Gang Yu,Xiaoxiao Ma,Zhenfu Cao,Guang Zeng,Wenbao Han

DOI: https://doi.org/10.1142/S0129054117400147

2017-01-01

International Journal of Foundations of Computer Science

Abstract:Ciphertext-policy attribute-based encryption, denoted by CP-ABE, extends identity based encryption by taking a set of attributes as users' public key which enables scalable access control over outsourced data in cloud storage services. However, a decryption key corresponding to an attribute set may be owned by multiple users. Then, malicious users are subjectively willing to share their decryption keys for profits. In addition, the authority who issues decryption keys in CP-ABE system is able to generate arbitrary decryption key for any (including unauthorized) user. Key abuses of both malicious users and the authority have been regarded as one of the major obstacles to deploy CP-ABE system in real-world commercial applications. In this paper, we try to solve these two kinds of key abuses in CP-ABE system, and propose two accountable CP-ABE schemes supporting any LSSS realizable access structures. Two proposed accountable CP-ABE schemes allow any third party (with the help of authorities if necessary) to publicly verify the identity of an exposed decryption key, allow an auditor to publicly audit whether a malicious user or authorities should be responsible for an exposed decryption key, and the key abuser can't deny it. At last, we prove the two schemes can achieve publicly verifiable traceability and accountability.

Gang Yu,Xiaoxiao Ma,Zhenfu Cao,Weihua Zhu,Junjie Zeng

DOI: https://doi.org/10.1007/978-3-319-69471-9_25

2017-01-01

Abstract:Ciphertext-policy attribute-based encryption (CP-ABE) is a promising public key encryption primitive enabling fine-grained access control on shared data in public cloud. However, two quite challenging issues, the prevention of key escrow and key abuse, still exist in CP-ABE system. In this paper, we propose a multi-authority CP-ABE scheme without key escrow and key abuse. To prevent key escrow, multiple authorities are employed to perform the same procedure of key generation for an attribute. Thus, no individual authority or colluded authorities that manage no common attribute can decrypt any ciphertext, and it can also resist collusion attack from curious authority with the help of dishonest users. To prevent key abuse of dishonest users, user’s global identifier along with a signature is embedded into the secret key. Thus, any third party can learn the identity from a shared secret key and publicly verify its validity. An advantage of simultaneously preventing key escrow and key abuse is that the proposed scheme can achieve accountability, i.e. an auditor can publicly audit a user or authorities abuse the secret key. At last, the proposed scheme is fully secure in the random oracle model, and due to a key aggregate algorithm its efficiency is comparable to the decentralizing CP-ABE scheme [18] on which it is based.

Xing Zhang,Cancan Jin,Cong Li,Zilong Wen,Qingni Shen,Yuejian Fang,Zhonghai Wu

DOI: https://doi.org/10.1007/978-3-319-28865-9_27

2015-01-01

Abstract:To ensure the security of sensitive data, people need to encrypt them before uploading them to the public storage. Attribute-based encryption (ABE) is a promising cryptographic primitive for fine-grained sharing of encrypted data. However, ABE lacks user and authority accountability. The user can share his/her secret key without being identified, while key generation center (KGC) can generate any user’s secret key. In this paper, we propose a practical large universe ciphertext-policy ABE (CP-ABE) with user and authority accountability in the white-box model. As embedding the user’s identity information into this user’s secret key directly, the trace stage has only O(1) time overhead. The property of accountability is proved against the dishonest user and KGC in the standard model. We implement our scheme in Charm. Experiments show that CP-ABE of Rouselakis and Waters in CCS 2013 is enhanced in user and authority accountability by our method with small computational cost.

Yinghui Zhang,Jin Li,Dong Zheng,Xiaofeng Chen,Hui Li

DOI: https://doi.org/10.1007/978-3-319-40253-6_31

2016-01-01

Abstract:Ciphertext-policy attribute-based encryption CP-ABE is a promising cryptographic primitive for fine-grained access control on data outsourced to clouds. However, there still exists one critical functionality missing in existing CP-ABE schemes, which is the prevention of key abuse. Specifically, two kinds of key abuse problems are considered in this paper: malicious key sharing among colluding users, and key escrow problem of the semi-trusted authority. For a user, any malicious behavior including illegal key sharing should be traced. For the semi-trusted authority, it should be accountable for its misbehavior including illegal key re-distribution. For better performance and security, it is also indispensable to support large universe and full security in CP-ABE. To the best of our knowledge, none of the existing traceable CP-ABE schemes simultaneously supports large universe and full security. In this paper, we construct a white-box traceable CP-ABE scheme with weak public user traceability, weak public authority accountability and weak public auditing in the sense that no additional secret keys are needed. The scheme supports large universe, and attributes do not need to be pre-specified during the system setup phase. Our scheme is proven fully-secure in the random oracle model and it can take any monotonic access structures as ciphertext policies.

