Design And Implementation Of Cloud Storage Encryption System Based On Uncertificated Encryption

There are many cloud storage applications in the software market.These cloud storage applications not only have large storage capacity,but also are fast and convenient for people's file management,saving local storage space.So,more and more users store their files on the cloud.However,more and more data leakage events emerge,which bring huge losses to users.These problems have caused users to be reluctant to use cloud storage services for fear of personal data leakage,thus influence the promotion and development of cloud services.Therefore,how to prevent the leakage of user data is an urgent problem to be solved in cloud storage.Public key cryptography is an important technology to protect the confidentiality of cloud data.Certificateless public key cryptosystems not only eliminate the complex certificate management in traditional public key cryptosystems,but also solve the key escrow problem in identity based public key cryptosystems.It is safe and easy to deploy.User revocation is an important issue in certificateless public key cryptosystem.In this paper,we present a revocable certificateless encryption scheme without pairing.Our scheme is more efficient than the existing schemes.Furthermore,we design and implement a cloud storage encryption system by adopting the revocable certificateless encryption scheme.The key in the system is divided into two layers.The first is the password,the second is the time key,the user's public key and the private key.In the system,KGC generates the time key for the user,which is sent to the user via public channels.The password is used to encrypt the private key,and the result is uploaded to the database storage,which guarantees the security of the private key.The user only needs to remember the login password.Both the private key and the login password are stored in the cloud server in the form of ciphertext,so the cloud service provider cannot obtain the user key information which improves the security of the system.The core of the system is the file encryption and decryption.When the client uploads the file,the system encrypts the file with the time and public key,and then stores the encrypted files on the cloud storage server.When the client downloads the file,the cloud first verifies the login information,then passes the encrypted file to it.After verification is passed,the client uses time key and private key to decrypt the ciphertext file,and gets the plaintext.When a user's private key suffers leakage or permission expire,the system will stop updating the time key for the user to achieve the purpose of revoking the user.Revoked users cannot decrypt the encrypted data stored in the cloud,thus fully protecting the confidentiality of cloud data and enabling users to enjoy the convenience of cloud storage.This paper adopts B/S architecture to implement the cloud storage encryption system.The security analysis and the performance test show that our system can ensure the security of user files,and is practical and efficient.