| As the development of cryptography, attribute based cryptosystem draws large attentionfrom the researchers in this community recently. It is an efficient way to solve open prob-lems in access control scenarios, such as how to provide data confidentiality and expressivecontrol at the same time. Moreover, attribute based encryption could be viewed as a varia-tion of broadcast encryption, which allows one ciphertext to be decrypted by several userswho satisfy the access structure chosen by the encrypter, and also permits one user to de-crypt several ciphertexts labeled with different attribute sets. However, there remain severalproblems in the present attribute based system before it becomes practical. The foremostone is about efficiency: the descriptions of ciphertexts and users become more complicatedsince the traditional one-to-one communication model changes to multi-to-multi one. Thus,it is a very important open problem that how to improve the overall efficiency of the exist-ing schemes, such as reducing the costly pairing computing times. Another problem is thecompatibility of the attribute based schemes. As far as we know, in order to meet the increas-ingly requirements in the application, many studies have been done on key delegation andproxy re-encryption schemes in the traditional public key cryptosystem and identity basedcryptosystem. Therefore, it is a very interesting problem that if those technologies can beadapted into attribute based cryptosystem.This thesis firstly gives some analysis on the related works about attribute based en-cryption schemes, pointing out their relationships and developmental tendency. Then, wepropose two schemes, one is bounded ciphertext policy attribute based encryption schemewhich is more efficient than previous work, the other one is the attribute based proxy re-encryption scheme. The former one is an improved version of the scheme which is proposedby Goyal et.al. on ICALP'08. The encryption and decryption time of ours is largely reducedand the ciphertext length is shortened. Besides, by applying one-time signature technology,we obtain one selective-tree chosen-ciphertext secure scheme in the standard model. The lat-ter one is the first attribute based proxy re-encryption scheme. We define six algorithms andthe corresponding security model. This scheme is secure against selective-structure chosenplaintext attack in the standard model. Next, we design a key delegation algorithm which allows user to share part of his decryption ability, which means, the system can accommo-date more users without involving any authority. Meanwhile, this key delegation algorithmis secure against collusion of the delegatees.Finally, we summarize the existing open problems in attribute based cryptosystems,and present a more powerful security model to facilitate constructing more secure schemesof attribute based cryptosystem in the future. |
PDF Full Text Request