Study Of Policy Hidden Attribute-Based Encryption

Traditional ciphertext policy attribute-based encryption can realize fine-grained access control,but its access structure is uploaded to the cloud together with the ciphertext in the form of plaintext,and the access structure contains the access policy with user privacy attribute information.The exposure of access policy can lead to the disclosure of user sensitive information.In addition,in order to satisfy the adaptive security,the designers of attribute-based encryption schemes usually use the dual-system encryption mechanism to construct the scheme,and the dual-system encryption mechanism usually adopts the composite order bilinear group.Such groups are difficult to construct and computationally inefficient,and are not suitable for computationally constrained scenarios.Aiming at above two problems,this thesis studies the partial policy hidden attributebased encryption technology,dual-system encryption mechanism based on prime order bilinear group and the outsourced computing technology,and proposes three efficient partial policy hidden attribute-based encryption schemes.The main contributions are as follows:(1)Proposed a partial-policy hidden attribute-based encryption scheme based on prime order bilinear groups.The scheme uses the dual-system encryption mechanism.Under the premise of ensuring the adaptive security of the scheme,the computational efficiency of encryption,decryption testing and final decryption has been improved.(2)Proposed a general construction scheme of partial policy hidden attribute-based encryption based on predicate encoding that can outsource the decryption test.This scheme can be instantiated using any access structure that satisfies the specified predicate encoding properties.In this thesis,an instantiated example of monotone span predicate encoding is given,and experimental analysis is carried out.The experimental data shows that compared with the existing scheme,the instantiated scheme has a great improvement in decryption efficiency.(3)Proposed a partial policy hidden attribute-based encryption scheme with outsourced computation which is secure under chosen ciphertext attack.This scheme reduces adaptive security to selective security,but improves the security under chosen plaintext attack to the security under chosen ciphertext attack.At the same time,this solution can outsource part of the encryption process and part of the decryption process to an untrusted third party such as the cloud for computing,which can make full use of the computing advantages of the cloud and improving the efficiency of encryption and decryption.The first two schemes in the thesis not only satisfy the adaptive security under chosen plaintext attack,but also improve the computational efficiency,and make up for the low efficiency of traditional adaptive security policy hidden attribute-based encryption using composite order bilinear group.The third scheme makes up for the deficiency that the existing policy hidden attribute-based encryption only satisfies the security under chosen plaintext attack.At the same time,outsourcing computing technology is used to improve the encryption efficiency and reduce the computing time of the decryption to a constant level.In general,the three schemes have high computational efficiency and are suitable for various computationally-constrained scenarios.