Fugeng Zeng ,Chunxiang Xu ,Xinpeng Zhang

DOI: https://doi.org/10.4156/aiss.vol4.issue12.23

2012-01-01

Abstract:In the ciphertext-policy ABE (CP-ABE) schemes, attributes are associated with secret keys and access structures are associated with ciphertexts. The access structures are described with the attributes and therefore the concept of CP-ABE is closely related to Role-Based Access Control. Because it requires both of the encryptor and the key generalization center meeting the construction, it will be more difficult to design. Ibraimi et al.[7] allegedly proposed an efficient and provable secure CP-ABE schemes. They require that the simulator can not send back the private keys of attributes which overlap with challenging access attributes. We point out their fault of security proof and their requirement is a small probability event and it is unreasonable to reduce to standard DBDH assumption. However, we give a proof in the generic bilinear group model, which is weaker than DBDH assumption.

Xing Zhang,Cancan Jin,Cong Li,Zilong Wen,Qingni Shen,Yuejian Fang,Zhonghai Wu

DOI: https://doi.org/10.1007/978-3-319-28865-9_27

2015-01-01

Abstract:To ensure the security of sensitive data, people need to encrypt them before uploading them to the public storage. Attribute-based encryption (ABE) is a promising cryptographic primitive for fine-grained sharing of encrypted data. However, ABE lacks user and authority accountability. The user can share his/her secret key without being identified, while key generation center (KGC) can generate any user’s secret key. In this paper, we propose a practical large universe ciphertext-policy ABE (CP-ABE) with user and authority accountability in the white-box model. As embedding the user’s identity information into this user’s secret key directly, the trace stage has only O(1) time overhead. The property of accountability is proved against the dishonest user and KGC in the standard model. We implement our scheme in Charm. Experiments show that CP-ABE of Rouselakis and Waters in CCS 2013 is enhanced in user and authority accountability by our method with small computational cost.

J. Li,X. Chen,H. Tian,C. Gao

DOI: https://doi.org/10.1504/ijahuc.2014.065156

2014-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Since the notion of attribute-based encryption (ABE) was proposed, it has been found a lot of important applications such as fine-grained access control. However, the issue of key exposure problem in ABE has been solved completely. This problem is formally addressed and formulated in this paper. More specifically, we propose a new key-insulated ABE (KI-ABE) scheme as a solution to the key exposure problem. The definition and security model of KI-ABE is proposed. Then, a KI-ABE scheme is presented, which is provably secure under the proposed model. The scheme is secure in the remaining time periods against an adversary who compromises the insecure device and obtains secret keys for the periods of its choice. Finally, we show that the scheme also supports user delegation, which is critical when one wants to delegate part of attributes (privileges) to others.

Kai Zhang,Junqing Gong,Shaohua Tang,Jie Chen,Xiangxue Li,Haifeng Qian,Zhenfu Cao

DOI: https://doi.org/10.1145/2897845.2897858

2016-01-01

Abstract:In cloud computing, computationally weak users are always willing to outsource costly computations to a cloud, and at the same time they need to check the correctness of the result provided by the cloud. Such activities motivate the occurrence of verifiable computation (VC). Recently, Parno, Raykova and Vaikuntanathan showed any VC protocol can be constructed from an attribute-based encryption (ABE) scheme for a same class of functions. In this paper, we propose two practical and efficient semi-adaptively secure key-policy attribute-based encryption (KP-ABE) schemes with constant-size ciphertexts. The semi-adaptive security requires that the adversary designates the challenge attribute set after it receives public parameters but before it issues any secret key query, which is stronger than selective security guarantee. Our first construction deals with small universe while the second one supports large universe. Both constructions employ the technique underlying the prime-order instantiation of nested dual system groups, which are based on the $d$-linear assumption including SXDH and DLIN assumptions. In order to evaluate the performance, we implement our ABE schemes using $\textsf{Python}$ language in Charm. Compared with previous KP-ABE schemes with constant-size ciphertexts, our constructions achieve shorter ciphertext and secret key sizes, and require low computation costs, especially under the SXDH assumption.

