Research On Ciphertext-Policy Attribute-Based Encryption With Delegated Equality Test And Its Application

The sharing of personal data with multiple users from different domains has been benefited considerably from the rapid advances of cloud computing,and it is highly desirable to ensure the sharing file should not be exposed to the unauthorized users or cloud providers.Attribute-based encryption seems to be a promising solution to provide fine-grained and versatile access control over the encrypted sharing data due to its expressiveness.Unfortunately,issues such as achieving the flexible access control of the sharing file,preserving the privacy of the receivers,forming the receiver groups dynamically,and high efficiency in encryption/decryption still remain challenging.On the other hand,in cloud computing,the user's search for data is different from the search for plaintext data.However,the search after decrypting the ciphertext is obviously inefficient and impractical.Therefore,how to improve the efficiency of users to find information in cloud computing,to achieve efficient search and access to data is also a challenge issue.In order to solve the above issue,we will study both attribute-based encryption and public key encryption with equality test.The main contributions are as follows:(1)Firstly,to deal with aforementioned challenges,we provide a novel attribute-based encryption data sharing scheme with privacy protection in cloud computing.It features the property of hidden access policy and enables the data owner to share his/her data with multiple participants who are inside a predefined receiver set and fulfill the access policy.This efficient and secure data sharing system by incorporating verifiable outsourcing decryption technique for attribute-based encryption,and the idea of online/offline attribute-based encryption.Extensive security analysis and performance evaluation demonstrate that our data sharing system is secure and practical.(2)Secondly,we initialize the concept of ciphertext policy attribute-based encryption with equality test(ABE-ET)by combining the notions of public key encryption with equality test and attribute-based encryption.Using ABE-ET primitive,the receiver can delegate a cloud server to perform an equivalence test between two messages,which are encrypted under different access policies.On the other hand,the receiver can also identify the authenticity and integrity of the data through digital signature.During the delegated equivalence test,the cloud server is unable to obtain any knowledge of the message encrypted under either access policy.Moreover,the theoretic analysis and experimental simulation reveal that the proposed scheme is efficient and practical.