Jin Li,Kui Ren,Bo Zhu,Zhiguo Wan

DOI: https://doi.org/10.1007/978-3-642-04474-8_28

2009-01-01

Abstract:As a new public key primitive, attribute-based encryption (ABE) is envisioned to be a promising tool for implementing fine-grained access control. To further address the concern of user access privacy, privacy-aware ABE schemes are being developed to achieve hidden access policy recently. For the purpose of secure access control, there is, how- ever, still one critical functionality missing in the existing ABE schemes, which is user accountability. Currently, no ABE scheme can completely prevent the problem of illegal key sharing among users. In this paper, we tackle this problem by firstly proposing the notion of accountable, anony- mous, and ciphertext-policy ABE (CP-A 3 BE, in short) and then giving out a concrete construction. We start by improving the state-of-the-art of anonymous CP-ABE to obtain shorter public parameters and ciphertext length. In the proposed CP-A 3 BE construction, user accountability can be achieved in black-box model by embedding additional user-specific information into the attribute private key issued to that user, while still maintaining hidden access policy. The proposed constructions are prov- ably secure.

Jin Li,Qiong Huang,Xiaofeng Chen,Sherman S. M. Chow,Duncan S. Wong,Dongqing Xie

DOI: https://doi.org/10.1145/1966913.1966964

2011-01-01

Abstract:Attribute-based encryption (ABE) is a promising tool for implementing fine-grained cryptographic access control. Very recently, motivated by reducing the trust assumption on the authority, and enhancing the privacy of users, a multiple-authority key-policy ABE system, together with a semi-generic anonymous key-issuing protocol, have been proposed by Chase and Chow in CCS 2009. Since ABE allows encryption for multiple users with attributes satisfying the same policy, it may not be always possible to associate a decryption key to a particular individual. A misbehaving user could abuse the anonymity by leaking the key to someone else, without worrying of being traced. In this paper, we propose a multi-authority ciphertext-policy (AND gates with wildcard) ABE scheme with accountability , which allows tracing the identity of a misbehaving user who leaked the decryption key to others, and thus reduces the trust assumptions not only on the authorities but also the users. The tracing process is efficient and its computational overhead is only proportional to the length of the identity.

Fugeng Zeng ,Chunxiang Xu ,Xinpeng Zhang

DOI: https://doi.org/10.4156/aiss.vol4.issue12.23

2012-01-01

Abstract:In the ciphertext-policy ABE (CP-ABE) schemes, attributes are associated with secret keys and access structures are associated with ciphertexts. The access structures are described with the attributes and therefore the concept of CP-ABE is closely related to Role-Based Access Control. Because it requires both of the encryptor and the key generalization center meeting the construction, it will be more difficult to design. Ibraimi et al.[7] allegedly proposed an efficient and provable secure CP-ABE schemes. They require that the simulator can not send back the private keys of attributes which overlap with challenging access attributes. We point out their fault of security proof and their requirement is a small probability event and it is unreasonable to reduce to standard DBDH assumption. However, we give a proof in the generic bilinear group model, which is weaker than DBDH assumption.

Shucheng Yu,Cong Wang,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1145/1755688.1755720

2010-01-01

Abstract:Ciphertext-Policy Attribute Based Encryption (CP-ABE) is a promising cryptographic primitive for fine-grained access control of shared data. In CP-ABE, each user is associated with a set of attributes and data are encrypted with access structures on attributes. A user is able to decrypt a ciphertext if and only if his attributes satisfy the ciphertext access structure. Beside this basic property, practical applications usually have other requirements. In this paper we focus on an important issue of attribute revocation which is cumbersome for CP-ABE schemes. In particular, we resolve this challenging issue by considering more practical scenarios in which semi-trustable on-line proxy servers are available. As compared to existing schemes, our proposed solution enables the authority to revoke user attributes with minimal effort. We achieve this by uniquely integrating the technique of proxy re-encryption with CP-ABE, and enable the authority to delegate most of laborious tasks to proxy servers. Formal analysis shows that our proposed scheme is provably secure against chosen ciphertext attacks. In addition, we show that our technique can also be applicable to the Key-Policy Attribute Based Encryption (KP-ABE) counterpart.

