scholarly journals Traceable Ciphertext-Policy Attribute-Based Encryption with Verifiable Outsourced Decryption in eHealth Cloud

2018 ◽  
Vol 2018 ◽  
pp. 1-12 ◽  
Author(s):  
Qi Li ◽  
Hongbo Zhu ◽  
Zuobin Ying ◽  
Tao Zhang
Keyword(s):  
Personal Health Information ◽  
Personal Health ◽  
Private Key ◽  
Resource Limited ◽  
Security Proof ◽  
Attribute Based Encryption ◽  
Identity Privacy ◽  
Outsourced Decryption ◽  
The One ◽  
Ciphertext Policy

In cloud-assisted electronic health care (eHealth) systems, a patient can enforce access control on his/her personal health information (PHI) in a cryptographic way by employing ciphertext-policy attribute-based encryption (CP-ABE) mechanism. There are two features worthy of consideration in real eHealth applications. On the one hand, although the outsourced decryption technique can significantly reduce the decryption cost of a physician, the correctness of the returned result should be guaranteed. On the other hand, the malicious physician who leaks the private key intentionally should be caught. Existing systems mostly aim to provide only one of the above properties. In this work, we present a verifiable and traceable CP-ABE scheme (VTCP-ABE) in eHealth cloud, which simultaneously supports the properties of verifiable outsourced decryption and white-box traceability without compromising the physician’s identity privacy. An authorized physician can obtain an ElGamal-type partial decrypted ciphertext (PDC) element of original ciphertext from the eHealth cloud decryption server (CDS) and then verify the correctness of returned PDC. Moreover, the illegal behaviour of malicious physician can be precisely (white-box) traced. We further exploit a delegation method to help the resource-limited physician authorize someone else to interact with the CDS. The formal security proof and extensive simulations illustrate that our VTCP-ABE scheme is secure, efficient, and practical.

scholarly journals A Lightweight Fine-Grained Search Scheme over Encrypted Data in Cloud-Assisted Wireless Body Area Networks

2019 ◽  
Vol 2019 ◽  
pp. 1-12 ◽  
Author(s):  
Mingsheng Cao ◽  
Luhan Wang ◽  
Zhiguang Qin ◽  
Chunwei Lou
Keyword(s):  
Keyword Search ◽  
Body Area Networks ◽  
Wireless Body Area Networks ◽  
Security And Privacy ◽  
Body Area ◽  
Encrypted Data ◽  
Fine Grained ◽  
Resource Limited ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

The wireless body area networks (WBANs) have emerged as a highly promising technology that allows patients’ demographics to be collected by tiny wearable and implantable sensors. These data can be used to analyze and diagnose to improve the healthcare quality of patients. However, security and privacy preserving of the collected data is a major challenge on resource-limited WBANs devices and the urgent need for fine-grained search and lightweight access. To resolve these issues, in this paper, we propose a lightweight fine-grained search over encrypted data in WBANs by employing ciphertext policy attribute based encryption and searchable encryption technologies, of which the proposed scheme can provide resource-constraint end users with fine-grained keyword search and lightweight access simultaneously. We also formally define its security and prove that it is secure against both chosen plaintext attack and chosen keyword attack. Finally, we make a performance evaluation to demonstrate that our scheme is much more efficient and practical than the other related schemes, which makes the scheme more suitable for the real-world applications.

scholarly journals Efficient access control with traceability and user revocation in IoT

2021 ◽  
Author(s):  
Yi Wu ◽  
Wei Zhang ◽  
Hu Xiong ◽  
Zhiguang Qin ◽  
Kuo-Hui Yeh
Keyword(s):  
Internet Of Things ◽  
Mobile Devices ◽  
Data Privacy ◽  
Constant Size ◽  
Security Proof ◽  
Attribute Based Encryption ◽  
Efficient Access ◽  
Cloud Server ◽  
User Revocation ◽  
Ciphertext Policy

