Zheng Qu,Saru Kumari,Mohammad S. Obaidat,Bander A. Alzahrani,Hu Xiong

DOI: https://doi.org/10.1109/jbhi.2023.3321939

IF: 7.7

2024-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:The emerging Internet of Things (IoTs) and cloud technologies spark dramatic growth in efficiency and productivity for the conventional e-health sector. However, the extensive applications of the communication network also expose the sensitive medical data to the unprecedented cyber threats. To protect the data privacy in IoTs-based e-health cloud environments, we propose an adaptively secure data sharing scheme with traceability and equality test (T-ABEET). The T-ABEET not only allows flexible access control to the massive data but also provides the functionality of traitor tracing to identity the users who leak their decryption keys. Meanwhile, through carrying out the equality test, the target ciphertext can be retrieved efficiently without revealing anything about the plaintext. Particularly, distinct from previous traceable ABE works, the tracing cost in our T-ABEET scheme keeps constant even with the increasing number of users. Also, by introducing the multi-authority mechanism, our T-ABEET can avoid the inherent key escrow problem of ABE. Furthermore, our T-ABEET is demonstrated adaptively secure under subgroup decision assumption. Finally, performance comparison reveals that our T-ABEET has superior practicality, efficiency, and security in cloud-enabled e-health systems.

Zhishuo Zhang,Wei Zhang,Hanxiang Zhuang,Yu Sun,Zhiguang Qin

DOI: https://doi.org/10.1007/978-3-030-78621-2_52

2021-01-01

Abstract:With the rapid advancements of Internet of Things (IoT) technologies, wearable devices assisted cloud-based smart health (s-health) has become the promising solution to improve the quality and convenience of healthcare. However, the privacy preserving and data security has not been perfectly addressed. In past few years, ciphertext-policy attribute-based encryption (CP-ABE) proposed as a flexible and powerful cryptographic primitive to realize one-to-many encryption and fine-grained access control has been regarded as a promising solution to the security problem in cloud. But in traditional CP-ABE, the attribute values in access policy are presented in cleartext. This will easily divulge the privacy of the data owners (patients). So in this paper, we propose a efficient partially policy-hidden CP-ABE scheme (PPH-CP-ABE), which can effectively hide the attribute values in ciphertext to protect the sensitive information in access policy. Our access policy in our PPH-CP-ABE scheme can supports both AND and OR gates which is based on the Linear Secret Sharing Scheme (LSSS). And our PPH-CP-ABE scheme is more efficient and lightweight than the other CP-ABE schemes with hidden policies. Furthermore, we give a rigorous security proof and analysis to state that our scheme is selectively indistinguishable secure under chosen plaintext attacks (selectively IND-CPA secure) and resistant to the off-line dictionary attacks. Through comparison with the state-of-art schemes from the perspective of functionality and efficiency, it is easily to observe that our scheme is more practical, secure and efficient in the real s-health scenarios.

Li Yang,Cheng Li,Yuting Cheng,Shui Yu,Jianfeng Ma

DOI: https://doi.org/10.1016/j.ins.2021.09.034

IF: 8.1

2022-01-01

Information Sciences

Abstract:Increasingly more user data are transferred to the cloud for storage and analysis. Due to the dishonesty of the cloud, user data are at risk of leakage. CP-ABE is considered one of the most promising technologies for protecting outsourced data. However, in most existing schemes, the attacker may learn user privacy information from the policy plaintext. Furthermore, schemes supporting policy hiding either only achieve partial policy hiding or cannot hide policies in large universes. In this paper, we use hide both the values and names of attributes in policies by using private set intersections (PSIs). CP-ABE supports a complete hiding strategy. At the same time, it can calculate the authorization relationship and mapping between the user's password and key. We use polynomial-based PSI and a recursive algorithm to calculate the former. With the help of this algorithm and tag vectors, the mapping is determined in the case of communication restrictions. By outsourcing exponents, we achieve an efficient hiding policy and effectively reduces users' computing overhead. We also prove its security. Finally, the performance evaluation and simulation results reveal that our model achieves better performance compared with other schemes while preserving sensitive attributes.

