Improving the Leakage Rate of Ciphertext-Policy Attribute-Based Encryption for Cloud Computing

A Leakage-Resilient Ciphertext-Policy Attribute-based Encryption (LR-CP-ABE) not only supports the fine-grained access control to encrypted data but also guarantees the security of the data under the side-channel attacks. However, the leakage rate in the existing schemes is low or related to the number of attributes. It will make these schemes suffer from continual attacks. In addition, all of them almost not consider the leakage of the users’ privacy and rely on the composite order groups which will threaten the privacy security of the users and depress the users in practice. In this paper, we aim at solving the above problems and propose a scheme with the improving leakage rate in the prime order group. In the proposed scheme, an extension of the lattice-based trapdoor is used to make it achieve the maximum leakage rate $1-o(1)$ . Moreover, it achieves the anonymity which can protect the privacy of the receivers. The proposed scheme can be reduced to the standard assumption-Decision Linear (DLIN) assumption in the selective security model and resist the Chosen Plaintext Attacks (CPA security). At last, the performance comparisons are given to confirm the efficiency and security of the proposed scheme.

[1]  Brent Waters,et al.  Practical leakage-resilient identity-based encryption from simple assumptions , 2010, CCS '10.

[2]  Dan Boneh,et al.  Function-Private Identity-Based Encryption: Hiding the Function in Functional Encryption , 2013, CRYPTO.

[3]  Yael Tauman Kalai,et al.  Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[4]  Kaoru Kurosawa,et al.  Anonymous and leakage resilient IBE and IPE , 2016, Designs, Codes and Cryptography.

[5]  Leyou Zhang,et al.  Anonymous CP-ABE against Side-channel Attacks in Cloud Computing , 2017, J. Inf. Sci. Eng..

[6]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[7]  Yi Mu,et al.  Novel Leakage-Resilient Attribute-Based Encryption from Hash Proof System , 2016, Comput. J..

[8]  Moni Naor,et al.  Public-Key Cryptosystems Resilient to Key Leakage , 2009, SIAM J. Comput..

[9]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[10]  A. Shamm Identity-based cryptosystems and signature schemes , 1985 .

[11]  Sraban Kumar Mohanty,et al.  A Scalable Attribute-Based Access Control Scheme with Flexible Delegation cum Sharing of Access Privileges for Cloud Storage , 2020, IEEE Transactions on Cloud Computing.

[12]  Yi Mu,et al.  Hidden Ciphertext Policy Attribute-Based Encryption With Fast Decryption for Personal Health Record System , 2019, IEEE Access.

[13]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[14]  Wenjing Lou,et al.  Attribute-based content distribution with hidden policy , 2008, 2008 4th Workshop on Secure Network Protocols.

[15]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[16]  Yao Wang,et al.  Full Verifiability for Outsourced Decryption in Attribute Based Encryption , 2020, IEEE Transactions on Services Computing.

[17]  Jin Li,et al.  Privacy-Aware Attribute-Based Encryption with User Accountability , 2009, ISC.

[18]  Jin Li,et al.  Anonymous attribute-based encryption supporting efficient decryption test , 2013, ASIA CCS '13.

[19]  Jian Shen,et al.  Key-policy attribute-based encryption against continual auxiliary input leakage , 2019, Inf. Sci..

[20]  Yi Mu,et al.  Leakage-Resilient Attribute-Based Encryption with Fast Decryption: Models, Analysis and Constructions , 2013, ISPEC.

[21]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[22]  Jiguo Li,et al.  Extended File Hierarchy Access Control Scheme with Attribute-Based Encryption in Cloud Computing , 2019, IEEE Transactions on Emerging Topics in Computing.

[23]  Moni Naor,et al.  Public-Key Encryption in the Bounded-Retrieval Model , 2010, EUROCRYPT.

[24]  Vinod Vaikuntanathan,et al.  Simultaneous Hardcore Bits and Cryptography against Memory Attacks , 2009, TCC.

[25]  Robert H. Deng,et al.  An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures, revisited , 2018, Comput. Networks.

[26]  Leïla Azouz Saïdane,et al.  Toward Ciphertext Policy Attribute Based Encryption Model: A Revocable Access Control Solution in Cloud Computing , 2019, CRiSIS.

[27]  Moni Naor,et al.  Public-Key Cryptosystems Resilient to Key Leakage , 2012, SIAM J. Comput..

[28]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[29]  Jian Shen,et al.  An Expressive Hidden Access Policy CP-ABE , 2017, 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC).

[30]  Sean W. Smith,et al.  Attribute-Based Publishing with Hidden Credentials and Hidden Policies , 2007, NDSS.

[31]  Yunlei Zhao,et al.  Efficient Public Key Cryptosystem Resilient to Key Leakage Chosen Ciphertext Attacks , 2013, CT-RSA.

[32]  Allison Bishop,et al.  Achieving Leakage Resilience through Dual System Encryption , 2011, TCC.

[33]  Yevgeniy Dodis,et al.  Cryptography against Continuous Memory Attacks , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[34]  Dan Boneh,et al.  Efficient Lattice (H)IBE in the Standard Model , 2010, EUROCRYPT.

[35]  Robert H. Deng,et al.  Ciphertext-policy attribute-based encryption with partially hidden access structure and its application to privacy-preserving electronic medical record system in cloud environment , 2016, Secur. Commun. Networks.

[36]  Jiguo Li,et al.  Hierarchical attribute based encryption with continuous leakage-resilience , 2019, Inf. Sci..

[37]  Jiguo Li,et al.  Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing , 2017, IEEE Transactions on Services Computing.