A secure and efficient Ciphertext-Policy Attribute-Based Signcryption for Personal Health Records sharing in cloud computing

Abstract In recent years, Personal Health Record (PHR) system has attracted intensive attention due to its universal accessibility and low cost. The practical deployment of PHR system in cloud computing environments raises privacy and information security issues that should be addressed positively. Recently [Future Generation Computer Systems 52 (2015)], a Ciphertext-Policy Attribute-Based Signcryption (CP-ABSC) scheme (Liu et al. 2015) is proposed with the aim to securing PHR data stored at cloud servers, and it is claimed to provide confidentiality against chosen ciphertext attacks in selective-predicate model. Unfortunately, we show in this paper that the claim is incorrect. Besides, the CP-ABSC scheme Liu et al. (2015) cannot realize the property of public ciphertext verifiability which is an essential requirement of signcryption schemes to reduce unnecessary burden on the decryptor for decrypting invalid ciphertexts. In this paper, we propose a provable secure CP-ABSC scheme for cloud-based PHR sharing system that has ability to provide fine-grained access control, confidentiality, authenticity, signcryptor privacy and public verifiability, simultaneously. Our framework exploits expressive monotone boolean functions as signing and encryption predicates, and realizes security in the standard model. On the positive note, our construction exhibits short ciphertext size and requires less number of pairing computations compared to the existing schemes in the area.

[1]  Fuchun Guo,et al.  CP-ABE With Constant-Size Keys for Lightweight Devices , 2014, IEEE Transactions on Information Forensics and Security.

[2]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[3]  Reihaneh Safavi-Naini,et al.  Short Pairing-Efficient Threshold-Attribute-Based Signature , 2012, Pairing.

[4]  Zhiguang Qin,et al.  Fully Secure Identity Based Key-Insulated Signcryption in the Standard Model , 2014, Wirel. Pers. Commun..

[5]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[6]  Tapas Pandit,et al.  Attribute-Based Signcryption : Signer Privacy, Strong Unforgeability and IND-CCA2 Security in Adaptive-Predicates Attack , 2014, ProvSec.

[7]  Dongqing Xie,et al.  Attribute-based signature and its applications , 2010, ASIACCS '10.

[8]  C. Pandu Rangan,et al.  Cryptanalysis of Certificateless Signcryption Schemes and an Efficient Construction without Pairing , 2009, Inscrypt.

[9]  C. Pandu Rangan,et al.  On the Security of ID Based Signcryption Schemes , 2011, IACR Cryptol. ePrint Arch..

[10]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[11]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[12]  Abhijeet Shukla,et al.  Secure sharing of Personal Health Record , 2019 .

[13]  Javier Herranz,et al.  Short Attribute-Based Signatures for Threshold Predicates , 2012, CT-RSA.

[14]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[15]  C. Pandu Rangan,et al.  Cryptanalysis of Mu et al.'s and Li et al.'s Schemes and a Provably Secure ID-Based Broadcast Signcryption (IBBSC) Scheme , 2009, WISA.

[16]  Hugo Krawczyk,et al.  Cryptographic Extraction and Key Derivation: The HKDF Scheme , 2010, IACR Cryptol. ePrint Arch..

[17]  Cheng Chen,et al.  Combined Public-Key Schemes: The Case of ABE and ABS , 2012, ProvSec.

[18]  Ji Geng,et al.  Cryptanalysis of Attribute-based Ring Signcryption Scheme , 2015, Int. J. Netw. Secur..

[19]  Audra E. Kosh,et al.  Linear Algebra and its Applications , 1992 .

[20]  Atsuko Miyaji,et al.  Dynamic attribute-based signcryption without random oracles , 2012, Int. J. Appl. Cryptogr..

[21]  Ratna Dutta,et al.  Expressive Bandwidth-Efficient Attribute Based Signature and Signcryption in Standard Model , 2014, ACISP.

[22]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[23]  Xiaotie Deng,et al.  An Efficient Signcryption Scheme with Key Privacy , 2007, EuroPKI.

[24]  Huaxiong Wang,et al.  Spatial encryption supporting non-monotone access structure , 2014, Des. Codes Cryptogr..

[25]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signcryption , 2010, SCN.

[26]  Ratna Dutta,et al.  Efficient attribute-based signature and signcryption realizing expressive access structures , 2015, International Journal of Information Security.

[27]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[28]  K. S. Naidu,et al.  Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds , 2017 .

[29]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[30]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[31]  Changji Wang,et al.  Attribute-based Signcryption with Ciphertext-policy and Claim-predicate Mechanism , 2011, 2011 Seventh International Conference on Computational Intelligence and Security.