computer science, information systems

Jialu Hao,Wenjuan Tang,Cheng Huang,Jian Liu,Huimei Wang,Ming Xian

DOI: https://doi.org/10.1109/tetc.2021.3052377

2022-01-01

IEEE Transactions on Emerging Topics in Computing

Abstract:Cloud-assisted Internet of Medical Things (IoMT) is becoming an emerging paradigm in the healthcare domain, which involves collection, storage and usage of the medical data. Considering the confidentiality and accessibility of the outsourced data, secure and fine-grained data sharing is a crucial requirement for the patients. Attribute-based encryption (ABE) is a promising solution to deal with this issue, but considering its property of each attribute sharing with multiple users, how to flexibly and efficiently update access privileges of certain users without affecting others is still a serious challenge. In this article, we propose a secure and fine-grained data sharing scheme with flexible user access privilege update in cloud-assisted IoMT environment. Specifically, we take ABE as the basic building block, and utilize proxy re-encryption and key blinding techniques to empower the cloud server to re-encrypt the ciphertext affected by revocation and update keys for unrevoked users. In addition, adding attributes for users to extend their access rights is realized only based on few key components stored in cloud without entirely re-computing and re-issuing keys for them. As a result, the patients are able to flexibly and efficiently share their data and manage users’ privileges. Formal proof and detailed performance evaluation demonstrate the security and efficiency of the proposed scheme.

Jianfei Sun,Hu Xiong,Ximeng Liu,Yinghui Zhang,Xuyun Nie,Robert H. Deng

DOI: https://doi.org/10.1109/JIOT.2020.2974257

IF: 10.6

2020-01-01

IEEE Internet of Things Journal

Abstract:With the booming of Internet of Things (IoT), smart health (s-health) is becoming an emerging and attractive paradigm. It can provide an accurate prediction of various diseases and improve the quality of healthcare. Nevertheless, data security and user privacy concerns still remain issues to be addressed. As a high potential and prospective solution to secure IoT-oriented s-health applications, ciphertext policy attribute-based encryption (CP-ABE) schemes raise challenges, such as heavy overhead and attribute privacy of the end users. To resolve these drawbacks, an optimized vector transformation approach is first proposed to efficiently transform the access policy and user attribute set into respective vectors of shorter length while other approaches result in redundant and longer vectors. Our transformation approach can greatly relieve the costly overheard of key generation, encryption, and decryption phases. Then, based on the transformation approach and the offline/online computation technology, we propose a lightweight policy-hiding CP-ABE scheme for the IoT-oriented s-health application. With our proposed scheme, data users in the s-health system can perform lightweight encryption and decryption without leaking any sensitive privacy about the attributes of the user. Finally, the formal security analysis, the theoretic performance evaluation and experiment results indicate that the solution is secure and efficient.

Jianting Ning,Zhenfu Cao,Xiaolei Dong,Lifei Wei,Xiaodong Lin

DOI: https://doi.org/10.1007/978-3-319-11212-1_4

2014-01-01

Abstract:A Ciphertext-Policy Attribute-Based Encryption (CP-ABE) system extracts the decryption keys over attributes shared by multiple users. It brings plenty of advantages in ABE applications. CP-ABE enables fine-grained access control to the encrypted data for commercial applications. There has been significant progress in CP-ABE over the recent years because of two properties called traceability and large universe , greatly enriching the commercial applications of CP-ABE. Traceability is the ability of ABE to track the malicious users or traitors who intentionally leak the partial or modified decryption keys to others for profits. Nevertheless, due to the nature of CP-ABE, it is difficult to identify the original key owner from an exposed key since the decryption privilege is shared by multiple users who have the same attributes. On the other hand, the property of large universe in ABE proposed by Lewko and Waters enlarges the practical applications by supporting flexible number of attributes. Several systems have been proposed to obtain either of the above properties. However, none of them achieve the two properties simultaneously in practice, which limits the commercial applications of CP-ABE to a certain extent. In this paper, we propose a practical large universe CP-ABE system supporting white-box traceability, which is suitable for commercial applications. Compared to existing systems, our new system has three advantages: (1) The number of attributes is not polynomially bounded; (2) Malicious users who leak their decryption keys could be traced; and, (3) The storage overhead for traitor tracing is constant. We also prove the selective security of our new system in the standard model under “ q -type” assumption.

