With the development of the information and internettechnology, the system security and functional design requirements continue to increase for the people. Because traditional public key encryption structure existscoarse-grained access control policies, and low efficiency, it is difficult to apply fine-grained access control policies ciphertext management. This papercentres on the research of the atrribute-based encryption (ABE)structure which has a fine-grained access control policies, and optimizes its performance. On this basis, the ABE program can be used in e-mail system, so that can be insure safety features with confidentiality and integrity, and in the functional design it has constantcomputational complexityfor a single and group e-mails encryption operation. This main works and results of this paper are as follows:On the research of attribute-based encryption structure, since ciphertext policy attribute-based encryption (CP-ABE) has the ciphertext fine-grained access control features, we focuses on its conduct research. For the original CP-ABE performance issues, we study the types of bilinear pairing with the performance of different types, and propose a new CP-ABE scheme based on asymmetric bilinear group. Then we define the notions of access structure, threshold and access tree structure, and claim the security model.of CP-ABE. Further, we optimize and improve CP-ABE decryption algorithm performance, such that it has a more efficient in the decryption algorithms.On the design of CP-ABE-based e-mail system, the traditional e-mail system has the integrity and confidentiality issues, and existing encrypted e-mail system existscomputation of low performance problem. Thus we first studied the principle of e-mail system; secondly for the current e-mail system problems, we analyze the system's design goals; then study and propose architecture of the e-mail system based on CP-ABE scheme which our proposed, give the core of our e-mail system functions, including system initialization, the applyingand issuing of secret key, sending and encryptionof e-mail, receivingand decryptionof e-mail.On the implementationof CP-ABE-based e-mail prototype system, based on the above research work, we first define core classes of CP-ABE-based secure e-mail system; then we give the system realization methodsand processesof each function; Finally, based onthe design and implementation of CP-ABE-based secure e-mail system,we test and verify the functions of our prototype system.whensending group e-mails, our prototype system g algorithm complexity O(1). |