An Attribute-Based Encryption Method Using Outsourced Decryption and Hierarchical Access Structure

• Autorzy: Mujawar Tabassum N. , Bhajantri Lokesh B.

Identyfikatory

DOI

10.26636/jtit.2022.158421

• Języki publikacji: EN

Abstrakty

EN

Cloud computing is being rapidly adopted by many organizations from different domains and large amounts of data is stored in the cloud. In order to ensure data security, the attribute-based access control mechanism has been emerging recently as a fine-grained access control model that grants access based on the data user’s attributes. In this model, the data owner builds the access policy using the attributes of the data users and access to the data is granted only if the requirements of such an access policy are satisfied. Ciphertext policy-based attribute-based encryption (CPABE) is one of the most widely used methods for providing encrypted access control. Complex, time consuming and costly paring operations are the major issue with the CPABE method. Hence, another efficient method is needed to reduce the data user’s overhead while decrypting data. This paper presents an efficient method consisting in outsourcing decryption operations to a third-party server, so that complex operations may be performed by that machine with only some simple calculations left on the data user’s side. The concept of a hierarchical access structure is also integrated with the traditional CPABE technique. The hierarchical approach enables the data owner to encrypt multiple data using a single common hierarchical access structure. This allows the user to decrypt only the relevant part of ciphertext, depending on which fragment of the hierarchical access structure is satisfied. The paper evaluates also the performance of the proposed model in terms of time and storage cost.

Słowa kluczowe

EN

cloud computing; CPABE; hierarchical access structure

• Wydawca: Instytut Łączności - Państwowy Instytut Badawczy
• Czasopismo: Journal of Telecommunications and Information Technology
• Rocznik: 2022
• Tom: nr 2
• Strony: 75--81
• Opis fizyczny: Bibliogr. 17 poz., rys., tab.

Twórcy

autor

Mujawar Tabassum N.

• Research Scholar, Department of Computer Science and Engineering, Basaveshwar Engineering College, Bagalkot, Karntaka, India
• Department of Computer Engineering, Ramrao Adik Institute of Technology, D Y Patil deemed to be University, Navi Mumbai, Maharashtra, India

autor

Bhajantri Lokesh B.

• Department of ISE, Basaveshwar Engineering College, Bagalkot, Karntaka, India

• https://orcid.org/0000-0002-3947-4292

Bibliografia

• [1] A. Sahai and B. Waters, „Fuzzy identity based encryption", In Advances in Cryptology - EUROCRYPT 2005. 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings, R. Cramer, Ed. LNCS, vol. 3494, pp. 457-473. Berlin, Heidelberg: Springer, 2005 (DOI: 10.1007/11426639 27).
• [2] J. Bethencourt, A. Sahai, and B. Waters, „Ciphertext policy attribute based encryption", in Proc. IEEE Symp. on Secur. and Priv. SP'07, Berkeley, CA, USA, 2007, pp. 321-334 (DOI: 10.1109/SP.2007.11).
• [3] V. Goyal, O. Pandey, A. Sahai, and B. Waters, „Attribute based encryption for fine-grained access control of encrypted data", in Proc. of the 13th ACM Conf. on Comp. and Commun. Secur., Alexandria, VA, USA, 2006, pp. 89-98, 2006 (DOI: 10.1145/1180405.1180418).
• [4] M. Green, S. Hohenberger, and B. Waters, „Outsourcing the decryption of ABE ciphertexts", in Proc. of the 20th USENIX Conf. on Secur., San Francisco, CA, USA, 2011 [Online]. Available: https://www.usenix.org/legacy/event/sec11/tech/full papers/Green.pdf
• [5] M. Green, S. Hohenberger, and B. Waters, „Attribute-based encryption with verifiable outsourced decryption", IEEE Trans. on Inform. Foren. and Secur., vol. 8, no. 8, pp. 1343-1354, 2013 (DOI: 10.1109/TIFS.2013.2271848).
• [6] B. Qin, R. H. Deng, S. Liu, and S. Ma, „Attribute-based encryption with efficient verifiable outsourced decryption", IEEE Trans. on Inform. Foren. and Secur., vol. 10, no. 7, pp. 1384-1393, 2015 (DOI: 10.1109/TIFS.2015.2410137).
• [7] X. Mao, J. Lai, Q. Mei, K. Chen, and J. Weng, „Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption", IEEE Trans on Depend. and Secure Comput., vol. 13, pp. 533-546, 2016 (DOI: 10.1109/TDSC.2015.2423669).
• [8] J. Li, F. Sha, Y. Zhang, X. Huang, and J. Shen, „Verifiable outsourced decryption of attribute-based encryption with constant ciphertext length", Secur. Commun. Netw., vol. 2017, pp. 1-11, 2017 (DOI: 10.1155/2017/3596205).
• [9] J. Li, Y. Wang, Y. Zhang, and J. Han, „Full verifiability for outsourced decryption in attribute based encryption", IEEE Trans. On Serv. Comput., vol. 13, pp. 478-487, 2017 (DOI: 10.1109/TSC.2017.2710190).
• [10] Z. Li, W. Li, Z. Jin, H. Zhang, and Q. Wen, „An efficient ABE scheme with verifiable outsourced encryption and decryption", IEEE Access, vol. 7, pp. 29023-29037, 2019 (DOI: 10.1109/ACCESS.2018.2890565).
• [11] J. Yu, G. He, X. Yan, Y. Tang, and R. Qin, „Outsourced ciphertextpolicy attribute-based encryption with partial policy hidden", Int. J. of Distrib. Sensor Netw., vol. 16, pp. 1-14, 2020 (DOI: 10.1177/1550147720926368).
• [12] L. Li, Y. Zhang, X. Chen, and Y. Xiang, „Secure attribute-based data sharing for resource-limited users in cloud computing", Computers & Secur., vol. 72, pp. 1-12, 2018 (DOI: 10.1016/j.cose.2017.08.007).
• [13] K. Fan, J. Wang, X. Wang, H. Li, and Y. Yang „A secure and verifiable outsourced access control scheme in fog-cloud computing", Sensors, vol. 17, no. 7, Article no. 1695, 2017 (DOI: 10.3390/s17071695).
• [14] R. Zhang, H. Ma, and Y. Lu, „Fine-grained access control system based on fully outsourced attribute-based encryption", J. of Syst. Softw., vol. 125, pp. 344-353, 2017 (DOI: 10.1016/j.jss.2016.12.018).
• [15] J. Zhao, P. Zeng, and K. R. Choo, „An efficient access control scheme with outsourcing and attribute revocation for fog-enabled e-health", IEEE Access, vol. 9, pp. 13789-13799, 2021 (DOI: 10.1109/ACCESS.2021.3052247).
• [16] H. E. Gafif and A. Toumanari, „Efficient ciphertext-policy attribute-based encryption constructions with outsourced encryption and decryption", J. Secur. and Commun. Netw., vol. 2021, pp. 1-17, 2021 (DOI: 10.1155/2021/8834616).
• [17] K. Sethi, A. Pradhan, and P. Bera, „Practical traceable multiauthority CP-ABE with outsourcing decryption and access Policy updation", J. of Inform. Secur. and Appl., vol. 51, pp. 1-16, 2020 (DOI: 10.1016/j.jisa.2019.102435).