LSSS Access Structure CP-ABE With Sensitive Attributes Hidden

Ciphertext-Policy Attribute-Based Encryption(CP-ABE)is an important encryption technology in the public key cryptosystem.It associates the data to be protected with its access policy;associates user attributes with keys,which enriches the flexibility of the encryption scheme and enables fine-grained access control.However,in the traditional CP-ABE scheme,the access policy appears in plain-text,which may leak privacy information or violate user privacy.Although the CP-ABE schemes with hidden policies solve the privacy of the access policy,it hides all attributes in the access policy,which causes lack of pertinence in the hiding method and the large overhead.Besides,the data shared on the cloud may have conflicts of interest,or one may infer sensitive information from them.This thesis mainly researches on the prevention of information leakage or information inference in CP-ABE.The main contribution of this thesis is as follows.1.Considering the lack of pertinence in policy hiding and significant computation overhead in existing CP-ABE schemes,we present a Linear secret sharing scheme(LSSS)access structure CP-ABE scheme that hides only sensitive attributes,rather than all attributes,in the access policy.We also provide an attribute selection method to choose these sensitive attributes and use an Attribute Bloom Filter(ABF)to hide them.Compared with the existing major CP-ABE schemes with hidden access policies,our proposed scheme is flexible and adaptable in selecting attributes to hide.This scheme enhances the efficiency of policy hiding while still protecting policy privacy.Test results show that our approach is reasonable and feasible.2.Analyze the problem such as conflicts of interest existing between data shared on the cloud by the data owner,or inference of sensitive information by the user,we choose a Ciphertext-Policy Attribute-Based Encryption(CP-ABE)scheme that implements attribute revocation through re-encryption and proposes an approach of enforcing access control constraints on such particular data through the re-encryption.Our scheme improves the security of existing scheme at less cost while having the ability to prevent users from accessing data that have conflict of interest or revealing sensitive information.Finally,we provide security analysis and conduct a test for algorithms in the presented scheme.The analysis shows that the scheme can resist RCCA attacks under the BDHE assumption.