth and the computation abil-ity of the wireless devices are valuable resources. The signature length of the existing scheme are extremely large and the cost of verifying the signature are considerable which are not suitable for wireless environment. Last but not least, the proxy problem. The existing attribute signature schemes cannot restrict their rights and delegate their signing ability to other people.To address these issues in attribute based cryptosystem, this paper includes the following aspects:(1) According to the problem of importance of the attribute, we proposed a scheme called key-policy weighted attribute based encryption scheme, and give the specific construction. The attributes have different weights according their importance in the system. Meanwhile, the ciphertext is associated with weighted attribute set while the user’s key is associated with weighted access structure. When the weighted attribute set satisfies the weighted access structure, the user can successfully decrypt the ciphertext. By using the standard model, we also point out that our scheme is provable security in the selective secure model. Comparing with the existing key-policy attribute based encryption scheme, our scheme is considered as the generalization of traditional KP-ABE scheme.(2) According to the attribute hierarchies’ problem, we proposed a scheme called ciphertext-policy hierar-chical attribute-based encryption for fine-grained access control of encrypted data, and give the specific construction. The attributes have been assign to different hierarchies according to their importance in the system. In the chapter, the ciphertext is associated with hierarchical access structure while the user’s key is associated with hierarchical attribute sets. When the hierarchical attribute set satisfies the hierarchical access structure, the user can successfully decrypt the ciphertext. By using the standard model, we also show that our scheme is provable security in the proposed secure model. Comparing with the existing ciphertext-policy attribute based encryption scheme, our scheme is considered as the generalization of traditional CP-ABE scheme.(3) According to the scarcity of the bandwidth of the wireless channel and the computation limitation of the smart devices, we proposed an attribute based multi-signature scheme in the wireless environment, and give the specific construction. Different user can use attribute based signature scheme to sign on the same message, and then aggregate into a single signature.When the verifier verify this single signature, it can guarantee that all the signatures have not been modified. By using the standard model, we also show that the security of our scheme can be deduced into computational hard problem. The simulation shows that our scheme can effectively deduce the communication overhead and the verification cost of the verifier.(4) According to the scarcity of the bandwidth in the wireless sensor network and the computation limita-tion of the sensors, we proposed an attribute based sequential aggregate signature for wireless sensor networks, and give the specific construction. Different sensor can use attribute based signature scheme to sign the different messages, and then aggregate into a single signature.When the verifier verify this single aggregated signature, it can guarantee that all the signatures sent from sensors have not been modified. By using the standard model, we also show that the security of our scheme can be deduced into computational hard problem. The simulation points out that our scheme can effectively deduce the communication overhead and the verification cost of the verifier in the wireless sensor network.(5) According to the delegation problem of the patients in the personal health record (PHR) environment, we proposed an attribute based proxy signature for e-health storage environment, and give the specific construction. In some scenario, the original PHR owner can restrict his own signing ability and delegate it to proxy signer. The proxy signer can represent the original signer to sign the message in some circumstances. By using the standard model, we also show that our scheme is existential unforgeability. Comparing with the traditional signature scheme, our scheme can delegate its signing ability to let the proxy sign the PHRs in order to protect the integrity of the PHRs. Meanwhile, it can also protect signer identity’s privacy.