Broadcast Encryption And Its Application Research In Cloud Storage

Traditional encryption algorithms generally only consider point-to-point situation,but in reality there are often single-point-to-multipoint or even multipoint-to-multipoint communication forms,and the traditional encryption method cannot be directly applied to this situation.Broadcast encryption is a single-point/multipoint-to-multipoint encryption method.In a broadcast encryption system,the broadcaster broadcasts the encrypted information to all users through a public channel,of which only broadcaster selected authorized users can correctly decrypt the ciphertext to obtain the original message,i.e.plaintext,and the unauthorized user cannot correctly decrypt the ciphertext.Function,security,and efficiency are important criteria for evaluating a broadcast encryption system.Because of its advantages such as pay-as-you-go,low cost,and convenient data sharing,more and more individuals and business users have chosen to store data on cloud servers in recent years.To protect data security,the data owner will encrypt the data and upload it to the cloud server.In the cloud storage environment,there is a single-point-to-multipoint relationship between the data user and data,and broadcast encryption can implement user access control on encrypted data.Broadcast encryption has been widely used in the field of cloud computing security.In this paper,the application of broadcast encryption and cloud computing(searchable encryption)are studied,and four schemes are proposed:(1)As a classic asymmetric encryption algorithm,the RSA algorithm is widely used in the fields of public key encryption and the Internet.According to the characteristics of RSA algorithm,combined with the identity-based broadcast encryption algorithm,a new RSA-based broadcast encryption scheme was proposed.The public key infrastructure(PKI)only needs to generate a pair of public key and private key for the system and send them to the broadcaster.The broadcaster can generate different private keys for any number of users for decryption.The user only needs to store a constant-size key.Under the standard model,it is proved that the scheme has the security of chosen plaintext attack against static adversary and satisfies the fully collusion resistant requirement.Experimental results show that the solution has obvious advantages in terms of computation and storage overhead.(2)Based on the RSA-based broadcast encryption scheme,the structure of the broadcast system was modified to convert the single-point-to-multipoint communication mode of the single-broadcaster to the multipoint-to-multipoint communication mode of the multi-broadcaster.The calculation process is optimized and the overhead of broadcasting is reduced.The optimal asymmetric encryption padding(OAEP)technology is used to make the scheme satisfy the IND-CCA2(adaptive chosen ciphertext attack)security and fully collusion resistant.Experimental results show that the scheme encryption algorithm and decryption algorithm are both efficient and suitable for smart mobile devices with limited computing resources.(3)Applied the structure of broadcast encryption to searchable encryption,and proposed a key-aggregate searchable encryption scheme.After uploading the encrypted data to the cloud server,the data owner needs to generate an aggregate key containing access rights for the user.The user can use the aggregate key to generate a trapdoor and perform keyword search on the encrypted data.When the user receives the parameters and encrypted data returned from the cloud server,the aggregate key and parameters are used to compute the symmetric key of the encrypted data to decrypt the data.Compared with the previous searchable encryption scheme,the data owner of this scheme controls different data accessed by users through different aggregate keys,making data access more flexible.The scheme greatly reduces the key storage overhead of each data user,and the user only need to store a constant-size aggregate key.The user can use the decrypted data to verify the integrity of the file.Security analysis and experimental results show that the scheme is safe and efficient.(4)A multi-user key-aggregate keyword searchable encryption scheme was proposed based on the former key-aggregate searchable encryption scheme and threshold broadcast encryption.The scheme reduces the computing overhead of the cloud server when users search and solves the problem of the limitation of the number of shared files so that the data owner can share any number of files with the data user.Security analysis and simulation experiment show that this scheme is safe and effective,which is more suitable for systems with a dynamic increase in the number of shared files.