Jianting Ning,Xiaolei Dong,Zhenfu Cao,Lifei Wei,Xiaodong Lin

DOI: https://doi.org/10.1109/tifs.2015.2405905

IF: 7.231

2015-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Ciphertext-policy attribute-based encryption (CP-ABE) enables fine-grained access control to the encrypted data for commercial applications. There has been significant progress in CP-ABE over the recent years because of two properties called traceability and large universe, greatly enriching the commercial applications of CP-ABE. Traceability is the ability of ABE to trace the malicious users or traitors who intentionally leak the partial or modified decryption keys for profits. Nevertheless, due to the nature of CP-ABE, it is difficult to identify the original key owner from an exposed key since the decryption privilege is shared by multiple users who have the same attributes. On the other hand, the property of large universe in ABE enlarges the practical applications by supporting flexible number of attributes. Several systems have been proposed to obtain either of the above properties. However, none of them achieve the two properties simultaneously in practice, which limits the commercial applications of CP-ABE to a certain extent. In this paper, we propose two practical large universe CP-ABE systems supporting white-box traceability. Compared with existing systems, both the two proposed systems have two advantages: 1) the number of attributes is not polynomially bounded and 2) malicious users who leak their decryption keys could be traced. Moreover, another remarkable advantage of the second proposed system is that the storage overhead for traitor tracing is constant, which are suitable for commercial applications.

Shuwei Xie,Leyou Zhang,Qing Wu,Fatemeh Rezaeibagha

DOI: https://doi.org/10.1016/j.sysarc.2024.103179

IF: 5.836

2024-05-19

Journal of Systems Architecture

Abstract:The emergence of the Internet of Medical Things (IoMT) has presented numerous opportunities for the healthcare industry. It is anticipated to enhance the quality and efficiency of medical services, thus enhancing people's overall quality of life. However, frequently occurring medical data leakage makes the protection of medical data and privacy in IoMT become a critical issue. Among the solutions, attribute-based encryption (ABE) has been a very promising solution due to its flexible and fine-grained access control to encrypted data. However, the majority of current ABE schemes are based on bilinear pairing and are vulnerable to quantum attacks. The available of multi-authority ABE schemes over lattice only support a single policy such as threshold or AND gate, and lack the ability to implement user or attribute revocation in a flexible manner. For the special algebra structure of the lattice based scheme, how to overcome them is still a challenge at present. Aiming at the above, we propose a novel multi-authority key-policy attribute based encryption (RM-KP-ABE) based on the Ring Learning With Errors (RLWE) assumption. It supports multi-valued attributes and {0,1} -LSSS access policy. This scheme allows multiple authorities to participate in key distribution and enables attribute revocation when dynamic users change their situation. {0,1} -LSSS access policy makes the proposal get highly expressive which supports any monotonic boolean formula. Security analysis and performance evaluations demonstrate that our scheme is secure and efficient.

