| Along with the fast and fierce development of network and computer technology,it has become the focus of public attention for people to realize security storage,reliable calculation,and convenient sharing of massive data.Compared with the traditional network application model,cloud computing,which is another technological revolution after internet technology,has the characteristics of high flexibility,scalability,and higher cost performance.Cloud storage,as one of its basic services for cloud computing,is mainly used for remote storage and management of data,and saves users a lot of data management time and investment in hardware and software infrastructure.It comes to be a trend that an increasing amount of people to upload the data to the cloud.Cloud storage,because of the separation of ownership and management rights of cloud data and the lack of reliable trust mechanism between users and cloud service providers,could give rise to the leakage of private data easily.If the confidentiality is guaranteed based on the traditional cryptography,it will be difficult to implement the flexible access control of ciphertext data.Attribute-based cryptography,as a kind of “one-to-many” public key encryption,can solve the contradiction that guaranteed the confidentiality and the flexible access control for ciphertext data.Therefore,attribute-based encryption is widely used and developed in cloud storage environment.Attribute-based encryption derives from identity-based cryptography,which replaces specific identity information with fuzzy concept of attribute.Attribute-based encryption scheme combines the attribute and the access policy to ensure that just the user whose attribute sets accord with the access policy could be decryption.Attribute-based encryption has flexible access control and rich expression capabilities,and can solve the data security problem efficiently in the cloud environment.The development of attribute-based encryption provides the necessary theoretical basis and technical guarantee for the security of cloud storage.This thesis studied the attribute-based encryption system with the user tracking and attribute revocation mechanisms.The main contents are included as follows:1.Aiming at the problems of the existing black-box traceable attribute-based encryption scheme that has the higher computational cost and lower tracking efficiency,this thesis proposes an efficient ciphertext policy attribute-based encryption scheme with black-box traceability.First,we propose a novel CP-ABE algorithm.Then,we embed users' special information inside of decryption key.Final,our scheme construct a peculiar algorithm of traceability to realize black box tracking for illegal decryption devices.In addition,our new scheme is based on the prime order bilinear groups and proved to be secure under q-parallel BDHE assumption in the standard model.Our scheme's calculation cost of encryption and decryption algorithm is more efficient comparing with existing black box traceable CP-ABE scheme.The complexity of our tracing algorithm is O(1),so our scheme can realize the black box tracing promptly.2.For revocable ABE scheme,this thesis proposes a new attack way—key forgery attack.In addition,the analysis shows that the existing partial revocable scheme failed to resist the collusion attack by malicious members.We present a user collusion and key forgery avoidance ciphertext-policy attribute-based encryption scheme with fine-grained attribute revocation for the cloud store syetem.In the proposal,the technology of the key random segmentation and proxy re-encryption was used to realize fine-grained attribute revocation effectively and resist collusion attacks between the revoked users and the existing users.Our scheme could resist key forgery attacks,due to the key cannot be randomized,by improving the algorithm of attribute-based encryption and embedding the user's identity in the key.The proposal has been proven to have the characteristics of indistinguish ability under the selective chosen plaintext attack by the formal security proof.The proposal,compared to the similar schemes,is able to enhance security with considerable computational efficiency... |
PDF Full Text Request