scholarly journals Efficient Ciphertext-Policy Attribute-Based Encryption Constructions with Outsourced Encryption and Decryption

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Author(s):  
Hassan El Gafif ◽  
Ahmed Toumanari
Keyword(s):  
Service Provider ◽  
Real Life ◽  
Bilinear Pairings ◽  
Random Oracle ◽  
Cloud Provider ◽  
Sensitive Information ◽  
Attribute Based Encryption ◽  
Encryption And Decryption ◽  
Storage Service ◽  
Ciphertext Policy

The invention of the Ciphertext-Policy Attribute-Based Encryption scheme opened a new perspective for realizing attribute-based access control systems without being forced to trust the storage service provider, which is the case in traditional systems where data are sent to the storage service provider in clear and the storage service provider is the party that controls the access to these data. In the Ciphertext-Policy Attribute-Based Encryption model, the data owner encrypts data using an attribute-based access structure before sending them to the storage service, and only users with authorized sets of attributes can successfully decrypt the generated ciphertext. However, Ciphertext-Policy Attribute-Based Encryption schemes employ expensive operations (i.e., bilinear pairings and modular exponentiations) and generate long ciphertexts and secret keys, which makes them hard to implement in real-life applications especially for resource-constrained devices. In this paper, we propose two Ciphertext-Policy Attribute-Based Encryption Key Encapsulation Mechanisms that can be provided as services in the cloud, minimizing the user’s encryption and decryption costs without exposing any sensitive information to the public cloud provider. In the first scheme, the ABE Service Provider is considered fully untrusted. On the other hand, the second scheme requires the ABE Service Provider to be semi-trusted (Honest-but-Curious) and does not collude with illegitimate users. Both schemes are proved to be selectively CPA-secure in the random oracle. The theoretical and experimental performance results show that both our first and second schemes are more efficient than the reviewed outsourced CP-ABE schemes in terms of user-side computation, communication, and storage costs.

scholarly journals Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
Sensitive Information ◽  
Security Model ◽  
Computational Overhead ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Iot Devices ◽  
Ciphertext Policy ◽  
Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy for Recruitment in Smart City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city, as a promising technical tendency, greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company's future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy for recruitment in smart city. Specifically, we introduce a new security model chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user's attributes satisfy the public policy, it's possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme supports a more expressive access policy, since the access policy of their schemes only work on the ``AND-gate'' structure. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud. Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Traceable and undeniable ciphertext-policy attribute-based encryption for cloud storage service

2019 ◽  
Vol 15 (4) ◽  
pp. 155014771984127 ◽  
Author(s):  
Gang Yu ◽  
Yongjuan Wang ◽  
Zhenfu Cao ◽  
Jian Lin ◽  
Xiangyu Wang
Keyword(s):  
Cloud Storage ◽  
Attribute Based Encryption ◽  
Cloud Storage Service ◽  
Storage Service ◽  
Ciphertext Policy

Large Universe CCA2 CP-ABE With Equality and Validity Test in the Standard Model

2020 ◽  
Author(s):  
Cong Li ◽  
Qingni Shen ◽  
Zhikang Xie ◽  
Xinyu Feng ◽  
Yuejian Fang ◽  
...  
Keyword(s):  
Standard Model ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Fine Grained ◽  
Validity Check ◽  
Attribute Based Encryption ◽  
The Standard Model ◽  
Series Of Experiments ◽  
Ciphertext Policy ◽  
Chosen Ciphertext Security

Abstract Attribute-based encryption with equality test (ABEET) simultaneously supports fine-grained access control on the encrypted data and plaintext message equality comparison without decrypting the ciphertexts. Recently, there have been several literatures about ABEET proposed. Nevertheless, most of them explore the ABEET schemes in the random oracle model, which has been pointed out to have many defects in practicality. The only existing ABEET scheme in the standard model, proposed by Wang et al., merely achieves the indistinguishable against chosen-plaintext attack security. Considering the aforementioned problems, in this paper, we propose the first direct adaptive chosen-ciphertext security ciphertext-policy ABEET scheme in the standard model. Our method only adopts a chameleon hash function and adds one dummy attribute to the access structure. Compared with the previous works, our scheme achieves the security improvement, ciphertext validity check and large universe. Besides, we further optimize our scheme to support the outsourced decryption. Finally, we first give the detailed theoretical analysis of our constructions in computation and storage costs, then we implement our constructions and carry out a series of experiments. Both results indicate that our constructions are more efficient in Setup and Trapdoor and have the shorter public parameters than the existing ABEET ones do.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy from Keyword Search Techniques in Smarty City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company’s future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy from keyword search (KS) techniques in smart city. Specifically, we introduce a new security model chosen sensitive policy security : two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user’s attributes satisfy the public policy, it’s possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme exploits KS techniques to achieve more expressive and efficient, while the access policy of their schemes only work on the “AND-gate” structure or their ciphertext size or decryption time maybe super-polynomial. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud.Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals A Privacy Preserving and Efficient Multi Authority – CP-ABE Scheme for Secure Cloud Communication

2021 ◽  
Author(s):  
Shardha Porwal ◽  
Sangeeta Mittal
Keyword(s):  
Communication Overhead ◽  
Computing Environment ◽  
Constant Length ◽  
Cloud Computing Environment ◽  
Key Escrow ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Encryption And Decryption ◽  
Share Data ◽  
Ciphertext Policy

