Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage

Data sharing is an important functionality in cloud storage. In this paper, we show how to securely, efficiently, and flexibly share data with others in cloud storage. We describe new public-key cryptosystems that produce constant-size ciphertexts such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set in cloud storage, but the other encrypted files outside the set remain confidential. This compact aggregate key can be conveniently sent to others or be stored in a smart card with very limited secure storage. We provide formal security analysis of our schemes in the standard model. We also describe other application of our schemes. In particular, our schemes give the first public-key patient-controlled encryption for flexible hierarchy, which was yet to be known.

[1]  Robert H. Deng,et al.  Conditional Proxy Broadcast Re-Encryption , 2009, ACISP.

[2]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[3]  Wen-Guey Tzeng,et al.  Identity-Based Proxy Re-encryption Without Random Oracles , 2007, ISC.

[4]  Ming Li,et al.  Storing Shared Data on the Cloud via Security-Mediator , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems.

[5]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[6]  K. J. Ray Liu,et al.  Scalable hierarchical access control in secure group communications , 2004, IEEE INFOCOM 2004.

[7]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[8]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[9]  Siu-Ming Yiu,et al.  Identity-Based Encryption Resilient to Continual Auxiliary Leakage , 2012, EUROCRYPT.

[10]  Stafford E. Tavares,et al.  Flexible Access Control with Master Keys , 1989, CRYPTO.

[11]  Josh Benaloh,et al.  Key Compression and its Application to Digital Fingerprinting , 2001 .

[12]  Robert H. Deng,et al.  Dynamic Secure Cloud Storage with Provenance , 2012, Cryptography and Security.

[13]  Fuchun Guo,et al.  Multi-Identity Single-Key Decryption without Random Oracles , 2007, Inscrypt.

[14]  Brent Waters,et al.  Practical leakage-resilient identity-based encryption from simple assumptions , 2010, CCS '10.

[15]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[16]  Basel Alomair,et al.  Information Theoretically Secure Encryption with Almost Free Authentication , 2009, J. Univers. Comput. Sci..

[17]  Ricardo Dahab,et al.  TinyTate: Computing the Tate Pairing in Resource-Constrained Sensor Nodes , 2007, Sixth IEEE International Symposium on Network Computing and Applications (NCA 2007).

[18]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[19]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[20]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[21]  Qiong Zhang,et al.  A centralized key management scheme for hierarchical access control , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[22]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[23]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[24]  Wen-Guey Tzeng,et al.  A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy , 2002, IEEE Trans. Knowl. Data Eng..

[25]  Ravi S. Sandhu,et al.  Cryptographic Implementation of a Tree Hierarchy for Access Control , 1988, Inf. Process. Lett..

[26]  Alfredo De Santis,et al.  New constructions for provably-secure time-bound hierarchical key assignment schemes , 2007, SACMAT '07.

[27]  Ran Canetti,et al.  Chosen-ciphertext secure proxy re-encryption , 2007, CCS '07.

[28]  Marina Blanton,et al.  Dynamic and Efficient Key Management for Access Hierarchies , 2009, TSEC.

[29]  Fuchun Guo,et al.  Identity-Based Encryption: How to Decrypt Multiple Ciphertexts Using a Single Decryption Key , 2007, Pairing.

[30]  Eric Horvitz,et al.  Patient controlled encryption: ensuring privacy of electronic medical records , 2009, CCSW '09.

[31]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[32]  Siu-Ming Yiu,et al.  SPICE - Simple Privacy-Preserving Identity-Management for Cloud Environment , 2012, ACNS.

[33]  Robert H. Deng,et al.  Efficient Unidirectional Proxy Re-Encryption , 2010, AFRICACRYPT.

[34]  Zoe L. Jiang,et al.  Privacy-Preserving Public Auditing for Secure Cloud Storage , 2013, IEEE Transactions on Computers.