| Recently,cloud computing has become more and more popular.Cloud-based storage services have brought unprecedented convenience to users.Individuals and enterprises have outsourced data to the cloud to reduce the maintenance costs of local storage.However,storing sensitive data in the cloud brings security issues.How to ensure the confidentiality of the data is a major obstacle to the widespread deployment and adoption of cloud computing.Attribute-based encryption provides fine-grained access control and flexible access policies.The data is encrypted via user-defined attribute combinations and logical policies such that users with certain characteristics can decrypt it.The attribute-based signcryption scheme is an elaborate combination of attribute-based encryption and attribute-based signatures,which can perfectly inherit the advantages of attribute-based encryption and attribute-based signatures,that is,confidentiality,authenticity,and anti-forgery.Additionally,it can be more efficient than the simple approach of "signature and then encryption" or "encryption and then signature".Therefore,attribute-based signcryption scheme can be utilized to protect security in cloud storage system,which provides access control to effectively solve the security problems in cloud storage.This thesis does in-depth research on the previous attribute encryption or signcryption schemes summarizing the ideas,techniques and deficiencies.The contributions of the thesis are listed as follows.1)Considering the efficient revocation requirements and the efficiency of the signcryption algorithm,the thesis proposes a solution for outsourced signcryption and revocable signcryption scheme.The proposed scheme embeds the version key in the attribute private key and outsources the ciphertext update task to a cloud server.Meanwhile the efficiently fine-grained revocation function is employed to the scheme.Moreover,the most complex calculations are also delegated to incompletely trusted cloud servers,which effectively reduces the computation overload on terminals.The safety and performance of the proposed scheme is analyzed by this thesis.Through comparison and simulation experiments with other schemes,it demonstrates that the scheme has higher efficiency and practicability.2)To realize keyword search on ciphertext data,the public key search technology was introduced based on the previous scheme to construct an attribute-based signcryption scheme with keyword search.The proposed scheme provides keyword search in ciphertext form without exposing the keyword to the cloud server.It not only protects the keyword privacy,but also has the characteristics of attribute revocation and outsourced unsigncryption.Furthermore,it possess higher space efficiency in secret key than the former scheme.The thesis also proves the security of confidentiality and unforgeability of the proposed scheme,and give performance analysis to demonstrate efficiency and practicability.Two attribute-based signcryption schemes which provide data security protection in the cloud environment are presented in this thesis.The space efficiency of the schemes are related to the number of attributes.And the security proof is based on a random oracle model.How to design a constant-size attribute-based signcryption scheme proved security under the standard model or tighter constraints will be studied in the future. |
PDF Full Text Request