| In recent years,Attribute-based Signcryption,an emerging cryptographic primitive in public key cryptography,has attracted extensive attention of researchers for its unique advantages.The attribute-based signcryption system is a complex combination of attribute-based encryption and attribute-based signature system.It perfectly inherits the advantages of both attribute-based encryption and attribute-based signature system,not only providing fine-grained access control but also satisfying security requirements for confidentiality,authenticity,certifiability and unforgeability.In terms of computational overhead and communication overhead,it is significantly lower than the traditional method of "encryption then signature" or "signature then encryption".Therefore,the attribute-based signcryption system is considered to be an ideal method for solving secure data sharing and identity authentication in the cloud computing environment.Same as most attribute-based cryptosystems,in the attribute-based signcryption system also exist the problems that impede its popularization and application,such as excessive ciphertext and low efficiency of designcryption.In addition,due to the inevitability of users' right modification and key leakage,etc,attribute-based signcryption system should consider the issue of efficient user revocation.In response to these challenges,this thesis has conducted in-depth research and achieved the following research findings:(1)In view of the efficiency problem,this thesis,combining the key blinding technology and the server-assisted signature verification idea,firstly proposes a verifiable outsourcing designcryption attribute-based signcryption scheme based on PHR system,which effectively reduces the overhead of the computation at the user side.The design principle of verifiable outsourcing designcryption in this scheme can be considered as a complex combination of verifiable outsourcing decryption in ABE scheme and server-assisted signature verification.In order to prove that the scheme is CPA-safe,this thesis gives specific security proof from three aspects: confidentiality,verifiability and unforgeability.Besides,the simulation experiments conducted also show that the proposed scheme is safe and feasible.(2)In order to realize the function of user revocation while ensuring efficiency,this thesis proposes a revocable server-assisted signature attribute-based signcryption scheme.This scheme,using the broadcast encryption technology and key segmentation technology,realize the function of user revocation for the first time in the attribute-based signcryption scheme.The scheme also uses a trusted third-party server to update the revocation list in real time and assist the signature,so as to reduce the computational overhead incurred by the user when performing the signature operation.Moreover,this thesis demonstrates the security proof of confidentiality and unforgeability to ensure the security of the scheme,and shows the feasibility of the scheme through further analysis of communication and computational overhead. |
PDF Full Text Request