Yunya Zhou,Hua Deng,Qianhong Wu,Bo Qin,Jianwei Liu,Yong Ding

DOI: https://doi.org/10.1016/j.future.2015.09.027

IF: 7.307

2015-01-01

Future Generation Computer Systems

Abstract:Proxy re-encryption (PRE) enables an authorized proxy to convert a ciphertext under Alice’s public key into a ciphertext under Bob’s public key without exposing the encrypted message. In existing PRE systems, the original ciphertexts and the re-encrypted ones are both required to be in the same cryptosystem, which limits their applications in cloud computing systems. In this paper, we propose a new proxy re-encryption pattern, referred to as an identity-based proxy re-encryption version 2 (IBPRE2). It allows an authorized proxy to convert a ciphertext of an identity-based broadcast encryption (IBBE) scheme into a ciphertext of an identity-based encryption (IBE) scheme. With IBPRE2, one can take advantage of IBBE to securely share data with a set of recipients, and then incorporate an additional one into the authorized set through the re-encryption mechanism, without decrypting the IBBE ciphertext nor leaking any sensitive information. We formalize the security requirements in IBPRE2 and propose a provably CCA-secure scheme. The unique feature of ciphertext transformation from a complicated cryptosystem to a simple one makes our IBPRE2 a versatile cryptographic tool to secure outsourced data in cloud computing.

Yuanjian Zhou,Zhenfu Cao,Xiaolei Dong

DOI: https://doi.org/10.1002/ett.4801

IF: 3.6

2023-01-01

Transactions on Emerging Telecommunications Technologies

Abstract:SummaryAutonomous vehicles (AVs), as the essential part of intelligent autonomous transportation system, improves vehicle communication efficiency and supports diverse kinds of social services. However, with the development of AVs, more data has been generated by the sensors about the road, traffic, street light, and weather conditions. This also inevitably bringing new security problems, such as secure data sharing. Although the identity‐based broadcast proxy re‐encryption (IBBPRE) can be used to realize one‐to‐many data sharing, most existing schemes require access to the data owner for the group shared key update phases since the data owner's private key is mandatory for the group shared key generation. Therefore, frequent interaction with the data owner increases the operational burden and risks leaking the data owner's private key. Thus, we design a dynamic identity‐based broadcast proxy re‐encryption (DIB‐BPRE) to solve the problem of re‐encryption update. In the proposed scheme, a vehicle cloud server directly revokes or adds a group of data receivers, designated by the data owner, from the re‐encryption key. Finally, the theoretical and experimental analyses demonstrate that the DIB‐BPRE scheme is efficient, and it is suitable for data sharing in AVs.

Peng Xu,Tengfei Jiao,Qianhong Wu,Wei Wang,Hai Jin

DOI: https://doi.org/10.1109/tc.2015.2417544

2016-01-01

Abstract:Recently, a number of extended Proxy Re-Encryptions (PRE), e.g. Conditional (CPRE), identity-based PRE (IPRE) and broadcast PRE (BPRE), have been proposed for flexible applications. By incorporating CPRE, IPRE and BPRE, this paper proposes a versatile primitive referred to as conditional identity-based broadcast PRE (CIBPRE) and formalizes its semantic security. CIBPRE allows a sender to encrypt a message to multiple receivers by specifying these receivers’ identities, and the sender can delegate a re-encryption key to a proxy so that he can convert the initial ciphertext into a new one to a new set of intended receivers. Moreover, the re-encryption key can be associated with a condition such that only the matching ciphertexts can be re-encrypted, which allows the original sender to enforce access control over his remote ciphertexts in a fine-grained manner. We propose an efficient CIBPRE scheme with provable security. In the instantiated scheme, the initial ciphertext, the re-encrypted ciphertext and the re-encryption key are all in constant size, and the parameters to generate a re-encryption key are independent of the original receivers of any initial ciphertext. Finally, we show an application of our CIBPRE to secure cloud email system advantageous over existing secure email systems based on Pretty Good Privacy protocol or identity-based encryption.