Cong Li,Qingni Shen,Zhikang Xie,Xinyu Feng,Yuejian Fang,Zhonghai Wu

DOI: https://doi.org/10.1093/comjnl/bxaa075

2021-01-01

The Computer Journal

Abstract:Attribute-based encryption with equality test (ABEET) simultaneously supports fine-grained access control on the encrypted data and plaintext message equality comparison without decrypting the ciphertexts. Recently, there have been several literatures about ABEET proposed. Nevertheless, most of them explore the ABEET schemes in the random oracle model, which has been pointed out to have many defects in practicality. The only existing ABEET scheme in the standard model, proposed by Wang et al., merely achieves the indistinguishable against chosen-plaintext attack security. Considering the aforementioned problems, in this paper, we propose the first direct adaptive chosen-ciphertext security ciphertext-policy ABEET scheme in the standard model. Our method only adopts a chameleon hash function and adds one dummy attribute to the access structure. Compared with the previous works, our scheme achieves the security improvement, ciphertext validity check and large universe. Besides, we further optimize our scheme to support the outsourced decryption. Finally, we first give the detailed theoretical analysis of our constructions in computation and storage costs, then we implement our constructions and carry out a series of experiments. Both results indicate that our constructions are more efficient in Setup and Trapdoor and have the shorter public parameters than the existing ABEET ones do.

Weiqian Huo,Jisheng Pei,Ke Zhang,Xiaojun Ye

DOI: https://doi.org/10.1109/PAAP.2014.11

2014-01-01

Abstract:To allow fine-grained access control of sensitive data, researchers have proposed various types of functional encryption schemes, such as identity-based encryption, searchable encryption and attribute-based encryption. We observe that it is difficult to define some complex access policies in certain application scenarios by using these schemes individually. In this paper, we attempt to address this problem by proposing a functional encryption approach named Key-Policy Attribute-Based Encryption with Attribute Extension (KP-ABE-AE). In this approach, we utilize extended attributes to integrate various encryption schemes that support different access policies under a common top-level KP-ABE scheme, thus expanding the scope of access policies that can be defined. Theoretical analysis and experimental studies are conducted to demonstrate the applicability of the proposed KP-ABE-AE. We also present an optimization for a special application of KP-ABE-AE where IPE schemes are integrated with a KP-ABE scheme. The optimization results in an integrated scheme with better efficiency when compared to the existing encryption schemes that support the same scope of access policies.

Cong Li,Qingni Shen,Zhikang Xie,Jisheng Dong,Xinyu Feng,Yuejian Fang,Zhonghai Wu

DOI: https://doi.org/10.1016/j.ins.2022.08.014

IF: 8.1

2022-01-01

Information Sciences

Abstract:Hierarchical-authority attribute-based encryption (HABE) can resolve the performance bottleneck of the key generation center in the traditional attribute-based encryption (ABE) system. HABE has numerous applications, such as cloud computing and smart grid systems. Nevertheless, almost all of the existing HABE schemes are in the ciphertext-policy setting and do not support non-monotonic access structures. In this work, we propose the first key-policy hierarchical-authority ABE with non-monotonic access structures, dubbed KP-HABE-NMaCS, which supports the authority key delegation, constant size ciphertexts and the large universe simultaneously. We further define the security model of KP-HABE-NMaCS and prove the selective security of it in the standard model. Then we optimize our scheme to realize the outsourced decryption. Subsequently, we present the detailed theoretical analysis of our constructions and the existing HABE constructions in computation and storage costs, and meanwhile implement ours and conduct a series of experiments. Both results indicate that our KP-HABE-NMaCS construction makes improvements in expressiveness and features, and achieves efficiency comparable to the previous HABE constructions. Furthermore, they also show that our extension construction is suitable for resource-limited applications. Eventually, we explore how to apply our KP-HABE-NMaCS to build an ABE with equality test and time-based authorization.

