Research On Proxy Broadcast Re-Encryption And Its Security

Cloud services can provide fast deployment service as well as convenient storage of data for users.More and more enterprises,scientific research institutions and individuals may store their data in the cloud.Due to various reasons,the privacy of the user is often leaked.Encryption technology is one of the most common and basic safeguards to ensure the user data security.In this process of proxy reencryption,the original receiver can convert the original ciphertext into a receiver ciphertext without decrypting the ciphertext,and the delegate can decrypt the re-encrypted ciphertext using his own private key.In the past ten years,many theoretical and practical achievements have been made in the research of Proxy Re-Encryption.However,in these works,the proxy re-encrypts the ciphertext of a single user and transmits it to a single specific user.So,it doesn't meet the need of some application environments,especially in the cases that require broadcast encryption and broadcast forwarding.When the delegates need to re-encrypt their message to N colleagues through a proxy server,but N colleagues each has a different key.In the traditional proxy re-encryption scheme,they have to do N times of encryption and the proxy should re-encrypt N times.In this case,the workload of the proxy server is linearly related to N,its computation consumption is very large.Even worse,the proxy servers must be online in the process of each operation.In order to solve the above problem,in this thesis,a specific proxy broadcast re-encryption scheme is proposed.In the proxy broadcast re-encryption scheme,delegate's ciphertext can be re-encrypted into a group of user ciphertext at one time.This thesis takes user data sharing under cloud computing environment as the research background.Firstly,a proxy broadcast re-encryption scheme is put forward and its security is proved.Secondly,to solve the problem of user's flexible control over re-encrypted ciphertext,the concept of proxy broadcast re-encryption based on fuzzy plaintext feature attribute set is defined.Furthermore,the proxy broadcast re-encryption scheme of fuzzy plaintext feature attribute set is constructed and its security is also proved.Finally,to describe the conditions more richly,on the basis of the research in second part,a proxy broadcast re-encryption scheme based on plaintext feature attribute set access policy is presented and its security is proved.The main research contributes of this thesis are as follows:1.A proxy broadcast re-encryption for cloud data sharingIn this thesis,we construct a scheme of proxy broadcast re-encryption and its security model.Proxy in this scheme can convert the ciphertext of the delegatee into a set of ciphertext of the receiver at one time?And the security of the proxy broadcast re-encryption scheme is proved under the random oracle model.2.Proxy broadcast re-encryption based on fuzzy plaintext feature attribute setIn order to realize flexible control under various conditions,a proxy broadcast re-encryption based on fuzzy plaintext feature attribute set(FC-PBRE)is proposed in this thesis.Firstly,the formal concept of FC-PBRE and its security model are presented,a FC-PBRE scheme against selective ciphertext security is proposed and its security under random oracle model is verified.Based on that,it is extended to a secure proxy broadcast re-encryption scheme based on fuzzy plaintext feature attribute set under the standard model and its security is also proved.3.Proxy broadcast re-encryption based on access policy of plaintext feature attribute setOn the basis of proxy broadcast re-encryption based on fuzzy plaintext feature attribute set,describe the condition by access policy,so a proxy broadcast re-encryption scheme based on plaintext feature access policy(CPBRE-FG)is proposed.The re-encryption key is generated by the access tree,if and only if a series of conditions satisfy the access tree,the ciphertext is generated under a series of descriptive conditions.In this thesis,the concept of CPBRE-FG is formally defined and an efficient CPBRE-FG scheme is designed.Finally,we prove the security of this scheme against selective ciphertext attack under random oracle model.