Research On Revocable Attributes Based On Encryption Scheme With Access Control

In order to ensure the security of cloud storage data,it is necessary to encrypt the data that Is outsourced on the cloud server.In order to adapt to the data sharing mechanism,the Attribute-Based Encryption mechanism is proposed(ABE),The mechanism includes two types:Key-Policy Attribute-Based Encryption(KP-ABE)and Ciphertext-Policy Attribute-Based Encryption(CP-ABE).In the attribute encryption mechanism,the identity information of users is composed of the attribute set.The data owner specifies the attribute set which is over the access structure and embeds it in the ciphertext that needs to be uploaded in the cloud.When only the attributes in the user's private key satisfy the access policy,the user can decrypt the message.The Ciphertext-Policy can flexibly authorize the visitor because the user's private key update is performed by the authority,reducing the burden of re-encrypting the ciphertext,and at the same time it is more suitable for the cloud storage environment.Therefore,the research is mainly about Ciphertext-Policy mechanisms,whose important points in the following;1)An efficient multi-user searchable encryption scheme is proposed,which is based on the scheme designed by Feng et al.that multi-user can search in secure access control environment in the cloud storage.The new scheme simplifies the algorithm of the new user's private key generation and reconstructs the index and trap associated with the keyword.It improves the original scheme and analyzes the security of the scheme from the aspects of data confidentiality and search privacy.Based on the JPBC library and the Java language,the algorithm implementation of the scheme is achieved and the efficiency of the al gorithm of the comparison experiment is given.Theoretical analysis and experimental data show that the improved algorithm in this research has higher efficiency,compared with the original scheme.2)An efficiency attribute base encryption scheme is proposed,which is an improvement on of the scheme proposed by Xie et al..In the new scheme,the cloud server is used to implement data outsourcing.The access control is realized by KEK tree,which reduces the number of initialization parameters.For the private key generation,ciphertext update and generation,the hash operation is placed in the private key index and ciphertext index position,which will not involve the hash on the group mapping.Thus it simplifies the original program system initialization parameters,private key generate,encrypt and decrypt the algorithm,which can reduce the complexity of the algorithm in the existing scheme,and shorten running time in the whole program.The Further analysis of complexity and security shows that the algorithm in this paper has higher efficiency and meanwhile it can also keep the confidentiality of the original program data,forward-backward security and anti-conspiracy attack security.