Research And Application Of Attribute-based Cryptosystem Based On Outsourcing

As a special kind of public key primitive,attribute-based encryption(ABE)is considered as a new promising cryptographic primitive that can provide fine-grained and versatile access control over encrypted data with one-to-many encryption pattern.Specially,in ABE schemes,private keys and ciphertexts are labeled with access policies and ascribed attibutes,in which private keys can be used to perform the decryption operation only if associated attributes and poliy are matched.Until now,two flavors of ABE,key-policy ABE(KP-ABE)and ciphertext-policy ABE(CP-ABE),have been proposed according to the access policy is embedding into the private keys or the ciphertexts.However,in most ABE schemes,the computational overhead for decryption follows linearly a relationship with the number of attibutes,which impedes its application and developments in computing cloud.The development of verifiable outsourcing seems a promising solution to offload the computional costs for decryption,in an ABE scheme with verifiable outsourcing,the decryptor first sends blinded keys to the semi-trusted decryption cloud server which plays a role of ciphertext conversion.Then the decryption cloud server enables to help the decryptor translate a complex ciphertext into a simple one.Finally,the decryptor validates the correctness of coutsourced results and deciphers the transformed ciphertext once verified successfully.The contributions in the thesis are listed as follows:1)With the development and enrichment of theory and technique of outsourced verification,fruitful research achievements have been accumulated.In this thesis,it is the fisrt time that the design philosophy and the design idea for the technique of outsourced verification are sum up and illustrated.2)In this thesis,we propose a dynamically revocable attribute based encryption with verifiable outsourcing under the random oracle model and present its security proof.In addition,this thesis will analylize and compare the proposed dynamically revocable ABE with other related ABE schemes.Moreover,experimental simulation demonstrates the feasibility of this scheme.3)In the computing cloud,ABE schemes featuring with the property of privacypreserving,one-to-many and fine-grained access control are more and more concerned.In this paper,first the technique of the inner product encryption is combined to introduce attribute-based broadcast encryption with privacy protection under the standard model and present its security proof.Then,the technique of verifiable outsourcing will be applied to this scheme and subsequently be applied to the personal healthy record(PHR)data sharing system again.Finally,the security analysis of the personal healthy record data sharing system is given and the system is analyzed theoretically and experimentally to prove that the system can meet the practical application requirements.