Outsourced Multi-authority CP-ABES Scheme In Cloud

After more than ten years' rapid development,cloud computing has brought great changes to people's life and the Internet.The data is rapidly increasing.So,the traditional storage technology is exceeding the load,which has derived a new storage technology--cloud storage.However,cloud storage means putting data on the uncertain cloud,where tens of thousands of users upload and download data every day.The existing cloud service providers cannot guarantee that they are completely trustworthy.How to promise the security of data is a major technology of cloud storage.In order to ensure the privacy of users,users' data should be encrypted before being stored in the cloud.Effective access control technology is also needed to limit the malicious access of illegal users.Attribute-based encryption is an effective method to achieve data security and dynamic access control in cloud environment.Only the users whose attributes satisfy the access policy can decrypt.Ciphertext policy attribute-based encryption(CP-ABE)can achieve data owner controlling data which associates ciphertext with access policy.However,most of the existing schemes use a single authority,which brings the system bottleneck problem.The users also need to complete all the encryption and decryption computations,which brings great computational burden to the users.In addition,some users may reveal secret keys or construct decryption device to provide decryption service for profit.How to trace malicious users is also a hot topic in current research.This paper mainly aims at the requirement of secure data sharing in cloud environment.The research background of attribute-based encryption and the current researches at home and abroad are firstly introduced.The problems in the existing schemes are also analyzed.This paper designs an outsourced multi-authority CP-ABE scheme in cloud environment.In this scheme,in order to improve the efficiency of users,most of computations in encryption and decryption are outsourced to cloud service providers.It can also ensure the security of users' data while outsourcing.In order to apply to the dynamic changes of users' rights in practical application,the algorithms of user revocation and attribute revocation are also added to the scheme.When a user is revoked,we only need to remove the user's key from the user list.When attributes are revoked,most operations are calculated by the cloud service providers without bringing a heavy computational burden to user.However,the cloud service providers cannot be fully trusted,existing outsourced computation schemes are short of effective verification algorithms.With the help of the verification to the outsourced results,the user can judge whether or not the cloud service provider gives a credible result.When the result is wrong,the user can immediately stop unnecessary calculations.In addition,most of the existing traceable CP-ABE schemes are white-box traceable which can only trace malicious users based on leaked keys.But they fail to trace the malicious user who constructs the decryption device.To solve these problems,on the basis of the above outsourced multi-authority CP-ABE scheme,this paper proposes a verifiable outsourced multi-authority CP-ABE scheme which achieves black-box traceability.This scheme can track the user who constructs the decryption device.It is efficient and has low computing burden.Finally,we can draw a conclusion that the proposed schemes are efficient and safe by the simulation results and theoretical analysis.