Research On Update Policy And Access Policy Attribute-Based Encryption Algorithms

As cloud computing has the characteristics of ensuring data availability and completeness,on-demand services,resource pool sharing,and service charging,it has recently been developing rapidly in various fields of application,which also makes it become a hot spot in information technology fields.By cloud computing,an increasing number of individual users,enterprises and institutions entrusted data storage and platform construction to cloud server,during the explosive growth of data,there will be data security problems.According to this case,we need to find out how to solve the problem of traditional encryption mechanism,such as inefficient computing,high storage cost and difficult to manage under the condition of realization of big data sharing.This has become one of the most challenging problems in cloud computing.The emergence of attribute-based encryption mechanism breaks through the drawbacks of traditional encryption.For example,as attribute-based encryption mechanism has the features of fine-grained access structure and collusion prevention,it enables users to effectively solve the cloud storage security problems above.In attribute-based encryption mechanism,system public key,user private key and access policy are represented by a set of attributes.The encrypted party can set up flexible access policy according to the set of attributes,and the decrypting party would satisfy a group of users rather than an individual user.The attribute-based encryption mechanism can also effectively reduce data redundancy and local computation as well as storage costs.At the same time,users can flexibly set up access policy based on the fine-grained access control;meanwhile,the property of non-collusion can also guarantee the security of the data.On the basis of the research on the attribute-based encryption mechanism,there are still problems in computation and storage overhead,and in practical applications,batch encryption and update operations can lead to security problems.In order to solve this problem,we takes the form of LSSS matrix as the access structure,and reduces the storage cost while optimizing the encryption and decryption algorithm.Referring to the hierarchical concept in the access tree structure,the hierarchical access is realized in matrix form,and the optimization is obtained.This paper deeply analyzes the related work of attribute-based encryption mechanism in cloud computing.From the perspective of practical application,in the premise of ensuring the security of user data,a new attribute-based encryption scheme is proposed based on the following aspects: reducing the storage cost of users,the communication cost between users and cloud servers,and improving the efficiency of encryption and decryption.The main research work of this paper is summed up in three parts:1.Propose an efficient policy update and file update CP-ABE scheme.In cloud platform application,in order to solve the problem of storage overhead,communication overhead and local computation cost in policy update operation,we introduced the policy update outsourcing model.At the same time,combining with demands on the practical application of functional and policy update problems,we designed file update to solve the hidden security problem of invariant in secret value in the policy update,and reduce the local computing overhead.Under the random oracle model,the security of the scheme is proved by chosen plaintext attack(CPA)security game and the decision q-parallel BDHE.2.Propose an efficient hierarchical access CP-ABE scheme.In the application of cloud platform,in order to solve the problem of lager computing overhead and storage overhead in batch file encryption,a new hierarchical access structure is proposed based on the concept of file hierarchy,which is contained in AND gate threshold.First,multiple access trees are integrated into a hierarchical access tree.Then,the integrate access tree turns into LSSS matrix.Finally,a new hierarchical access structure constitutes,which based on the hierarchical access matrix cut form.In the encryption phase,the attribute related ciphertext can be shared by multiple files,thereby reducing the storage overhead and encryption time overhead of the ciphertext.In the decryption phase,the attributes associated with the access policy can be shared by multiple files that need to be decrypted,thereby reducing the computing overhead of decryption.Under the random oracle model,the security of the scheme is proved by chosen plaintext attack(CPA)security game and the DBDH hypothesis.3.Propose a flexible hierarchical access CP-ABE scheme.In order to optimize the shortcoming of the access structure threshold in the second part,and propose to satisfy the access structure of AND,OR,THRESHOLD.In this scheme,the access structure contains multiple sub-matrix,which can satisfy any application scenario and achieve hierarchical access.However,the form of multiple access structures will inevitably bring storage cost,so it is optimized in the process of access structure transformation,removing the nodes that don't carry hierarchical information,and improving the efficiency of encryption and decryption while reducing storage.At the end of this paper,we summarize the innovation point of the research work,and look forward to the direction of further research.