Cong Li,Xiaoyuan Yang,Yazhou Liu,Xu'an Wang

DOI: https://doi.org/10.1007/978-3-030-00012-7_64

2018-01-01

Abstract:In the CP-ABE scheme, the private key is defined on attributes shared by multiple users. For any private key that can not be traced back to the owner of the original key, the malicious users may sell their decryption privileges to third parties for economic benefit and will not be discoverable. In addition, most of the existing ABE schemes have a linear increase in decryption cost and ciphertext size with the complexity of access structure. These problems severely limit the application of CP-ABE. By defining the traceable table to trace the user who intentionally disclosed the key, the cost of the decryption operation is reduced through the outsourcing operation, in this paper, a CP-ABE scheme was proposed that is traceable and fully verifiability for outsourced decryption. The scheme can simultaneously check the correctness for transformed ciphertext of the authorized user and unauthorized user. And this scheme supports any monotonous access structure, increasing traceability in the existing CP-ABE scheme will not have any impact on its security. This paper is proved to be selective CPA-secure in the standard model.

Yongtao Wang,Kefei Chen,Yu Long

DOI: https://doi.org/10.3772/j.issn.1006-6748.2013.01.015

2013-01-01

Abstract:An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It is a novel approach to mitigate the (inherent) key escrow problem in identity-based cryptosystems. In this work, the concept of accountable authority to attribute-based encryption (ABE) setting is generalized for the first time, and then a construction is given. The scheme non-trivially integrates an A-IBE scheme proposed by Libert et al. with an ABE scheme. In our construction, a user will be identified by a pair (id, ω), where id denotes the user's identity and ω denotes the set of attributes associated to the user. In addition, our construction is shown to be secure under some reasonable assumptions. © by HIGH TECHNOLOGY LETTERS PRESS.

Zechao Liu,Zoe L. Jiang,Xuan Wang,Yulin Wu,S.M. Yiu

DOI: https://doi.org/10.1109/BDCloud.2018.00146

2018-01-01

Abstract:Ciphertext policy attribute-based encryption (CP-ABE) is a promising cryptographic technology that provides fine-grained access control as well as data confidentiality. It enables one sender to encrypt the data for more receivers, and to specify a policy on who can decrypt the ciphertext using his/her attributes alone. However, most existing ABE schemes are constructed on bilinear maps and they cannot resist quantum attacks. In this paper, we propose a multi-authority CP-ABE (MA-CPABE) scheme on ideal lattices which is still secure in post-quantum era. On one hand, multiple attribute authorities are required when user's attributes cannot be managed by a central authority. On the other hand, compared with generic lattice, the ideal lattice has extra algebraic structure and can be used to construct more efficient cryptographic applications. By adding some virtual attributes for each authority, our scheme can support flexible threshold access policy. Security analysis shows that the proposed scheme is secure against chosen plaintext attack (CPA) in the standard model under the ring learning with errors (R-LWE) assumption.

Zhang Ruoqing,Hui Lucas,Yiu Sm,Yu Xiaoqi,Liu Zechao,Zoe L. Jiang

DOI: https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.259

2017-01-01

Abstract:Ciphertext-Policy Attribute-based Encryption (CP-ABE) is a useful cryptographic scheme and is being considered for cloud application as more and more users leverage cloud platforms to store and process their data. However, existing CP-ABE schemes still have a number of limitations that make it not effective to be used in a practical application. Firstly, the size of the ciphertext and the time for decryption grow with the complexity of the access formula. This efficiency issue becomes a problem when using a cloudplatform and mobile devices with limited processing capacity. Secondly, in reality, the attributes of users may be changed from time to time, or some users may eventually leave the system due to resignation. This practical concern requires a scheme with flexible and fine-grained revocation optionsupporting attribute-level changes. Lastly, traceability is also an important feature to track potential traitors who leak the partial decryption keys if ABE is used in a real scenario. None of the existing CP-ABE schemes are able to satisfy these three properties simultaneously. In this paper, we propose apractical CP-ABE that can achieve all three requirements. Our system adopts techniques on secure outsourcing of pairings to support efficient outsourcing computation and makes use of a subset cover algorithm to meet the requirements of revocation and traceability. Our scheme is proved to be a selectively replayable chosen-ciphertext attack (RCCA) secure in random oracle model. The result of our work could provide a feasible, reliable and practical CP-ABE scheme for the realistic application.

