Dynamic Ciphertext-policy Attribute Based Encryption

Due to the higher development of Big Data in modern society, more and more users and enterprises choose to store data in the cloud servers and share the data with other designated users or enterprises. However, cloud servers are not always trusted since they may be hacked. In order to guarantee the security of date in cloud servers, a scheme to protect the data is needed. To design a secure scheme for this condition and prove it safe becomes an urgent problem to be solved.Attribute Based Encryption(ABE) is a type of public-key encryption, which can be used to encrypt data and control the access of data. ABE offers fine-grained decryption policy such that users can do decryption if their attributes satisfy the policy. Such flexibility enables it applicable in various applications in government and business when users or enterprises use servers to share data. ABE is powerful to offer finegrained access control over encrypted data. However, there are three issues that should be solved first before ABE is deployed in practice, namely user revocation, policy updating and decryption outsourcing.In this thesis, I adopt the slightly modified Lewko et al.’s fully-CCA-secure Ciphertext-Policy-ABE(CP-ABE) combining with Boneh et al.’s idea of mediated cryptography to propose a CP-ABE with Security Mediator(SEM) supporting immediate user revocation. At the same time, by the introduce of SEM, I intendedly outsource most of the computation workload in decryption to SEM side and leave only less computation load at user side for decryption. Then I employ Yang et al.’s idea to design policy update algorithms for the scheme. Later this scheme is proved fullyRCCA-CCA-secure in random oracle model. Finally I implement this scheme with Pairing Based Cryptography Library and GNU Multi Precision Library to test the correctness and the reduction of decryption time and ciphertext storage. The scheme in this thesis proved secure and correct. Also it realizes user revocation, policy updating and decryption outsourcing in particular. From the implementation of this scheme, the decryption cost is reduced to only one exponentiation and one division, and the user’s ciphertext storage is reduced to only one group element, which is much more efficient than other ABE schemes.