Jianfei Sun,Hu Xiong,Hao Zhang,Li Peng

DOI: https://doi.org/10.1016/j.ins.2019.08.026

IF: 8.1

2020-01-01

Information Sciences

Abstract:Never before has data sharing been more convenient with the rapid popularity and wide adoption of cloud computing. However, mobile access and flexible search with security for outsourced data in heterogeneous systems are two major obstacles prior to practical deployment of cloud computing. To meet the requirements in secure mobile access and flexible search to sensitive data, this paper, for the first time, proposes a versatile primitive referred to as an identity based proxy re-encryption system with outsourced equality test (IBPRE-ET). This primitive allows a data owner in an identity based broadcast encryption system (IBBE) seamlessly to share his/her data with a data sharer in an identity based encryption system (IBE). Moreover, it supports a data sharer in an IBBE system to perform search functionality on ciphertexts related to a data sharer in an IBE system. We also formally prove that the proposed IBPRE-ET system is selective secure using a random oracle model. Meanwhile, the theoretic evaluation and experimental result demonstrate our scheme is practical in the heterogeneous system. Finally, we show an application of our IBPRE-ET to the collaborative office automation system.

Wei Luo,Wenping Ma

DOI: https://doi.org/10.1007/s10586-018-2862-z

2018-01-01

Cluster Computing

Abstract:With the rapid development of cloud computing, its security and privacy are of great concern. Since the cloud service provider is not completely trustworthy, the security of the outsourced files has become serious issues. Identity-based proxy re-encryption (IBPRE) schemes have been proposed to achieve feasible access control of encrypted data under the condition of guaranteeing the confidentiality of data, which can transfer the original ciphertexts to the re-encrypted ciphertexts for a designated decryptor. However, most of the existing IBPRE schemes either do not support revocation or computational complexity is too high. In this paper, we combine the properties of constrained pseudorandom functions (PRFs) and key homomorphic PRFs to construct a secure and efficient proxy re-encryption scheme for cloud computing. In our proposed scheme, the data owner authenticates the requesters and distributes the decryption keys by using an identity-based key exchange method. Meanwhile, a proxy re-encryption scheme is used to achieve data sharing and ciphertext update. We present the security proof of our scheme. In addition, compared with other existing schemes, our scheme has low computational complexity and communication cost.

Jianfei Sun,Guowen Xu,Tianwei Zhang,Xuehuan Yang,Mamoun Alazab,Robert H. Deng

DOI: https://doi.org/10.1109/TIFS.2022.3226577

IF: 7.231

2023-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The cloud-based data sharing technology with cryptographic primitives enables data owners to outsource data into paradigms and privately share information with arbitrary recipients without geographic barriers. However, we argue that most of existing efforts for outsourced data sharing are either inefficient, inflexible, or incompletely secure due to the following problems: (1) lack of efficient strategies for dynamically designating target ciphertexts to multiple recipients; (2) how to hide the identity of the recipient and (3) how to verify the correctness of outsourced ciphertext transformation without any denial. To the best of our knowledge, no previous work has thoroughly explored the above three issues, motivating us to design such an efficient and comprehensively secure outsourced data sharing mechanism. We design VF-PPBA, the first Verifiable, Fair and Privacy-preserving Broadcast Authorization framework for flexible data sharing in clouds. In more detail, we first invent a new primitive, privacy-preserving multi-recipient broadcast proxy re-encryption (PPMR-BPRE), which enables the authorization of a given ciphertext to different recipients with efficient ciphertext transformation, and further guarantees that any malicious adversary deduces nothing about the identity of the recipient. Then, we present VF-PPBA for flexible data sharing with PPMR-BPRE as the underlying structure, which in addition to inheriting all the functionalities of PPMR-BPRE, is capable of supporting the verifiability of the outcome correctness of the outsourced conversion task, and being immune to the malicious accusation if the outsourcing outcome is correctly completed. We formalize the adversarial models and render comprehensively strict security proofs to prove the security of our proposed solutions. Its performance is also validated via experimental simulations to showcase the practicability and effectiveness.