computer science, software engineering, hardware & architecture

Hui Tian,Xiang Li,Hanyu Quan,Chin-Chen Chang,Thar Baker

DOI: https://doi.org/10.1109/jsen.2020.3030688

IF: 4.3

2021-07-15

IEEE Sensors Journal

Abstract:The Intelligent Transportation System (ITS) provides more possibilities for the realization of smart cities by integrating the Internet of Things (IoT) and cloud computing. However, how to ensure security of IoT data stored in the cloud has become one of the biggest challenges at present. As a promising solution for realizing fine-grained access control, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) can be used to ensure data security. However, the traditional CP-ABE schemes may leak privacy of ITS users. Moreover, due to their high computational overheads, the current privacy-preserving techniques are not suitable for IoT lightweight devices. To fill this gap, this article presents ABE-FPP, a lightweight attribute-based access control scheme with full privacy protection (FPP), which can achieve full privacy protection in the three key stages (i.e., key generation, access control, and partial decryption), while reducing consumption overhead on the user side. Specifically, to protect privacy during key generation, a lightweight two-party secure computing protocol between the user and the authority is designed to generate secret keys; to protect privacy during the access control policy setting, we present an efficient policy hidden strategy, which only reveals attribute names and efficiently hides attribute values; to protect privacy during partial decryption, we propose a hybrid authentication method that does not need to submit attribute values to the cloud. Moreover, to achieve lightweight computation for IoT devices, online/offline encryption and outsourced decryption are employed in ABE-FPP. Finally, formal security proofs show that our scheme is secure in the standard model. The asymptotic complexity analyses and experimental results demonstrate that the presented scheme achieves higher computation efficiency than the state-of-the-art ones.

engineering, electrical & electronic,instruments & instrumentation,physics, applied

Zhen Liu,Duncan S. Wong

DOI: https://doi.org/10.1093/comjnl/bxv101

2015-01-01

Abstract:A blackbox traceable Attribute-Based Encryption (ABE) can identify a malicious user called traitor, which created a decryption box with respect to an attribute set (respectively, access policy), out of all the users who share the same attribute set (respectively, access policy). However, none of the existing traceable ABE schemes can also support revocation and large attribute universe, that is, being able to revoke compromised keys, and can take an exponentially large number of attributes. In this paper, we formalize the definitions and security models, and propose constructions of both Ciphertext-Policy ABE and Key-Policy ABE that support (i) public and fully collusion-resistant blackbox traceability, (ii) revocation, (iii) large universe and (iv) any monotonic access structures as policies (i.e. high expressivity). We also show that the schemes are secure and blackbox traceable in the standard model against selective adversaries.

Jingwei Liu,Yue Fan,Rong Sun,Lei Liu,Celimuge Wu,Shahid Mumtaz

DOI: https://doi.org/10.1109/jiot.2023.3287636

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Due to the massive applications of Internet of Things (IoT) and the prevalence of wearable devices, e-healthcare systems are widely deployed in medical institutions. As a significant carrier of medical data, electronic medical record (EMR) is convenient to be stored and retrieved, which greatly simplifies the experience of medical treatment and cuts down the trivial work of paramedics. However, EMRs usually include much sensitive information such as patients’ identification numbers or home addresses that may be easily captured by unauthorized doctors and cloud servers. Based on this concern, e-healthcare systems can make use of attribute-based encryption (ABE) to protect private information while achieving fine-grained access control of encrypted EMRs. Whereas, most ABE schemes do not support both policy hiding and keyword search. To address the above issues, we propose an inner product searchable encryption scheme with multi-keyword search (MK-IPSE) based on blockchain to provide full privacy preservation and efficient ciphertext retrieval for EMRs. Inner product encryption (IPE) can not only specify access permissions such that only users with matched attributes can get the target files, but also support access policy hiding. Besides, the proposed scheme combines searchable encryption (SE) and federated blockchain (FB) to implement efficient and stable multi-keyword search. Compared with the existing schemes, MK-IPSE shows better performance on computation and storage. Additionally, security analysis demonstrates that our scheme can resist IND-CKA and collusion attacks.

computer science, information systems,telecommunications,engineering, electrical & electronic

J. Li,X. Chen,H. Tian,C. Gao

DOI: https://doi.org/10.1504/ijahuc.2014.065156

2014-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Since the notion of attribute-based encryption (ABE) was proposed, it has been found a lot of important applications such as fine-grained access control. However, the issue of key exposure problem in ABE has been solved completely. This problem is formally addressed and formulated in this paper. More specifically, we propose a new key-insulated ABE (KI-ABE) scheme as a solution to the key exposure problem. The definition and security model of KI-ABE is proposed. Then, a KI-ABE scheme is presented, which is provably secure under the proposed model. The scheme is secure in the remaining time periods against an adversary who compromises the insecure device and obtains secret keys for the periods of its choice. Finally, we show that the scheme also supports user delegation, which is critical when one wants to delegate part of attributes (privileges) to others.

