A Ciphertext-Policy Attribute-Based Encryption Based on an Ordered Binary Decision Diagram

Ciphertext-policy attribute-based encryption (CP-ABE) is widely used in many cyber physical systems and the Internet of Things for guaranteeing information security. In order to improve the performance and efficiency of CP-ABE, this paper makes a change to the access structure of describing access polices in CP-ABE, and presents a new CP-ABE system based on the ordered binary decision diagram (OBDD). The new system makes full use of both the powerful description ability and the high calculating efficiency of OBDD. First, in the access structure, the new system allows multiple occurrences of the same attribute in a strategy, supports both positive attribute and negative attribute in the description of access polices, and can describe free-form access polices by using Boolean operations. Second, in the key generation stage, the size of secret keys generated by the new system is constant and not affected by the number of attributes; furthermore, time complexity of the key generation algorithm is O(1). Third, in the encryption stage, both the time complexity of the encryption algorithm and the size of generated ciphertext are determined by the number of valid paths contained in the OBDD instead of the number of attributes occurring in access polices. Finally, in the decryption stage, the new system supports fast decryption and the time complexity of the decryption algorithm is only O(1). As a result, compared with existing CP-ABE schemes, the new system has better performance and efficiency. It is proved that the new CP-ABE system can also resist collision attack and chosen-plaintext attack under the decisional bilinear Diffie Hellman assumption.

[1]  Josep Domingo-Ferrer,et al.  Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts , 2014, Inf. Sci..

[2]  K. Kuppusamy,et al.  An expressive and provably secure Ciphertext-Policy Attribute-Based Encryption , 2014, Inf. Sci..

[3]  Ratna Dutta,et al.  Dynamic Ciphertext-Policy Attribute-Based Encryption for Expressive Access Policy , 2014, ICDCIT.

[4]  R. Kalaiselvi,et al.  SCALABLE AND SECURE SHARING OF PERSONAL HEALTH RECORDS IN CLOUD COMPUTING , 2016 .

[5]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[6]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[7]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[8]  Jiguo Li,et al.  Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing , 2017, IEEE Transactions on Services Computing.

[9]  Dongqing Xie,et al.  Multi-authority ciphertext-policy attribute-based encryption with accountability , 2011, ASIACCS '11.

[10]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[11]  Qin Liu,et al.  Hierarchical Multi-Authority and Attribute-Based Encryption Friend Discovery Scheme in Mobile Social Networks , 2016, IEEE Communications Letters.

[12]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[13]  Patrice Clemente,et al.  An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system , 2014, Future Gener. Comput. Syst..

[14]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[15]  Sheldon B. Akers,et al.  Binary Decision Diagrams , 1978, IEEE Transactions on Computers.

[16]  Dijiang Huang,et al.  Efficient Attribute-Based Comparable Data Access Control , 2015, IEEE Transactions on Computers.

[17]  Y. Sreenivasa Rao,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Signcryption for Personal Health Records sharing in cloud computing , 2017, Future Gener. Comput. Syst..

[18]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[19]  Zhibin Zhou,et al.  Efficient Privacy-Preserving Ciphertext-Policy Attribute Based-Encryption and Broadcast Encryption , 2015, IEEE Transactions on Computers.

[20]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[21]  Rolf Drechsler,et al.  Binary decision diagrams in theory and practice , 2001, International Journal on Software Tools for Technology Transfer.

[22]  Arash Habibi Lashkari,et al.  Binary Decision Diagram (BDD) , 2009, 2009 International Conference on Future Computer and Communication.