Disclosure of Invention
The invention provides a block chain cloud storage sharing method based on attribute proxy re-encryption on the premise that all information owners are trustable and sharing requesters are not trustable, namely sharing requesters can collude in series and illegally access unauthorized user information, and the block chain cloud storage sharing method integrates a block chain technology and a cryptography technology and is a technology compatible with the existing information sharing system. The simulation result shows that compared with the existing information storage and sharing technology, the information storage and sharing method has lower calculation cost and communication overhead, and can better meet the requirements of users on the safety and confidentiality of the information.
The invention is realized by the following technical scheme.
The invention relates to a block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption, which comprises the following steps:
(S01): before information storage is carried out, the system firstly makes intelligent contracts and is commonly signed by information users.
(S02): the information owner Alan sends a storage request, and the transmission leader node T selected by the Pool authentication mechanism sends a storage request to the crowd node T in the own clusternAnd broadcasting the validity of the verification information and the user identity.
1) If the data is valid, the transmission leader node T extracts the data and then temporarily stores the data in a log of the transmission leader node T;
2) and if the data is invalid, feeding back 'illegal users'.
(S03): transmitting the leader node T to all the crowd nodes T in the clusternCopying information and waiting for response, confirming that the information is received to the information owner Alan after determining that more than half of nodes in the cluster have received the information, indicating that the information is in a submitted state at the moment once the information owner Alan receives the confirmation information, and returning T to TnA notification is sent to inform that the data state has been committed. In the process, the information owner Alan needs to submit information quotation and self-defined random character strings so as to facilitate the user to obtain information sharing reward, and provide certain credit coins as the guarantee fund so as to avoid the phenomena of false, plagiarism and the like.
(S04): the transmission node sends storage information to the storage node, and the leader node M responsible for storage sends the storage information to M in the clusteriA storage request is broadcast. And after more than half of the nodes are determined to finish storage, feeding back information to the owner Alan of the information, and finishing the storage process.
(S05): a sharing requester Bill sends a sharing request, before information sharing, a storage leader node M in the cluster sends a sharing request to a crowd node M in the clusteriAnd broadcasting to verify the identity of the user and judging whether the identity accords with the ciphertext sharing authority.
1) If the result is consistent with the result, the leader node M sends the result to the node M in the clusteriBroadcasting a sharing request;
2) if not, feeding back 'illegal user'.
(S06): according to a keyword w provided by a sharing requester Bill, a metadata ciphertext CT in a block chain is calculated and then converted into a ciphertext CT which accords with the sharing authority of the sharing requester Bill by using an agent re-encryption technologyB。
1) The system generates a corresponding search password TK according to the public key PK and the keyword w to acquire retrieval result information and quotations corresponding to the information.
2) Determining the price of sharing information between Bill credit currency of a sharing requester and a user, and entering a ciphertext conversion stage if the credit currency is more than or equal to the information price; otherwise, the 'balance is insufficient' is fed back.
(S07): transmitting the leader node T to all the intra-cluster TnThe node copies the information and waits for a response. After determining that at least more than half of the nodes in the cluster have received the information, the information is confirmed to the storage node, which indicates that the information is in a transmitted state at the moment.
(S08): the transmission node sends a metadata ciphertext CT acquired through keyword ciphertext retrieval to the sharing requester Bill, and acquires a storage position LC of information after decryption, so that the original decrypted information ciphertext CT is downloaded at a corresponding positionAAnd acquiring the information plaintext m.
(S09): the system correspondingly adjusts the credit coins of the users according to the information interaction condition and settles the credit coins according to the feedback data.
The more specific implementation steps of the invention are as follows:
the invention mainly focuses on three roles: the cloud storage, the information owner and the sharing requester are designed, fig. 1 is a model diagram of a block chain ciphertext storage system provided by the invention, fig. 2 is a model diagram of a block chain ciphertext information sharing system provided by the invention, and the specific role design is as follows:
1) cloud storage: the user can purchase the corresponding storage space from the CSP, so that the record information can be conveniently stored.
2) The information owner: all users in the system have the authority to record and store information, can encrypt the information and preset sharing authority, and can decrypt and acquire a secret key only on the premise that a sharing requester meets the sharing information authority, so that the original plaintext information shared by information owners is acquired, and the information owners are assumed to be Alan.
3) The sharing requester: users in the system can initiate a request for sharing information to the information owner or the local node, and the sharing requester is assumed to be Bill. The symbols used in the present invention are shown in table 1:
TABLE 1 symbolic description
Step 1: a contract is created.
