Research Of The Access Structure Hiding Technology Based On Attribute Encryption

With the explosive growth of data,cloud storage has been the development trend of data storage day by day.Cloud storage is mainly used to store and manage data remotely.Users can access data stored in the cloud server from anywhere.However,data stored in the cloud means that it may be stored in an untrusted third-party cloud service provider,which may access or disclose sensitive data,or share stored data to unauthorized users.Therefore,safe and effective access control technology is an important technical measure to ensure cloud storage security,and has become an urgent problem in cloud storage.Currently,the mainstream access control technology in cloud storage is the attribute encryption technology.In the traditional attribute encryption scheme,the encryptor sends the exposed access structure together with the plaintext when sending the ciphertext,and usually the access structure itself contains some privacy information.So it is extremely urgent for the research to hide the access control.The traditional attribute encryption scheme can not effectively solve the similar "process" requirements,which means the attributes contain an order relationship.To solve this problem,a new encryption primitive has been proposed: process-based encryption.However,the existing solutions only achieve key-based process encryption scheme.In order to better apply to cloud storage environment,this paper improves on the existing basis and proposes a ciphertext-based process encryption scheme.The new scheme adopts a special access of tree structure to hide the access structure,that effectively protects the user's privacy information,and a rich access structure meets the fine-grained access control technology.Besides,the proposed scheme can be proved secure in the standard model.Compared with the traditional attribute encryption scheme,the proposed scheme has higher efficiency and flexibility,which greatly increases the feasibility of the scheme in practical applications.In an attribute-based encryption scheme,a user with access authorization may reveal or share his private key to others,which results that unauthorized users abuse his access privilege.Thus,the key will be in abuse.Most of the existing solutions can trace malicious users,but they cannot be revoked from the system.In addition,a number of solutions for property revocation have been proposed for the problem of attribute changes caused by user dynamic updates.However,there are few programs that combine the two,that is,embedding revocation mechanisms in the accountability mechanism.This paper improves on the existing basis,proposes a revocable and revocable attribute-based encryption scheme that can hide the access structure,and considers that a single authorized institution is vulnerableto attacks.We have adopted a multi-authorized agency without central authority in the plan.The proposed scheme establishes a accountability list to track malicious users,learns from the unforgeability of digital signature schemes,determines whether the private key of the user is a reasonable private key through the key satisfaction checking method,and then determines whether or not to track.At the same time,this scheme uses an identity GID with a global identity to resist the user's collusion attack.The scheme adopts the LSSS matrix access structure,which has rich and flexible expressive capabilities,and uses the method of calculating obfuscated values to hide the access structure,and introduces a version number in the ciphertext key to support user revocation.Compared with other solutions,this solution has better performance and efficient user revocation.