Shida Shamsazad

2024-01-25

Abstract:In this paper, we present a novel ciphertext-policy attribute based encryption (CP-ABE) scheme that offers a flexible access structure. Our proposed scheme incorporates an access tree as its access control policy, enabling fine-grained access control over encrypted data. The security of our scheme is provable under the hardness assumption of the decisional Ring-Learning with Errors (R-LWE) problem, ensuring robust protection against unauthorized access. CP-ABE is a cryptographic technique that allows data owners to encrypt their data with access policies defined in terms of attributes. Only users possessing the required attributes can decrypt and access the encrypted data. Our scheme extends the capabilities of CP-ABE by introducing a flexible access structure based on an access tree. This structure enables more complex and customizable access policies, accommodating a wider range of real-world scenarios. To ensure the security of our scheme, we rely on the decisional R-LWE problem, a well-established hardness assumption in cryptography. By proving the security of our scheme under this assumption, we provide a strong guarantee of protection against potential attacks. Furthermore, our proposed scheme operates in the standard model, which means it does not rely on any additional assumptions or idealized cryptographic primitives. This enhances the practicality and applicability of our scheme, making it suitable for real-world deployment. We evaluate the performance and efficiency of our scheme through extensive simulations and comparisons with existing CP-ABE schemes. The results demonstrate the effectiveness and scalability of our proposed approach, highlighting its potential for secure and flexible data access control in various domains.

Cryptography and Security

Zechao Liu,Zoe L. Jiang,Xuan Wang,Yulin Wu,S.M. Yiu

DOI: https://doi.org/10.1109/BDCloud.2018.00146

2018-01-01

Abstract:Ciphertext policy attribute-based encryption (CP-ABE) is a promising cryptographic technology that provides fine-grained access control as well as data confidentiality. It enables one sender to encrypt the data for more receivers, and to specify a policy on who can decrypt the ciphertext using his/her attributes alone. However, most existing ABE schemes are constructed on bilinear maps and they cannot resist quantum attacks. In this paper, we propose a multi-authority CP-ABE (MA-CPABE) scheme on ideal lattices which is still secure in post-quantum era. On one hand, multiple attribute authorities are required when user's attributes cannot be managed by a central authority. On the other hand, compared with generic lattice, the ideal lattice has extra algebraic structure and can be used to construct more efficient cryptographic applications. By adding some virtual attributes for each authority, our scheme can support flexible threshold access policy. Security analysis shows that the proposed scheme is secure against chosen plaintext attack (CPA) in the standard model under the ring learning with errors (R-LWE) assumption.

Yuechen Chen,Zoe L. Jiang,S. M. Yiu,Joseph K. Liu,Man Ho Au,Xuan Wang

DOI: https://doi.org/10.1007/978-3-319-21966-0_20

2015-01-01

Abstract:Attribute-Based Encryption (ABE) offers fine-grained decryption policy such that users can do decryption if their attributes satisfy the policy. Such flexibility enables it applicable in various applications in government and business. However, there are two issues that should be solved first before it is deployed in practice, namely user revocation and decryption outsourcing. In this paper, we adopt the slightly modified Lewko et al.'s fully-CCA-secure Ciphertext-Policy-ABE (CP-ABE) combining with Boneh et al.'s idea of mediated cryptography to propose a CP-ABE with SEcurity Mediator (SEM) supporting immediate user revocation. At the same time, by the introduce of SEM, we intendedly outsource most of the computation workload in decryption to SEM side and leave only one exponentiation and one division at user side for decryption. It is proved fully-RCCA-CCA-secure in random oracle model.

