Comment on “Secure Data Access Control With Ciphertext Update and Computation Outsourcing in Fog Computing for Internet of Things”
暂无分享,去创建一个
In this comment paper, we point out a security flaw in a data access control system which is built on ciphertext-policy attribute-based encryption (CP-ABE) and attribute-based signature schemes. In particular, we show that the underlying CP-ABE is vulnerable to the collusion attack. As a result, malicious users can collaborate to decrypt a ciphertext, which they are not authorized to decrypt.
[1] Hongwei Liu,et al. An efficient access control scheme with outsourcing capability and attribute update for fog computing , 2018, Future Gener. Comput. Syst..
[2] Yixian Yang,et al. Secure Data Access Control With Ciphertext Update and Computation Outsourcing in Fog Computing for Internet of Things , 2017, IEEE Access.