Blocked linear secret sharing scheme for scalable attribute based encryption in manageable cloud storage system

Abstract Cloud provides outsourced storage services in a cost-effective manner. A key challenge of cloud storage is the security and privacy of outsourced data. A security mechanism known as attribute-based encryption (ABE) represents the state-of-the-art in providing fine-grained access control for cloud storage. The managing of access policy is a critical issue of ABE. Policy managing may incur substantial computation and communication overhead in the ABE scheme with unscalable access policy. In this work, we firstly propose a form of scalable access policy named blocked linear secret sharing scheme (BLSSS). The scalability of BLSSS provides efficient policy managing interface for ABE scheme. Then, we propose a scalable ciphertext-policy attribute-based encryption (SCP-ABE) scheme which uses BLSSS as access policy. Significantly, the proposed SCP-ABE is low-cost in computation and communication during policy managing. Furthermore, sufficient simulation experiments demonstrate that SCP-ABE outperforms most existing ABE schemes in terms of policy managing.

[1]  Zhaowen Lin,et al.  A completely fair secret sharing scheme without dealer , 2016, 2016 IEEE International Conference on Consumer Electronics-Taiwan (ICCE-TW).

[2]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[3]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[4]  Xingming Sun,et al.  Enabling Personalized Search over Encrypted Outsourced Data with Efficiency Improvement , 2016, IEEE Transactions on Parallel and Distributed Systems.

[5]  James L. Massey,et al.  Minimal Codewords and Secret Sharing , 1999 .

[6]  Alexei E. Ashikhmin,et al.  Almost Affine Codes , 1998, Des. Codes Cryptogr..

[7]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[8]  Ya Wang,et al.  Cloud Storage as the Infrastructure of Cloud Computing , 2010, 2010 International Conference on Intelligent Computing and Cognitive Informatics.

[9]  Zhihua Xia,et al.  A Secure and Dynamic Multi-Keyword Ranked Search Scheme over Encrypted Cloud Data , 2016, IEEE Transactions on Parallel and Distributed Systems.

[10]  Josh Benaloh,et al.  Generalized Secret Sharing and Monotone Functions , 1990, CRYPTO.

[11]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[12]  Xiaohua Jia,et al.  Enabling efficient access control with dynamic policy updating for big data in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[13]  Ernest F. Brickell,et al.  Some Ideal Secret Sharing Schemes , 1990, EUROCRYPT.

[14]  Svetla Nikova,et al.  New Monotone Span Programs from Old , 2004, IACR Cryptol. ePrint Arch..

[15]  Jiguo Li,et al.  Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage , 2017, Int. J. Commun. Syst..

[16]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[17]  Zhihua Xia,et al.  A Privacy-Preserving and Copy-Deterrence Content-Based Image Retrieval Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[18]  Hakim Weatherspoon,et al.  RACS: a case for cloud storage diversity , 2010, SoCC '10.

[19]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[20]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[21]  Hiroyuki Sato,et al.  Updating Policies in CP-ABE-Based Access Control: An Optimized and Secure Service , 2016, ESOCC.

[22]  Fatos Xhafa,et al.  Designing cloud-based electronic health record system with attribute-based encryption , 2014, Multimedia Tools and Applications.

[23]  Avi Wigderson,et al.  On span programs , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[24]  Ingemar Ingemarsson,et al.  A Construction of Practical Secret Sharing Schemes using Linear Block Codes , 1992, AUSCRYPT.

[25]  Brent Waters,et al.  Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption , 2012, IACR Cryptol. ePrint Arch..

[26]  G. R. Blakley,et al.  Linear Algebra Approach to Secret Sharing Schemes , 1993, Error Control, Cryptology, and Speech Compression.

[27]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[28]  Massoud Hadian Dehkordi,et al.  A Lightweight Public Verifiable Multi Secret Sharing Scheme Using Short Integer Solution , 2016, Wirel. Pers. Commun..

[29]  Máté Horváth,et al.  Attribute-Based Encryption Optimized for Cloud Computing , 2015, IACR Cryptol. ePrint Arch..

[30]  Jyoti Shetty,et al.  An Approach to Secure Access to Cloud Storage Service , 2015 .

[31]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[32]  Adi Shamir,et al.  How to share a secret , 1979, CACM.