Cancan Jin,Xinyu Feng,Qingni Shen

DOI: https://doi.org/10.1145/3017971.3017981

2016-01-01

Abstract:In ciphertext policy attribute-based encryption scheme, access policies are associated with ciphertext and tied to it. It is necessary to hide the access policy in the most sensitive spots such as political, medical and economic fields, that is, receiver's anonymity. In this paper, we propose an efficient CP-ABE construction with hidden policy and prove it to be fully secure under static assumptions applying the dual system encryption methodology. Access structures in our construction are AND gates on positive, negative and wildcard attributes and the ciphertext size is short, which is only concerned with the number of wildcards.

Shucheng Yu,Cong Wang,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1145/1755688.1755720

2010-01-01

Abstract:Ciphertext-Policy Attribute Based Encryption (CP-ABE) is a promising cryptographic primitive for fine-grained access control of shared data. In CP-ABE, each user is associated with a set of attributes and data are encrypted with access structures on attributes. A user is able to decrypt a ciphertext if and only if his attributes satisfy the ciphertext access structure. Beside this basic property, practical applications usually have other requirements. In this paper we focus on an important issue of attribute revocation which is cumbersome for CP-ABE schemes. In particular, we resolve this challenging issue by considering more practical scenarios in which semi-trustable on-line proxy servers are available. As compared to existing schemes, our proposed solution enables the authority to revoke user attributes with minimal effort. We achieve this by uniquely integrating the technique of proxy re-encryption with CP-ABE, and enable the authority to delegate most of laborious tasks to proxy servers. Formal analysis shows that our proposed scheme is provably secure against chosen ciphertext attacks. In addition, we show that our technique can also be applicable to the Key-Policy Attribute Based Encryption (KP-ABE) counterpart.

Xiaohui Li,Dawu Gu,Yanli Ren,Ning Ding,Kan Yuan

DOI: https://doi.org/10.1007/978-3-642-34883-9_12

2012-01-01

Abstract:In an anonymous ciphertext-policy attribute-based encryption (CP-ABE) scheme, the encryptor-specified access structure is hidden in ciphertexts. The decryptor gets his secret key from a trust authority according to his attributes. However, he cannot decrypt any ciphertext or guess even what access structure was specified by the encryptor if his attributes do not satisfy the access structure associated with the ciphertext. All previous anonymous CP-ABE schemes are inefficient in that each ciphertext grows linearly with the number of attributes. In this paper, we propose an efficient anonymous CP-ABE scheme that reduces both the length of each ciphertext and the number of pairing operations to a constant level, but still leverages a hidden policy to keep recipients' privacy preserved. Furthermore, our scheme is fully secure in the standard model based on the decisional Bilinear Diffie-Hellman (DBDH) assumption in composite order groups. We remark that in our security definition, only the legitimate decryptor knows access structures associated with ciphertexts.

Zhen Liu,Duncan S. Wong

DOI: https://doi.org/10.1007/978-3-319-28166-7_7

2015-01-01

Abstract:In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user’s decryption key is associated with attributes which in general are not related to the user’s identity, and the same set of attributes could be shared between multiple users. From the decryption key, if the user created a decryption blackbox for sale, this malicious user could be difficult to identify from the blackbox. Hence in practice, a useful CP-ABE scheme should have some tracing mechanism to identify this ‘traitor’ from the blackbox. In addition, being able to revoke compromised keys is also an important step towards practicality, and for scalability, the scheme should support an exponentially large number of attributes. However, none of the existing traceable CP-ABE schemes simultaneously supports revocation and large attribute universe. In this paper, we construct the first practical CP-ABE which possesses these three important properties: (1) blackbox traceability, (2) revocation, and (3) supporting large universe. This new scheme achieves the fully collusion-resistant blackbox traceability, and when compared with the latest fully collusion-resistant blackbox traceable CP-ABE schemes, this new scheme achieves the same efficiency level, enjoying the sub-linear overhead of (O(sqrt{N})), where N is the number of users in the system, and attains the same security level, namely, the fully collusion-resistant traceability against policy-specific decryption blackbox, which is proven in the standard model with selective adversaries. The scheme supports large attribute universe, and attributes do not need to be pre-specified during the system setup. In addition, the scheme supports revocation while keeping the appealing capability of conventional CP-ABE, i.e. it is highly expressive and can take any monotonic access structures as ciphertext policies.

