Research On Attribute Based Cryptographical Technology

With the rapid development of cloud computing, more and more users choose to store their data in the cloud server. However, traditional “one-to-one” communications can not meet users’ requirements. Distributed networks are in urgent need of an“one-to-many” communication mode in cryptosystem. Attribute based cryptographical technology, as a hot research point of cryptography in recent years, provides a good solution to tackle with the problem. Attribute based cryptography achieves a fine-grained access to systems by bringing the concept of access structure, and thus is capable of supporting “one-to-many” communications with a wider range of applications in modern open network environments. In this dissertation, we research on attribute based cryptographical technologies, which are attribute based encryption,attribute based signature, attribute based signcryption, lattice-based authorized searchable encryption respectively. We also expand the development of attribute based cryptographical technology, and achieve the following research achievements:1. Research on attribute based encryption technology(1) We design an attribute-based encryption scheme with hidden threshold access structure. In this scheme, an encryptor can encrypt data with hiding attribute, which solves the privacy problem leaded by the exposed encryption-attribute in the ciphertext.The security of the proposed construction is proved under the chosen-plaintext attack model based on the decisional bilinear Diffie-Hellman assumption.(2) We design a predicate encryption scheme supporting outsourcing decryption. In a cloud computing environment, the user’s decryption capabilities may be limited. It can effectively reduce the computational overhead of users while handing the decryption work to the cloud server. The scheme allows the cloud server to transform any PE ciphertext into an El Gamal ciphtertext by using the transform keys provided by users but not to read messages including the users’ attributes. In the decryption process, it does not require the user to do the expensive paring operations, but only perform one scalar multiplication and one exponentiation. We prove the security of our schemes under the replayable CCA(RCCA) security model.(3) Make security analysis for a ciphertext-policy attribute-based encryption scheme proposed by Ibraimi et al. The results show their security model has somepitfalls due to the unreasonable postulate which demands the simulator cannot send back the private keys of attributes that overlap with challenging access attributes. By redefining the security model, we prove it in the generic bilinear group model.2. Research on attribute based signature technologyWe design an attribute-based signature scheme with constant size. For the majority of existing signature-based schemes, the signature length is closely related to the size of attributes set where the more attributes in the system indicate the bigger size of keys and the longer length of the signature, which will result in the expanded computation and storage overhead. By comparison, our scheme only requires three group elements proved to be unforgeable and unconditionally anonymous in the standard model. The security of the scheme is based on computational Diffie-Hellman(CDH) problem.3. Research on attribute based signcryption technologyWe design an attribute-based threshold signcryption scheme with constant ciphertexts. It gives a solution to the existing problem of declined communications due to the ciphertext expansion with the increase of attributes. The scheme embraces eight group elements and requires only five pairing computing to decrypt ciphertext of signcryption with its high security in terms of confidentiality and unforgeability.4. Research on lattice-based authorized searchable encryption technologyAs quantum cryptology has developed fast, pairing-based encryptions are vulnerable to quantum computer attacks. Considering lattice as a sound alternative for the construction of secure encryptions, we design two lattice-based cryptographical schemes. The security of both schemes is based on the average-case hardness on lattices,called learning with errors(LWE) assumption.(1) We design a public encryption with keyword search scheme from lattice.Searchable encryption is a technology to support searching keywords in outsourced and encrypted documents. The server or the cloud side does such things for users without learning information of its content. To the best of our knowledge, it’s the first scheme which is proven in the standard model based on the average-case hardness on lattices.(2) We integrate PEKS with ciphertext policy ABE based lattices assumption and design an authorized searchable encryption(ASE) from lattices, which enables only authorized users to perform keyword search and then decrypt the corresponding ciphertext. In addition, it achieves attribute-hiding feature, which could protect the sensitive information of data user.