Study On Identity/Attribute-based Encryption For Cloud Computing

Cloud computing is a powerful technology which uses the internet and the remote servers to maintain the massive-scale data and perform complex computing.It brings the users and the enterprises great convenience on outsourcing data to the cloud.At the same time,it brings many new challenges when sensitive data are shared and stored in the cloud.To protect the security and privacy of the data,cryptographic methods are usually used.This,however,prevents users from accessing and searching for the outsourced encrypted data in the cloud as the normal access control and searching algorithms cannot be executed in the encrypted domain.Therefore,it is certainly worth designing some algorithms to address these challenges.This thesis aims to develop some methods to fulfil the above mentioned challenges.On the case of the outsourced data in the cloud is confidentiality,some desired functionalities are provided,such as anonymous access control,fine-grained access control and boolean keywords search.They are roughly introduced as follows:In a broadcast encryption system,a broadcaster can encrypt a message to a group of authorized receivers and each authorized receiver can use his/her private key to decrypt the broadcast ciphertext,while the users outside cannot.Identity-based broadcast encryption system is a variant of broadcast encryption system,where any string representing the user's identity(e.g.name or email address)can be used as his/her public key.Identity-based broadcast encryption has found many applications in the real life,e.g.,pay-TV systems,distribution of copyrighted materials,satellite radio communications.When employing an identity-based broadcast encryption system,it is very important to protect the message's confidentiality and the users' anonymity.Nevertheless,the existing identity-based broadcast encryption systems cannot satisfy the confidentiality and anonymity simultaneously.This thesis proposes a generic identity-based broadcast encryption scheme and a concrete identity-based broadcast encryption scheme,both of which can simultaneously achieve confidentiality and full anonymity against adaptive chosen-ciphertext attacks under a standard assumption.In addition,two further desirable features are provided: one is the fullycollusion resistant which means that even if all of the users outside the receivers set collude they cannot obtain any information about the plaintext.The other one is the stateless which means that the users in the system do not need to update their private keys when the other users join or leave the system.In particular,in the two schemes,the public parameters size,the private key size and the decryption cost are all independent to the number of the receivers.The experiment results show that the concrete identity-based broadcast encryption scheme is highly efficient.Thereby,based on this efficient identity-based broadcast encryption scheme,an anonymous access control for outsourced encrypted data in cloud computing is proposed.Proxy re-encryption allows a semi-trusted proxy with a re-encryption key to convert Alice's ciphertext into Bob's ciphertext,and the semi-trusted proxy cannot learn anything about the underlying plaintext.Conditional proxy re-encryption is a special proxy re-encryption,whereby only ciphertext satisfying one condition set by Alice can be transformed by the semi-trust proxy and then decrypted by Bob.If a proxy re-encryption scheme or a conditional proxy re-encryption scheme is indistinguishable against chosen-ciphertext attacks,its initialized ciphertext should be non-malleable,else there might exist an adversary who can break the security of the scheme.Recently,there exists two identity-based conditional proxy re-encryption schemes which were proved to be chosen-ciphertext secure in the standard model.However,the original ciphertext in the two schemes are malleable.Thus,some concrete attacks are presented for the two schemes.Especially,a new identity-based conditional proxy re-encryption scheme is proposed,which can resist the above attacks and is proved to be chosen-ciphertext secure.It is the first of its kind that achieve the highest security level and highly efficient.The public parameters size and also,the private key and ciphertext size are constant.What is more,the experimental results indicate that the computational cost does not rely on the message size.For this reason,based on this primitive,an efficient fine-grained access control system for personal health records in cloud computing is designed.Searchable encryption is a technique that allows a data owner to outsource his encrypted data to a cloud server,and the cloud server can search across the encrypted data on behalf of the data users without learning any information about the data.However,most of the works in literature can only support a single-keyword search which is not able to satisfy more desired expressible search.Thus,a novel searchable encryption primitive that supports attribute-based search control and hybrid boolean queries is proposed.There are several desirable features in the new primitive:(1)Data owners can set the search permission according to an access control policy.Only the users whose attributes satisfy the access control policy can perform the search over the encrypted data.(2)Authorized users are able to perform the queries for the required boolean keywords expression,where each keyword consists of two parts: name and value(e.g.year: 2016).The boolean expression of the name part is revealed to the cloud while the value part is hidden.(3)Any user can further generate a delegated key for another user(or a proxy)with restricted credentials.The underlying primitive is proved to be secure under a new defined security model.Moreover,the performance evaluation shows that this primitive is practical.