Research And Application On Group-based Proxy Re-Encryption In Cloud Storage Environment

The emergence of cloud computing brings a lot of convenience to users,but it also brings many security problems.The technology of proxy re-encryption technology is mainly to solve the problem of how to secure data sharing in the cloud environment.Proxy re-encryption refers to the owner of the data will be encrypted files stored in the cloud,when faced with different receivers,cloud server using re-encryption key to delegate the decryption rights,so that we can translate the original ciphertext into a re-encrypted ciphertext that the target user can decrypted.In this process,the cloud server cannot obtain any valid information about the plaintext.Group communication is a useful primitive for sharing message in a specifically group and has been widely used in unbalanced networks.Nowadays,many of work is done on the based of team cooperation,so the communication between groups is more conducive for data sharing.In this thesis,we focus on group-based proxy re-encryption,two schemes of group-based proxy re-encryption are proposed.The first one is to propose a group-based proxy re-encryption scheme based on strongly-unforgeable one-time signature.The second is to proposed a identity-based conditional group proxy reencryption scheme.The main contributions and innovations of this thesis are as follows:(1)Propose a group-based proxy re-encryption scheme based on stronglyunforgeable one-time signature.In this scheme,the strongly-unforgeable one-time signature enable the user to verify the original ciphertext and re-encrypted ciphertext,thereby preventing the adversary from tampering with the original ciphertext or reencrypted ciphertext.In other words,if an adversary tampered with the original ciphertext or re-encrypted ciphertext,the signature verification can not be obtained when the receiver gets the original ciphertext and the re-encrypted ciphertext.Our scheme can effectively reduce the computational cost of the user,and the performance of the proposed scheme is much better than other schemes.(2)Propose a identity-based conditional group proxy re-encryption scheme.Informally speaking,identity-based conditional group proxy re-encryption scheme allows a proxy knowing re-encryption key related to condition c to transform ciphertexts encrypted under an identity and condition c to other ciphertexts under another identity with the same plaintext.We can use the conditional-based group re-encryption to achieve the fine-grained access control of these ciphertext,and then use the re-encryption key to generate the re-encrypted ciphertext we need.The identity-based group re-encryption is to facilitate the recipient can be based on their own identity information to generate their own private key,reduce the local storage space.