New large-universe multi-authority ciphertext-policy ABE scheme and its application in cloud storage systems

We propose a new large-universe multi-authority ciphertext-policy attribute-based encryption system. In this system, any string can be used as an attribute of the system, and there are several authorities, each of which is responsible for the authorized key distribution of a specific set of attributes. Then, we prove its security under two static assumptions without random oracle. The main techniques used in this work are "Waters' hash" over global identifier and attribute information in the construction, as well as dual system encryption in the security proof. To the best of our knowledge, this is the first ciphertext-policy attribute-based encryption system satisfying both of "large-universe" property and "multi-authority" property without random oracle. Finally, as the application of our new scheme, we propose a new data access control scheme for cloud storage systems.

[1]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[2]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2014, IEEE Trans. Parallel Distributed Syst..

[3]  Jin Li,et al.  Outsourcing Encryption of Attribute-Based Encryption with MapReduce , 2012, ICICS.

[4]  Tao Jiang,et al.  TIMER: Secure and Reliable Cloud Storage against Data Re-outsourcing , 2014, ISPEC.

[5]  Wu Lei,et al.  Adaptively Secure Outsourcing Ciphertext-Policy Attribute-Based Encryption , 2015 .

[6]  Christian Esposito,et al.  Smart Cloud Storage Service Selection Based on Fuzzy Logic, Theory of Evidence and Game Theory , 2016, IEEE Transactions on Computers.

[7]  Xiaohua Jia,et al.  DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems , 2013, IEEE Transactions on Information Forensics and Security.

[8]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[9]  Tatsuaki Okamoto,et al.  Hierarchical Predicate Encryption for Inner-Products , 2009, ASIACRYPT.

[10]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[11]  Francesco Palmieri,et al.  GRASP-based resource re-optimization for effective big data access in federated clouds , 2016, Future Gener. Comput. Syst..

[12]  Tatsuaki Okamoto,et al.  Homomorphic Encryption and Signatures from Vector Decomposition , 2008, Pairing.

[13]  Christian Esposito,et al.  Interconnecting Federated Clouds by Using Publish-Subscribe Service , 2013, Cluster Computing.

[14]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[15]  Brent Waters,et al.  Efficient Statically-Secure Large-Universe Multi-Authority Attribute-Based Encryption , 2015, Financial Cryptography.

[16]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[17]  Xiaohui Liang,et al.  Secure Threshold Multi Authority Attribute Based Encryption without a Central Authority , 2008, INDOCRYPT.

[18]  G. Ravi,et al.  Attribute Based Encryption With Verifiable Outsourced Decryption , 2014 .

[19]  Hao Wang,et al.  Server Aided Ciphertext-Policy Attribute-Based Encryption , 2015, 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops.

[20]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[21]  Allison Bishop,et al.  Unbounded HIBE and Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[22]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[23]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[24]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[25]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[26]  Alfredo De Santis,et al.  Hierarchical and Shared Key Assignment , 2014, 2014 17th International Conference on Network-Based Information Systems.

[27]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[28]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[29]  Allison Lewko,et al.  Tools for simulating features of composite order bilinear groups in the prime order setting , 2012 .

[30]  Alfredo De Santis,et al.  Key Indistinguishability versus Strong Key Indistinguishability for Hierarchical Key Assignment Schemes , 2016, IEEE Transactions on Dependable and Secure Computing.

[31]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[32]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[33]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[34]  P. MuraliKrishna,et al.  SECURE SCHEMES FOR SECRET SHARING AND KEY DISTRIBUTION USING PELL'S EQUATION , 2013 .

[35]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[36]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[37]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.