1) The contract creator converts the contract with the user attribute set characteristics into a binary contract code by using a high-level language, and records the binary contract code in a local network;
2) the manager summons all local users to sign the contract;
3) after the node confirms the signature, the signature is deployed in an Ether house block chain through an Ether house virtual machine;
4) feeding back contract address and calling instruction to contract user
Step 2: and electing a leader node and verifying the legality of the user identity.
In a decentralized block chain system, nodes are mutually independent, trust is achieved through a consensus mechanism algorithm, and the unification of system internal information is achieved on the premise that each node meets self income. According to the working principle of a Pool consensus mechanism, and actual needs, all nodes are divided into two types: storage node, transmission node. Each node can be in three states: leader node, election node and crowd node.
1) In the initial state, all participating nodes are crowd nodes before the information owner sends a storage request.
2) Before receiving no leader node command, all the crowd nodes can select a leader node in the form of democratic voting, and the most voted election node is selected as the leader node within the time of 150-300 ms.
3) Once election is successful, the leader node transmits and stores the latest trading information in the system according to all the mass nodes in the organization cluster of the Raft protocol; and the other nodes are automatically changed back to the public nodes, and the appointed work is completed by following the instruction of the leader node.
And step 3: the information owner Alan submits information and provides a certain guarantee fund and user information sharing reward for the system, after the node confirms the effectiveness of the transaction, the nodes in the cluster copy the information, and after the tasks are completed by most nodes, the information is fed back to the information owner Alan.
And 4, step 4: the node generates ciphertext information CT according to the information provided by the information owner AlanAMetadata Data → { LC, w, IN }, ciphertext CT, and broadcast a storage request inside the cluster, and after determining that most nodes have finished storing, feed back a storage result to the owner Alan of the information, and complete the storing.
The invention realizes the encryption and decryption processes of the information by the attribute proxy re-encryption technology, wherein the information encryption process is as follows:
1) initializing a system: setup (λ, U) → (GP, MSK, PK)
Giving a system security parameter lambda and a system attribute set U, then constructing an addition cyclic group G with the order p, wherein G is a generator of G, and existence of the additive cyclic group G satisfies a bilinear mapping e: g → G
TRandomly choosing an integer satisfying g
1E.g. G, and set the following target hash function H
1:(0,1)
2k→Z
p,H
2:(0,1)
2k→G
T,H
3:(0,1)
*→G,H
4:(0,1)
*→G,H
5:(0,1)
k→Z
p,H
6:(0,1)
*→ G randomly selects different integers alpha, a epsilon Z
pZ is e (g, g), and the integer h is randomly selected
x∈Z
pComputing
Where x ∈ U.
Wherein, GP represents a system public parameter, MSK represents a system master key, and PK represents a system public key.
And a key generation stage: KeyGen (GP, PK, MSK, S)A)→(SKA,PKA)
Inputting a public parameter GP, a system master key MSK and an information owner Alan attribute set
Randomly selecting integer t ∈ Z
pAnd generating a private key SK corresponding to the information owner Alan
A、PK
A。
Similarly, a private key SK of the sharing requester Bill is generatedB、PKB。
2) Re-encryption key generation algorithm: RekeyGen (GP, SK)A,(M',ρ'),PKB)→rkA→B
Randomly taking an integer theta from the information owner Alan to form Z
pAnd calculate g
θ、
Attribute set S based on shared requestor Bill
BConstructing a shared structure (M ', rho'), combining a public parameter GP and a private key SK corresponding to the information owner Alan
ASharing private Key PK of requester Bill
BCalculating the re-encryption key rk
A→B。
rkA→B=(SA,rk1,rk2,rk3,rk4,Rx)(4)
Where M ' is a matrix of l ' × n ', and the function ρ ' maps the rows of the matrix M ' to attributes. Randomly choosing integer s, y
2,...,y
n∈Z
pForm Z
pA column vector
Computing
Where s denotes a secret shared by the owner of the information, M
iVector of ith row of 'corresponding matrix M' { ε
iIs M
i' of
I ═ I: (I) ∈ S
AAnd 1 ≦ i ≦ l ' } represents the attribute used in the shared structure (M ', ρ ').
3) Information encryption:
first step, encrypting original information: input public key PKAThe information owner inputs information plaintext M, preset viewing and sharing authority (M, rho), calculates ciphertext CTAAnd storing the ciphertext information in the cloud server.
