Research On Multi-authority Attribute-based Encryption For Cloud Computing

Cloud computing is regarded as a new computing model to provide convenient data sharing services for users.It also provides computation,storage and network capacity for terminal devices.Although cloud computing is used to support a large number of business scenarios,the cloud server is not entirely credible which may reveal the outsourced data.Therefore,how to solve the security problems in cloud computing has become a common concern in the academic and industrial circles.Attribute-based encryption can not only guarantee data confidentiality,but also realize fine-grained access control over the encrypted data.However,the attributes of users may belong to different attribute authorities,thus it has difficulties in validating attributes and issuing keys for users among different domains and is not convenient for data sharing among different users.Moreover,the computation cost of attribute-based encryption schemes often increases with the complexity of access policies or the number of attributes,so the resource-constrained mobile devices can not meet the requirements for the high local storage and computation overhead.In this paper,we study the attribute-based encryption schemes under the application scenarios among multiple attribute authorities in the cloud computing environment:1.In order to solve the problems about the privacy of the access policy and the traceability of the user identity in cloud computing,this thesis draws lessons from one-way anonymous key agreement protocol and directly embeds the user identifier in the key.Then,this thesis proposes a traceable multi-authority attribute-based encryption scheme with hidden policy.Moreover,this thesis describes the system model and defines the proposed scheme.Next,this thesis formalizes the security model and the traceability model based on the system architecture.This thesis demonstrates that the proposed scheme is secure and supports the traceability of the user identity.Meanwhile,this thesis demonstrates the resistance for collusion attacks and the privacy of access policies.Finally,the extensive analytical comparisons demonstrate that our scheme improves the scalability and far outperforms the existing schemes in terms of computation and communication overhead.2.To address the security and efficiency issues of attribute-based encryption in mobile cloud computing,this thesis proposes an efficient online/offline multi-authority attributebased encryption scheme with chosen-ciphertext security by combining the concept of a secure Chameleon hash function and an online/offline encryption technique.Meanwhile,this thesis utilizes the cloud server to verify the validity of ciphertext in public.Moreover,this thesis gives the system model and defines the proposed scheme.Next,this thesis gives the formalized the security model and demonstrates that our scheme is secure against adaptively chosen-ciphertext attacks.Finally,the extensive analytical comparisons demonstrate that our scheme obviously outperforms the existing schemes in terms of functionality,computation and storage overhead,which is very suitable for the resource-constrained terminal devices with weak computation.This thesis utilizes the multi-authority attribute-based encryption mechanism and proposes the corresponding solutions based on the existing problems in cloud computing.The theoretical analysis and simulation results indicate that the proposed schemes are very practical and feasible which can guarantee data security,realize the privacy preserving of access policies,improve the security of the whole system and minimize the computation and storage cost on the user side.Therefore,the research on the multi-authority attribute-based encryption mechanism deserves the important theoretical fundament and possess practical application values.