Research On Attribute-based Encryption Scheme Supporting Policy Hiding

With the increasing volume of information and data,enterprises and individual users put forward more and more high reliability and stability of storage technology.Therefore,the security and performance of data access control in storage systems have also received more and more attention.Different from the traditional access control system,cloud storage system allows the data owner to formulate the access policy corresponding to the data stored in the cloud.Before putting the data on the cloud,the data owner will formulate the corresponding access policy to encrypt the data,but this can also reduce the security of the cloud storage system.Therefore,Attribute-Based Encryption(ABE)scheme was formally proposed,and the Ciphertext Policy Attribute-Based Encryption(CP-ABE)scheme can solve the security and privacy problems of data in cloud environment more effectively than other schemes.In addition,because the access control policy itself may leak sensitive information,how to improve the security of the solution more efficiently by hiding the internal attributes of the access control policy has become one of the research hotspots of Attribute-Based encryption schemes.Based on the relevant theories of the CP-ABE scheme,this dissertation focuses on the hidden access policy.The main work is as follows:(1)Since in most of the current CP-ABE schemes,users need to perform a lot of decryption calculations to check whether their attribute set matches the access control policy in the ciphertext,if not,it will also consume a lot of time to run the decryption algorithm.In addition,because the access policy itself may contain sensitive information,an attacker may obtain information related to the ciphertext through the access policy.This dissertation proposes a policy hiding CP-ABE scheme that supports test verification.Compared with other related CPABE schemes,this scheme adds a test verification stage on the basis of the hidden access policy,which improves the efficiency of decryption,and the proposed scheme is selective and secure under DBDH assumption and DDH assumption.Theoretical and experimental performance evaluations show that this scheme has lower computational cost compared with related CPABE schemes.(2)Aiming at the problems of insufficient access structure flexibility and low secret sharing efficiency of most CP-ABE schemes,this dissertation proposes a CP-ABE scheme with access policy hidden based on multi-secret sharing technology.In the process of encryption and decryption,this scheme adopts a multi-secret sharing scheme based on access tree to improve the efficiency of secret sharing,and embed the access policy into the ciphertext to protect the user's private information from the influence of the access policy.Security analysis shows that the proposed scheme is selective and secure under the DBDH assumption while retaining the privacy of the access policy.The theoretical and experimental performance evaluation shows that compared with the existing schemes,the proposed scheme has less computational complexity.