Compulsory traceable ciphertext-policy attribute-based encryption against privilege abuse in fog computing

Qiao, Huidong; Ren, Jiangchun; Wang, Zhiying; Ba, Haihe; Zhou, Huaizhe

doi:10.1016/j.future.2018.05.032

Cited by 25 publications

(31 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Some schemes [11][12][13][14][15] have applied CP-ABE to realize file access control in the cloud. There are also some schemes to improve the algorithm itself, such as [16,17] fix the ciphertext size to improve performance, and [18,19] improve security through authority control or accountability, and [20][21][22] support attribute revocation to improve practicability. Scheme [23] supports proxy computing to private servers, and [24] supports hidden access policy, and [25] proposes a lightweight and efficient CP-ABE.…”

Section: Related Workmentioning

confidence: 99%

An efficient attribute-based hierarchical data access control scheme in cloud computing

Zheng

et al. 2020

Hum. Cent. Comput. Inf. Sci.

View full text Add to dashboard Cite

Security issues in cloud computing have become a hot topic in academia and industry, and CP-ABE is an effective solution for managing and protecting data. When data is shared in cloud computing, they usually have multiple access structures that have hierarchical relationships. However, existing CP-ABE algorithms do not consider such relationships and just require data owners to generate multiple ciphertexts to meet the hierarchical access requirement, which would incur substantial computation overheads. To achieve fine-grained access control of multiple hierarchical files effectively, first we propose an efficient hierarchical CP-ABE algorithm whose access structure is linear secret sharing scheme. Moreover, we construct an attribute-based hierarchical access control scheme, namely AHAC. In our scheme, when a data visitor’s attributes match a part of the access control structure, he can decrypt the data that associate with this part. The experiments show that AHAC has good security and high performance. Furthermore, when the quantity of encrypted data files increases, the superiority of AHAC will be more significant.

show abstract

Section: Related Workmentioning

confidence: 99%

An efficient attribute-based hierarchical data access control scheme in cloud computing

Zheng

et al. 2020

Hum. Cent. Comput. Inf. Sci.

View full text Add to dashboard Cite

show abstract

“…In the white-box tracing, taking a well-formed decryption key as input, a tracing algorithm outputs the original key holder. In the black-box tracing, through testing a decryption black-box or device, whereas the decryption keys and even the decryption algorithm keep hidden, a tracing algorithm can still detect the users whose decryption keys have been involved in creating the black-box or device [13]. In this paper, we only focus on the white-box tracing.…”

Section: A Related Workmentioning

confidence: 99%

“…Some studies have argued that the schemes established in composite order groups are slower than those established in prime order groups [24], [25]. For instance, the time cost of a Tate pairing on a 1024-bit composite order elliptic curve is around 50 times larger than that of the same pairing on a prime order elliptic curve with the same security level [13]. Based on the principle of fairness, it is appropriate to compare only the implementations of our scheme and the scheme of [10].…”

Section: Implementation and Evaluationmentioning

confidence: 99%

White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain Environment

Yan

et al. 2019

IEEE Access

View full text Add to dashboard Cite

In a ciphertext-policy attribute-based encryption (CP-ABE) system, the decryption keys are only related to attributes shared by multiple users and do not contain any identity information of their original holders. Hence, if a decryption key is leaked, there is no feasible method to trace the suspicious user. The user tracing problem has become an obstacle to the adoption of CP-ABE in practice. In order to address it, some traceable/accountable CP-ABE schemes have been established. However, considering the user tracing problem in multi-domain environment will face new challenges. Multi-domain environments usually have a two-layer structure, domains and intradomain users. When tracing a user, we should first trace the domain where the user is located, and then trace the user in the domain. Unfortunately, the existing traceable CP-ABE schemes only focus on one level of users tracing, and are not suitable for the two-layer structure of multi-domain environments. Therefore, a white-box traceable CP-ABE scheme in multi-domain environment is proposed in this paper. The proposed scheme obtains a so-called two-layer tracing. At the domain level, a short signature technique is used to prevent an attacker from forging the tracing parameter and realize the traceability for domains. Linkable ring signature technology is introduced at the user level to provide a tracing method for users by utilizing the linkability of the signature. The two signature structures are reasonably embedded in a user private key to support two-layer white-box tracing at both domains and intradomain users. The proposed scheme supports any monotone access structures and has full security against chosen plaintext attack in the standard model. Compared with related schemes, the asymptotic communication cost and the asymptotic computation cost of the proposed scheme are relatively low. These advantages make the proposed scheme more practical for solving the user tracing problem in multi-domain environment.INDEX TERMS Ciphertext-policy attribute-based encryption, linkable ring signature, multi-domain environment, two-layer tracing, white-box traceability.

show abstract

“…Li et al 10 proposed a black-box traceable ABE supporting AND gate with wildcards access policy. Liu et al 23 proposed a black-box traceable CP-ABE system which supports any monotone access structures, and Liu et al 24 gave a full secure blackbox traceable CP-ABE system based on prime order groups, Ning et al 25 proposed a black-box traceable CP-ABE scheme with shorter ciphertexts, and there are some researches on traceable CP-ABE in fog computing, 26,27 and auditable s-time outsourced CP-ABE 28 which limits that users can enjoy access privilege at most s times.…”

Section: Related Workmentioning

confidence: 99%

Traceable and undeniable ciphertext-policy attribute-based encryption for cloud storage service

Wang

Cao

et al. 2019

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

Ciphertext-policy attribute-based encryption is a promising mechanism with fine-grained access control for cloud storage system. However, there is a long-lasting problem of key abuse that a user may share its decryption key and a semi-honest authority may illegally issue decryption keys for unauthorized users for profits. To address this problem, we propose an accountable ciphertext-policy attribute-based encryption scheme. In our construction, there are two authorities to issue keys for users, but they cannot decrypt any ciphertexts without collusion. A shared key can be effectively traced, and if the traced identity claims that it is innocent, an auditor can publicly audit who will be responsible for the shared key. Compared with existing accountable ciphertext-policy attribute-based encryption schemes, the proposed scheme is more practical from the two aspects: (1) a user can normally request for a decryption key along with a short signature, and no additional interaction between users and authorities is needed; and (2) the complexity of tracing a masked secret key is reduced to jUj exponent computation, where jUj denotes the number of users in the system. At last, we give the security and experimental analysis.

show abstract

Compulsory traceable ciphertext-policy attribute-based encryption against privilege abuse in fog computing

Cited by 25 publications

References 17 publications

An efficient attribute-based hierarchical data access control scheme in cloud computing

An efficient attribute-based hierarchical data access control scheme in cloud computing

White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain Environment

Traceable and undeniable ciphertext-policy attribute-based encryption for cloud storage service

Contact Info

Product

Resources

About