Yuyang Zhou,Liang Zhao,Yuqiao Jin,Fagen Li

DOI: https://doi.org/10.1016/j.ins.2022.05.007

IF: 8.1

2022-08-01

Information Sciences

Abstract:The wireless body area network (WBAN) provides users with real-time medical services. Meanwhile, the cloud technology provides greater storage space and computing power for medical data. Both of them have contribute to the development of telemedicine. In a cloud-assisted WBAN, the open network environment and the semi-trust cloud service providers expose the user’s private medical data to backdoor adversaries who can make exfiltration attacks, such as the algorithm substitution attack (ASA) through the process of data sharing. Therefore, it is necessary to find a secure and efficient medical data sharing scheme for the huge amount of medical data. In this paper, we first design an identity-based proxy re-encryption scheme with cryptographic reverse firewall (IBPRE-CRF), then show the application in a multiple-access telemedicine data sharing scenario. Security analysis shows that the IBPRE-CRF scheme provides chosen plaintext attack security and resists exfiltration attacks. Performance analysis shows that the IBPRE-CRF scheme has a significant communication and computational cost advantage while being resistant to exfiltration attacks in clouds. Therefore, our IBPRE-CRF scheme is suitable for telemedicine data sharing in a cloud-assisted WBAN.

computer science, information systems

Zhiguang Qin,Hu Xiong,Shikun Wu,Jennifer Batamuliza

DOI: https://doi.org/10.1109/tsc.2016.2551238

IF: 11.019

2024-01-01

IEEE Transactions on Services Computing

Abstract:Never before have data sharing been more convenient with the rapid development and wide adoption of cloud computing. However, how to ensure the cloud user’s data security is becoming the main obstacles that hinder cloud computing from extensive adoption. Proxy re-encryption serves as a promising solution to secure the data sharing in the cloud computing. It enables a data owner to encrypt shared data in cloud under its own public key, which is further transformed by a semitrusted cloud server into an encryption intended for the legitimate recipient for access control. This paper gives a solid and inspiring survey of proxy re-encryption from different perspectives to offer a better understanding of this primitive. In particular, we reviewed the state-of-the-art of the proxy re-encryption by investigating the design philosophy, examining the security models and comparing the efficiency and security proofs of existing schemes. Furthermore, the potential applications and extensions of proxy re-encryption have also been discussed. Finally, this paper is concluded with a summary of the possible future work.

Lixue Sun,Chunxiang Xu,Fugeng Zeng

DOI: https://doi.org/10.1016/j.jpdc.2024.104956

IF: 4.542

2024-01-01

Journal of Parallel and Distributed Computing

Abstract:Cloud computing is a promising service architecture that enables a data owner to share data in an economic and efficient manner. To ensure data privacy, a data owner will generate the ciphertext of the data before outsourcing. Attribute-based encryption (ABE) provides an elegant solution for a data owner to enforce fine-grained access control on the data to be outsourced. However, ABE cannot support ciphertext transformation when needing to share the underlying data with a public-key infrastructure (PKI) user further. In addition, an untrusted cloud server may return random ciphertexts to the PKI user to save expensive computational costs of ciphertext transformation. To address above issues, we introduce a novel cryptographic primitive namely verifiable and hybrid attribute-based proxy re-encryption (VHABPRE). VHABPRE provides a transformation mechanism that re-encrypts an ABE ciphertext to a PKI-based public key encryption (PKE) ciphertext such that the PKI user can access the underlying data, meanwhile this PKI user can ensure the validity of the transformed ciphertext. By leveraging a key blinding technique and computing the commitment of the data, we construct two VHABPRE schemes to achieve flexible data sharing. We give formal security proofs and comprehensive performance evaluation to show the security and efficiency of the VHABPRE schemes.

Yilei Wang,Dongjie Yan,Fagen Li,Hu Xiong

2017-01-01

Abstract:Proxy re-encryption (PRE) enables a semi-trusted proxy to delegate the decryption right by re-encrypting the ciphertext under the delegator’s public key to an encryption under the public key of delegatee. Fueled by the translation ability, PRE is regarded as a promising candidate to secure data sharing in a cloud environment. However, the security of the PRE will be totally destroyed in case the secret key of the delegator or the delegatee has been exposed. Despite the key exposure seems inevitable, the PRE scheme with resistance against secret key leakage has never been presented before. To deal with this intractable problem, we propose a key-insulated proxy reencryption (KIPRE) scheme by incorporating the mechanisms of PRE and key-insulated cryptosystem. In the proposed scheme, the lifetime of the secret key associated with the user, i.e., the delegator or the delegatee, has been divided into several periods. In each time period, the user can interact with his/her physically-secure but computation-limited helper to update his/her temporary secret key. On the contrary, the public keys of the users remained unchanged during the whole lifetime of the system. We then apply our KIPRE scheme to construct a practical solution to the problem of sharing sensitive information in public clouds with resilience to the key exposure. The performance evaluation and the security analysis demonstrate that our scheme is efficient and practical.

