Study On Key-aggregate Cryptosystem In Cloud Environment

With the rapid development of network and storage technology, cloud storage has become a new service mode, while data sharing is an important function in the cloud storage. How to realize data sharing effectively, securely and flexibly; How to aggregate multiple decryption keys to be a single key to reduce user’s key management cost and security risk as much as possible; How to realize user’s access control and revocation; If these issues are unsolved, it will not be able to ensure the secure of cloud storage. Therefore, according to the characteristics of cloud storage,the research and the establishment of efficient and secure Key-Aggregate Cryptosystem are very necessary and urgent, which have important theoretical significance and application value.This thesis focuses on studying on Key-Aggregate Cryptosystem in cloud environment. The main work shows as follows:First, this thesis analyzes Chu et al.’s scheme and shows its defects such as the length of system parameters increased linearly with the number of encrypted files.Pointing at these shortcomings, a key-aggregate encryption scheme is put forward based on multilinear maps and proved to be selective chosen-plaintext security under the standard model. The proposed scheme can aggregate multiple keys to be a single key, and user can use the single key to decrypt the corresponding multiple encrypted files, so that simplifies the user’s key management and realizes the data sharing securely and effectively in cloud environment. Compared with the existing schemes,the proposed scheme not only keeps the user’s private key and the ciphertext be constant-size, but also reduces the length of system parameters to be ? NΟ log?, where N stands for the maximum number of encrypted files, thus saving cost of storage and transmission efficiently.Then a revocable key-aggregate encryption scheme is proposed in this thesis based on Naor et al.’s Subset-Cover mechanism. The proposed scheme can be proved to be selective chosen-plaintext security under the standard model. The proposed scheme not only has the key-aggregate characteristics, but also can revoke user access permissions, implementing the flexible and effective access control. When a user is revoked, legitimate users do not need to update their private keys, thus reducing the burden of the authorized institution efficiently. In addition, a verification mechanism is provided in the proposed scheme, which can realize verification of the updateciphertext and ensure that the user revocation is performed effectively. Compared with the existing schemes, the proposed scheme can not only reduce the cost of key management and storage efficiently, but also realize user revocation and achieve user’s access control effectively.