scholarly journals AKC-Based Revocable ABE Schemes from LWE Assumption

2020 ◽  
Vol 2020 ◽  
pp. 1-16
Author(s):  
Leixiao Cheng ◽  
Fei Meng ◽  
Xianmeng Meng ◽  
Qixin Zhang
Keyword(s):  
Full Rank ◽  
Public Key Cryptography ◽  
Building Blocks ◽  
Public Key ◽  
Attribute Level ◽  
Attribute Based Encryption ◽  
Sampling Algorithms ◽  
Ciphertext Policy ◽  
Directly Revocable ◽  
Access Policies

The emergence of quantum computing threatens many classical cryptographic schemes, leading to the innovations in public-key cryptography for postquantum cryptography primitives and protocols that resist to quantum attacks. Lattice-based cryptography is considered to be one of the promising mathematical approaches to achieving security resistant to quantum attacks, which could be built on the learning with errors (LWE) problem and its variants. The fundamental building blocks of protocols for public-key encryption (PKE) and key encapsulation mechanism (KEM) submitted to the National Institute of Standards and Technology (NIST) based on LWE and its variants are called key consensus (KC) and asymmetric key consensus (AKC) by Jin et al. They are powerful tools for constructing PKE schemes. In this work, we further demonstrate the power of KC/AKC by proposing two special types of PKE schemes, namely, revocable attribute-based encryption (RABE). To be specific, on the basis of AKC and PKE/KEM protocols submitted to the NIST based on LWE and its variants, combined with full-rank difference, trapdoor on lattices, sampling algorithms, leftover hash lemma, and binary tree structure, we propose two directly revocable ciphertext-policy attribute-based encryption (DR-ABE) schemes from LWE, which support flexible threshold access policies on multivalued attributes, achieving user-level and attribute-level user revocation, respectively. Specifically, the construction of the ciphertext is derived from AKC, and the revocation list is defined and embedded into the ciphertext by the message sender to revoke a user in the user-level revocable scheme or revoke some attributes of a certain user in the attribute-level revocable scheme. We also discuss how to outsource decryption and reduce the workload for the end user. Our schemes proved to be secure in the standard model, assuming the hardness of the LWE problem. The two schemes imply the versatility of KC/AKC.

scholarly journals Access Policy’s Over Encrypted Cloud Storage for Secure Deduplication

2018 ◽  
Vol 7 (3.27) ◽  
pp. 27
Author(s):  
G Kiran Kumar ◽  
E Amarnath Reddy ◽  
B Mamatha ◽  
Kompally Manisha
Keyword(s):  
Cloud Storage ◽  
Data Access ◽  
Public Key Cryptography ◽  
Public Key ◽  
Symmetric Encryption ◽  
Private Key ◽  
Attribute Based Encryption ◽  
Original File ◽  
Ciphertext Policy ◽  
Access Policies

Attribute-Based Encryption (ABE) is a basic concept that considers public-key cryptography. Ciphertext-Policy ABE (CP-ABE) is one of the approaches used by ABE for data sharing in the cloud. In CP-ABE scheme, each user’s private key has a set of attributes and then the user decrypts a ciphertext if it holds a matching key. Our proposed system provides an extension to CP-ABE by implementing AES. AES uses a symmetric encryption key algorithm for a same set of keys. Our system provides a higher security through AES because of its complexity and helps in generating the content key . This key is used during the encryption of the original file over the cloud. Our methodology also focuses on deduplication to provide less consumption of cloud storage over the cloud. Another advantage of using this system is to provide an efficient way of data access via access policies for a certain set of credentials.  

scholarly journals Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
Sensitive Information ◽  
Security Model ◽  
Computational Overhead ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Iot Devices ◽  
Ciphertext Policy ◽  
Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Unified Ciphertext-Policy Weighted Attribute-Based Encryption for Sharing Data in Cloud Computing

2018 ◽  
Vol 8 (12) ◽  
pp. 2519
Author(s):  
Wei Li ◽  
Wei Ni ◽  
Dongxi Liu ◽  
Ren Liu ◽  
Shoushan Luo
Keyword(s):  
Cloud Computing ◽  
Mutual Information ◽  
Data Sharing ◽  
Rapid Development ◽  
Sharing Scheme ◽  
Attribute Based Encryption ◽  
Share Data ◽  
Efficient Data ◽  
Ciphertext Policy ◽  
Access Policies

