Reasearch On Searchable Encryption Based On CP-ABE In Cloud Environment

With the rapid iteration and rapid development of information technology,Cloud Computing,Cloud Storage,Big Data,The Internet Of Things and other new technologies emerge at the right moment and are widely used in financial,medical,scientific research,military and other fields.An increasing number of Internet users are storing sensitive information such as their information and materials on cloud servers,which are not fully trusted,making it difficult to guarantee the security of data.When people share data,the unencrypted data is easy to be disclosed,and the use of public key encryption method can guarantee the security of data,but is not conducive to the sharing of data in the cloud environment.attribute base encryption,can be a good way to achieve the sharing of data,but can not be directly in the ciphertext for data retrieval,and attribute-based searchable encryption in the realization of data security and effective sharing,but also can be directly in the ciphertext for keyword retrieval.Therefore,the research on searchable encryption of attribute base has important theoretical and practical significance.In this paper,the subjective value of CP-ABE weight assignment under the multi-attribute authorization mechanism in the cloud environment is large,the encryption and decryption cost of the data belongs to the main end is large,the data belongs to the main real-time online and the calculation cost is large when the user and attribute are revoked,and the plaintext of the attribute and weight is easy to be exposed in the cloud server are studied.The main research contents are as follows:(1)In order to solve the problem of strong subjectivity of weight assignment and high cost of encryption and decryption in the ciphertext strategy attribute-based encryptionof multi-attribute authorization organizations(MA-CPABE),a comprehensive weighted scoring method for weight assignment of MA-CPABE scheme is proposed based on MA-CPBE.Namely CWMA(Comprehensive Weighted scoring Method for weight Assignment).The weight assignment adopts subjective and objective comprehensive weighted scoring method,so that the weight calculation not only satisfies the objective reality,In addition,in order to reduce the encryption and decryption overhead,the nodes of the CP-ABE weight access tree are reorganized and optimized,the intermediate transport nodes are reduced,the pre-decryption operation is added,and the pre-decryption step is placed in the cloud server.Theoretical analysis and experiments show that the cost of calculation is reduced on the basis of security.(2)To solve the problem that the revocation of users and attributes is expensive and the data is required to belong to the main real-time online,based on the CWMA scheme,we propose a non-real-time online revocation scheme.Namely NRTO-UR(Non Real Time Online User and Attribute Revocation).When the ciphertext is re-encrypted,the private key and the pre-decryption key are set for the data consumer,the pre-decryption key and the uid are sent to the cloud server,and the private key is sent to the data consumer.When a user revocation,only need to delete its proxy key in the cloud server side;When attribute revocation occurs,the data owner only needs to calculate the version of the ciphertext and the pre-decryption key to update the key,and the heavy ciphertext encryption part with a large amount of computation is transferred from the data owner to the cloud server.Theoretical analysis and experiments show that the scheme can operate safely and efficiently.(3)Aiming at the problem of attribute and weight plaintext exposure of leaf nodes in the tree when the weight is accessed during ciphertext search in the cloud server,a CP-ABSE scheme that supports attribute and weight plaintext hiding is proposed on the basis of NRTO-UR scheme.Namely AWPH-SE(Attribute and Weight Paintext Hiding Searchable Encryption).AWPH-SE scheme uses random values to calculate the attributes and weights of leaf nodes in the access tree blind during data encryption.In this scheme,the assignment of attribute weight is more reasonable,and the user and attribute revocation are supported.The ciphertext retrieval under CP-ABE is realized,which reduces the occupation of network bandwidth by downloading ciphertext during ciphertext retrieval.On the basis of ensuring the security of the scheme,the experiment shows that the efficiency of ciphertext retrieval is improved.