Design And Analysis Of Public Key Encryption Against Leakage Attack In Cloud

Cloud computing is widely favored by users and enterprises for its high speed,flexibility and reliable service.However,its dynamics and openness also lead to a series of security problems,for example,data security and privacy protection.Cryptography plays an important role in the means to solve the above problems,especially the public key encryption(PKE),because the characteristics of complex algorithm strength makes the scheme has better security.The studies show that the security of the traditional PKE schemes is based on an idealized condition,where the attacker cannot learn any information of the secret keys and the internal states of the system.However,this assumption is not set up in practical application.The attacker can obtain some sensitive information about the key by using the physical information such as the running time and energy consumption outputted by the cryptographic algorithm,thus destroying the entire cryptographic system.The leakageresilient(LR)cryptographic mechanism has emerged because side-channel attacks pose a great threat to cryptographic systems and it is difficult to avoid side-channel attacks by improving the performance of computers.The leakage-resilient mechanism still ensures the security of cryptographic schemes on the premise that adversaries are allowed to know the leakage information of secret keys and internal states.This thesis studies the LR-PKE,which involves the realization of anonymity,the design of supporting direct revocation and the improvement of leakage rate.The main work is as follows:1.The anonymous ciphertext-policy attribute-based encryption(CP-ABE)schemes for general access structures are constructed.Most of the existing LR-PKE schemes under the continual memory leakage model cannot protect the privacy of the receivers.To achieve the leakage-resilience and privacy-preserving at the same time,two anonymous CP-ABE for general access structures are proposed in this thesis.The first scheme support monotonic access structures which are encoded as minimal sets to reduce the computational cost of decryption algorithm.Then this article gives a method of how to design an anonymous CPABE for non-monotone access structures.Both schemes can tolerate the continual leakage when an update algorithm is employed in the event of the occurrence of the leakage information beyond the allowable leakage bound.Finally,it is proved that these two schemes are adaptively secure in the standard model under four static assumptions based on the dual system encryption technology.The performance analyses confirm the high efficiency of schemes.2.A CP-ABE that supports direct revocation and anonymity is constructed.Aiming at solving the problem that the existing LR-PKE cannot realize user revocation while protecting user's privacy,this thesis proposes a revocable CP-ABE scheme that can resist continuous leakage.The scheme is based on the continuous memory leakage model and four static assumptions over the composite order group.It is proved that the scheme can achieve adaptive security in the standard model.In addition,the scheme supports anonymity of recipients and realizes privacy protection of users.The performance analyses and the security analyses show that the scheme is safe and efficient.3.The LR-CP-ABE scheme is designed to achieve the maximum leakage rate.The leakage rate of the existing schemes is relatively low and related to the number of attributes in the attribute set.In addition,the existing schemes seldom consider protecting the privacy of users.To solve these problems,this article constructs a scheme with maximum leakage rate 1-o(1)under the relative leakage model based on an extension of the lattice-based trapdoor.Furthermore,it achieves the anonymity which can protect the privacy of the receivers.The proposed scheme can be reduced to the standard assumption--Decision Linear(DLIN)assumption in the selective security model and resist the Chosen Plaintext Attacks(CPA security).