Searchable Encryption Cloud Storage With Dynamic Data Update To Support Policy Hiding

With the rapid development of cloud storage server,the storage and use of data have undergone great changes,and people have transferred a large amount of data and computing to the cloud server,which has improved the work efficiency.However,the data owner also loses the absolute control over the data,and the security of the data is reduced.Many people choose to encrypt their data and upload it to a cloud storage server.This method undoubtedly brings great inconvenience to the sharing and retrieval of data.Therefore,attribute-based encryption schemes and searchable encryption are concerned.Compared with the traditional encryption algorithm,the attribute-based encryption scheme enables the data owner to set access control for data sharing.It has both access control and data encryption capab ilities.In order to cope with the complex environment of cloud storage,thesis uses searchable encryption technology to ensure the availability of uploaded ciphertext.The ciphertext policy attribute base encryption is adopted to achieve high granularity data access control.Thesis uses the homomorphic encryption to generate ciphertext to replace the attributes in the access policy and user's key to protect the user's privacy.The security of searchable encryption is optimized by using homomorphic encryption and aggregation algorithm.This thesis proposes a searchable CP-ABE that supports policy hiding(SCASPH)scheme.On this basis,thesis optimizes the structure of SCASPH,uses the characteristics of linked lists to achieve efficient dynamic data updates,and proposes a dynamically updatable searchable encryption cloud storage(DUSECS)scheme.So that data users can update the ciphertext stored on the cloud server.The DUSECS scheme protects the attributes in the access policy and the user key,and then moves the work of matching the attributes to the cloud server to reduce the computing overhead.The DUSECS scheme uses the linked list structure to improve the efficiency of data update and the function of data integrity detection.The DUSECS scheme does not need to generate labels separately.When checking data integrity,only a simple comparison is required to complete the test.The DUSECS scheme can also resist keyword guessing attacks when any user colludes with the cloud server and improve security without increasing computing cost.In order to reduce the computing overhead of data users,the DUSECS scheme provides a pre-decryption function,which effectively reduces the computing overhead of users.Experiments show that the scheme is safe and efficient.