Shida Shamsazad

2024-01-25

Abstract:In this paper, we present a novel ciphertext-policy attribute based encryption (CP-ABE) scheme that offers a flexible access structure. Our proposed scheme incorporates an access tree as its access control policy, enabling fine-grained access control over encrypted data. The security of our scheme is provable under the hardness assumption of the decisional Ring-Learning with Errors (R-LWE) problem, ensuring robust protection against unauthorized access. CP-ABE is a cryptographic technique that allows data owners to encrypt their data with access policies defined in terms of attributes. Only users possessing the required attributes can decrypt and access the encrypted data. Our scheme extends the capabilities of CP-ABE by introducing a flexible access structure based on an access tree. This structure enables more complex and customizable access policies, accommodating a wider range of real-world scenarios. To ensure the security of our scheme, we rely on the decisional R-LWE problem, a well-established hardness assumption in cryptography. By proving the security of our scheme under this assumption, we provide a strong guarantee of protection against potential attacks. Furthermore, our proposed scheme operates in the standard model, which means it does not rely on any additional assumptions or idealized cryptographic primitives. This enhances the practicality and applicability of our scheme, making it suitable for real-world deployment. We evaluate the performance and efficiency of our scheme through extensive simulations and comparisons with existing CP-ABE schemes. The results demonstrate the effectiveness and scalability of our proposed approach, highlighting its potential for secure and flexible data access control in various domains.

Cryptography and Security

Wei Zhang,Yi Wu,Hu Xiong,Zhiguang Qin

DOI: https://doi.org/10.3837/tiis.2021.01.017

2021-01-01

KSII Transactions on Internet and Information Systems

Abstract:In the system of ciphertext policy attribute-based encryption (CP-ABE), only when the attributes of data user meets the access structure established by the encrypter, the data user can perform decryption operation. So CP-ABE has been widely used in personal health record system (PHR). However, the problem of key abuse consists in the CP-ABE system. The semi-trusted authority or the authorized user to access the system may disclose the key because of personal interests, resulting in illegal users accessing the system. Consequently, aiming at two kinds of existing key abuse problems: (1) semi-trusted authority redistributes keys to unauthorized users, (2) authorized users disclose keys to unauthorized users, we put forward a CP-ABE scheme that has authority accountability, user traceability and supports arbitrary monotonous access structures. Specifically, we employ an auditor to make a fair ruling on the malicious behavior of users. Besides, to solve the problem of user leaving from the system, we use an indirect revocation method based on trust tree to implement user revocation. Compared with other existing schemes, we found that our solution achieved user revocation at an acceptable time cost. In addition, our scheme is proved to be fully secure in the standard model.

Zhen Liu,Duncan S. Wong

DOI: https://doi.org/10.1007/978-3-319-28166-7_7

2015-01-01

Abstract:In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user’s decryption key is associated with attributes which in general are not related to the user’s identity, and the same set of attributes could be shared between multiple users. From the decryption key, if the user created a decryption blackbox for sale, this malicious user could be difficult to identify from the blackbox. Hence in practice, a useful CP-ABE scheme should have some tracing mechanism to identify this ‘traitor’ from the blackbox. In addition, being able to revoke compromised keys is also an important step towards practicality, and for scalability, the scheme should support an exponentially large number of attributes. However, none of the existing traceable CP-ABE schemes simultaneously supports revocation and large attribute universe. In this paper, we construct the first practical CP-ABE which possesses these three important properties: (1) blackbox traceability, (2) revocation, and (3) supporting large universe. This new scheme achieves the fully collusion-resistant blackbox traceability, and when compared with the latest fully collusion-resistant blackbox traceable CP-ABE schemes, this new scheme achieves the same efficiency level, enjoying the sub-linear overhead of (O(sqrt{N})), where N is the number of users in the system, and attains the same security level, namely, the fully collusion-resistant traceability against policy-specific decryption blackbox, which is proven in the standard model with selective adversaries. The scheme supports large attribute universe, and attributes do not need to be pre-specified during the system setup. In addition, the scheme supports revocation while keeping the appealing capability of conventional CP-ABE, i.e. it is highly expressive and can take any monotonic access structures as ciphertext policies.

