Attribute-Based Encryption With Attribute Revocation In Cloud Computing

With the development of the cloud computing environment,the era of big data has comes,and the speed and quantity of data produced by human beings has been increasing gradually,which makes users have difficulties in computation,storage and hidden dangers of data privacy security.At this time,various access control technologies emerge at the right moment.Attribute-based encryption technology is a new type of access control technology.It is a cryptographic primitive with broad prospects,not only enrich the dynamic and scale of access control,but also greatly increase the security of data sharing.In addition,the fine-grained access control of attribute-based encryption technology helps data senders to determine the access policies and it's applicable to open cloud environments.Therefore,attribute-based encryption technology has been paid more and more attention by the society.Attribute-based encryption technology is an efficient new public key encryption technology that can achieve fine-grained access control of data in cloud servers,and is highly suitable for application scenarios in the cloud environment.The development and popularization of the cloud environment has brought new opportunities and development to the attribute-based encryption technology,but the attribute based encryption technology application in a cloud environment also exist some problems and challenges.First,due to the high expression and high strategic characteristics of attribute-based encryption technology,the computational overhead of key distribution,encryption and decryption processes in attribute-based encryption is too large,which brings great resources to users with limited resources and attribute authorities calculation burden.Second,users upload the shared data to the cloud server,and the data is out of the user's physical control,so the privacy of the data is difficult to be effectively protected.Third,the attributes and users are not completely static in the actual application,while the traditional attribute base encryption technology is difficult to meet the dynamic changes of users,and cannot fit the application and development of the real scene.Therefore,in order to solve the above problems,this thesis carries out further research on the attribute base encryption scheme that supports attribute revocation.First,a completely outsourced attribute-based encryption protocol supporting attribute revocation is constructed to reduce the storage and computing burden of users and the system.Second,a revocation attribute-based encryption scheme based on the key encryption key tree is constructed to speed up the efficiency of attribute revocation and reduce the computing burden of users.In the thesis,we construct an attribute-based encryption scheme that outsources key distribution and decryption to the cloud server.In this scheme,the encryption work is divided into online and offline parts,and part of the computation that only requires the public key is transferred to the offline part,which not only reduces the amount of computation storage of users,but also effectively protects the privacy of user data.The fine-grained property revocation is realized by means of re-encryption,and a single property is indirectly retracted by generating the re-encryption key to update the property and ciphertext.Finally,the user's identity is embedded into the key to achieve the property of traceable user,which not only effectively protects the privacy and correctness of user data,but also reduces the computing cost of users.The first agreement based on the thesis,the second agreement continue to improve the attribute based encryption attributes in the cancellation algorithm,constructs a key encryption key tree based support undo the attribute based encryption protocol,this protocol the properties in the cancellation on attribute level,and achieve a more granular properties to withdraw,guarantee the immediacy of attributes when undo information at the same time,avoid the user miss messages,and so on and so forth.The protocol improves the forward security and backward security of data by changing the selection of nodes in the key tree of key encryption.In the process of attribute revocation,the computation amount of attribute mechanism and user is reduced.The user needs a small amount of computation to update his own key.At last,the work done in the thesis is summarized,and further elaborated the existing problems of this project,put forward the next step of the work of the train of thought.