Functional broadcast encryption with applications to data sharing for cloud storage

Abstract Cloud storage services provide data owners an efficient and flexible way to share data. Among the shared data, some of them are very sensitive, and should be prevented for any leakage. Should users conventionally encrypt the data, however, flexibly sharing is lost. Public-key encryption with access control (PEAC) resolves this tension. Most of existing PEAC schemes only support the data owner to control either the parts of data to be accessed by other users (file-based PEAC), or the membership of users that access the entire data set (receiver-based PEAC). However, in reality a PEAC scheme with both file-based and receiver-based functionalities is required to ensure the efficiency, flexibility, and fine-grainess of the data sharing service. In this paper, we introduce a primitive of functional broadcast encryption (FBE). FBE is a manifestation of PEAC that enables a data owner to share a set of data files to a group of users, where only a specific subset of data files can be accessed and decrypted by a specific subgroup of users. We describe a construction for FBE based on indistinguishability obfuscation ( i O ). Security analysis demonstrates that the proposed scheme achieves selective IND-CCA security, and a comprehensive performance analysis shows the proposed scheme is efficient.

[1]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[2]  Kefei Chen,et al.  LR-RRA-CCA secure functional encryption for randomized functionalities from trapdoor HPS and LAF , 2017, Science China Information Sciences.

[3]  Allison Bishop,et al.  Indistinguishability Obfuscation from the Multilinear Subgroup Elimination Assumption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[4]  Brent Waters,et al.  Constrained Pseudorandom Functions and Their Applications , 2013, ASIACRYPT.

[5]  Dalit Naor,et al.  Broadcast Encryption , 1993, Encyclopedia of Multimedia.

[6]  Rafael Pass,et al.  Indistinguishability Obfuscation from Semantically-Secure Multilinear Encodings , 2014, CRYPTO.

[7]  Lu Zhou,et al.  Stag hunt and trust emergence in social networks , 2018, Future Gener. Comput. Syst..

[8]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[9]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[10]  Aggelos Kiayias,et al.  Delegatable pseudorandom functions and applications , 2013, IACR Cryptol. ePrint Arch..

[11]  Hovav Shacham,et al.  Careful with Composition: Limitations of the Indifferentiability Framework , 2011, EUROCRYPT.

[12]  Yi Mu,et al.  Efficient Public Verification of Data Integrity for Cloud Storage Systems from Indistinguishability Obfuscation , 2017, IEEE Transactions on Information Forensics and Security.

[13]  Amit Sahai,et al.  Functional Encryption for Randomized Functionalities , 2015, TCC.

[14]  Hoeteck Wee,et al.  Multi-input Inner-Product Functional Encryption from Pairings , 2017, EUROCRYPT.

[15]  Hoeteck Wee,et al.  Tight Adaptively Secure Broadcast Encryption with Short Ciphertexts and Keys , 2018, IACR Cryptol. ePrint Arch..

[16]  Shafi Goldwasser,et al.  Functional Signatures and Pseudorandom Functions , 2014, Public Key Cryptography.

[17]  Xiaodong Lin,et al.  HealthDep: An Efficient and Secure Deduplication Scheme for Cloud-Assisted eHealth Systems , 2018, IEEE Transactions on Industrial Informatics.

[18]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[19]  Brent Waters,et al.  Fully Secure and Fast Signing from Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[20]  Brent Waters,et al.  Adaptive Security in Broadcast Encryption Systems (with Short Ciphertexts) , 2009, EUROCRYPT.

[21]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[22]  Xiaojun Zhang,et al.  Identity-based key-exposure resilient cloud storage public auditing scheme from lattices , 2019, Inf. Sci..

[23]  Avishai Wool,et al.  Long-Lived Broadcast Encryption , 2000, CRYPTO.

[24]  Kefei Chen,et al.  A new construction on randomized message-locked encryption in the standard model via UCEs , 2016, Science China Information Sciences.

[25]  Yun Ling,et al.  Fine-Grained Two-Factor Protection Mechanism for Data Sharing in Cloud Storage , 2018, IEEE Transactions on Information Forensics and Security.

[26]  Wenjing Lou,et al.  Searchable Symmetric Encryption with Forward Search Privacy , 2019, IEEE Transactions on Dependable and Secure Computing.

[27]  S. Micali,et al.  How To Construct Randolli Functions , 1984, FOCS 1984.

[28]  Abhishek Jain,et al.  Indistinguishability Obfuscation from Compact Functional Encryption , 2015, CRYPTO.

[29]  Witold Pedrycz,et al.  NewMCOS: Towards a Practical Multi-Cloud Oblivious Storage Scheme , 2020, IEEE Transactions on Knowledge and Data Engineering.

[30]  Mark Zhandry,et al.  Multiparty Key Exchange, Efficient Traitor Tracing, and More from Indistinguishability Obfuscation , 2014, Algorithmica.

[31]  Brent Waters,et al.  A fully collusion resistant broadcast, trace, and revoke system , 2006, CCS '06.

[32]  Xuemin Sherman Shen,et al.  Blockchain-Based Public Integrity Verification for Cloud Storage against Procrastinating Auditors , 2019, IEEE Transactions on Cloud Computing.

[33]  Joseph K. Liu,et al.  Access control encryption with efficient verifiable sanitized decryption , 2018, Inf. Sci..

[34]  Vinod Vaikuntanathan,et al.  From Selective to Adaptive Security in Functional Encryption , 2015, CRYPTO.

[35]  Xiong Fan,et al.  Making Public Key Functional Encryption Function Private, Distributively , 2018, IACR Cryptol. ePrint Arch..

[36]  Yi Mu,et al.  Secure Fine-Grained Access Control and Data Sharing for Dynamic Groups in the Cloud , 2018, IEEE Transactions on Information Forensics and Security.