微信服务号

微信订阅号

2025-4-21- 19
Home > Archive>Volume 29, Issue 7, 2018 >2006-2017. DOI:10.13328/j.cnki.jos.005365
PDF HTML XML Export Cite reminder
Efficient and Verifiable Muti-Authority Attribute Based Encryption Scheme
Author:
Affiliation:

Fund Project:

National Natural Science Foundation of China (61572001, 61502008); Natural Science Foundation of Anhui Province, China (1508085QF132, 1708085QF136)

  • Article
    • | |
  • Metrics
    • |
  • Reference [34]
    • |
  • Related
    • |
  • Cited by
    • | |
  • Comments
    Abstract:

    Mobile cloud computing is a revolutionary computing paradigm for mobile applications, which enables storage and computation migration from mobile users to resource-rich and powerful cloud server. This migration causes some privacy issues in providing secure data storage, fine-grained access control and anonymity of users. The existing multi-authority ciphertext policy attribute based encryption (CP-ABE) access control scheme guarantees the confidentiality of sensitive data in the cloud server and provides fine-grained access control using defined policies. However it costs too much computation time on encryption and decryption and consumes enormous power resources, making it unsuitable for the mobile devices which are usually equipped with a limited power support. To cope with these challenging concerns, this paper proposes a new data access control scheme for cloud computing by using a new cryptographic primitive known as online/offline multi-authority ABE and the transform key technique. This scheme implements fine-grained access of data and reduces online computation cost of the encryption and decryption on the user side. The proposed scheme acquires user's secret key received from different authorities. That results in protecting privacy of each user against single authority. At last, the security and performance analysis demonstrate that this scheme has high security in terms of data confidentiality and high efficiency in terms of online computation cost.