Zhongyun Lin,Jun Zhou,Zhenfu Cao,Xiaolei Dong,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1109/tifs.2023.3306942

IF: 7.231

2023-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Proxy Re-Encryption (PRE), a special cryptographic primitive, can efficiently perform ciphertext conversion on the cloud. To enable the data owner (i.e. delegator) to authorize a file access path according to the different priorities of the users (i.e. delegatees), autonomous path proxy re-encryption (AP-PRE) was proposed, where the delegator can generate a proxy re-encryption autonomous path in order of the delegatees’ priority. If one delegatee does not hold the decryption right, the ciphertext can be converted to a new ciphertext that can be decrypted by the next delegatee with lower priority in the path. Although AP-PRE enables the delegator to pre-define the whole decryption path, the access policy only supports a linked path and the data owner disallows the nodes in the proxy path to generate delegating branches to access its data. Such a linked path may be too long in practice, especially when the system scales up (i.e. the average complexity of encrypted data access is O(n) where ${n}$ denotes the number of delegatees). Hence, we propose a generalized autonomous path proxy re-encryption (APB-PRE) scheme for supporting branch functionality. Firstly, by setting the token and a carefully designed ciphertext structure, the branch functionality of the path delegation is realized. Specifically, we utilize the bilinearity of bilinear pairing to construct the token for the transition of the label embedded in the ciphertext in different paths, resulting in a far more flexible access structure with a tree-like topology. In APB-PRE, the delegatees with lower priority who need to share data can complete the decryption task earlier, without affecting the decryption of the high-priority delegatees. Finally, we prove that it achieves IND-HRA security under the Decisional Bilinear Diffie-Hellman (DBDH) assumption. Benefiting from the creation of branching paths, users on the branching path can get the re-encrypted ciphertext much earlier. Therefore, the average complexity of encrypted data access reduces to O(log n) compared to AP-PRE. The experimental results show that our proposal can extend the branching functionalities of AP-PRE with only moderate computational cost.

Hu Xiong,Yi Wang,Wenchao Li,Chien-Ming Chen

DOI: https://doi.org/10.1145/3318212

2019-01-01

ACM Transactions on Management Information Systems

Abstract:The convenience of the cloud-assisted Internet of Things has led to the need for improved protections for the large volumes of data collected from devices around the world and stored on cloud-based servers. Proxy re-encryption (PRE) has been presented as a suitable mechanism for secure transmission and sharing of files within the cloud. However, existing PRE schemes do not support unidirectional data transformation, fine-grained controls, multiple hops, and identity-based encryption simultaneously. To solve these problems, we propose a unidirectional multi-hop identity based-conditional PRE scheme that meets all of the above requirements. Our proposal has the additional benefits of a constant ciphertext size, non-interactivity, and collusion resistance. We also prove that our scheme is secure against adaptive identity chosen-ciphertext attacks in the standard model.

Hua Deng,Zheng Qin,Qianhong Wu,Zhenyu Guan,Robert H. Deng,Yujue Wang,Yunya Zhou

DOI: https://doi.org/10.1109/TIFS.2020.2985532

IF: 7.231

2020-01-01

IEEE Transactions on Information Forensics and Security

Abstract:With the rapid development of cloud computing, an increasing number of individuals and organizations are sharing data in the public cloud. To protect the privacy of data stored in the cloud, a data owner usually encrypts his data in such a way that certain designated data users can decrypt the data. This raises a serious problem when the encrypted data needs to be shared to more people beyond those initially designated by the data owner. To address this problem, we introduce and formalize an identity-based encryption transformation (IBET) model by seamlessly integrating two well-established encryption mechanisms, namely identity-based encryption (IBE) and identity-based broadcast encryption (IBBE). In IBET, data users are identified and authorized for data access based on their recognizable identities, which avoids complicated certificate management in usual secure distributed systems. More importantly, IBET provides a transformation mechanism that converts an IBE ciphertext into an IBBE ciphertext so that a new group of users not specified during the IBE encryption can access the underlying data. We design a concrete IBET scheme based on bilinear groups and prove its security against powerful attacks. Thorough theoretical and experimental analyses demonstrate the high efficiency and practicability of the proposed scheme.