And a second step of metadata encryption: inputting a system public key PK, and preset browsing and sharing authority (M, rho), metadata Data → { LC, w, IN }, wherein LC represents the storage position of an original information ciphertext IN the cloud, w is a keyword of the information, IN is an item number of the information, and the original information ciphertext decryption key k' outputs a ciphertext CT and stores the ciphertext CT IN a block chain.
Cipher text re-encryption algorithm: ReEncrypt (rk)A→B,CT,PKB,(M',ρ'))→CTB
The node firstly judges whether the sharing requester Bill is a system contract user, if so, selects delta E G randomlyTAnd calculating:
then based on the re-encryption key rkA→BCalculating the important component phi of the cipher text by the cipher text CT, and finally outputting the re-encrypted cipher text CTB。
Wherein, ω is
i∈Z
pAnd satisfy
And 5: and the sharing requester Bill sends a sharing request, and after the identity validity is confirmed, the node generates an index code according to the keyword provided by the sharing requester Bill and searches the password.
Index generation and keyword retrieval:
index generation: inputting a public parameter GP, a keyword w of the information m, and calculating the keyword w in the original information by the nodeACorresponding message authentication code kw, and CT of re-encrypted message ciphertextBMiddle wB' corresponding authentication code kw ', generating index codes ID, ID ';
and (3) keyword retrieval: according to a private key SK corresponding to an input sharing requester BillBKeyword wBAnd the corresponding search key kw' thereof, outputting the keyword wAThe corresponding search password TK.
Step 6: obtaining metadata ciphertext CT according to the index code and the search password, then determining the relationship between Bill credit currency of the sharing requester and the price of the user sharing information, and converting the metadata ciphertext CT into the ciphertext CT conforming to the sharing authority (M ', rho') of the Bill of the sharing requester by using a proxy re-encryption technology on the premise of more than or equal to the price of the user sharing informationB。
And 7: the transmission node copies the information in the cluster, and confirms that the information is in a transmitted state after the majority of nodes respond.
And 8: sending the metadata ciphertext CT obtained by searching to the sharing requester Bill, and downloading the decrypted original information ciphertext CT at the corresponding position through obtaining the storage position LC of the information after decryptionAAnd acquiring the information plaintext m.
The information decryption process comprises the following two steps:
1) agent re-encryption and decryption algorithm: ReDecrypt (SK)B,CTB)→CT
System checking attribute set S of sharing requester BillBWhether the encrypted ciphertext CT after the re-encryption is satisfied or notBIf the shared structure (M ', rho') in (1) is satisfied, the sharing requester Bill can use the private key SKBAnd recovering the important component phi of the ciphertext by a decryption method of ciphertext strategy attribute-based encryption to obtain the original information ciphertext decryption key k' and Data recovered by CT. And if not, feeding back 'illegal user'.
The user obtains the original information storage position LC and the decryption key k' according to the metadata Data, and for CTADecrypting recovers the plaintext information m.
2) Decryption of the original information ciphertext: decrypt (CT)A,k',GP)→m
In the invention, the decryption key k' is only mastered by the block chain and the information owner Alan, and only the information owner Alan can encrypt the original information ciphertext CT on the cloud storage under the unauthorized conditionAUsing the formula
And decrypting to obtain the original plaintext information m.
And step 9: and correspondingly adjusting the credit currency of the user according to the actual condition of information interaction.
1) The deposit of the sharing requester Bill that has not successfully interacted is returned first.
2) And then settling the information expense of the successful transaction user according to the transaction completion condition.
The invention provides a block chain ciphertext information storage and sharing model which is compatible with the traditional information storage and sharing and supports keyword retrieval in order to improve the information security in the existing information interaction process and reduce the complexity of information management of a user, combine the existing attribute-based encryption algorithm and the agent re-encryption algorithm, integrate the block chain technology and provide the block chain ciphertext information storage and sharing model which is compatible with the traditional information storage and sharing. And through the attribute proxy re-encryption technology, the information sharing has more flexible sharing control characteristics. When the information owner goes offline, the nodes can still complete information interaction work according to the intelligent contract rules, and uninterrupted information sharing is realized. The keywords are stored on the block chain as part of the metadata, so that information retrieval is facilitated, the information sharing efficiency is improved, the communication cost is saved to a certain extent, and the pressure of high-frequency access of the cloud storage is relieved.
