Partially policy-hidden attribute-based broadcast encryption with secure delegation in edge computing

Abstract The rapid growth of data has successfully promoted the development of edge computing, which is used for processing the data at the edge of network. The emergence of edge computing compensates for the network delay caused by massive data uploads to the cloud. However, the issues of data security and privacy protection still need to be resolved. In this paper, we propose an efficient ciphertext-policy attribute-based encryption (CP-ABE) scheme that for the first time simultaneously achieves partially hidden policy, direct revocation, and verifiable outsourced decryption. Specifically, in our scheme, the concept of partially hidden policy is introduced to protect private information in an access policy. In addition, after a revocation is successfully executed, the revoked users will not be able to access the message without affecting any other non-revoked users. Our new scheme leverages the outsourcing technique to minimize the overhead required of the user. We demonstrate that our scheme is secure under the Decisional ( q − 1 ) Diffie–Hellman assumption and the Decisional Bilinear Diffie–Hellman assumption, as well as evaluating its performance using simulations.

[1]  Brent Waters,et al.  A fully collusion resistant broadcast, trace, and revoke system , 2006, CCS '06.

[2]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[3]  Robert H. Deng,et al.  Attribute-Based Encryption With Efficient Verifiable Outsourced Decryption , 2015, IEEE Transactions on Information Forensics and Security.

[4]  Dalit Naor,et al.  Broadcast Encryption , 1993, Encyclopedia of Multimedia.

[5]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[6]  David Lubicz,et al.  Attribute-Based Broadcast Encryption Scheme Made Efficient , 2008, AFRICACRYPT.

[7]  Hao Wang,et al.  Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing , 2016, Soft Computing.

[8]  Hao Zhang,et al.  Attribute-Based Privacy-Preserving Data Sharing for Dynamic Groups in Cloud Computing , 2019, IEEE Systems Journal.

[9]  Xiaolei Dong,et al.  Auditable $\sigma $ -Time Outsourced Attribute-Based Encryption for Access Control in Cloud Computing , 2018, IEEE Transactions on Information Forensics and Security.

[10]  Qixiang Mei,et al.  Generic and Efficient Constructions of Attribute-Based Encryption with Verifiable Outsourced Decryption , 2016, IEEE Transactions on Dependable and Secure Computing.

[11]  Min Ji,et al.  CCA-secure ABE with outsourced decryption for fog computing , 2018, Future Gener. Comput. Syst..

[12]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[13]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[14]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[15]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[16]  Weisong Shi,et al.  Edge Computing: Vision and Challenges , 2016, IEEE Internet of Things Journal.

[17]  Hideki Imai,et al.  Conjunctive Broadcast and Attribute-Based Encryption , 2009, Pairing.

[18]  Jinguang Han,et al.  VOD-ADAC: Anonymous Distributed Fine-Grained Access Control Protocol with Verifiable Outsourced Decryption in Public Cloud , 2020, IEEE Transactions on Services Computing.

[19]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[20]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[21]  Robert H. Deng,et al.  Fully Secure Cipertext-Policy Hiding CP-ABE , 2011, ISPEC.

[22]  Rodrigo Roman,et al.  Mobile Edge Computing, Fog et al.: A Survey and Analysis of Security Threats and Challenges , 2016, Future Gener. Comput. Syst..

[23]  Jian Shen,et al.  Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Ciphertext Length , 2017, Secur. Commun. Networks.

[24]  Robert H. Deng,et al.  Expressive CP-ABE with partially hidden access structures , 2012, ASIACCS '12.

[25]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[26]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[27]  Robert H. Deng,et al.  An Efficient and Expressive Ciphertext-Policy Attribute-Based Encryption Scheme with Partially Hidden Access Structures , 2016, ProvSec.

[28]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[29]  Rui Zhang,et al.  Fine-grained access control system based on fully outsourced attribute-based encryption , 2017, J. Syst. Softw..

[30]  Qiaoyan Wen,et al.  Circuit Ciphertext-Policy Attribute-Based Hybrid Encryption with Verifiable Delegation in Cloud Computing , 2016, IEEE Transactions on Parallel and Distributed Systems.

[31]  Guomin Yang,et al.  Attribute Based Broadcast Encryption with Short Ciphertext and Decryption Key , 2015, ESORICS.

[32]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[33]  Hui Ma,et al.  Verifiable and Exculpable Outsourced Attribute-Based Encryption for Access Control in Cloud Computing , 2017, IEEE Transactions on Dependable and Secure Computing.

[34]  Geong Sen Poh,et al.  Searchable Symmetric Encryption , 2017, ACM Comput. Surv..

[35]  Avishai Wool,et al.  A practical revocation scheme for broadcast encryption using smart cards , 2003, 2003 Symposium on Security and Privacy, 2003..

[36]  Rui Zhang,et al.  A Blockchain based Access Control System for Cloud Storage , 2019 .

[37]  Jiguo Li,et al.  Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing , 2017, IEEE Transactions on Services Computing.