The Design And Implementation Of Ciphertext Query Scheme Supporting Access Control

With the rapid development of cloud computing,users begin to store data on the cloud server to save their own overhead and facilitate convenient multi-point access.But in real life,cloud servers are often unsafe.In order to protect the privacy of user data,the data is generally stored in the form of ciphertext in a cloud server.The need for ciphertext data search generated a searchable encryption technology.In order to make the searchable encryption scheme suitable for more practical application scenarios,the searchable encryption scheme should support the authorization search,and give different query permissions to users of different attributes in the system.In addition,the system should have the right to revoke the user's attributes.In order to support different query functions,searchable encryption schemes should support query operations with diversity.However,the currently authorized searchable encryption technology has many deficiencies and problems to be improved in respect of query diversity,attribute revocation and inefficiency of computation.In view of the above problems,this paper makes a deep research on authorization query,attribute revocation and query of diversity.By combining searchable encryption technology and attribute encryption technology,a ciphertext query scheme supporting access control function is proposed based on the existing searchable encryption scheme and a concrete system implementation is given.In this scenario,the data owner joins the access control policy when creating the ciphertext index.Therefore,when the attributes of the data query user satisfy the access control structure,all the data satisfying the query condition can be searched.In addition,this scheme supports the revocation of user attributes and transfers the work of ciphertext update to the cloud server during the attribute revocation process.The scheme further reduces the computational cost of the user under the premise of ensuring the security.Aiming at the diversity of query algorithms,this paper improves on the predicate encryption algorithm.This scheme realizes multi-condition fusion ciphertext cloud data query mechanism,supports the equivalent query,comparison query,range query,AND operation,OR operation.In order to improve the efficiency of the algorithm,the algorithm in this paper uses the bilinear mapping operation of the prime-order group,which improves the efficiency of the bilinear group operations more efficiently than the combined orders.While improving the efficiency,this article also gives the analysis and proof of the calculation consistency,complexity and security of the scheme.Finally,the design and implementation of the system are completed,and the performance analysis of the system test results is carried out to verify the correctness and effectiveness of the algorithm.