Xian Yong Meng,Zhong Chen,Xiang Yu Meng,Bing Sun

DOI: https://doi.org/10.4028/www.scientific.net/amm.571-572.74

2014-01-01

Applied Mechanics and Materials

Abstract:In this paper, an identity-based conditional proxy re-encryption (PRE) scheme is proposed, where a delegator provides a re-encryption key satisfying one condition to a semi-trusted proxy who can convert a ciphertext encrypted under the delegator’s public key into one that can be decrypted using the delegatee’s private key. We address the identity-based proxy re-encryption scheme, where the delegator and the delegatee request keys from a trusted party known as a key generator center (KGC), who generates private keys for delegator and delegatee based on their identities. Meanwhile, the identity-based conditional proxy re-encryption scheme satisfies the properties of PRE including unidirectionality, non-interactivity and multi-hop. Additionally, the identity-based conditional proxy re-encryption scheme is efficient in terms of both the communication cost and the computing cost, and can realize security secret sharing in cloud computing environments.

Sumana Maiti,Sudip Misra,Ayan Mondal

DOI: https://doi.org/10.1109/jsyst.2024.3352809

IF: 4.802

2024-03-19

IEEE Systems Journal

Abstract:This article proposes attribute-based broadcast proxy (ABP) re-encryption with coalitional game theory—a scheme to share encrypted cloud data with Internet of Things (IoT) devices. The scheme reduces the decryption costs on the receiver's side. In the case of sharing data with a subgroup of IoT devices, i.e., identities, where attributes satisfy a particular access policy, and the cardinality of IoT devices satisfying the access policy is not known to the data owner, the existing encryption techniques, such as broadcast proxy re-encryption and attribute-based encryption, cannot solve the problem. Hence, we propose the concept of attribute-based encryption in broadcast proxy re-encryption, named ABP. In ABP, we use the coalitional game theory to find the optimal coalition for minimizing the decryption cost and the total cost of the system. We prove that ABP is a selective security chosen-plaintext attack secure under the random oracle model. The performance of ABP is evaluated and compared with the existing broadcast proxy re-encryption schemes. We observe that ABP reduces the decryption cost. Furthermore, the total cost of the system is reduced using the coalitional game.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Won-Bin Kim,Daehee Seo,Donghyun Kim,Im-Yeong Lee

DOI: https://doi.org/10.1155/2021/7641389

2021-06-15

Wireless Communications and Mobile Computing

Abstract:In general, ID-based proxy reencryption (IBPRE) includes data transfer in a 1 : 1 manner between a sender and receiver. Therefore, only the data owner has the authority to decrypt or reencrypt the data that is encrypted with his/her public key. However, in an environment with data self-sovereignty, such as an enterprise IoT-cloud environment, the data are directly managed by cloud once data is uploaded from user-controlled IoT devices. In such a situation, there is no way of sharing data if the data owner has no access over the data due to being outside the workplace and other issues. In this study, to solve this problem, data can be shared even when the data cannot be accessed by delegating the authority of the data owner to generate the reencryption key to other users. In addition, by solving the security threats that may appear in this process, data sharing can be performed securely and efficiently in the corporate environment.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zhiguang Qin,Shikun Wu,Hu Xiong

DOI: https://doi.org/10.1007/978-3-319-22047-5_17

2015-01-01

Abstract:Proxy re-encryption (PRE) has been considered as a promising candidate to secure data sharing in public cloud by enabling the cloud to transform the ciphertext to legitimate recipients on behalf of the data owner, and preserving data privacy from semi-trusted cloud. Certificateless proxy re-encryption (CL-PRE) not only eliminates the heavy public key certificate management in traditional public key infrastructure, but also solves the key escrow problem in the ID-based public key cryptography. By considering that the existing CL-PRE schemes either rely on expensive bilinear pairings or are proven secure under weak security models, we propose a strongly secure CL-PRE scheme without resorting to the bilinear pairing. The security of our scheme is proven to be secure against adaptive chosen ciphertext attack (IND-CCA) under a stronger security model in which the Type I adversary is allowed to replace the public key associated with the challenge identity. Furthermore, the simulation results demonstrate that our scheme is practical for cloud based data sharing in terms of communication overhead and computation cost for data owner, the cloud and data recipient.