    Reference
    [1] Yao X, Han X, Du X. A lightweight access control mechanism for mobile cloud computing. In:Proc. of the 2014 IEEE Conf. on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 2014. 380-385.
    [2] Ren W, Zeng L, Liu R, Cheng C. F2AC:A lightweight, fine-grained, and flexible access control scheme for file storage in mobile cloud computing. Mobile Information Systems, 2016.
    [3] Xie Y, Wen H, Wu B, Jiang Y, Meng J. A modified hierarchical attribute-based encryption access control method for mobile cloud computing. In:Proc. of the Cloud Computing. 2016.
    [4] Nag A, Choudhary S, Dawn S, Basu S. Secure data outsourcing in the cloud using multi-secret sharing scheme (MSSS). In:Proc. of the 1st Int'l Conf. on Intelligent Computing and Communication. Singapore:Springer-Verlag, 2017. 337-343.
    [5] Chattopadhyay AK, Nag A, Majumder K. Secure data outsourcing on cloud using secret sharing scheme. IJ Network Security, 2017,19(6):912-921.
    [6] Wang S, Zhou J, Liu JK, Yu J, Cheng J, Xie W. An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans. on Information Forensics and Security, 2016,11(6):1265-1277.
    [7] Xu J, Wen Q, Li W, Jin Z. Circuit ciphertext-policy attribute-based hybrid encryption with verifiable delegation in cloud computing. IEEE Trans. on Parallel and Distributed Systems, 2016,27(1):119-129.
    [8] Lei L, Cai QW, Jing JW, Wang Z, Chen B. Enforcing access controls on encrypted cloud storage with policy hiding. Ruan Jian Xue Bao/Journal of Software, 2016,27(6):1432-1450(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5003.htm[doi:10.13328/j.cnki.jos.005003]
    [9] Wang Z, Huang D, Zhu Y, Li B, Chung CJ. Efficient attribute-based comparable data access control. IEEE Trans. on Computers, 2015,64(12):3430-3443.
    [10] Wang H, Zheng Z, Wu L, He D. New large-universe multi-authority ciphertext-policy ABE scheme and its application in cloud storage systems. Journal of High Speed Networks, 2016,22(2):153-167.
    [11] Jung T, Li X, Wan Z, Wang M. Control cloud data access privilege and anonymity with fully anonymous attribute-based encryption. IEEE Trans. on Information Forensics and Security, 2015,10(1):190-199.
    [12] Hohenberger S, Waters B. Online/Offline attribute-based encryption. In:Public-Key Cryptography-PKC 2014. Berlin, Heidelberg:Springer-Verlag, 2014. 293-310.
    [13] Shao J, Zhu Y, Ji Q. Privacy-Preserving online/offline and outsourced multi-authority attribute-based encryption. In:Proc. of the 16th IEEE/ACIS Int'l Conf. on Computer and Information Science (ICIS). IEEE, 2017. 285-291.
    [14] Qin B, Deng RH, Liu S, Ma S. Attribute-Based encryption with efficient verifiable outsourced decryption. IEEE Trans on Information Forensics and Security, 2015,10(7):1384-1393.
    [15] Shao J, Lu R, Lin X. Fine-Grained data sharing in cloud computing for mobile devices. In:Proc. of the 2015 IEEE Conf. on Computer Communications (INFOCOM). IEEE, 2015. 2677-2685.
    [16] Sahai A, Waters B. Fuzzy identity-based encryption. Eurocrypt, 2005,3494:457-473.
    [17] Han J, Susilo W, Mu Y, Zhou J, Au MHA. Improving privacy and security in decentralized ciphertext-policy attribute-based encryption. IEEE Trans. on Information Forensics and Security, 2015,10(3):665-678.
    [18] Tang H, Cui Y, Guan C, Wu J, Weng J, Ren K. Enabling ciphertext deduplication for secure cloud storage and access control. In:Proc. of the 11th ACM on Asia Conf. on Computer and Communications Security. ACM, 2016. 59-70.
    [19] Li J, Yao W, Zhang Y, Qian H, Han J. Flexible and fine-grained attribute-based data storage in cloud computing. IEEE Trans. on Services Computing, 2016.
    [20] Zhou Z, Huang D, Wang Z. Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption. IEEE Trans. on Computers, 2015,64(1):126-138.
    [21] Yanli C, Lingling S, Geng Y. Attribute-Based access control for multi-authority systems with constant size ciphertext in cloud computing. China Communications, 2016,13(2):146-162.
    [22] Phuong TVX, Yang G, Susilo W. Hidden ciphertext policy attribute-based encryption under standard assumptions. IEEE Trans. on Information Forensics and Security, 2016,11(1):35-45.
    [23] Ruj S, Stojmenovic M, Nayak A. Decentralized access control with anonymous authentication of data stored in clouds. IEEE Trans. on Parallel and Distributed Systems, 2014,25(2):384-394.
    [24] Chase M. Multi-Authority attribute based encryption. In:Proc. of the Conf. on Theory of Cryptography. LNCS 4392, Berlin, Heidelberg:Springer-Verlag, 2007. 515-534.
    [25] Lewko A, Waters B. Decentralizing attribute-based encryption. In:Advances in Cryptology-EUROCRYPT 2011. Berlin, Heidelberg:Springer-Verlag, 2011. 568-588.
    [26] Guo F, Mu Y, Chen Z. Identity-Based online/offline encryption. In:Proc. of the Int'l Conf. on Financial Cryptography and Data Security. Berlin, Heidelberg:Springer-Verlag, 2008. 247-261.
    [27] Even S, Goldreich O, Micali S. On-Line/Off-Line digital signatures. In:Proc. of the Conf. on the Theory and Application of Cryptology. New York:Springer-Verlag, 1989. 263-275.
    [28] Hohenberger S, Waters B. Online/Offline attribute-based encryption. In:Proc. of the Int'l Workshop on Public Key Cryptography. Berlin, Heidelberg:Springer-Verlag, 2014. 293-310.
    [29] Rouselakis Y, Waters B. Practical constructions and new proof methods for large universe attribute-based encryption. In:Proc. of the 2013 ACM SIGSAC Conf. on Computer & Communications Security. ACM, 2013. 463-474.
    [30] Green M, Hohenberger S, Waters B. Outsourcing the decryption of ABE ciphertexts. In:Proc. of the USENIX Security Symp. 2011. 34.
    [31] Yang K, Jia X. DAC-MACS:Effective data access control for multi-authority cloud storage systems. In:Security for Cloud Storage Systems. New York:Springer-Verlag, 2014. 59-83.
    [32] De SJ, Ruj S. Decentralized access control on data in the cloud with fast encryption and outsourced decryption. In:Proc. of the 2015 IEEE Global Communications Conf. (GLOBECOM). IEEE, 2015. 1-6.
    附中文参考文献:
    [8] 雷蕾,蔡权伟,荆继武,林璟锵,王展,陈波.支持策略隐藏的加密云存储访问控制机制.软件学报,2016,27(6):1432-1450. http://www.jos.org.cn/1000-9825/5003.html[doi:10.13328/j.cnki.jos.005003]
    Related
    Cited by
Get Citation

仲红,崔杰,朱文龙,许艳.高效且可验证的多授权机构属性基加密方案.软件学报,2018,29(7):2006-2017

Copy
Share
Article Metrics
  • Abstract:4921
  • PDF: 7805
  • HTML: 3067
  • Cited by: 0
History
  • Received:June 02,2017
  • Revised:July 13,2017
  • Online: October 17,2017
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2036745Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063