Design And Implementation Of Revocable IBE Scheme In Cloud Storage

In recent years,with the continuous development of artificial intelligence and big data,Major Internet vendors use cloud storage technology to store large amounts of user data generated each day and provide data information and storage space to authorized users.Data owners can upload data to the cloud server for data storage and data sharing.Thus,cloud storage technology plays a pivotal role in the Internet today.At the same time,because the user uploads his or her own data to the cloud storage device for storage,the data is out of the user's control.Therefore,how to prevent illegal users from accessing and modifying cloud data is an important issue for cloud storage systems.In order to ensure data confidentiality sharing in cloud storage,this paper focuses on the design and implementation of revocable identity-based encryption(IBE,Identity Based Encryption)scheme in cloud storage environments,and presents a public key encryption scheme with user revocation for cloud storage,and then designs an identity authentication mechanism and data sharing mechanism based on this.Firstly,by analyzing and comparing with the traditional public key cryptosystem,this paper points out the advantages of the identity-based public key cryptosystem in the cloud storage environment.After that,a revocable identity-based encryption scheme for cloud storage is proposed to protect the confidentiality of data Shared by users in cloud storage.The scheme can be used to prevent the unauthorized or revoked data users from decrypting ciphertexts.At the same time,SM9 digital signature algorithm is adopted to realize mutual authentication between the user and the server,so as to ensure the authenticity of the identity of both sides of the communication.Secondly,with regard to the implementation of cloud storage system,this paper employs the Hadoop cloud computing platform and the cloud storage technology widely used at present to realize a cloud(Shared)data confidentiality protection system in combination with the designed revocable identity-based encryption scheme.An open source encryption library miracl was installed on the visual studio 2015 development platform for implementing the identity-based encryption scheme and the SM9 signature scheme.The user's private data is encrypted with the symmetric encryption algorithm SM4 included in the national commercial cryptographic standard.The SM4 key is protected by the IBE scheme.The resulted data ciphertext and symmetric key ciphertext together are stored in the cloud.At the same time,HDFS distributed file system of Hadoop cloud computing platform combined with Thrift communication protocol is installed to realize file upload,download,and data backup.The fault tolerance technology provided by HDFS is used to ensure the high reliability of the system.Finally,a lot of tests are carried out on the cloud storage system under the Win10 operating system.The experimental results show that the system can correctly realize the identity authentication between the user and the server,and can provide efficient encryption,decryption and sharing of user's private file.Furthermore,it can also supply the functionality of user revocation when a user confronts with problems such as private key leakage or expiration of authorization.After revocation,the revoked user will lose decryption rights to the cloud data.