Hang Li,Keping Yu,Bin Liu,Chaosheng Feng,Zhiguang Qin,Gautam Srivastava

DOI: https://doi.org/10.1109/jbhi.2021.3075995

IF: 7.7

2021-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:The Internet of Health Things (IoHT) is a medical concept that describes uniquely identifiable devices connected to the Internet that can communicate with each other. As one of the most important components of smart health monitoring and improvement systems, the IoHT presents numerous challenges, among which cybersecurity is a priority. As a well-received security solution to achieve fine-grained access control, ciphertext-policy weighted attribute-based encryption (CP-WABE) has the potential to ensure data security in the IoHT. However, many issues remain, such as inflexibility, poor computational capability, and insufficient storage efficiency in attributes comparison. To address these issues, we propose a novel access policy expression method using 0-1 coding technology. Based on this method, a flexible and efficient CP-WABE is constructed for the IoHT. Our scheme supports not only weighted attributes but also any form of comparison of weighted attributes. Furthermore, we use offline/online encryption and outsourced decryption technology to ensure that the scheme can run on an inefficient IoT terminal. Both theoretical and experimental analyses show that our scheme is more efficient and feasible than other schemes. Moreover, security analysis indicates that our scheme achieves security against a chosen-plaintext attack.

computer science, interdisciplinary applications,mathematical & computational biology,medical informatics, information systems

Hu Xiong,Minghao Yang,Ting Yao,Jinhao Chen,Saru Kumari

DOI: https://doi.org/10.1109/jsyst.2021.3125455

IF: 4.802

2021-01-01

IEEE Systems Journal

Abstract:By integrating cloud computing and traditional wireless body area networks (WBANs), the emerging cloud-aided WBANs for smart health care have been significantly developed in recent years. However, this new technique that is now in its infancy days also suffers from some challenging issues resulted from untrustworthy cloud servers, such as data security. While attribute-based encryption seems to be suitable for ensuring data security in such complex scenarios, the flaw of existing ABE works in policy hiding inevitably leads to extra privacy issues. For efficiently guaranteeing data security without revealing anything privacy information about the data owner, we adopt the conception named inner-product encryption (IPE) in this article and propose a full attribute hiding IPE scheme that concurrently achieves unbounded attribute vectors and acceptable communication as well as computation efficiency. Compared with the only existing IPE scheme presented by Okamoto and Takashima that simultaneously achieves full attribute hiding and unbounded attributes, our scheme not only covers all the merits in their scheme but also has the high practicality due to tinier size of public parameters and more desirable computation efficiency. Eventually, performance comparisons and implementation results reveal that our article is highly feasible and effective than other works.

Zhongxiang He,Yuling Chen,Yun Luo,Lingyun Zhang,Yingying Tang

DOI: https://doi.org/10.3390/e26010045

IF: 2.738

2024-01-01

Entropy

Abstract:The emerging cloud storage technology has significantly improved efficiency and productivity in the traditional electronic healthcare field. However, it has also brought about many security concerns. Ciphertext policy attribute-based encryption (CP-ABE) holds immense potential in achieving fine-grained access control, providing robust security for electronic healthcare data in the cloud. However, current CP-ABE schemes still face issues such as inflexible attribute revocation, relatively lower computational capabilities, and key management. To address these issues, this paper introduces a revocable and traceable undeniable ciphertext policy attribute-based encryption scheme (MA-RUABE). MA-RUABE not only enables fast and accurate data traceability, effectively preventing malicious user key leakage, but also includes a direct revocation feature, significantly enhancing computational efficiency. Furthermore, the introduction of a multi-permission mechanism resolves the issue of centralization of power caused by single-attribute permissions. Furthermore, a security analysis demonstrates that our system ensures resilience against chosen plaintext attacks. Experimental results demonstrate that MA-RUABE incurs lower computational overhead, effectively enhancing system performance and ensuring data-sharing security in cloud-based electronic healthcare systems.

