Research On Encryption Scheme Based On Public Key Cryptosystem For Access Control

With the rapid development of information technology,the number of files(need to be stored)grows exponentially in the storage system.People found that using the cloud storage technology to build the Internet architecture has great application prospects.However,storing a large amount of user data on a cloud server will cause many data security and user privacy issues.The complex key management mechanism and poor scalability in traditional public key cryptography greatly restrict the application of traditional public key encryption scheme in cloud storage.In order to solve the above problems,the encryption scheme based on the public key cryptosystem for access control is gaining more and more attention.This thesis studies and optimizes the application of the access control encryption scheme based on public-key cryptography for the existing real-world environments.Three access control schemes are proposed for different scenarios.The thesis proves the security of the proposed scheme in detail,and compares the efficiency of these schemes with the existing schemes.The results of this thesis are as follows:1.This thesis designs the identity-based online/offline encryption scheme.The scheme introduces the public outsourcing key generation center to solve the key escrow problem.The scheme is intended to provide an effective access control scheme for low computing power electronic devices such as sensors or mobile terminals.For a user,most of the encryption calculations can be done in the offline phase and most of the decryption calculations can be outsourced to the cloud.And the scheme solves the problem that all users' private keys are generated by one trusted private key generation center.In this way,the scheme can improve the user's trust for the system.This scheme not only protects the security of user data,but also reduces the storage cost of users and the communication cost between users.2.This thesis proposes the multi-authority attribute-based encryption access control scheme.To solve the storage cost is too high and existing malicious medical staff problems in existing electronic health record system schemes,the scheme firstly realizes the basic functions of the electronic health record system using circuit as the access control structure.On this basis,the scheme can introduce the first aid department and track the malicious medical staff.After that,the scheme uses the idea of aggregated signature to solve the problem of the ciphertext length.Compared with the existing scheme,the scheme ensure user data and privacy are secure and the length of the ciphertext is constant,malicious staffs can be tracked and the users' record can be quickly found out.3.This thesis proposes the verifiable outsourcing cooperative decryption scheme applied in D2D communication.Mobile users will avoid outsourcing decryption computations to the cloud through the mobile network due to mobile traffic and network constraints.The scheme enables the mobile terminal to outsource its own heavy decryption computations to multiple devices in the D2D network.The scheme adopts the linear secret-shared access control structure.The scheme solves the collusion attack problem through establishing a specific identifier for each user and realizes the proxy re-encryption function.