| Cloud storage technique has made rapid development in recent years.Owing to the fact that cloud storage can provide data storage and transaction access service,numerous cloud users tend to store the large amounts of data in cloud server to save their storage and computing resources.However,cloud storage is still facing many security risks in practice due to the untrusted cloud server.As a flexible “one-to-many” public key encryption mechanism,attribute-based encryption can not only guarantee the privacy of data,but also achieve finegrained access control.Nevertheless,when attribute-based encryption is put into practice,it is still confronted with a series of technical problems.First of all,most current schemes cannot simultaneously achieve that owners dominate the data and users retrieve the interested files more accurately,either in ciphertext policy or key policy setting.Hence,it is necessary to use more flexible access policy.Furthermore,majority of attribute-based keyword search schemes focus rarely on decryption efficiency.Therefore,it is necessary to design an efficient encryption scheme.In addition,one often needs to delegate the decryption right to the delagatee in practical application.In order to enable the delagatee to decrypt reencrypted ciphertext successfully and to achieve that the ciphertext can be retrieved,it is of practical value to introduce proxy re-encryption mechanism into attribute-based keyword search scheme.In conclusion,it is very meaningful to study the attribute-based keyword search mechanism.The main works of this paper include the following two aspects:1.Based on attribute-based encryption and searchable encryption technique,this paper proposed a flexible attribute-based keyword search scheme via two access policies.In the new scheme,the data owner can control the access policy in order to gain control over their data and specify who can access the files.Simultaneously,the user can define the search policy so that he can search the interested files more accurately.In addition,the majority of computation tasks can be completed in an offline phase by exploiting online/offline technique,which spilt the computation of Index and Token Gen algorithm into two phases to improve the efficiency.And the ciphertext can be decrypted with a constant number of pairings while it grows linear with the number of attributes in most existing schemes.The new construction is selectively secure against chosen-plaintext attack and chosen-keyword attack,and also achieves keyword secrecy.2.Based on attribute-based proxy re-encryption and searchable encryption technique,this paper proposed a ciphertext-policy attribute-based proxy re-encryption scheme with keyword search.In the new scheme,each user's secret key consists of an attribute key and a search key.Therefore,the scheme can not only achieve the keyword search,but also achieve proxy re-encryption property which can also support arbitrary monotone access structure.In the test phase,while conducting the keywords matching algorithm,the cloud server can do partial decryption of the original ciphertext and the re-encrypted ciphertext,which can reduce the computational burden of users and delegatees.The security analysis indicates that the scheme can achieve data security,hidden keywords,query isolation and collusion resistance. |
PDF Full Text Request