With the rapid development of cloud computing, it is playing an increasingly important role in data sharing. Meanwhile, attribute-based encryption (ABE) has been an effective way to share data securely in cloud computing. In real circumstances, there is often a mutual access sub-policy in different providers’ access policies, and the significance of each attribute is usual diverse. In this paper, a secure and efficient data-sharing scheme in cloud computing, which is called unified ciphertext-policy weighted attribute-based encryption (UCP-WABE), is proposed. The weighted attribute authority assigns weights to attributes depending on their importance. The mutual information extractor extracts the mutual access sub-policy and generates the mutual information. Thus, UCP-WABE lowers the total encryption time cost of multiple providers. We prove that UCP-WABE is selectively secure on the basis of the security of ciphertext-policy weighted attribute-based encryption (CP-WABE). Additionally, the results of the implementation shows that UCP-WABE is efficient in terms of time.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy for Recruitment in Smart City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city, as a promising technical tendency, greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company's future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy for recruitment in smart city. Specifically, we introduce a new security model chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user's attributes satisfy the public policy, it's possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme supports a more expressive access policy, since the access policy of their schemes only work on the ``AND-gate'' structure. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud. Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy from Keyword Search Techniques in Smarty City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company’s future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy from keyword search (KS) techniques in smart city. Specifically, we introduce a new security model chosen sensitive policy security : two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user’s attributes satisfy the public policy, it’s possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme exploits KS techniques to achieve more expressive and efficient, while the access policy of their schemes only work on the “AND-gate” structure or their ciphertext size or decryption time maybe super-polynomial. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud.Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals A CIPHERTEXT-POLICY ATTRIBUTE-BASED SEARCHABLE ENCRYPTION SCHEME IN NON-INTERACTIVE MODEL

2019 ◽  
Vol 35 (3) ◽  
pp. 233-249
Author(s):  
Van Anh Trinh ◽  
Viet Cuong Trinh
Keyword(s):  
Keyword Search ◽  
Public Key ◽  
Communication Overhead ◽  
Encryption Scheme ◽  
Public Key Encryption ◽  
Encrypted Data ◽  
Attribute Based Encryption ◽  
Encrypt Data ◽  
Cryptographic Primitive ◽  
Ciphertext Policy

We address the problem of searching on encrypted data with expressive searching predicate and multi-writer/multi-reader, a cryptographic primitive which has many concrete application scenarios such as cloud computing, email gateway application and so on. In this paper, we propose a public-key encryption with keyword search scheme relied on the ciphertext-policy attribute-based encryption scheme. In our system, we consider the model where a user can generate trapdoors by himself/herself, we thus can remove the Trusted Trapdoor Generator which can save the resource and communication overhead. We also investigate the problem of combination of a public key encryption used to encrypt data and a public-key encryption with keyword search used to encrypt keywords, which can save the storage of the whole system

Fine-Grained Access Control with Efficient Revocation in Cloud Storage

2014 ◽  
Vol 571-572 ◽  
pp. 79-89
Author(s):  
Ting Zhong ◽  
You Peng Sun ◽  
Qiao Liu
Keyword(s):  
Access Control ◽  
Cloud Storage ◽  
Storage System ◽  
Fine Grained ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Encrypt Data ◽  
User Revocation ◽  
Ciphertext Policy ◽  
Access Policies

In the cloud storage system, the server is no longer trusted, which is different from the traditional storage system. Therefore, it is necessary for data owners to encrypt data before outsourcing it for sharing. Simultaneously, the enforcement of access policies and support of policies updates becomes one of the most challenging issues. Ciphertext-policy attribute-based encryption (CP-ABE) is an appropriate solution to this issue. However, it comes with a new obstacle which is the attribute and user revocation. In this paper, we propose a fine-grained access control scheme with efficient revocation based on CP-ABE approach. In the proposed scheme, we not only realize an efficient and immediate revocation, but also eliminate some burden of computational overhead. The analysis results indicate that the proposed scheme is efficient and secure for access control in cloud storage systems.

scholarly journals A CP-ABE Scheme Supporting Arithmetic Span Programs

2020 ◽  
Vol 2020 ◽  
pp. 1-16
Author(s):  
Chao Ma ◽  
Haiying Gao ◽  
Duo Wei
Keyword(s):  
Computing Environment ◽  
Cloud Computing Environment ◽  
Fine Grained ◽  
Access Structures ◽  
Attribute Based Encryption ◽  
Experimental Sequence ◽  
Secret Keys ◽  
Span Programs ◽  
Ciphertext Policy ◽  
Access Policies

Attribute-based encryption achieves fine-grained access control, especially in a cloud computing environment. In a ciphertext-policy attribute-based encryption (CP-ABE) scheme, the ciphertexts are associated with the access policies, while the secret keys are determined by the attributes. In recent years, people have tried to find more effective access structures to improve the efficiency of encryption systems. This paper presents a ciphertext-policy attribute-based encryption scheme that supports arithmetic span programs. On the composite-order bilinear group, the security of the scheme is proven by experimental sequence based on the combination of composite-order bilinear entropy expansion lemma and subgroup decision (SD) assumption. And, it is an adaptively secure scheme with constant-size public parameters.

Sign in / Sign up

Export Citation Format

Share Document