AbstractWith the universality and availability of Internet of Things (IoT), data privacy protection in IoT has become a hot issue. As a branch of attribute-based encryption (ABE), ciphertext policy attribute-based encryption (CP-ABE) is widely used in IoT to offer flexible one-to-many encryption. However, in IoT, different mobile devices share messages collected, transmission of large amounts of data brings huge burdens to mobile devices. Efficiency is a bottleneck which restricts the wide application and adoption of CP-ABE in Internet of things. Besides, the decryption key in CP-ABE is shared by multiple users with the same attribute, once the key disclosure occurs, it is non-trivial for the system to tell who maliciously leaked the key. Moreover, if the malicious mobile device is not revoked in time, more security threats will be brought to the system. These problems hinder the application of CP-ABE in IoT. Motivated by the actual need, a scheme called traceable and revocable ciphertext policy attribute-based encryption scheme with constant-size ciphertext and key is proposed in this paper. Compared with the existing schemes, our proposed scheme has the following advantages: (1) Malicious users can be traced; (2) Users exiting the system and misbehaving users are revoked in time, so that they no longer have access to the encrypted data stored in the cloud server; (3) Constant-size ciphertext and key not only improve the efficiency of transmission, but also greatly reduce the time spent on decryption operation; (4) The storage overhead for traceability is constant. Finally, the formal security proof and experiment has been conducted to demonstrate the feasibility of our scheme.

Research on Access Control Based on CP-ABE Algorithm and Cloud Computing

2014 ◽  
Vol 513-517 ◽  
pp. 2273-2276
Author(s):  
Shao Min Zhang ◽  
Jun Ran ◽  
Bao Yi Wang
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Control Policy ◽  
Massive Data ◽  
Access Control Policy ◽  
Fine Grained ◽  
Network Bandwidth ◽  
Private Key ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

Ciphertext-Policy Attribute-based encryption (CP-ABE) mechanism is an extension of attribute-based encryption which associates the ciphertext and user's private key with the attribute by taking the attribute as a public key. It makes the representation of the access control policy more flexible, thus greatly reduces the network bandwidth and processing overhead of sending node brought by fine-grained access control of data sharing. According to the principle of CP-ABE encryption mechanism for this mechanism, an improved cloud computing-based encryption algorithm was proposed in this paper to overcome the deficiencies of permission changing process under the massive data. Experimental results show that compared with traditional methods, the new mechanism significantly reduces time-consuming.

scholarly journals Efficient Ciphertext-Policy Attribute-Based Online/Offline Encryption with User Revocation

2019 ◽  
Vol 2019 ◽  
pp. 1-11 ◽  
Author(s):  
Haiying Ma ◽  
Zhanjun Wang ◽  
Zhijin Guan
Keyword(s):  
Mobile Devices ◽  
Computational Costs ◽  
Private Key ◽  
Attribute Based Encryption ◽  
User Revocation ◽  
Key Update ◽  
Subset Difference ◽  
Ciphertext Policy ◽  
Selective Security ◽  
Over Time

Attribute-Based Encryption (ABE) must provide an efficient revocation mechanism since a user’s private key can be compromised or expired over time. The existing revocable ABE schemes have the drawbacks of heavy computational costs on key updates and encryption operations, which make the entities for performing these operations a possible bottleneck in practice applications. In this paper, we propose an efficient Ciphertext-Policy Attribute-Based Online/Offline Encryption with user Revocation (R-CP-ABOOE). We integrate the subset difference method with ciphertext-policy ABE to significantly improve key-update efficiency on the side of the trusted party from O(rlog⁡(N/r)) to O(r), where N is the number of users and r is the number of revoked users. To reduce the encryption burden for mobile devices, we use the online/offline technology to shift the majority of encryption work to the offline phase, and then mobile devices only need to execute a few simple computations to create a ciphertext. In addition, we exploit a novel trick to prove its selective security under the q-type assumption. Performance analysis shows that our scheme greatly improves the key-update efficiency for the trusted party and the encryption efficiency for mobile devices.