Jianchang Lai,Fuchun Guo,Willy Susilo,Xinyi Huang,Peng Jiang,Futai Zhang

DOI: https://doi.org/10.1109/tsc.2021.3057197

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:Broadcast encryption provides a promising technique of data access control for specified users in cloud computing. A data uploader can generate a ciphertext for a set of chosen users such that only the intended users are able to access the data. However, with the rapidly increasing of collaboration between users, it is desired to extend the receiver set to grant decryption right for more users. The existing broadcast encryption systems cannot support receiver extension. In this article, we for the first time take this problem into consideration and give a solution. We take the merits of identity-based cryptosystem and propose a notion of EIBBE: a flexible data access control with receiver extendable for cloud computing based on broadcast encryption. It allows the authorized user to extend the receiver set $S$ stated in the IBBE ciphertext by adding a new receiver set $S^{\prime }$ without re-encryption. Both the users in $S$ and $S^{\prime }$ can access the data successfully. Moreover, the data uploader determines the maximum number of extended receivers. We then give a concrete construction of EIBBE and provide a rigorous security analysis of our proposed scheme. Finally, we demonstrate the scheme's efficiency and feasibility.

Jianhong Zhang,Peirong Ou

DOI: https://doi.org/10.3390/s19153370

IF: 3.9

2019-07-31

Sensors

Abstract:Nowadays, the widely deployed and high performance Internet of Things (IoT) facilitates the communication between its terminal nodes. To enhance data sharing among terminal devices and ensure the recipients’ privacy protection, a few anonymous multi-recipient broadcast encryption (AMBE) proposals are recently given. Nevertheless, the majority of these AMBE proposals are only proven be securely against adaptively chosen plain-text attack (CPA) or selectively chosen ciphertext attack (CCA). Furthermore, all AMBE proposals are subjected to key escrow issue due to inherent characteristics of the ID-based public cryptography (ID-PKC), and cannot furnish secure de-duplication detection. However, for cloud storage, it is very important for expurgating duplicate copies of the identical message since de-duplication can save the bandwidth of network and storage space. To address the above problems, in the work, we present a privacy-preserving multi-receiver certificateless broadcast encryption scheme with de-duplication (PMCBED) in the cloud-computing setting based on certificateless cryptography and anonymous broadcast encryption. In comparison with the prior AMBE proposals, our scheme has the following three characteristics. First, it can fulfill semantic security notions of data-confidentiality and receiver identity anonymity, whereas the existing proposals only accomplish them by formalizing the weaker security models. Second, it achieves duplication detection of the ciphertext for the identical message encrypted with our broadcast encryption. Finally, it also avoids the key escrow problem of the AMBE schemes.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Hu Xiong,Hao Zhang,Jianfei Sun

DOI: https://doi.org/10.1109/jsyst.2018.2865221

IF: 4.802

2018-01-01

IEEE Systems Journal

Abstract:The sharing of personal data with multiple users from different domains has been benefited considerably from the rapid advances of cloud computing, and it is highly desirable to ensure the sharing file should not be exposed to the unauthorized users or cloud providers. Unfortunately, issues such as achieving the flexible access control of the sharing file, preserving the privacy of the receivers, forming the receiver groups dynamically, and high efficiency in encryption/decryption still remain challenging. To deal with these challenges, we provide a novel anonymous attribute-based broadcast encryption (A$^{2}$ B$^{2}$ E) which features the property of hidden access policy and enables the data owner to share his/her data with multiple participants who are inside a predefined receiver set and fulfill the access policy. We first suggest a concrete A$^{2}$ B$^{2}$ E scheme together with the rigorous and formal security proof without the support of the random oracle model. Then, we design an efficient and secure data sharing system by incorporating the A$^{2}$ B$^{2}$ E scheme, verifiable outsourcing decryption technique for attribute-based encryption, and the idea of online/offline attribute-based encryption. Extensive security analysis and performance evaluation demonstrate that our data sharing system is secure and practical.