Research On Cloud Storage Security Technologywith Attribute-based Encryption

Cloud computing provides great convenience for data sharing,however when data is stored on third-party cloud servers,the security and privacy of data can also be seriously threatened.Before outsourcing data to cloud servers,encrypting files can solve this problem very well.When data is stored in ciphertext form,data sharing between a data owner and multiple data users will be a challenging problem.Currently,attribute-based encryption is a promising technology in data sharing.Attribute-based encryption technology can solve the security problem of data sharing,but there are still some problems.When ciphertext is uploaded to the cloud server,the access control structure will also be uploaded,which will leak the privacy of data users.There are time-consuming bilinear pairs and exponential operations in the attribute-based encryption during the encryption and decryption phases;when there are massive amounts of data stored in cloud server,how can the cloud server retrieve data of interest to users quickly and efficiently;in dynamic network,how to guarantee the system security after the user leaves.In order to tackle the issues of attribute privacy leakage and low efficiency in the encryption phase,an efficient and privacy-preserving attribute-based encryption scheme is proposed.Firstly,in traditional attribute-based encryption,when ciphertext is uploaded to the cloud server,the access control structure and attribute mapping function will also be uploaded.By removing the attribute mapping function to construct the attribute bloom filter,attributes can be hidden in the anonymous access control structure.Secondly,in order to generate ciphertext more quickly,the online/offline encryption technology is employed.Before knowing the information to be encrypted,a lot of computational work will be done.When knowing the information to be encrypted,ciphertext can be generated quickly,by which the efficiency of encryption will be improved.In addition,there is no need to specify global attributes in the system initialization phase.When the global attributes in the system increase,the system does not need to be reinitialize.In order to enable cloud servers to quickly retrieve ciphertext of interest to users and reduce the computational cost of local decryption for data users.An attribute-based encryption scheme supporting outsourcing decryption and multi-keyword retrieval is presented.In the proposed scheme,the reciprocal mapping of Lagrange polynomial technology is applied to attribute-based encryption to achieve multi-keyword search.In addition,in order to improve the efficiency of data users in the decryption phase,the outsourced technology is employed.The transformation key is obtained by blind key,and the transformation key and ciphertext are sent to the computing server to obtain the partial ciphertext.Then,the data user decrypts it locally.In order to solve the efficiency of ciphertext retrieval in cloud servers and the security problem after users leave the system,the hidden policy attribute-based encryption withdirect revocation and keyword search is proposed.Firstly,the subset covering is employed to realize the direct revocation of attributes.After revocation,there is no need to update the private key of users who has not been revoked.To ensure that the revoked user cannot decrypt the previous ciphertext,the ciphertext will be updated.Secondly,the aggregation technology is used to search keywords quickly.The time of keyword search is constant,which will not increase with the number of attributes.Finally,the “AND” gate access control structure is used to hide the policy.When uploading ciphertext,there is no need to upload access control structure.Therefore,policy hiding can be realized.