Fine-grained access control system based on fully outsourced attribute-based encryption

First fully outsourced attributed-based encryption scheme.Lightweight operations for the private key generator and users.Imperceptible communication cost for the private key generator and users.Rigorous theoretical and detailed experimental analyses of our proposal.Suitable for cloud applications on mobile devices. Attribute-based encryption (ABE) has potential to be applied in cloud computing applications to provide fine-grained access control over encrypted data. However, the computation cost of ABE is considerably expensive, because the pairing and exponentiation operations grow with the complexity of access formula. In this work, we propose a fully outsourced ciphertext-policy ABE scheme that for the first time achieves outsourced key generation, encryption and decryption simultaneously. In our scheme, heavy computations are outsourced to public cloud service providers, leaving no complex operations for the private key generator (PKG) and only one modular exponentiation for the sender or the receiver, and the communication cost of the PKG and users is optimized. Moreover, we give the security proof and implement our scheme in Charm, and the experimental results indicate that our scheme is efficient and practical.

[1]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[2]  David Naccache,et al.  Secure Delegation of Elliptic-Curve Pairing , 2010, IACR Cryptol. ePrint Arch..

[3]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[4]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[5]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[6]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[7]  Moon Sung Lee,et al.  Efficient Delegation of Pairing Computation , 2005, IACR Cryptol. ePrint Arch..

[8]  Jianfeng Ma,et al.  Fine-Grained Access Control System Based on Outsourced Attribute-Based Encryption , 2013, ESORICS.

[9]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[10]  Sean W. Smith,et al.  Batch Pairing Delegation , 2007, IWSEC.

[11]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[12]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[13]  Anna Lysyanskaya,et al.  How to Securely Outsource Cryptographic Computations , 2005, TCC.

[14]  Ian Miers,et al.  Charm: a framework for rapidly prototyping cryptosystems , 2013, Journal of Cryptographic Engineering.

[15]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[16]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[17]  Victor Shoup,et al.  A Proposal for an ISO Standard for Public Key Encryption , 2001, IACR Cryptol. ePrint Arch..

[18]  Jin Li,et al.  Outsourcing Encryption of Attribute-Based Encryption with MapReduce , 2012, ICICS.

[19]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[20]  P. MuraliKrishna,et al.  SECURE SCHEMES FOR SECRET SHARING AND KEY DISTRIBUTION USING PELL'S EQUATION , 2013 .

[21]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[22]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2014, IEEE Trans. Parallel Distributed Syst..

[23]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[24]  Hugo Krawczyk,et al.  Relaxing Chosen-Ciphertext Security , 2003, CRYPTO.