| With the rapid development of network technology and cloud storage technology,more and more users store information on cloud devices.Cloud storage not only brings cheap to our work and life,but also brings security problems such as the possibility of malicious tampering and interception of information.To ensure that the data in the cloud storage will not be intercepted or destroyed by enemies or untrusted servers,the information of the data owner must be encrypted before being stored and accessed.In the cloud storage environment,attribute-based encryption technology can implement single-level access to data by using access policies,but lacks multi-level access control for data of different levels.The multi-permission attribute encryption technology has a hierarchical access policy structure,allowing users with different attributes to get different levels of information,which is more suitable for use in the cloud storage environment.This thesis focuses on the research and application of multi-permission attribute encryption technology under cloud storage.The main work of this thesis is as follows:(1)A lightweight multi-permission attribute encryption scheme based on cloud storage is proposed.The existing algorithm of multi-permission attribute encryption scheme is too complicated and the efficiency of encryption and decryption is low.In this thesis,a lightweight multi-permission attribute encryption scheme is designed by combining lazy re-encryption technology and secret sharing technology.The scheme decrypts the information hidden in the nodes of the corresponding level one by one through the attributes of the users,does not need to decrypt the access tree completely,saves computing and communication overhead,and can realize the multi-access of users under the cloud storage,the revocation of access tree attributes and user attributes.Compared with the existing related schemes,the computational complexity k Tpai r(10)(2k(10)m)Te and the cost of ciphertext communication(2k(10)m)Go(10)(k(10)m)GT in the encryption stage are reached,and better computational efficiency and lower communication cost are achieved.(2)An attribute encryption scheme with multiple permissions under cloud storage is proposed.The reversionable multi-permission attribute encryption scheme can be used to reversionthe user who leaks the key,so as to protect the rights and interests of normal users.The existing imputable attribute encryption schemes have some problems,such as over-reliance on the agent,high computing cost and inability to formulate fine-grained access policies.In this thesis,on the basis of lightweight multi-authority attribute encryption scheme,combined with digital signature technology to realize efficient tracking of malicious users,ensure the information security of data owners and data sharing.(3)Design and implement a multi-authority attribute encryption system which can be responsible under cloud storage.The system is developed based on CP-ABE toolkit and Java paired cryptography(JPBC)library.The front-end is designed with HTML+CSS,and the back-end service is built with Spring Boot framework.The system implements the functions of data owner constructing data access policy tree,revoking user attributes,tracing malicious user information,accessing user decrypting files. |
