Research On Attribute Based Encryption And Search Scheme In Cloud Storage

With the rapid development of information technology,cloud storage has been widely concerned because of its huge storage resources,high scalability and on-demand services for users.More and more enterprises and individuals choose to outsource their data to cloud storage platform to share with others.However,there are some security problems in cloud storage,for instance the risk of users' data and privacy disclosure.This is mainly because the data out-sourced to the cloud storage platform is controlled by the server.Therefore,at present,users are always willing to encrypt the outsourced data and upload it to the server.However,the encryption mechanism inevitably leads to two challenges to the cloud storage:cloud server needs to effectively achieve ac-cess control and retrieval of encrypted data.Attribute-based encryption and attribute based keyword search are widely recognized by the academic com-munity to solve the above two challenges.Attribute-based encryption(ABE),especially ciphertext policy attribute-based encryption is applicable to solve the access control problem in cloud stor-age.In this kind of schemes,the data owner does not need to know the informa-tion of users' identities or public key when encrypting the data,and one to many fine-grained access control can be achieved by only describing the ciphertext by attributes.Searchable encryption(SE)technology can solve the problem of ciphertext retrieval in cloud storage.In order to further provide fine-grained search authorization function in SE schemes,attribute based keyword search(ABKS)scheme came into being.ABKS is an organic combination of ABE and SE,and once it is put forward,it has been widely concerned and studied by scholars.This dissertation systematically analyzes the research status of ABE schemes and ABKS schemes,focuses on how to improve the security and efficiency of the two kinds of schemes and proposes two ABE schemes and two ABKS schemes for different cloud storage scenarios.The main work and innovations of this dissertation can be summarized as the following four aspects:1.Aiming at the key escrow problem in ABE scheme and the heavy burden of user decryption,this dissertation designs a parameter transform mechanism and a key issuing protocol,and on this basis,put forward a generic attribute based encryption scheme to solve key escrow problem and support outsourced decryption.This dissertation provides three kinds of adversaries in the security model and proves that the generic ABE scheme is IND-CPA secure against any one of the three types of adversaries.Finally,the simulation results show that the two instantiations of the generic ABE scheme are more efficient than the corresponding ABE schemes.2.Aiming at the problem of access structure leaking private information in ABE schemes,this dissertation uses a transform technique that adopts Viete's formula to establish a connection between ABE and Inner Product Encryption technique.Combining techniques such as“vectors partition”and“vectors compression",this dissertation puts forward an CP-ABE scheme with fully hidden access structure.The proposed scheme's access structure can be ex-pressed as:AND-gates on multi-valued attributes with wildcards.In terms of security,the proposed scheme is proved to be adaptive IND-CPA secure and ac-cess structure hiding.Finally,simulation results show that the scheme is more efficient than its related schemes.3.In response to the two problems that ABKS scheme cannot resist in-side keyword guessing attack(IKGA)and the retrieval mode of ABKS scheme is not flexible enough,this dissertation proposes an attribute-based multi key-word ranked search scheme by using dual server model and a series of tech-niques.Compared with related ABKS schemes,the proposed scheme greatly improves the security and search flexibility.We define two types of security models which consider multi-keyword ranked search and prove the proposed scheme to be IND-CKA secure and IND-IKGA secure.The results of simula-tion with real world data sets show that the efficiency of the proposed scheme is acceptable.4.In addition to being unable to resist IKGA,the ABKS scheme also has a problem that the scheme that provides multi-keyword search cannot protect match privacy.Therefore the dissertation adopts an efficient way to link the search process in the ABKS scheme with the IPE technique.Combined with the dual server model,the dissertation puts forward an attribute-based conjunc-tive keyword search scheme.The proposed scheme is proved to be IND-CKA secure and IND-IKGA secure,and it is proved to protect match privacy while providing conjunctive keyword search.The simulation with real world dataset demonstrate that compared with related schemes,the scheme greatly improves the security at the expense of some search efficiency.