An efficient and traceable KP-ABS scheme with untrusted attribute authority in cloud computing

ABE has been widely applied for secure data protection in cloud computing. In ABE, user’s private keys are generated by attribute authority, thus, attribute authority has the ultimate privileges in the system and can impersonate any users to forge valid signatures. Once the attribute authority become dishonest or be invaded in cloud systems, the system’s security will be at risk. To better solve the problem mentioned above, in this paper, we propose a key-policy attribute based signature scheme with untrusted authority and traceability (KP-ABS-UT). In our scheme, the signer’s private key is composed by two components: one part is distributed by attribute authority and the other part is chosen privately by the signer’s self. Thus attribute authority cannot forge any signatures which should be signed by legal users. Besides, our scheme introduces an entity “tracer”, which can trace the identity of signer when necessary. By security analysis and efficiency comparison, we prove our KP-ABS-UT scheme meets the requirements of unforgeability as well as lower computation cost.

[1]  Guo Shaniqng,et al.  Attribute-based Signature Scheme , 2008, 2008 International Conference on Information Security and Assurance (isa 2008).

[2]  Duncan S. Wong,et al.  Secure Outsourced Attribute-Based Signatures , 2014, IEEE Transactions on Parallel and Distributed Systems.

[3]  Javier Herranz,et al.  Short Attribute-Based Signatures for Threshold Predicates , 2012, CT-RSA.

[4]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[5]  Nuttapong Attrapadung,et al.  Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts , 2011, Public Key Cryptography.

[6]  Yiming Zhao,et al.  Efficient Traceable Attribute-Based Signature , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[7]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[8]  C. Pandu Rangan,et al.  Attribute Based Signatures for Bounded Multi-level Threshold Circuits , 2010, EuroPKI.

[9]  Manoj Prabhakaran,et al.  Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance , 2008, IACR Cryptol. ePrint Arch..

[10]  Zhiqian Xu,et al.  Anonymous User Revocation for Using Attribute-Based Signature in Cloud Computing , 2014, 2014 IEEE 6th International Conference on Cloud Computing Technology and Science.

[11]  Jin Li,et al.  Hidden attribute-based signatures without anonymity revocation , 2010, Inf. Sci..

[12]  Joe Kilian Advances in Cryptology — CRYPTO 2001 , 2001, Lecture Notes in Computer Science.

[13]  Xiaofeng Wang,et al.  Mediated attribute based signature scheme supporting key revocation , 2012, 2012 8th International Conference on Information Science and Digital Content Technology (ICIDT2012).

[14]  Paz Morillo,et al.  Revocable Attribute-Based Signatures with Adaptive Security in the Standard Model , 2011, AFRICACRYPT.

[15]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[16]  Jianfeng Ma,et al.  Attribute Based Multi-signature Scheme in the Standard Model , 2013, 2013 Ninth International Conference on Computational Intelligence and Security.

[17]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[18]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[19]  Tatsuaki Okamoto,et al.  Decentralized Attribute-Based Signatures , 2013, Public Key Cryptography.

[20]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signatures and Their Application to Anonymous Credential Systems , 2009, AFRICACRYPT.