A Research Of Efficient Revocable Storage Attribute-based Encryption Scheme

With the rapid development of technology,cloud computing has greatly changed people's habits.Whether it is life or work,more and more people are relying on cloud computing-related products.In terms of data storage,because cloud computing has the advantages of easy expansion,low cost,and convenient use,more and more users store data on cloud servers.And it is generally assumed that third-party servers are untrusted,user data can only be stored after encryption.Therefore,modern cryptography technology is widely used to protect user data in cloud storage environments.Among them,the attribute-based encryption system(ABE)has received the great attention of cryptographers due to its special advantage that the encryption and decryption process is directly related to the attribute of the user.Compared with the identity-based encryption system(IBE),the ciphertext policy attribute-based encryption system(CP-ABE)has accurate user information to a single attribute,and the overall encryption scheme has become more flexible,so it is widely used in cloud storage.CP-ABE not only provides a secure data sharing scheme,different access structures also allow it to have access policies of various granularities,making it very flexible in a variety of complex application scenarios.However,on the other hand,the existing CP-ABE scheme has the problems that the ciphertext length increases with the complexity of the access policy,the encryption scheme is complex,the calculation efficiency is low,and fine-grained revocation is not available.Therefore,the improvement of the CP-ABE scheme becomes an important research direction in the field of cloud data security.This thesis conducts research work to improve the revocation granularity and work efficiency of CP-ABE scheme.First,this thesis combines proxy re-encryption technology and CP-ABE,adopts a flexible multi-valued wild-card AND gate structure,and proposes an efficient and revocable storage attribute-based encryption scheme with constant ciphertext length(RVOC-CP-ABE).The scheme implements fine-grained user attribute revocation,and the attribute of constant ciphertext length allows it to occupy less storage resources.In addition,this thesis also studies the revocation algorithm in the hierarchical file system and proposes a hierarchical CP-ABE scheme which implements revocable storage(ROFH-CP-ABE).This solution implements the encryption of hierarchical files by constructing a special tree structure,reduces storage redundancy,and uses the Chinese remaining theorem to complete direct revocation,which is fast and efficient.At the same time,in order to reduce the user's computing overhead,outsourcing computing is used in the decryption stage of both solutions to outsource complex computing to a third-party server.At last,this thesis proves the security of the two schemes through the provable security theory and the deterministic bilinear Diffie-Hellman(DBDH)assumption.After completing the theoretical analysis and simulation experiments of the scheme in this thesis and other similar schemes,it can be seen that the scheme in this thesis not only optimizes the performance in a targeted manner,but also has more comprehensive functions that can cope with multiple complex application scenarios.The full server architecture design also provides an efficient and reliable solution for the use of encryption mechanisms in cloud storage.