Research On Data Encryption And Sharing Scheme Based On CP-ABE In Cloud Computing

With the rapid development of cloud computing technology,5G wireless communication technology and intelligent sensor technology,people can store and transmit data information more easily and quickly.However,how to ensure the security of data sharing in the cloud environment is a long-term open problem.Therefore,the data encryption and sharing technology represented by ciphertext-policy attribute-based encryption(CP-ABE)came into being.CP-ABE enables users to get the key according to their own conditions or attributes,and the encryptor makes access policy to the data.However,the existing CP-ABE schemes have many shortcomings in security,efficiency and expressiveness.For example,most of these schemes based on CP-ABE only encrypt data simply,that is,upload data to cloud service providers(CSPs)through public key algorithm.In addition,most of these schemes lack of research on the access policy itself.Obviously,which can not fit the real application scenarios well.In view of the above defects,we design two data encryption and sharing schemes based on CP-ABE in cloud computing as follows:1)A two-factor public data protection scheme based on CP-ABE.In this dissertation,a revocable and efficient two-factor public data protection scheme based on CP-ABE is designed.In the process of data encryption and decryption,the two factors(security device and user secret key)have to work at the same time,which eliminates the security problems such as key stealing caused by simple encryption.In addition,the revocation of the security device solves the loss of the security device,so that the scheme has a high practical significance.The second level encryption is completed by CSPs,which ensures the overall efficiency of the scheme.The security analysis based on the 1-w DBDHI proves the security of the scheme under the random oracle model.2)A limited CP-ABE scheme with access policy hiding and outsourcing decryption.In view of the existing CP-ABE schemes(including the above scheme)in terms of efficiency and expressiveness,in this dissertation,we also design an auditable and limited CP-ABE scheme with preserving policy and outsourcing decryption.As far as we know,it is the first CP-ABE scheme that considers access policy hiding,outsourcing decryption,decryption audit and limited access in cloud computing.Specifically,the designed row bloom filter(RBF)and attribute row mapping table(A-RMT)can hide the access policy,the introduction of threshold ? and chameleon hash signature solve the problem of limited access and mutual authentication,outsourcing decryption and decryption audit improve the efficiency and ensure the security of data.The security analysis based on the q-p DBDHE proves that the scheme can resist the chosen-plaintext attack.