| The rapid development of society leads to the expansion of the scope of people's activities,in order to enable people to access personal data anytime and anywhere,as well as enable employees to use the Internet technology to easily store and share enterprise data,many IT companies research and develop cloud storage technology.Attribute-based encryption technology has been the focus of security research on cloud data for years.However,if using the traditional attribute-based encryption technology to encrypt the data and send the ciphertext to the cloud storage provider,the cloud storage providers will not be able to classify the ciphertext.The encryption scheme with equality test can enble the cloud storage provider to have the capacity of retrieval about ciphertext,so the main research of this thesis are how to add equality test function to the attribute-based encryption scheme,and apply the proposed schemes to the scene of cloud storage.Based on the attribute-based encryption scheme,this thesis adds the equality test function and the equality test function supporting authorization to the attribute-based encryption scheme,and uses computer technology to realise the proposed schemes.The main research of this thesis can be summarized as the following three points:(1)This thesis proposes an attribute-based encryption scheme with equality test.Based on the attribute-based encryption scheme,this scheme adds the equality test function.The equality test function enables each user to test whether two ciphertext are the encryptions of the same plaintext,which lead that this scheme is not secure under the indistinguishability attack.This thesis will propose one-way security model for the scheme,and prove that the proposed scheme is secure in random model.Finally,this thesis will also describe how to use the proposed scheme in the scenario of cloud storage in detail.(2)This thesis proposes an attribute-based encryption scheme with equality test supporting authorization.Based on the attribute-based encryption with equality test,the authorization mechanism is added to the equality test function.The scheme allows the user who obtains the authorization of two ciphertext can do the test.Therefore,the ciphertext of the proposed scheme will be undistinguishable for the authorized users.For the authorized adversary,this thesis proves that the scheme is one-way secure.For the unauthorized adversaries,this thesis proves that the scheme is indistinguishable secure.(3)This thesis proposes an algorithm for the generation of access control matrix and realizes the proposed schemes.Using the knowledge of the matrix,this thesis studies how to express the operation of "and","or" and "threshold" about the set of attributes with the matrix.Based all previous work,this thesis uses the computer technology to realize the proposed schemes. |
PDF Full Text Request