The metadata ciphertext and the original information ciphertext are stored separately, collusion attack resistance is achieved better, and information safety is guaranteed; an intelligent contract of information interaction is designed on the basis of a block chain technology, so that two information sharing parties can spontaneously communicate according to a preset protocol without the participation of a central mechanism, and the safety of ciphertext conversion and the high efficiency of information sharing are ensured. When the information owner is offline, the nodes can still finish information interaction work according to contract rules, and uninterrupted information sharing is realized. The method has the advantages in the aspects of collusion attack resistance, execution efficiency, algorithm complexity and the like, and is more suitable for the development requirements of the field of the current Internet of things.
Detailed Description
In order to explain the present invention in more detail, the present invention will be further explained below with reference to specific examples.
Example 1. The invention relates to a contract user information interaction example process.
1) And the information owner Alan sends a storage request and submits an information quotation and a self-defined random character string so as to facilitate the user to obtain an information sharing reward.
2) The transmission leader node T in the cluster transmits the data to the mass nodes T in the clusternAnd broadcasting the validity of the verification information and the user identity. If the data is valid, the transmission leader node T extracts the data and then temporarily stores the data in a log of the transmission leader node T; and if the data is invalid, feeding back 'illegal users'.
3) Transmitting leader node T to all the crowd nodes T in the clusternCopying information and waiting for response, confirming that more than half of nodes in the cluster have received the information, confirming that the information is received to the owner Alan of the information, indicating that the information is in a submitted state once the user receives the confirmation information, and returning T to TnA notification is sent to inform that the data state has been committed. In the process, the information owner Alan needs to submit information quotation and self-defined random character strings so as to facilitate the user to obtain information sharing reward, and provide certain credit coins as the guarantee fund so as to avoid the phenomena of false, plagiarism and the like.
4) The transmission node sends storage information to the storage node, and the node M responsible for storage sends the storage information to the M in the clusteriA storage request is broadcast. After more than half of nodes are determined to be stored, metadata Data → { LC, w, IN } is stored according to the set sharing authority (M, rho) to obtain a ciphertext CT, information is fed back to the information owner Alan, and the storage work is finished.
5) The sharing requester Bill sends a sharing request and submits a certain credit to the system to ensure the true validity of the request. Before information sharing, a storage leader node M in the cluster sends a storage leader node M to a crowd node M in the clusteriAnd broadcasting to verify the identity of the user and judging whether the identity accords with the ciphertext sharing authority (M, rho). If the result is consistent with the result, the leader node M sends the result to the node M in the clusteriA sharing request is broadcast. If not, feeding back 'illegal user'.
6) Further determining the price of Bill credit and user shared information of the shared requester, if the credit is greater than or equal to the information price, entering a cryptograph conversion stage, obtaining a digit metadata cryptograph CT, and converting the digit metadata cryptograph CT into a value meeting the shared requester Bi by using a proxy re-encryption technologyll's shared right (M ', ρ ') ciphertext CTB. Otherwise, the 'balance is insufficient' is fed back.
7) Transmitting the leader node T to all the intra-cluster TnThe node copies the information and waits for a response. After determining that at least more than half of the nodes in the cluster have received the information, the information is confirmed to the storage node, which indicates that the information is in a transmitted state at the moment.
8) The transmission node sends a metadata ciphertext CT acquired through keyword ciphertext retrieval to the sharing requester Bill, and acquires a storage position LC of information after decryption, so that the original decrypted information ciphertext CT is downloaded at a corresponding positionAAnd acquiring the information plaintext m.
9) And the system performs credit settlement according to the information interaction result and the feedback data to correspondingly adjust the credit of the users of both information interaction sides and confirm the updating change condition of the information. And returning the user deposit which is not successfully interacted, and settling the information interaction fee of the user according to the transaction completion condition.
Example 2. And (3) carrying out an information interaction intelligent contract execution process.
The invention designs a large amount of users and information, and in order to more conveniently process transactions, the invention is divided into the following stages according to the time sequence: contract issuing, transaction issuing, authority verification, security check and transaction settlement. Specifically, the following is described with reference to fig. 4:
1) and (3) contract making: the contract creator uses a high-level language to convert a contract with user attribute set characteristics into a binary contract code, records the binary contract code in a local network, simultaneously calls all local users to sign the contract, after the node confirms the signature, deploys the contract in an Ethernet bay blockchain through an Ethernet bay virtual machine, and feeds back a contract address and a calling instruction to the user.
