A Research And Application Of Revocable Attribute-based Encryption

With the rapid development of the internet,the Cloud Computing and Big Data have become the most popular technology of this era.The following problems are the more complex security requirements of data storage,data transmission,access control and so on.Although the traditional encryption system can guarantee its security,the difficulty is to solve a variety of security issues efficiently and flexibly.Therefore,attribute-based encryption(ABE)came into being.In term of the user's public key,a series of attributes have replaced the traditional unique identity in ABE.With respect to the encryption and decryption there is Attribute-Oriented rather than User-Oriented.Meanwhile in term of access control,attribute revocation is an indispensable part.According to the difference of the attribute operation,attribute revocation includes three aspects namely the revocation of user attributes,user revocation and the revocation of system attributes.By utilizing attribute revocation,we achieve the goal of fine-grained access control.Recently,attribute revocation has become one of the hotspots and difficulties of ABE.In this thesis,we make an in-depth research on the revocation mechanism and we make a comparison of the achievements from the aspects of access structure,revocation mechanism and the advantages and disadvantages of the revocation.There are some problems which need more research,such as the delay of attribute revocation,the update requirements of ciphertext or private key,the online status of authority,the coarse evocation granularity,the inefficiency of revocation,the bad expressiveness and the length of ciphertext et al.Against the above problems,we make an in-depth study of revocable ABE and its application and achieve the following contributions:(1)In this thesis,we propose a direct-revocation attribute-based encryption scheme supporting non-monotonic access structures.We firstly combine the direct revocation and non-monotonic access structures in the scheme and apply it into the application scenario of M-Healthcare.This not only guarantees the confidentiality of the patient's health information,but also provides more flexible access control of the authorities of the doctors.We also provide security analysis and performance analysis in the scheme and elaborate the advantages anddisadvantages of the scheme.(2)In this thesis,we propose an indirect-revocation attribute-based encryption scheme supporting outsourcing.We introduce the indirect revocation and outsourcing into attribute-based encryption and apply it into personal health records(PHR)system.This scheme not only improves the efficiency of outsourcing,but also can realize the fine-grained access control.Meanwhile,we also provide security analysis and performance analysis in the scheme.