physics, multidisciplinary

Boyu Zhang,Wenjie Yang,Futai Zhang,Jianting Ning

DOI: https://doi.org/10.1109/tdsc.2024.3432769

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Due to the introduction of cloud computing in healthcare services, personal health records (PHRs) have being uploaded to cloud servers in increasing numbers. Since data confidentiality requirements exist, data owners should encrypt their PHRs in advance of transmitting them to a cloud server. Attribute-based encryption with keyword search (ABKS) technique ensures that the encrypted PHRs are able to retrieved by other data users whose attributes match access polices granted by data owners. However, access polices are public in most existing ABKS schemes, which can reveal sensitive information contained in PHRs. In this article, we provide an efficient ABKS scheme with policy hiding for PHRs that implements the following features: (1) The fine-grained access control is achieved where data owners can authorize which data users can retrieve encrypted PHRs. (2) The access policy is hidden to safeguard sensitive information from being leaked. (3) The costs of storage and computation do not grow linearly as the number of attributes increases. The security of the presented ABKS scheme is reduced to the truncated q-DABDHE assumption and the DDH assumption. Its performance is also demonstrated by our extensive simulation experiments.

Yi Wu,Wei Zhang,Hu Xiong,Zhiguang Qin,Kuo-Hui Yeh

DOI: https://doi.org/10.1007/s11042-021-11286-0

IF: 2.577

2021-01-01

Multimedia Tools and Applications

Abstract:With the universality and availability of Internet of Things (IoT), data privacy protection in IoT has become a hot issue. As a branch of attribute-based encryption (ABE), ciphertext policy attribute-based encryption (CP-ABE) is widely used in IoT to offer flexible one-to-many encryption. However, in IoT, different mobile devices share messages collected, transmission of large amounts of data brings huge burdens to mobile devices. Efficiency is a bottleneck which restricts the wide application and adoption of CP-ABE in Internet of things. Besides, the decryption key in CP-ABE is shared by multiple users with the same attribute, once the key disclosure occurs, it is non-trivial for the system to tell who maliciously leaked the key. Moreover, if the malicious mobile device is not revoked in time, more security threats will be brought to the system. These problems hinder the application of CP-ABE in IoT. Motivated by the actual need, a scheme called traceable and revocable ciphertext policy attribute-based encryption scheme with constant-size ciphertext and key is proposed in this paper. Compared with the existing schemes, our proposed scheme has the following advantages: (1) Malicious users can be traced; (2) Users exiting the system and misbehaving users are revoked in time, so that they no longer have access to the encrypted data stored in the cloud server; (3) Constant-size ciphertext and key not only improve the efficiency of transmission, but also greatly reduce the time spent on decryption operation; (4) The storage overhead for traceability is constant. Finally, the formal security proof and experiment has been conducted to demonstrate the feasibility of our scheme.

Shahzad Khan,Waseem Iqbal,Abdul Waheed,Gulzar Mehmood,Shawal Khan,Mahdi Zareei,Rajesh Roshan Biswal

