With the rapid development and application of the Internet,traditional storage resources have been found unable to meet the growing demand for massive data storage.An increasing number of users have attempted to up-load their data to third-party cloud servers for unified storage.Efficient deduplication and secure file sharing in the cloud have emerged as critical concerns.Moreover,users have always preferred to customize their passwords for encrypting and decrypting files,only sharing encrypted files when necessary.Based on this preference,a determin-istic stepwise encryption algorithm was first designed.It was such that when the keys for the two steps of encryp-tion satisfied a certain relationship,the two steps of encryption could be equivalent to a single encryption process.A novel key-customizable encrypted deduplication scheme with access control for cloud storage was proposed,utiliz-ing the deterministic stepwise encryption algorithm to encrypt files and a ciphertext-policy attribute-based encryp-tion algorithm to encrypt file keys.This scheme not only offered the flexibility to customize encryption and decryp-tion keys for different users with the same files,but also ensured secure file sharing through a dynamic access con-trol mechanism.Moreover,the optional access control component was made compatible with the majority of exist-ing ciphertext-policy attribute-based encryption(CP-ABE)schemes,even allowing for different CP-ABE schemes within different attribute groups.Security analysis results show that the proposed scheme achieves the highest level of security under the current encrypted deduplication paradigm.Experimental and analytical results indicate that it effectively meets the practical needs of cloud service providers and users,and also achieves acceptable efficiency.
维普
万方数据