scholarly journals A New User Revocable Ciphertext-Policy Attribute-Based Encryption with Ciphertext Update

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Zhe Liu ◽  
Fuqun Wang ◽  
Kefei Chen ◽  
Fei Tang
Keyword(s):  
Secret Key ◽  
Data Confidentiality ◽  
Encrypted Data ◽  
Diffie Hellman ◽  
Security Proof ◽  
Attribute Based Encryption ◽  
Challenge Ciphertext ◽  
Identity Based ◽  
Ciphertext Policy ◽  
Selective Security

The revocable ciphertext-policy attribute-based encryption (R-CP-ABE) is an extension of ciphertext-policy attribute-based encryption (CP-ABE), which can realize user direct revocation and maintain a short revocation list. However, the revoked users can still decrypt the previously authorized encrypted data with their old key. The R-CP-ABE scheme should provide a mechanism to protect the encrypted data confidentiality by disqualifying the revoked users from accessing the previously encrypted data. Motivated by practical needs, we propose a new user R-CP-ABE scheme that simultaneously supports user direct revocation, short revocation list, and ciphertext update by incorporating the identity-based and time-based revocable technique. The scheme provides a strongly selective security proof under the modified decisional q -parallel bilinear Diffie–Hellman Exponent problem, where “strongly” means that the adversary can query the secret key of a user whose attribute set satisfies the challenge ciphertext access structure and whose identity is in the revocation list.

scholarly journals Survey on Revocation in Ciphertext-Policy Attribute-Based Encryption

Sensors ◽  
2019 ◽  
Vol 19 (7) ◽  
pp. 1695 ◽  
Author(s):  
Al-Dahhan ◽  
Shi ◽  
Lee ◽  
Kifayat
Keyword(s):  
Computational Cost ◽  
Sensitive Data ◽  
Resource Limited ◽  
Attribute Based Encryption ◽  
Wide Range ◽  
Secure Cloud Storage ◽  
Iot Devices ◽  
Ciphertext Policy ◽  
Cryptographic Techniques ◽  
High Computational Cost

Recently, using advanced cryptographic techniques to process, store, and share datasecurely in an untrusted cloud environment has drawn widespread attention from academicresearchers. In particular, Ciphertext‐Policy Attribute‐Based Encryption (CP‐ABE) is a promising,advanced type of encryption technique that resolves an open challenge to regulate fine‐grainedaccess control of sensitive data according to attributes, particularly for Internet of Things (IoT)applications. However, although this technique provides several critical functions such as dataconfidentiality and expressiveness, it faces some hurdles including revocation issues and lack ofmanaging a wide range of attributes. These two issues have been highlighted by many existingstudies due to their complexity which is hard to address without high computational cost affectingthe resource‐limited IoT devices. In this paper, unlike other survey papers, existing single andmultiauthority CP‐ABE schemes are reviewed with the main focus on their ability to address therevocation issues, the techniques used to manage the revocation, and comparisons among themaccording to a number of secure cloud storage criteria. Therefore, this is the first review paperanalysing the major issues of CP‐ABE in the IoT paradigm and explaining the existing approachesto addressing these issues.

Fully Secure Ciphertext-Policy Attribute-Based Encryption in Prime Order Group

2012 ◽  
Vol 263-266 ◽  
pp. 2920-2923
Author(s):  
Song Feng Lu ◽  
Yu Zhang ◽  
Jie Sun ◽  
Liping Yang
Keyword(s):  
Prime Order ◽  
Encryption Scheme ◽  
Secret Key ◽  
Order Group ◽  
Security Proof ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

We present a fully secure ciphertext-policy attribute-based encryption (CP-ABE) scheme in prime order group by using a tool which can convert composite order paring-based encryption scheme into prime order one. Although, a fully secure CP-ABE scheme in prime order group has been proposed recently, our scheme needs less master secret key size and can be seen as a different version of it. Besides, the sketch of our scheme's security proof is also given.

Sign in / Sign up

Export Citation Format

Share Document