Research On Revocable Attribute-based Encryption Schemes Supporting Ciphertext Delegation In Cloud Storage

The development of Internet technologies such as the Internet of Things and artificial intelligence is inseparable from the support of various data.In this era of "data is king",data with huge commercial value as the cornerstone of the operation of the Internet industry has attracted more and more attention.As an emerging storage model,cloud storage services have become the first choice for individuals and enterprises to store their data because of their scalability,strong storage capacity,and flexible on-demand service model.However,while outsourcing and managing sensitive data on cloud storage servers,these data may face some security and privacy issues,because users no longer control the data themselves.How to achieve efficient access control to users while protecting data privacy and security has become a difficult problem hindering the development of cloud computing services.Ciphertext policy attribute-based encryption,as an access control method with a "one-to-many" encryption mechanism,provides a secure data sharing solution for multi-user scenarios in the cloud environment and has become an important technology to protect data privacy and security in cloud storage services.In addition,due to the mobility of users and the dynamic nature of user permissions in the cloud environment,solutions often need to support the revocation function to manage user permissions that change in real-time.This paper takes the revocable attribute-based encryption as the research object and improves the practicability of the existing scheme by improving the revocation efficiency and revocation mechanism of the system.The main work of this paper is summarized as follows:At first,for the security problem caused by the cloud service provider in the traditional solution needs to privately receive the updated material to update the ciphertext at the time of revocation,we propose an attribute-based encryption system that supports ciphertext delegation.In the solution,we use piecewise key generation technology to designed a mechanism that allows cloud service providers to re-encrypt ciphertexts using only public parameters,avoiding the security problems that may be caused by the secret transmission of updated materials.Meanwhile,our scheme supports user-level revocation.Furthermore,for the problem of insufficient revocation efficiency,a revocable storage system that supports flexible revocation is proposed.By allowing the trusted authority to set user revocation lists and attribute revocation lists independently,our scheme supports both coarse-grained user-level revocation and fine-grained user attribute-level revocation,thus realizing an efficient and flexible revocation mechanism.Taking the laziness of cloud service providers into account,we believed that the scheme allows users in the system to verify the real-time re-encrypted ciphertext nature to ensure the correctness of our solution.Finally,we demonstrated the advantages of our proposed scheme by comparing it with the existing scheme.Moreover,through theoretical analysis,security proof and experimental discussion,we prove that our proposed scheme is safe and efficient and can be well applied to the cloud environment.