Jingwei Wang,Xinchun Yin,Jianting Ning,Geong Sen Poh

DOI: https://doi.org/10.1007/978-3-030-14234-6_26

2018-01-01

Abstract:Ciphertext policy attribute-based encryption (CP-ABE) is a promising cryptographic technology and a key component that enable secure data sharing in a cloud environment through fine-grained access control. Since it was introduced, many interesting schemes have been proposed. However, in addition to managing data sharing through access control, a comprehensive scheme should also cater for user revocation and ciphertext queries. This is because in a cloud environment new users may join while existing users may leave the system. At the same time, given the potentially large amount of data stored in a cloud storage, user should be able to retrieve the required files efficiently in a privacy-preserving manner. To address the above issue, in this paper, we propose a practical searchable CP-ABE scheme supporting user revocation. In contrast to existing schemes that provide only single keyword query, our efficient search function provides conjunctive search, which allows user to locate a ciphertext related to a set of keywords. The computation overhead of our user revocation is at least on par with existing schemes. Besides, the security analysis indicates that the proposed scheme is secure under the decisional Bilinear Diffie-Hellman assumption. We also provide extensive experimental results to confirm the efficiency and feasibility of our proposed construction.

Zhang Wei,Zhang Zhishuo,Xiong Hu,Qin Zhiguang

DOI: https://doi.org/10.1007/s12652-021-02922-6

2021-01-01

Abstract:In recent years, attribute-based encryption (ABE) provides a new idea to help researchers solving the problem of data privacy protection in cloud. But there are two issues in traditional ABE, the first issue is that the attributes in the access structures will be sent to users in cleartext together with the ciphertext. So a attacker has the opportunity to obtain some of the private information from the plaintext access structure. And the other issue is the traditional ABE scheme cannot revoke the users' illegal keys in an efficient way. To handle both of the above challenges, we come up with a large universe ciphertext-policy ABE (CP-ABE) scheme which supports partially hidden access structures (PHAS) and highly efficient key revocation at the same time in this paper. What's more, unlike most previous schemes, first our access structure is based on the expressive linear secret sharing scheme (LSSS) which supports both AND and OR gates in access formulas and second our scheme is built from the prime-order bilinear pairing groups. The comparison with other relevant works presents that our scheme is more comprehensive and efficient. Finally we rigorously prove and analyze that our scheme is selectively indistinguishable secure under chosen plaintext attacks (IND-CPA) in the random oracle model (ROM) and our access structure is really anonymous against off-line dictionary attacks.

Zhen Liu,Zhenfu Cao,Qiong Huang,Duncan S. Wong,Tsz Hon Yuen

DOI: https://doi.org/10.1007/978-3-642-23822-2_16

2011-01-01

Abstract:Recently Lewko and Waters proposed the first fully secure multi-authority ciphertext-policy attribute-based encryption (CP-ABE) system in the random oracle model, and leave the construction of a fully secure multi-authority CP-ABE in the standard model as an open problem. Also, there is no CP-ABE system which can completely prevent individual authorities from decrypting ciphertexts. In this paper, we propose a new multi-authority CP-ABE system which addresses these two problems positively. In this new system, there are multiple Central Authorities (CAs) and Attribute Authorities (AAs), the CAs issue identity-related keys to users and are not involved in any attribute related operations, AAs issue attribute-related keys to users and each AA manages a different domain of attributes. The AAs operate independently from each other and do not need to know the existence of other AAs. Messages can be encrypted under any monotone access structure over the entire attribute universe. The system is adaptively secure in the standard model with adaptive authority corruption, and can support large attribute universe.

