Efficient Ciphertext-Policy Attribute-Based Online/Offline Encryption with User Revocation

Ma, Hua; Zhan-jun, Wang; Guan, Zhijin

doi:10.1155/2019/8093578

Cited by 11 publications

(4 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…ABE, which is introduced by Sahai and Waters, achieves fine-grained access control for outsourced data [16]. ere are two variants of ABE: key-policy attribute-based encryption (KP-ABE) where the decryption key is associated with the access control policy (e.g., [17][18][19]) and ciphertext-policy attributebased encryption (CP-ABE) where the ciphertext is associated with the access control policy (e.g., [20][21][22]). In 2017, Zhu et al presented a key-policy attribute-based encryption with equality test, which can be utilized to do the set intersection over outsourced encrypted data set of one element.…”

Section: Related Workmentioning

confidence: 99%

Delegated Key-Policy Attribute-Based Set Intersection over Outsourced Encrypted Data Sets for CloudIoT

Shi

Qiu

2021

Security and Communication Networks

View full text Add to dashboard Cite

Private set intersection (PSI) is a fundamental cryptographic primitive, allowing two parties to calculate the intersection of their data sets without exposing additional private information. In cloud-based IoT system, IoT-enabled devices would like to outsource their data sets in their encrypted form to the cloud. In this scenario, how to delegate the set intersection computation over outsourced encrypted data sets to the cloud and how to achieve the fine-grained access control for PSI without divulging any additional information to the cloud are still open problems. With that in mind, in this work, we combine key-policy attribute-based encryption (KP-ABE) and PSI to introduce such a novel concept, called delegated key-policy attribute-based set intersection over outsourced encrypted data sets (KP-ABSI), to solve this problem. Then we propose a first concrete KP-ABSI scheme and analyze its efficiency.

show abstract

Section: Related Workmentioning

confidence: 99%

Delegated Key-Policy Attribute-Based Set Intersection over Outsourced Encrypted Data Sets for CloudIoT

Shi

Qiu

2021

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…This technique allows the data users with appropriate attributes to decrypt the ciphertexts under an access structure. There are two types of ABE: ciphertext-policy ABE (CP-ABE) in which the ciphertext is generated under an access structure (e.g., [16,17]) and key-policy ABE (KP-ABE) in which the private key is generated under an access structure (e.g., [18,19]). ABE also can be combined with other techniques to provide fine-grained operation and computation, e.g., attribute-based keyword search (e.g., [20]) or attribute-based proxy re-encryption (e.g., [21]).…”

Section: Attribute-based Encryption (Abe)mentioning

confidence: 99%

Ciphertext-Policy Attribute-Based Encryption with Outsourced Set Intersection in Multimedia Cloud Computing

Shi

Qiu

2021

Electronics

View full text Add to dashboard Cite

In a multimedia cloud computing system, suppose all cloud users outsource their own data sets to the cloud in the encrypted form. Each outsourced set is associated with an access structure such that a valid data user, Bob, with the credentials satisfying the access structure is able to conduct computing over outsourced encrypted set (e.g., decryption or other kinds of computing function). Suppose Bob needs to compute the set intersection over a data owner Alice’s and his own outsourced encrypted sets. Bob’s simple solution is to download Alice’s and Bob’s outsourced encrypted sets, perform set intersection operation, and decrypt the set intersection ciphertexts. A better solution is for Bob to delegate the cloud to calculate the set intersection, without giving the cloud any ability in breaching the secrecy of the sets. To solve this problem, this work introduces a novel primitive called ciphertext-policy attribute-based encryption with outsourced set intersection for multimedia cloud computing. It is the first cryptographic algorithm supporting a fully outsourced encrypted storage, computation delegation, fine-grained authorization security for ciphertext-policy model, without relying on an online trusted authority or data owners, and multi-elements set, simultaneously. We construct a scheme that provably satisfies the desirable security properties, and analyze its efficiency.

show abstract

“…Then an advanced version that against decryption key exposure was constructed by Seo and Emura [22]. After that, in order to obtain an efficient and secure revocation mechanisms, a series of works have been studied in both IBE and ABE setting in [23]- [31]. Especially, Hur and Noh [26] provided an elegant technique for fine-grained level revocation by using selective group key distribution method.…”

Section: B Related Workmentioning

confidence: 99%

Updatable Ciphertext-Policy Attribute-Based Encryption Scheme With Traceability and Revocability

Liu

Lü

et al. 2019

IEEE Access

View full text Add to dashboard Cite

Ciphertext-policy attribute-based encryption (CP-ABE) can offer fine-grained access control over encrypted data, which is suitable for complex commercial applications. However, since the same decryption privileges could be shared by multiple users in the one-to-many encryption mechanism, it is dangerous that a malicious user misuses his secret key but cannot be traced. In addition to further security, when the malicious user has been caught, it is required to revoke him from the system. To address these problems, we propose a novel updatable CP-ABE scheme supporting white-box traceability and traitor revocation. In the proposed scheme, a ''fixed point'' is embedded into the user's secret key to achieving the traceability and each user is assigned with a unique identifier for revocation. Moreover, the secret exponent used to encrypt a message is divided into two parts: one is assigned to access policy and the other to the revocation list. Therefore, only a part of the ciphertext components needs to be updated when the revocation list is changed, which greatly simplifies the process of ciphertext update. Compared to the previous works, our scheme is more efficient, and can achieve valid revocation and ciphertext update. In addition, the traceability of the proposed scheme is depended on the l-Strong Difffie-Hellman assumption, and the indistinguishability security under selective access policy and chosen-plaintext attacks in the standard model is reduced to the Decisional q-Bilinear Diffie-Hellman assumption. Furthermore, the experimental results show that the proposed scheme is efficient.

show abstract

Efficient Ciphertext-Policy Attribute-Based Online/Offline Encryption with User Revocation

Cited by 11 publications

References 31 publications

Delegated Key-Policy Attribute-Based Set Intersection over Outsourced Encrypted Data Sets for CloudIoT

Delegated Key-Policy Attribute-Based Set Intersection over Outsourced Encrypted Data Sets for CloudIoT

Ciphertext-Policy Attribute-Based Encryption with Outsourced Set Intersection in Multimedia Cloud Computing

Updatable Ciphertext-Policy Attribute-Based Encryption Scheme With Traceability and Revocability

Contact Info

Product

Resources

About