Research Of Attribute Based Encryption System Supporting Policy Hiding And Its Application

With the widespread use of cloud storage services,more and more enterprises and individuals are choosing to upload their data to the cloud for easier data storage and access.In order to protect the privacy of user data,the data stored in the cloud usually needs to be encrypted first.Traditional public key encryption algorithms need to encrypt multiple public keys to form different ciphertexts for different users and distribute them,while attribute-based encryption does not require multiple encryption operations and encrypts the plaintext information only once for distribution,which has better performance advantages.The traditional attribute-based encryption scheme combines the attribute set carrying sensitive user information directly into the access structure without hiding it,so there is a certain risk of privacy leakage;in addition,the attributes of exiting users need to be revoked in real business scenarios,and there is also the problem of how to trace whether the user key is used maliciously when the user private key is leaked.Therefore,it is of great theoretical and application value to study attribute-based encryption mechanisms that support policy hiding and provide attribute revocation and traceability.This thesis takes the construction of an attribute-based encryption system that supports policy hiding as the entry point of our research work,and firstly,this thesis propose an attribute-based encryption scheme that supports attribute revocation with partial policy hiding.Based on the premise of using a large attribute domain construction,the scheme solves the problem of state change when users exit and join by using a binary tree to store user attributes,which can realize partial hiding of user policies and finegrained attribute revocation and guarantee the secure sharing of user encrypted data.On this basis,in order to improve the execution efficiency of the scheme and provide traceability,this thesis proposes a traceable attribute-based encryption scheme that supports outsourced decryption.The scheme alleviates the problem of limited computing resources for users in the Io T environment by outsourcing some of the high-overhead decryption operations to cloud servers;with the help of white-box traceability technology,it ensures that users can be traced and identified based on specific identifiers after their private keys are compromised.This thesis provides the specific construction process of the above two schemes,and prove the correctness and security of the schemes through theoretical analysis.Combined with the simulation experimental results,the proposed scheme in this thesis has improved performance compared with similar schemes on the basis of meeting the policy hiding requirements.