Xiaohui Liang,Zhenfu Cao,Huang Lin,Dongsheng Xing

DOI: https://doi.org/10.1145/1533057.1533102

2009-01-01

Abstract:Ciphertext policy attribute based encryption (CPABE) allows a sender to distribute messages based on an access policy which can be expressed as a boolean function consisting of (OR, AND) gates between attributes. A receiver whose secret key is associated with those attributes could only decrypt a ciphertext successfully if and only if his attributes satisfy the ciphertext's access policy. Fine-grained access control, a new concept mentioned by GPSW in CCS'06 can realize a more delicate access policy which could be represented as an access tree with threshold gates connecting attributes. In ICALP'08, Goyal et al . design a bounded CPABE (denoted as GJPS) with fine-grained access policy which can be proven secure under a number-theoretic assumption. In this paper, we improve their scheme by providing faster encryption / decryption algorithm and shortened ciphertext size. Moreover, we use one-time signature technique to obtain a chosen ciphertext secure extension and give its complete security proof in the standard model under traditional Decisional Bilinear Diffie-Hellman (DBDH) assumption and strong existential unforgeability of one-time signature scheme.

Peng Zhang,Zehong Chen,Kaitai Liang,Shulan Wang,Ting Wang

DOI: https://doi.org/10.1007/978-3-319-40253-6_32

2016-01-01

Abstract:Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality but also fine-grained data access control. It enables data owners to define flexible access policy for cloud-based data sharing. However, the user revocation and attribute update problems existing in CP-ABE systems that are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting user revocability and attribute update. Specifically, the user revocation is defined in the identity-based setting that does not conflict our attribute-based design. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertexts associated with the corresponding updated attribute. Moreover, the security analysis shows that the proposed scheme is secure under the decisional Bilinear DiffieHellman assumption.

Gang Yu,Xiaoxiao Ma,Zhenfu Cao,Weihua Zhu,Guang Zeng

DOI: https://doi.org/10.1007/978-3-319-89500-0_15

2017-01-01

Abstract:Ciphertext-policy attribute-based encryption (CP-ABE) is a promising primitive for enforcing access control policies defined by data owner on outsourced data. We propose a novel primitive called server-aided directly revocable CP-ABE with verifiable delegation, denoted by sarCP-ABE. In sarCP-ABE, the workloads about revocation are delegated to an aide-server, and the data owner only needs to generate a normal ciphertext as in a pure CP-ABE system. A user can be directly revoked by updating a public revocation list. To prevent a revoked user from decrypting, the aide server can update the aide-ciphertext with current revocation list, and an auditor can publicly check the correctness of the updated aide-ciphertext. At last, the proposed scheme can be proved selectively secure against chosen-plaintext attack on both original and updated ciphertext.

Jianting Ning,Zhenfu Cao,Xiaolei Dong,Lifei Wei

DOI: https://doi.org/10.1007/s11432-016-0062-7

2016-01-01

Science China Information Sciences

Abstract:>Dear editor,As a sophisticated mechanism for secure finegrained access control on encrypted data,Ciphertext-policy attribute-based encryption(CPABE)is a highly promising solution for commercial applications such as cloud computing and social networks.However,there exists an important and practical issue in current CP-ABE systems awaiting to solve.As a one-to-many encryption mechanism,the same ciphertexts will

Ying He,Haiyan Wang,Yuan Li,Ke Huang,Victor C. M. Leung,F. Richard Yu,Zhong Ming

DOI: https://doi.org/10.1109/jiot.2021.3099171

IF: 10.6

2022-02-15

IEEE Internet of Things Journal

Abstract:In the last few decades, ciphertext-policy attribute-based encryption (CP-ABE) technology has attracted great interest, since it can provide fine-grained, flexible, and access control for sensitive data to implement a high secure and efficient data-sharing mechanism. In this article, based on the linear secret sharing scheme (LSSS), an efficient scheme is proposed to realize a collaborative decryption function. For any user group, when the user's attribute set cannot access the ciphertext alone, the private key of other users in the same group can be used for collaborative decryption with the permission of the data owner. Our scheme uses the LSSS matrix that can significantly reduce the computation and storage overhead when comparing with the existing schemes. Then, a multiauthorization model is created based on the Bohen–Lynn–Shacham technology in order to solve the key-management issue. Finally, we implemented the specific functions of the framework through JAVA, and built a private chain to verify the feasibility of data transfer between users.

computer science, information systems,telecommunications,engineering, electrical & electronic