Research On Data Encryption And Secret Sharing Schemes Based On Access Structures

With the development of open network environment, the risk of informa-tion leakage is increasing. Its security threats are mainly due to unauthorized access to privacy data from unauthorized users. Therefore, in the data encryp-tion system, the key to solve the privacy data leakage problem is to improve user access control.In this thesis, we focus on data encryption and sharing pro-tocol based on the access structures: with respect of the key management, a new secret sharing scheme is proposed; with respect of the data encryption, some encryption schemes based on different access structures are designed. The core of the research is the construction idea of the schemes, the basis algebraic struc-tures and the corresponding hard assumptions. By analyzing the classical attack and quantum attack algorithms, some encryption schemes based on commuta-tive algebra are extended to the field of noncommutative algebra. Thus, our proposed noncommutative encryption schemes are secure against quantum al-gorithm attacks. The research results are given as below:(1) A secret sharing scheme without any trusted third party is constructed for the key management, which does not need the trusted third party to dis-tribute the secret. Meanwhile, the scheme support multi-secret sharing based on the threshold structure and adversary structure. According to practical re-quirements, some participant sets can be defined as unauthorized subsets. This makes the access control more flexible. In addition, the participants generate the secret shares and verification shares. And the scheme have pre-verification function based on the addition homomorphism of Lagrange intepolation algo-rithm. That is, each participant can verify the secret share of others. Finally, the dynamic property of the scheme is realized based on the collision-resist hash function, that is, any participant can join and bow out dynamically.(2) According to the data privacy demand of the local area network, a star-topological encryption scheme based on the non commutative algebraic structures, where a center server and some clients are involved and the client can interact with the central server independently. In the scheme, each client only carries one decryption key, and the scheme supports both multiple to one(MTO) symmetric encryption. The scheme is anonymous, verifiable and has non-repudiation, while its security depends on the noncommutative group fac-torization problem. The new scheme can be used to business dialogue, medical service and other systems.(3) For the non-abelian analog of Cramer-Shoup, at TCC'05, Vasco pro-posed an open problem that is how to design IND-CCA2 secure encryption schemes under noncommutative algebraic structures. We at first define the con-cept of action exchangeable family and a new encryption framework based on Cramer-Shoup cryptosystem. Then we give the security proof for the frame-work under the adaptive chosen ciphertext attack in the standard model. Fur-ther, we study the decisional hard assumptions on noncommutative algebraic structures and define the decisional group factorization problem and conjuga-cy search problem. In this thesis, we point out the two defined problems are easy to solve for some non-abelian groups. Finally, using the given framework,an IND-CCA2 secure encryption scheme based on Chebyshev polynomials is presented, which is a potential answer of Liao's open problem.(4) For realizing a multiple-to-multiple encryption model, we focus on the attribute based encryption system to improve the efficiency of the existing at-tribute based encryption schemes, then we propose an efficient attribute based encryption. In this scheme, a blind technique is used to protect the secret ran-dom number in the encryption algorithm. The encrypted user holds a fixed encryption transformation key to outsource the exponential operations with high complexity to the cloud server, while the decryption algorithm utilizes the Green's outsouring technique. The scheme reduces the modulo exponential operations in the encryption and decryption algorithms to the constant. In ad-dition, we use a hash function to achieve the verification, where the decryption user can check the integrity of validity of cloud server's behavior.(5) For the operability of ciphertexts, we study the full homomorphic en-cryption schemes. Based on the noise management in the existing schemes,we summarize the advantages and disadvantages of the noise based construc-tion and the noise-free construction. At the same time, we put forward a new noise-free full homomorphic encryption framework and find that most existing noise-free homomorphic encryption schemes suffer from linear attacks.