Attribute-based encryption scheme with multi-keyword search and supporting attribute revocation in cloud storage

We propose an attribute-based encryption scheme with multi-keyword search and supporting attribute revocation in cloud storage environment, in which binary attributes and AND-gate access policy are used. Our proposal enjoys several advantages. Firstly, multi-keyword search is available, and only when a data user's attribute set satisfies access policy in keyword index, and keyword token generated by data user matches index successfully, then data user can obtain ciphertext containing keywords. In this way, more accurate keyword search is achievable. Secondly, the search privacy of data user is protected owing to cloud servers cannot obtain any knowledge of keywords which data user is interested in. Meanwhile, the ciphertext is able to be decrypted when data user's attribute set satisfies access policy specified in the ciphertext, which can both improve security of encryption and achieve secure fine-grained access control. Thirdly, the proposed scheme supports attribute revocation, in our scheme when a data user's attribute is revoked, the version number of attribute, non-revoked data users' secret keys and related ciphertexts will be updated, such that data user whose attribute is revoked does not decrypt updated ciphertext anymore. In addition, based on the assumption of decisional linear (DL) and decisional Diffie-Hellman (DDH), our scheme is proved to be secure against selectively chosen-keyword attacks and selectively chosen-plaintext attacks respectively, and it also ensures token privacy security.

[1]  Robert H. Deng,et al.  An Efficient and Expressive Ciphertext-Policy Attribute-Based Encryption Scheme with Partially Hidden Access Structures , 2016, ProvSec.

[2]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[3]  Chun-Xiang Xu,et al.  A CP-ABE scheme with system attributes revocation in cloud storage , 2014, 2014 11th International Computer Conference on Wavelet Actiev Media Technology and Information Processing(ICCWAMTIP).

[4]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[5]  Li Shuan Safe anonymous identity based public key encryption with keyword search , 2013 .

[6]  Kim-Kwang Raymond Choo,et al.  Pairing-based CP-ABE with constant-size ciphertexts and secret keys for cloud environment , 2017, Comput. Stand. Interfaces.

[7]  Fuchun Guo,et al.  CP-ABE With Constant-Size Keys for Lightweight Devices , 2014, IEEE Transactions on Information Forensics and Security.

[8]  Yaling Zhang,et al.  A keyword searchable attribute-based encryption scheme with attribute update for cloud storage , 2018, PloS one.

[9]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[10]  Igor E. Shparlinski,et al.  Computational Diffie-Hellman Problem , 2011, Encyclopedia of Cryptography and Security.

[11]  Xiaolei Dong,et al.  Efficient Attribute-Based Searchable Encryption on Cloud Storage , 2018, Journal of Physics: Conference Series.

[12]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[13]  Yong Cheng,et al.  Attributes Union in CP-ABE Algorithm for Large Universe Cryptographic Access Control , 2012, 2012 Second International Conference on Cloud and Green Computing.

[14]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[15]  Robert H. Deng,et al.  An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures, revisited , 2018, Comput. Networks.

[16]  Xiaojun Jing,et al.  Ciphertext-Policy Attribute-Based Encryption with Hidden Access Policy and Testing , 2016, KSII Trans. Internet Inf. Syst..

[17]  Tanja Lange,et al.  Pairing-Based Cryptography , 2005, Handbook of Elliptic and Hyperelliptic Curve Cryptography.

[18]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[19]  Willy Susilo,et al.  An Efficient Key-Policy Attribute-Based Searchable Encryption in Prime-Order Groups , 2017, ProvSec.

[20]  Nik Bessis,et al.  CS-PSO: chaotic particle swarm optimization algorithm for solving combinatorial optimization problems , 2016, Soft Computing.

[21]  K JohnSingh,et al.  An Enhanced CP-ABE based Access Control Algorithm for Point to Multi-Point Communication in Cloud Computing , 2017, J. Inf. Sci. Eng..

[22]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[23]  Xu An Wang,et al.  m2-ABKS: Attribute-Based Multi-Keyword Search over Encrypted Personal Health Records in Multi-Owner Setting , 2016, Journal of Medical Systems.

[24]  Jiqiang Liu,et al.  Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation , 2015, Inf. Sci..

[25]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[26]  Zoe L. Jiang,et al.  Attribute-Based Encryption Scheme Supporting Decryption Outsourcing and Attribute Revocation in Cloud Storage , 2017, 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[27]  N. Cao,et al.  Privacy-preserving multi-keyword ranked search over encrypted cloud data , 2011, 2011 Proceedings IEEE INFOCOM.

[28]  Kui Ren,et al.  Attribute-based fine-grained access control with efficient revocation in cloud storage systems , 2013, ASIA CCS '13.

[29]  Sherman S. M. Chow A Framework of Multi-Authority Attribute-Based Encryption with Outsourcing and Revocation , 2016, SACMAT.

[30]  Jie Cui,et al.  Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage , 2016, Soft Computing.

[31]  Chengyu Hu,et al.  Public Key Encryption with Multi-keyword Search , 2012 .

[32]  Yogachandran Rahulamathavan,et al.  User Collusion Avoidance Scheme for Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption , 2016, IEEE Transactions on Computers.

[33]  Tsz Hon Yuen,et al.  Time-Based Direct Revocable Ciphertext-Policy Attribute-Based Encryption with Short Revocation List , 2018, IACR Cryptol. ePrint Arch..

[34]  Yinghui Zhang,et al.  Attribute-Based Encryption with Multi-keyword Search , 2017, 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC).

[35]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.