Research On Hierarchical Attribute-based Encryption Scheme In Cloud Environment

Data security and privacy issues have become the most prominent issues in the cloud environment,with the rapid development of cloud computing.As an extension of the identity-based cryptosystem,attribute-based cryptosystem is widely used in fields such as fine-grained access control of shared data and privacy protection due to its high efficiency and flexibility.The hierarchical idea is introduced in attribute-based encryption algorithm,which can improve computing efficiency and reduce communication overhead while ensuring fine-grained access control.This thesis studies the attribute-based encryption scheme with attribute hierarchy and file hierarchy in the cloud environment.The attribute-based encryption with attribute hierarchy scheme composes an attribute tree according to the hierarchical relationship between attributes of the same type,so that users with higher-level attributes can decrypt the ciphertext which encrypted under the access structure associated with the attributes of the same or lower-levels.In attribute-based encryption with file hierarchy scheme,multiple access structures are clustering into one,so that one access structure can encrypt multiple files at the same time.The searchable encryption realizes the function of searching under ciphertext,and the keyword ciphertext is used to quickly match the keyword trapdoor,which not only ensures the security of stored data but also solves the problem of data sharing.This thesis is based on the research of hierarchical attribute-based encryption schemes and searchable encryption schemes.The specific contributions are as follows:1.Aiming at the problem that the existing attribute-based encryption with file hierarchy scheme only supports tree access structure and the efficiency of encryption and decryption operations is low,an attribute-based encryption with file hierarchy scheme supporting LSSS access structure in cloud environment is proposed.By adopting LSSS access structure,the access of shared files is more flexible and efficient;the method of gradually assigning secret factors is used,and the ciphertext information of the next layer is directly embedded in the ciphertext of the upper layer to realize the skip-type transmission of ciphertext,thereby reducing the computational overhead and improves the efficiency of encryption and decryption.Under the hypothesis of q-parallel BDHE,it is proved that the scheme can resist Chosen Plaintext Attack(CPA).The theoretical analysis and experimental results show the effectiveness of the scheme.2.Based on the attribute-based encryption with file hierarchy scheme,a multi-keywords searchable scheme that supports LSSS access structure and attribute-based encryption with file hierarchy in a cloud environment is proposed.It not only maintains the shorter ciphertext and high efficiency of the attribute-based encryption with file hierarchy scheme,but also the keyword ciphertext size and calculation overhead are independent of the number of keywords,and realizes a fixed keyword ciphertext length.The solution transfers most of the computing tasks of decryption to the cloud server,thereby reducing the user's computing burden,and the cloud server will not obtain useful information related to keywords in the whole process.Finally,under the hypothesis of qparallel BDHE,it is proved that the scheme is resistant to Chosen Plaintext Attack and Chosen Keyword Attack(CKA).The theoretical analysis and experimental results show the effectiveness of the scheme.3.Aiming at the problem that the encryption scheme based on bilinear mapping is computationally expensive and cannot resist quantum attacks,proposed an attribute-based encryption with attribute hierarchy scheme from lattice.It supports the LSSS structure,realizes flexible access control,and composes an attribute tree according to the hierarchical relationship between attributes of the same type,so that users with higher-level attributes can decrypt the LSSS access structure associated with the same-level or lower-level attributes.By this way,shorter ciphertext and higher efficiency are achieved.This scheme is constructed from lattice,so it is resistant to quantum attacks and has higher security.Under the difficult assumption of LWE,it is proved that this scheme can resist the Chosen Plaintext Attack.The theoretical analysis and experimental results show the effectiveness of the scheme.