2) Issuing a transaction: the information owner Alan stores metadata Data → { LC, w, IN } according to a preset sharing authority (M, rho) to obtain a ciphertext CT, and meanwhile, the information owner Alan submits an information quotation and a self-defined random character string to facilitate a user to obtain an information sharing reward.
3) And (4) permission examination: in the permission auditing stage, the system collects S according to the attribute of a sharing requester BillBAnd carrying out permission matching with a preset permission set (M, rho), and submitting the result to an intelligent contract. The intelligent contract generates a corresponding search password TK according to the public key PK and the keyword w to acquire retrieval result information and quotations corresponding to the information.
4) And (4) safety checking: in the security check stage, the intelligent contract determines the shared information price of the Bill credit currency of the shared requester and the user, and if the credit currency is larger than or equal to the information price, the intelligent contract enters a ciphertext conversion stage; otherwise, the 'balance is insufficient' is fed back.
5) And (3) transaction settlement: the system correspondingly adjusts the credit coins of the users according to the information interaction result, confirms the updating change condition of the information, and then performs credit coin settlement according to the feedback data. And returning the user deposit which is not successfully interacted, and settling the information interaction fee of the user according to the transaction completion condition.
Example 3. The invention relates to a safety analysis.
a) And (3) safety certification of information interaction:
the invention carries out security certification based on the q-parallel BDHE difficulty problem, judges the bilinear difficulty problem, and if the problem is assumed to be true, an adversary under a stochastic prophetic model
Advantage of (2)
Neglecting, it is stated that the invention is selected for Plaintext security (CPA).
Theorem 1 if the present invention has negligible advantages in solving the q-parallel BDHE problem, then we call q-parallel BDHE assumed to be (G, G)T) It holds that the invention is CPA secure under the stochastic predictive model.
Proving the assumption that there is an attacker
In CPA games, it is advantageous
Cannot be ignored and the adversary wins the security game. A game challenger is constructed
If there is an attacker
The CPA under the security model is broken through by the advantage of xi, and only the challenger needs to be proved
Can be assisted by attackers
With a non-negligible probability
The problem of deterministic q-parallel BDHE is solved.
An initialization stage: game challenger
Will receive a message from an attacker
Shared authority structure (M) of transmission
*,ρ
*)。
A system establishment stage: challenger
Randomly selecting a value x' epsilon to Z
pAnd calculating: e (g, g)
α=e(g,g)
χ′e(g,g
α) And sends GP and PK to the attacker
Query phase 1: and a private key extraction stage: attacker
By giving way to the challenger
Submitting property sets
Challenger
Randomly selecting tau epsilon Z
pCalculating (i, SK)
i) And will SK
AIs sent to an attacker
And a re-encryption key extraction stage: using a set of attributes S
iAnd a sharing authority structure (M ', rho') for extracting a key, firstly judging whether the key meets the requirement (M ', rho'), and if so, acquiring the private key SK
AThen calculating rk
A→B=(S,rk
1,rk
2,rk
3,rk
4,R
x) Otherwise, challenger
Arbitrarily selecting one from the two to feed back to the attacker
A challenge stage: attacker
Randomly sending two segments of messages m with equal length
0And m
1To the challenger
Challenger
Randomly extracting a bit attribute b epsilon (0,1) and utilizing (M)
*,ρ
*) To m
bEncrypted to obtain a ciphertext CT and send the ciphertext CT to
And (2) query stage: the query phase 1 operation is repeated.
A guessing stage:
give a b' e (0,1) to guess the challenger in the challenge phase
The choice of b-0 or b-1 wins the game if the guess is correct, i.e. b' is b. If the attacker
The guess result b' ≠ b, the guess is wrong. We define the challenger
Has the advantages that:
when the output is 0, i.e.
Nothing is obtained about m
bCannot recover the plaintext, so the guess has the correct probability of
When the output is 1, i.e.
To obtain any information on m
bOn the ciphertext information, andcan recover the plaintext, and the probability of correctly guessing the plaintext is easily obtained by theorem 1
Therefore, in the present invention, the q-parallel BDHE guesses accurately, i.e., b 'is advantageous in that b' is
Namely, the invention can achieve the aim of challenging plaintext attack.
