A Framework of Multi-Authority Attribute-Based Encryption with Outsourcing and Revocation

Attribute-based encryption (ABE) is a cryptographic tool for fine-grained data access control. For practical needs, an ABE scheme should support multiple authority and revocation. Furthermore, decryption should also be outsourced for higher efficiency. Researchers have been extending existing ABE schemes for these goals. Yet, the rationales are often hidden behind tailor-made number-theoretic constructions. This paper proposes a framework for constructing multi-authority ABE schemes with attribute revocation and outsourced decryption, from any pairing-based single-authority ABE scheme which satisfies a set of properties we identified.

[1]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[2]  Kaiping Xue,et al.  Comments on “DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems”/Security Analysis of Attribute Revocation in Multiauthority Data Access Control for Cloud Storage Systems , 2015, IEEE Transactions on Information Forensics and Security.

[3]  Dongqing Xie,et al.  Multi-authority ciphertext-policy attribute-based encryption with accountability , 2011, ASIACCS '11.

[4]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[5]  Brent Waters,et al.  Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption , 2012, IACR Cryptol. ePrint Arch..

[6]  Volker Roth,et al.  General Certificateless Encryption and Timed-Release Encryption , 2008, IACR Cryptol. ePrint Arch..

[7]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[8]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[9]  Pan Li,et al.  Cloud-Assisted Mobile-Access of Health Data With Privacy and Auditability , 2014, IEEE Journal of Biomedical and Health Informatics.

[10]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[11]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[12]  Wei Yuan,et al.  Comments on “Control Cloud Data Access Privilege and Anonymity With Fully Anonymous Attribute-Based Encryption” , 2016, IEEE Transactions on Information Forensics and Security.

[13]  Brent Waters,et al.  Efficient Statically-Secure Large-Universe Multi-Authority Attribute-Based Encryption , 2015, Financial Cryptography.

[14]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[15]  Yevgeniy Dodis,et al.  New Privacy-Preserving Architectures for Identity-/Attribute-based Encryption , 2010 .

[16]  Cheng Chen,et al.  Security analysis of a privacy‐preserving decentralized ciphertext‐policy attribute‐based encryption scheme , 2016, Concurr. Comput. Pract. Exp..

[17]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[18]  Prateek Mittal,et al.  EASiER: encryption-based access control in social networks with efficient revocation , 2011, ASIACCS '11.

[19]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[20]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[21]  Tsz Hon Yuen,et al.  Fully Secure Multi-authority Ciphertext-Policy Attribute-Based Encryption without Random Oracles , 2011, ESORICS.

[22]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[23]  Xiang-Yang Li,et al.  Control Cloud Data Access Privilege and Anonymity With Fully Anonymous Attribute-Based Encryption , 2016, IEEE Transactions on Information Forensics and Security.

[24]  Rui Zhang,et al.  Security Analysis of a Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption Scheme , 2013, IEEE Transactions on Parallel and Distributed Systems.

[25]  Jianfeng Ma,et al.  Fine-Grained Access Control System Based on Outsourced Attribute-Based Encryption , 2013, ESORICS.

[26]  Xiaohua Jia,et al.  DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems , 2013, IEEE Transactions on Information Forensics and Security.

[27]  Siu-Ming Yiu,et al.  SPICE - Simple Privacy-Preserving Identity-Management for Cloud Environment , 2012, ACNS.

[28]  Joseph K. Liu,et al.  Identity-based online/offline key encapsulation and encryption , 2011, ASIACCS '11.

[29]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[30]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[31]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.