Applied Research Of Attribute-based Searchable Encryption

With the raising popularity of cloud computing,more and more services,such as compute,storage and application,are introduced to people.Cloud storage system is used widely by individuals and enterprises because of its low cost and efficient services.Searchable encryption(SE)has given users much convenient for data storing and sharing in the cloud when the data is encrypted for the purpose of privacy protection,while attribute-based encryption(ABE)provides the fine-grained access control method for outsourcing data.However,the existing schemes only support either index encryption with search ability or data encryption with fine-grained access control ability.There is no consideration for achieving both abilities simultaneously or instantaneous user revocation in a multi-user environment.To address these problems,the thesis first modifies the existed scheme.Through using the mediated encryption technology,a mediated attribute-based keyword search(mABKS)scheme is proposed.The scheme has following advantages:(1)supporting fine-grained and owner-enforced search authorization.Data owners decide a access policy to encrypt keywords by ABE,then secure indexs are generated;(2)instantaneous user revocation,which is achieved by deleting the mediated share of the user attribute secret keys;(3)suiting for fog computing paradigm,fog nodes can act as mediators for data sharing under the distribute environment.Second,the thesis extends the mABKS to mediated online/offline attribute-based encryption with keyword search(mOOABEKS)for large-scale application or mobile cloud environment by adopting the online/offline attribute-based encryption machanism.Besides the above advantages,the scheme supports:(1)index encryption and data encryption simultaneously using a single ciphertext-policy attribute-based encryption(CP-ABE)primitive and sharing the same key pair,thus the cost of key management is greatly reduced;(2)most of computation tasks in data decryption are securely delegated to the mediators;(3)application in the mobile cloud environment by adopting online/offline attribute-based encryption to reduce the computation cost of end users.Finally,the thesis gives the security definitions of the two schemes and formally proves mABKS scheme is selectively secure against chosen keyword attack(CKA)under the standard model.Meanwhile,the mOOABEKS scheme is proved selectively secure against CKA and chosen plaintext attack(CPA)by directly reducing the security to the security of mABKS scheme.In addition,the performance evaluation shows the efficiency of the proposed schemes.