Isaac Amankona Obiri,Qi Xia,Hu Xia,Kwame Opuni-Boachie Obour Agyekum,Kwame Omono Asamoah,Emmanuel Boateng Sifah,Xiaosong Zhang,Jianbin Gao

DOI: https://doi.org/10.1155/2020/8869057

IF: 1.968

2020-01-01

Security and Communication Networks

Abstract:Key-policy attribute-based encryption (KP-ABE) is the cryptographic primitive which enables fine grained access control while still providing end-to-end encryption. Although traditional encryption schemes can provide end-to-end encryption, users have to either share the same decryption keys or the data have to be stored in multiple instances which are encrypted with different keys. Both of these options are undesirable. However, KP-ABE can provide less key overhead compared to the traditional encryption schemes. While there are a lot of KP-ABE schemes, none of them simultaneously supports multiuse of attributes, adaptive security, monotone span programs, and static security assumption. Hence, we propose a fully secure KP-ABE scheme for monotone span programs in prime-order group. This scheme uses selective security proof techniques to obtain the requisite ingredients for full security proof. This strengthens the correlation between selective and full security models and enables the transition of the best qualities in selective security models to fully secure systems. The security proof is based on decisional linear assumption and three-party Diffie-Hellman assumption.

Hao Wang,Bo Yang,Yilei Wang

DOI: https://doi.org/10.1109/waina.2015.11

2015-01-01

Abstract:Attribute-based encryption (ABE) is a type of public key encryption that allows users to encrypt and decrypt messages based on user attributes. One drawback is that encryption and decryption computational costs scale with the complexity of the access policy or number of attributes. In practice, this makes encryption and decryption a possible bottleneck for some applications. In this work, we aim to mitigate this problem for cipher text-policy ABE (CP-ABE). We introduce the serve raided CP-ABE (SA-CP-ABE) system. In this system, users can precompute an intermediate cipher text before actual encryption to improve efficiency, and stores it on its storage server. Before decryption, user can call its computing server to transform the ciphertext to the partially decrypted ciphertext. This is significant for mobile devices to save local storage resources and computational resources. Then, we propose an SA-CP-ABE scheme, and prove its security in the standard model.

Zhen Liu,Zhenfu Cao,Duncan S. Wong

DOI: https://doi.org/10.1109/tifs.2014.2363562

IF: 7.231

2015-01-01

IEEE Transactions on Information Forensics and Security

Abstract:In Ciphertext-policy attribute-based encryption (CP-ABE), ciphertexts are associated with access policies, which do not have to contain the identities of eligible receivers, and attributes are shared by multiple users. CP-ABE is useful for providing fine-grained access control on encrypted data. However, it also has a practicality concern that a malicious user, with his attributes shared with other users, might leak his decryption privilege as a decryption blackbox, for some financial gain or other incentives, as there is little risk of getting caught. There are two types of decryption blackboxes that reflect different practical scenarios. A key-like decryption blackbox is associated with an attribute set S-D and can decrypt ciphertexts with access policies satisfied by S-D. A policy-specific decryption blackbox is associated with an access policy A(D) and can decrypt ciphertexts with A(D). Policy-specific decryption blackbox has weaker decryption capacity than key-like decryption blackbox, but tracing it is deemed to be more difficult. In the preliminary version (in CCS 2013) of this paper, we proposed a new CP-ABE scheme which is adaptively traceable against key-like decryption blackbox. The scheme has sublinear overhead, which is the most efficient one to date supporting fully collusion-resistant blackbox traceability. The scheme is fully secure in the standard model, and supports any monotonic access structures. In this paper, we further show that the scheme is also selectively traceable against policy-specific decryption blackbox. Furthermore, and more importantly, we prove a general statement that if a CP-ABE scheme is (selectively) traceable against policy-specific decryption blackbox, it is also (selectively) traceable against key-like decryption blackbox, which implies that we now only need to focus on building CP-ABE schemes which are traceable against policy-specific decryption blackbox.