Collusion attack resistance: the invention adopts an attribute proxy re-encryption algorithm (as shown in figure 1), and a user attribute set
And the shared structure (M, ρ) is through A
2Verification is performed, rk
1、rk
3、R
xAnd rk
4By δ ∈ G
TCorrelation, rk
1、rk
2And rk
4By theta ∈ Z
pClosely connected, rk
4At theta ∈ Z
pAnd under the sharing authority structure (M, rho), the pair delta belongs to G
TEncryption is performed so when rk
1、rk
2、rk
3、R
xThe value of (A) is invalid when an attacker tampers with the corresponding re-encrypted ciphertext, if the attacker tampers with the re-encrypted ciphertext
(M, ρ) and rk
4Is tampered with, it can be expressed by
And (6) verifying.
Due to the special structure of the system, the transmission node and the storage node are separated, a Pool verification Pool consensus mechanism is introduced, and the storage node and the transmission node are both generated in a democratic election mode, so that the randomness of the execution node and the uncertainty of the position are ensured. That is, the storage node does not know the position of the next transmission node, and does not know the information of the sharer, and the randomness of the node determines the difficulty of the communication among the storage node, the transmission node and the sharer, so the possibility of the communication among the storage node, the transmission node and the sharer is extremely low.
Example 4. Efficiency analysis of the invention.
The communication overhead in the invention mainly comprises communication between the transmission node and the storage node and communication between the node and the system. In order to further evaluate the efficiency in the system, a comparison experiment was performed in combination with a Tiwari method for attribute-agent re-encryption secure sharing based on a key strategy, a cross-domain agent re-encryption friend discovery privacy protection study in the mobile social network of rohita et al, and a Seo method for pairing operation based on attribute-agent re-encryption of a constant amount.
The results are shown in table 2 by comparing the system public key PK, MSK length, user private key SK length and CT length with the following three methods. As can be seen from the table, compared with the Tiwari method and the Luo method, the length of the system public key PK of the invention is gradually increased along with the increase of the number of the attributes, and the length increase rate of the user private key SK is far greater than that of the other three methods, so that the key of the invention has higher anti-attack capability. The attribute of the user is used as one of the basis for generating each user private key SK, the control of sharing authority can be flexibly realized, the user attribute is converted into a sharing structure in the ciphertext, and the ciphertext is directionally and effectively protected.
TABLE 2 communication overhead comparison
The results of comparing the calculation amount required for the encryption, re-encryption, ciphertext decryption and re-encrypted ciphertext decryption processes in the algorithm with the existing three typical methods are shown in table 3, where E is used to describe the group G, GTThe duration of an exponentiation, and P represents a bilinear logarithmic movementThe calculation time length is n, and the number of the attributes is represented. As can be seen from table 3, the bilinear implementation in the Seo method is that the and gate access structure only supports the and relation operation between attributes, but the present invention supports any sharing authority formula, and is more flexible and convenient. Compared with the Tiwari method, the method reduces the required bilinear logarithm operation by increasing multiplication operation, so the operation cost of the method is far less than the operation amount of the two methods, and the aim of reducing the calculation expense is fulfilled. Compared with the Luo method, the algorithm complexity of the invention is also obviously reduced.
TABLE 3 computational overhead comparison
In order to further evaluate the efficiency in the system, the invention carries out comparison experiments on three methods, namely a Seo method, a Tiwari method and a Luo method, wherein the four methods adopt Tate bilinear pairing, according to the experiment result of Chen et al, the operation of 512-bit Tate bilinear pairing needs to reach the RSA security level of 1024 bits, and the operation of one-time Tate bilinear pairing takes 20.04ms, and the operation of one-time power exponent operation is carried out for 5.31 ms. The experimental process of the invention is that the operation time of encryption, decryption, re-encryption and re-decryption is respectively simulated and compared according to the attribute number held by the user as a variable.
Fig. 5 illustrates that as the number of attributes increases, the calculation time of encryption also increases, and in order to better ensure the security of information, the invention increases the number of attribute matching times in the encryption process, so the operation time consumption is slightly higher than that of Seo. Fig. 6 shows the decryption duration of the original information, and the invention has absolute advantages over the Tiwari and Luo. The invention shares the calculation task of the data center by different nodes by utilizing the block chain technology, reduces the calculation times of bilinear pairing of the trusted center, and has more advantages on the calculation cost. Fig. 7 shows the change of the calculation time in the re-encryption phase, all four methods need sharing right matching, and the encryption of information with 100 feature attributes in the invention only needs about 1.70s, which is much smaller than the sio method and the Tiwari method. Fig. 8 shows that the time consumption for decrypting information is increased as the number of attributes increases, and the increase rate of the decryption duration of the present invention is minimized as compared with the other three methods as the number of attributes increases.