Research On Ciphertext-Policy Attribute-based Encryption

With the rapid development of the information age,cloud computing and cloud storage have been widely popularized and applied.More and more users are using cloud servers to reduce the cost of data storage and improve the convenience of data sharing and using.But at the same time,more and more users attach importance to the security of stored data.In cloud storage,the confidentiality of data is provided primarily through encrypted storage.It is difficult for the traditional cryptographic mechanism to provide flexible access control and ensure the confidentiality of data at the same time.In order to solve the above issues,attribute-based encryption(ABE)scheme is put forward.ABE can realize the one-to-many encryption mode,solve the security problem of data effectively and realize the flexible access policy of data.In the access control of cloud storage,the access rights of authorized users may change,so it is necessary to research the ABE scheme that supports revocation function for many researchers.The revocable ciphertext-policy attribute-based encryption(R-CP-ABE)is an expansion of ciphertext-policy attribute-based encryption(CP-ABE),which can realize user direct revocation.However,the revoked users can still decrypt the previously authorized encrypted data with their old key.The R-CP-ABE scheme should provide a mechanism to protect the encrypted data confidentiality by disqualifying the revoked users from accessing the previously encrypted data.Motivated by practical needs,a new user R-CP-ABE scheme that simultaneously supports user direct revocation,short revocation list and ciphertext update is obtained by incorporating the identity-based and time-based revocable technique.The scheme provides a strongly selective security proof under the modified decisional -parallel Bilinear Diffie-Hellman exponent problem,where ”strongly”means that the adversary can query the secret key of a user whose attribute set satisfies the challenge ciphertext access structure and whose identity is in the revocation list.