DOI: https://doi.org/10.3390/s22010336

2022-01-03

Abstract:The ever-growing ecosystem of the Internet of Things (IoT) integrating with the ever-evolving wireless communication technology paves the way for adopting new applications in a smart society. The core concept of smart society emphasizes utilizing information and communication technology (ICT) infrastructure to improve every aspect of life. Among the variety of smart services, eHealth is at the forefront of these promises. eHealth is rapidly gaining popularity to overcome the insufficient healthcare services and provide patient-centric treatment for the rising aging population with chronic diseases. Keeping in view the sensitivity of medical data, this interfacing between healthcare and technology has raised many security concerns. Among the many contemporary solutions, attribute-based encryption (ABE) is the dominant technology because of its inherent support for one-to-many transfer and fine-grained access control mechanisms to confidential medical data. ABE uses costly bilinear pairing operations, which are too heavy for eHealth's tiny wireless body area network (WBAN) devices despite its proper functionality. We present an efficient and secure ABE architecture with outsourcing intense encryption and decryption operations in this work. For practical realization, our scheme uses elliptic curve scalar point multiplication as the underlying technology of ABE instead of costly pairing operations. In addition, it provides support for attribute/users revocation and verifiability of outsourced medical data. Using the selective-set security model, the proposed scheme is secure under the elliptic curve decisional Diffie-Hellman (ECDDH) assumption. The performance assessment and top-ranked value via the help of fuzzy logic's evaluation based on distance from average solution (EDAS) method show that the proposed scheme is efficient and suitable for access control in eHealth smart societies.

Zhen Liu,Duncan S. Wong

DOI: https://doi.org/10.1007/978-3-319-28166-7_7

2015-01-01

Abstract:In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user’s decryption key is associated with attributes which in general are not related to the user’s identity, and the same set of attributes could be shared between multiple users. From the decryption key, if the user created a decryption blackbox for sale, this malicious user could be difficult to identify from the blackbox. Hence in practice, a useful CP-ABE scheme should have some tracing mechanism to identify this ‘traitor’ from the blackbox. In addition, being able to revoke compromised keys is also an important step towards practicality, and for scalability, the scheme should support an exponentially large number of attributes. However, none of the existing traceable CP-ABE schemes simultaneously supports revocation and large attribute universe. In this paper, we construct the first practical CP-ABE which possesses these three important properties: (1) blackbox traceability, (2) revocation, and (3) supporting large universe. This new scheme achieves the fully collusion-resistant blackbox traceability, and when compared with the latest fully collusion-resistant blackbox traceable CP-ABE schemes, this new scheme achieves the same efficiency level, enjoying the sub-linear overhead of (O(sqrt{N})), where N is the number of users in the system, and attains the same security level, namely, the fully collusion-resistant traceability against policy-specific decryption blackbox, which is proven in the standard model with selective adversaries. The scheme supports large attribute universe, and attributes do not need to be pre-specified during the system setup. In addition, the scheme supports revocation while keeping the appealing capability of conventional CP-ABE, i.e. it is highly expressive and can take any monotonic access structures as ciphertext policies.

WANG Meng-yu,YIN Xin-chun,NING Jian-ting

DOI: https://doi.org/10.11896/jsjkx.210800001

2022-01-01

Computer Science

Abstract:In the traditional ciphertext-policy attribute-based encryption (CP-ABE) scheme,the access policy exists together with the ciphertext.This may leak the privacy of the data owner and bring potential security risks to the data owner in medicalscena-rios Therefore,solutions supporting access policy hiding have been proposed.However,most solutions need to generate redundant ciphertexts or key components in the process of implementing the decryption test,which increases the computing overhead of data owners and the storage overhead of data users.At the same time,malicious users may be motivated by its own interest to reveal their decryption keys.In order to solve the problems above,a lightweight medical data sharing scheme with access policy hiding and key tracking is proposed.Firstly,part of the master key is stored in the Enclave in advance by using software guard extensions(SGX) technology,so that the test results can be calculated accurately and quickly,and the generation of redundant ciphertexts and key components are avoided.Then,verifiable outsourcing technology is employed to reduce user's computing overhead,ensuring the correctness and completeness of decryption result.Finally,key tracking is realized by embedding the identity identifier in the decryption key of the data user.Performance analysis shows that the proposed scheme has certain advantages in terms of function and computing.The security analysis proves that the proposed scheme is secure under the selected plaintext attack.