Research On Attribute-Based Cryptosystem And Its Applications In Cloud Environment

With the rapid development of emerging information technologies,the secure storage and sharing of massive data has become an urgent problem to be solved.The emergence of a third-party data storage platform represented by cloud storage provides a new means for solving data management problems.However,storing data on third-party platforms increases the risk of data leakage.Attribute-based encryption has received double attention from academia and industry because it can provide data encryption and fine-grained access control,and has become the best candidate for cloud storage encryption schemes.After nearly 15 years of development,the attribute-based encryption system has achieved many excellent results in theoretical research.However,in certain application scenarios,there are still many new requirements on functions and security.This thesis expands and reforms the attribute-based encryption system according to the new requirements in some specific application scenarios.The main research contents include:(1)In order to ensure better privacy of users' attributes during key generation,we use the oblivious transfer protocol to achieve the separation of attribute audit authority and key generation authority.During the key generation process,we ensure that users' attribute information will not be leaked to the key generation center,and at the same time,the attribute audit center that is only responsible for the audit function cannot obtain the users' key.This scheme is suitable for application scenarios where various attributes themselves are privacy information.It protects the privacy of users' attributes during the key generation phase.In addition,we also introduced the application examples of the new solution in industrial data sharing scenarios.(2)To meet the security requirements of data confidentiality,authentication,integrity,and traceability in medical information scenarios,we designed an electronic health record system based on attribute-based cryptography and blockchain technology.In the same cryptographic system,under the premise of sharing system parameters and key generation process,attribute-based encryption,identity-based encryption,and identity-based signature are simultaneously realized.In our system,we use attribute-based encryption and identity-based encryption schemes to ensure the confidentiality of medical data,realize flexible access control and controlled sharing,use identity-based signature schemes to authenticate medical data,and use blockchain technology guarantees the integrity,non-tampering and traceability of private data.Finally,we also introduced the application examples of the new scheme in medical insurance scenarios.