| In recent years,Internet technology has been developed rapidly in our daily life.With the number of users increasing rapidly,the problem of insufficient storage space is becoming more and more obvious.Due to the large storage space,many users choose to store their private data on the cloud server.In order to protect the sensitive information,user’s private data should be encrypted at first before uploaded to the cloud server.On the one hand,cloud servers provide users with considerable storage resources,on the other hand,they also provide powerful computing resources.How to compute,search and share data with protecting the privacy of data is a difficult problem.In recent years,the encryption schemes related to cloud computing,such as homomorphic encryption schemes,searchable encryption schemes and proxy re-encryption schemes,have become hot topics in the field of cryptography.Homomorphic encryption scheme means that the cloud server calculates the encrypted data and sends the final summary result to the user.The decryption result obtained by the user after decrypting with his own private key is equivalent to the result obtained by operation under the original data.Homomorphic encryption scheme can reduce the computing overhead of users,and is a key method to solve the security problem of data outsourcing in cloud computing.Proxy re-encryption scheme can convert one user’s ciphertext into another user’s ciphertext in the cloud.It is also a key encryption technology in cloud computing.Searchable encryption scheme allows users to search the ciphertext by keywords which is widely used in cloud computing.In this thesis,we mainly focus on homomorphic encryption schemes,proxy reencryption schemes,and searchable encryption schemes in cloud computing.More specifically,our contributions include:1.Generalized GM-Type CryptosystemIn 1982,Goldwasser and Micali proposed the first probabilistic public key scheme which is a homomorphic encryption scheme.The encryption and decryption of the GM encryption scheme are efficient,but the ciphertext expansion is log2 N,where N is the product of two large prime numbers.In order to reduce the ciphertext expansion of GM encryption scheme,a lot of domestic and international scholars have improved GM encryption scheme in recent years.We collectively call this kind of encryption schemes GM-type encryption schemes.GM-type encryption schemes can be classified into two categories according to the ways they used in decryption algorithm.In this thesis,we propose a generalized GMtype encryption scheme.Our scheme is the first GM-type encryption scheme generalizing both categories and all GM-type encryption schemes are special cases of our generalized GM-type encryption scheme.For properly choosing parameters,the ciphertext expansion r of our scheme is at most a+b/a+b-1.This is the optimal result for any GM-type encryption scheme.2.Proxy Re-encryption Schemes Based on NTRUThe key-privacy of proxy re-encryption scheme means that the re-encryption key is indistinguishable from a random number.In 2013,Aono et al.proposed the first proxy reencryption scheme with key-privacy based on the learning with errors(LWE)problem on the lattice.We notice that there is a subtle mistake in the security proof of key-privacy in the work of Aono et al.and we give an attack method for the key privacy security game.Further more,we modify the definition of key-privacy to a weaker version(which we call weak keyprivacy).The security model of weak key-privacy can help us to resist the attack of Aono’s scheme effectively.Compared with encryption schemes based on LWE problem,the encryption schemes based on NTRU(Number Theory Research Unit)problem has smaller storage space and higher efficiency.In this thesis,we propose a detailed construction of provably secure multi-hop unidirectional proxy re-encryption scheme with weak key-privacy based on NTRU over any cyclotomic field.To the best of our knowledge,this is the first construction of proxy re-encryption schemes based on NTRU with(weak)key-privacy.On this foundation,we propose a new identity-based proxy re-encryption scheme based on NTRU,which is anonymous,unidirectional,multi-hop,non-interactive and can resist collusive attack.3.Revocable Identity-Based Encryption Schemes with Keyword SearchOne weakness of the current identity-based encryption schemes with keyword search from lattice is that the system does not have the ability to revoke user’s authority.This property does not satisfy certain application scenarios.Moreover,the keyword space is supposed to be large enough like super-polynomial,but in the real application,keywords are often chosen from a relatively small space.This can lead to keyword guessing attacks.In this thesis,we propose the first designated server-aided revocable identity-based encryption scheme with keyword search from lattice.Our scheme requires each user to keep just one private key and does not need to keep communicating with the key generation center in order to update his secret key when another is revoked.This property is much applicable for resource-limited end users.In addition,our scheme designates a unique tester to test and return the search results,which makes it resist the keyword guess attack of external adversary. |
