Accountable Ciphertext-Policy Attribute-Based Encryption Scheme Supporting Public Verifiability and Nonrepudiation

Ciphertext-policy attribute-based encryption, denoted by CP-ABE, is a promising extension of identity-based encryption which enables fine-grained data access control by taking a set of attributes as users' public key. However, owing to the fact that an attribute set may be shared by multiple users, malicious users dare to share their decryption keys to others for profits. Furthermore, the central authority is able to issue arbitrary decryption keys for any unauthorized users. To prevent these two kinds of key abuses in CP-ABE system, we propose an accountable CP-ABE scheme which allows any third party to publicly verify the identity embedded in a leaked decryption key, allows an auditor to publicly check whether a malicious user or the authority should be responsible for an exposed decryption key, and the malicious user or the authority can't deny it. The proposed accountable CP-ABE scheme supports any LSSS realizable access structures. At last, the confidentiality and public verifiability of the proposed scheme can be proved to be tightly related to the atomic CP-ABE scheme and the signature scheme that it composed from.

[1]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[2]  Xiaolei Dong,et al.  White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Flexible Attributes , 2015, IEEE Transactions on Information Forensics and Security.

[3]  Máté Horváth,et al.  Attribute-Based Encryption Optimized for Cloud Computing , 2015, IACR Cryptol. ePrint Arch..

[4]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[5]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[6]  Dongqing Xie,et al.  Multi-authority ciphertext-policy attribute-based encryption with accountability , 2011, ASIACCS '11.

[7]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[8]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[9]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[10]  Josep Domingo-Ferrer,et al.  Flexible attribute-based encryption applicable to secure e-healthcare records , 2015, International Journal of Information Security.

[11]  Jiguo Li,et al.  Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation , 2014, International Journal of Information Security.

[12]  Zhen Liu,et al.  White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Any Monotone Access Structures , 2013, IEEE Transactions on Information Forensics and Security.

[13]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[14]  Xiaolei Dong,et al.  Accountable Authority Ciphertext-Policy Attribute-Based Encryption with White-Box Traceability and Public Auditing in the Cloud , 2015, ESORICS.

[15]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[16]  Jiguo Li,et al.  Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage , 2017, Int. J. Commun. Syst..

[17]  Zhen Liu,et al.  Blackbox traceable CP-ABE: how to catch people leaking their keys by selling decryption devices on ebay , 2013, CCS.

[18]  Jiguo Li,et al.  Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing , 2017, IEEE Transactions on Services Computing.

[19]  Kenneth G. Paterson,et al.  Efficient Identity-Based Signatures Secure in the Standard Model , 2006, ACISP.

[20]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[21]  Brent Waters,et al.  Attribute-Based Encryption with Fast Decryption , 2013, Public Key Cryptography.

[22]  Brent Waters,et al.  Attribute-Based Encryption for Circuits from Multilinear Maps , 2012, CRYPTO.

[23]  Jin Li,et al.  A2BE: Accountable Attribute-Based Encryption for Abuse Free Access Control , 2009, IACR Cryptol. ePrint Arch..

[24]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[25]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.