Design And Implementation Of Cloud Storage System Based On Certificateless Proxy Re-Encryprion

With the development of a series of emerging Internet technologies and industries such as big data and cloud computing,cloud storage,as a convenient and reliable information storage technology,has been applied nore and more widely.In the meanwhile,cloud storage has many security problems that traditional storage technologies do not have,which directly threaten the security of users' data.At present,the cloud storage system widely used generally lacks the protection mechanism for users' private data,which can easily cause serious data leakage accidents and cause losses to users and enterprises.Therefore,how to ensure the security of user privacy data in cloud storage has been a research hotspot in the field of cloud storage.This paper mainly studies the design and implementation of a secure cloud storage system based on certificateless public key cryptosystem.It mainly focuses on the design of the encrypted data sharing mechanism and the identity authentication mechanism in the cloud storage system to ensure that the user!s private data are not illegally accessed and shared.First of all,we compare and analyze the traditional public key cryptography based on PKI technology,identity-based public key eryptography and eertificateless public key cryptography,point out the advantages of certificateless public key cryptosystem in cloud storage environment.Then we analyze the identity authentication technology and data sharing technology which is widely used in cloud storage services at present.On this basis,we present a secure and efficient certificateless proxy re-encryption scheme to realize the sharing of users*encrypted data in cloud storage so as to ensure the security of users' privacy data.At the same time,a secure identity authentication protocol is designed based on the certificateless digital signature technology,which can realize the bidirectional authentication between the cloud storage server and the user and ensure the legitimacy of the identities of the two communicating parties.In the aspects of implementation of the cloud storage system,we uses JPBC encryption library to implement uncertificated encryption,decryption and signature.In order to improve the efficiency of the system,the user's private data is encrypted using the standard symmetric encryption algorithm SM4 which issued by the State Cryptography Administration.The symmetric key is encrypted by the user's public key.The obtained file ciphertext and the key ciphertext are stored together in the cloud to realize the mixed encryption of the user's files.At the same time,we use HDFS distributed file system based on Hadoop cloud computing platform to realize the function of file upload and download,and ensures the high reliability of the system through data backup and fault-toleranttechnology provided by HDFS.Finally we did a large number of tests under the Windows operating system,the experimental results show that this system can correctly implement the identity certification between user and the server,and can safely realize the file encryption and encrypted file sharing,so as to guarantee the safety of the users' data stored in the cloud.