Key-policy attribute-based encryption against continual auxiliary input leakage

Abstract Attribute-based encryption mechanism can achieve very flexible access control, so it has a wide range of applications in the distributed environment, such as fine-grained access control, audit log applications, cloud storage systems. Key-policy attribute-based encryption (KP-ABE) scheme is especially suitable for video on demand, pay TV, etc. Most of the existing KP-ABE schemes do not consider the side channel attacks which probably leak some secret information about the cryptosystems. In the paper, we present the formal definition and security model of key-policy attribute-based encryption scheme which is resilient to continual auxiliary input (CAI) leakage. What is more, we present a concrete KP-ABE scheme. The proposed scheme is proved secure under the static assumptions.

[1]  Moni Naor,et al.  Public-Key Cryptosystems Resilient to Key Leakage , 2012, SIAM J. Comput..

[2]  Jiguo Li,et al.  Ciphertext-Policy Attribute-Based Encryption with Hidden Access Policy and Testing , 2016, KSII Trans. Internet Inf. Syst..

[3]  Hao Yan,et al.  A Novel Efficient Remote Data Possession Checking Protocol in Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[4]  Jiguo Li,et al.  Hierarchical attribute based encryption with continuous leakage-resilience , 2019, Inf. Sci..

[5]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[6]  Yang Lu,et al.  Provably secure identity-based encryption resilient to post-challenge continuous auxiliary input leakage , 2016, Secur. Commun. Networks.

[7]  Xiaolei Dong,et al.  White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Flexible Attributes , 2015, IEEE Transactions on Information Forensics and Security.

[8]  Yunlei Zhao,et al.  Efficient Public Key Cryptosystem Resilient to Key Leakage Chosen Ciphertext Attacks , 2013, CT-RSA.

[9]  Yang Lu,et al.  Continuous leakage-resilient certificate-based encryption , 2016, Inf. Sci..

[10]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[11]  Jiguo Li,et al.  Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing , 2017, IEEE Transactions on Services Computing.

[12]  Allison Bishop,et al.  Revocation Systems with Very Small Private Keys , 2010, 2010 IEEE Symposium on Security and Privacy.

[13]  Yang Lu,et al.  Anonymous certificate-based broadcast encryption with constant decryption cost , 2018, Inf. Sci..

[14]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[15]  Jiguo Li,et al.  A Leakage-Resilient CCA-Secure Identity-Based Encryption Scheme , 2016, Comput. J..

[16]  Jiguo Li,et al.  Certificateless Public Integrity Checking of Group Shared Data on Cloud Storage , 2018, IEEE Transactions on Services Computing.

[17]  Yael Tauman Kalai,et al.  Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[18]  Jian Shen,et al.  Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Ciphertext Length , 2017, Secur. Commun. Networks.

[19]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[20]  Siu-Ming Yiu,et al.  Identity-Based Encryption Resilient to Continual Auxiliary Leakage , 2012, EUROCRYPT.

[21]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[22]  Jiguo Li,et al.  Identity-based broadcast encryption with continuous leakage resilience , 2018, Inf. Sci..

[23]  Jian Shen,et al.  User Collusion Avoidance CP-ABE With Efficient Attribute Revocation for Cloud Storage , 2018, IEEE Systems Journal.

[24]  Yael Tauman Kalai,et al.  Public-Key Encryption Schemes with Auxiliary Inputs , 2010, TCC.

[25]  Jiguo Li,et al.  Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation , 2014, International Journal of Information Security.

[26]  Kefei Chen,et al.  Efficient chosen-ciphertext secure public-key encryption scheme with high leakage-resilience , 2015, IET Inf. Secur..

[27]  Allison Bishop,et al.  Achieving Leakage Resilience through Dual System Encryption , 2011, TCC.

[28]  Vinod Vaikuntanathan,et al.  Simultaneous Hardcore Bits and Cryptography against Memory Attacks , 2009, TCC.

[29]  Yevgeniy Dodis,et al.  Cryptography against Continuous Memory Attacks , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[30]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[31]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[32]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[33]  Yao Wang,et al.  Full Verifiability for Outsourced Decryption in Attribute Based Encryption , 2020, IEEE Transactions on Services Computing.

[34]  Zhen Liu,et al.  White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Any Monotone Access Structures , 2013, IEEE Transactions on Information Forensics and Security.

[35]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[36]  Yang Lu,et al.  Provably secure certificate-based encryption with leakage resilience , 2017, Theor. Comput. Sci..

[37]  Carmit Hazay,et al.  Leakage-Resilient Cryptography from Minimal Assumptions , 2015, Journal of Cryptology.

[38]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[39]  Allison Bishop,et al.  Unbounded HIBE and Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[40]  Jian Shen,et al.  Hierarchical attribute-based encryption with continuous auxiliary inputs leakage , 2016, Secur. Commun. Networks.

[41]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[42]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[43]  Jin Li,et al.  Anonymous attribute-based encryption supporting efficient decryption test , 2013, ASIA CCS '13.

[44]  Silvio Micali,et al.  Physically Observable Cryptography (Extended Abstract) , 2004, TCC.

[45]  Jiguo Li,et al.  Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage , 2017, Int. J. Commun. Syst..

[46]  Xinyi Huang,et al.  Certificate-based encryption resilient to key leakage , 2016, J. Syst. Softw..

[47]  Allison Bishop,et al.  New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts , 2010, IACR Cryptol. ePrint Arch..

[48]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[49]  Robert H. Deng,et al.  Fully secure key-policy attribute-based encryption with constant-size ciphertexts and fast decryption , 2014, AsiaCCS.