Privacy-preserving online/offline and outsourced multi-authority attribute-based encryption

Attribute based encryption(ABE) is an efficient technique that exploits attributes and access policies to achieve fine-grained access control in cloud computing. Besides, outspread ABE schemes with multiple authorities(multi-authority ABE) are more suitable for practical applications than basic single-authority ABE schemes. Nevertheless, existing multi-authority ABE schemes either can't preserve access policies' privacy or sustain expensive computational cost of encryption and decryption phases. In this paper, to tackle the above challenges, we propose an online/offline and outsourced multi-authority ABE scheme with policy protection. Roughly speaking, our main idea is to alleviate the online computation overhead for owners by splitting the encryption algorithm to the online encryption and offline encryption. During the decryption phase, users outsource massive decryption operations to the proxy server via the technique of transformation key. We can demonstrate that our scheme is secure and also protects the privacy of access policies according to security analysis. Furthermore, performance analysis shows that our scheme can lighten the computation burden for both owners and users and is quite appropriate for resource-limited devices in the multi-authority systems.

[1]  Junbeom Hur,et al.  Attribute-Based Secure Data Sharing with Hidden Policies in Smart Grid , 2013, IEEE Transactions on Parallel and Distributed Systems.

[2]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[3]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[4]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[5]  G. Ravi,et al.  Attribute Based Encryption With Verifiable Outsourced Decryption , 2014 .

[6]  Robert H. Deng,et al.  Expressive CP-ABE with partially hidden access structures , 2012, ASIACCS '12.

[7]  Jie Cui,et al.  Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage , 2016, Soft Computing.

[8]  Ian Goldberg,et al.  Pairing-Based Onion Routing , 2007, Privacy Enhancing Technologies.

[9]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[10]  Hui Ma,et al.  Verifiable and Exculpable Outsourced Attribute-Based Encryption for Access Control in Cloud Computing , 2017, IEEE Transactions on Dependable and Secure Computing.

[11]  Brent Waters,et al.  Attribute-Based Encryption with Fast Decryption , 2013, Public Key Cryptography.

[12]  Guomin Yang,et al.  Hidden Ciphertext Policy Attribute-Based Encryption Under Standard Assumptions , 2016, IEEE Transactions on Information Forensics and Security.

[13]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[14]  Yi Mu,et al.  Improving Privacy and Security in Decentralized Ciphertext-Policy Attribute-Based Encryption , 2015, IEEE Transactions on Information Forensics and Security.

[15]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[16]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[17]  Xiaodong Lin,et al.  Fine-grained data sharing in cloud computing for mobile devices , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).