In the cloud computing environment, Multi authority Ciphertext Policy-Attribute Based Encryption (CP-ABE) schemes are used as a key escrow free solution to securely and efficiently share data over cloud. However, the length of ciphertext in existing Multi Authority-CP-ABE schemes increases with the number of attributes in the access policy. Moreover, these schemes do not protect against dishonest attribute authorities. In this paper, a constant length ciphertext Multi Authority-CP-ABE scheme is proposed that reduces the communication overhead over the network. The scheme also prevents dishonest authority from compromising the system. Apart from this, for enhanced privacy of receivers, the access policy is communicated in hidden form. Thus, the presented scheme provides an efficient corrupt resistant, key escrow free Multi Authority-CP-ABE scheme by generating constant length ciphertext and hidden access structure. Results demonstrate the enhanced security and reduced cost of encryption and decryption by 8% and 48% respectively as compared to other existing works.

scholarly journals Simplified ciphertext-policy attribute-based encryption scheme with attribute level collusion resistance for cloud storage

2021 ◽  
Vol 2089 (1) ◽  
pp. 012010
Author(s):  
Naresh Vurukonda ◽  
Venkateshwarlu Velde ◽  
M. TrinathBasu ◽  
P. Tejasri
Keyword(s):  
Service Providers ◽  
Sensitive Information ◽  
Privacy Policy ◽  
Collusion Resistance ◽  
Cloud Data ◽  
Attribute Based Encryption ◽  
Cloud Server ◽  
Ciphertext Policy ◽  
And Control ◽  
Cloud Applications

Abstract The core objective of our paper is that to overcome the challenges of secure data sharing problem in cloud where users can access data if they acquire a certain set of attributes or credentials. At present, there is only one way for implementing such procedures is by employing a reliable server to mediate access control, store the data. The service providers have whole control over cloud applications, client’s data and hardware. However, if the data stored in the cloud server is conceded, then the data confidentiality will be compromised. With simplified CP-ABE data is confidential even though storage server is un trusted. Hence privacy of cloud data is enhanced by proposing a methodology that uses a privacy policy, encrypts the data based upon various group of attributes related to the user. The decryption of the data can be done only when his/her attributes match with the privacy policy. Simplified CP-ABE makes it easier to secure, broadcast and control the access of sensitive information, specifically across the cloud’s server and decrease collision resistance.

scholarly journals Large Universe Ciphertext-Policy Attribute-Based Encryption with Attribute Level User Revocation in Cloud Storage

2019 ◽  
Vol 17 (1) ◽  
pp. 107-117 ◽  
Author(s):  
Huijie Lian ◽  
Qingxian Wang ◽  
Guangbo Wang
Keyword(s):  
Cloud Storage ◽  
Attribute Level ◽  
Cloud Provider ◽  
Secret Key ◽  
Computational Load ◽  
Attribute Based Encryption ◽  
The Standard Model ◽  
Important Challenge ◽  
User Revocation ◽  
Ciphertext Policy

Ciphertext-Policy Attribute-Based Encryption (CP-ABE), especially large universe CP-ABE that is not bounded with the attribute set, is getting more and more extensive application in the cloud storage. However, there exists an important challenge in original large universe CP-ABE, namely dynamic user and attribute revocation. In this paper, we propose a large universe CP-ABE with efficient attribute level user revocation, namely the revocation to an attribute of some user cannot influence the common access of other legitimate attributes. To achieve the revocation, we divide the master key into two parts: delegation key and secret key, which are sent to the cloud provider and user separately. Note that, our scheme is proved selectively secure in the standard model under "q-type" assumption. Finally, the performance analysis and experimental verification have been carried out in this paper, and the experimental results show that, compared with the existing revocation schemes, although our scheme increases the computational load of storage Service Provider (CSP) in order to achieve the attribute revocation, it does not need the participation of Attribute Authority (AA), which reduces the computational load of AA. Moreover, the user does not need any additional parameters to achieve the attribute revocation except of the private key, thus saving the storage space greatly

scholarly journals Outsourced ciphertext-policy attribute-based encryption with partial policy hidden

2020 ◽  
Vol 16 (5) ◽  
pp. 155014772092636
Author(s):  
Jinxia Yu ◽  
Guanghui He ◽  
Xixi Yan ◽  
Yongli Tang ◽  
Rongxia Qin
Keyword(s):  
Bilinear Pairing ◽  
Sensitive Information ◽  
Privacy Concerns ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Cloud Server ◽  
And Performance ◽  
Ciphertext Policy ◽  
Access Policies

Attribute-based encryption is an efficient and flexible fine-grained access control scheme. However, how to realize the attribute privacy concerns in the access policy and optimize the heavy computing overhead have been not adequately addressed. First, in view of the open-access policies formulated by data owners in the cloud environment and the linear growth of bilinear pairing operations with the number of attributes in the decryption process, a verifiable outsourced attribute-based encryption with partial policy hidden scheme is proposed, in which the attribute name of access policy can be sent while attribute value involving sensitive information can be hidden, so nobody can infer information from the access policy. Second, the bilinear pairing operation and modular power operation are outsourced to the cloud server, then users only need to perform constant exponential operation to decrypt. In addition, the proposed scheme is based on the composite order bilinear group and satisfies full secure under the standard model. Finally, compared with other schemes in term of function and performance, it shows that this scheme is more efficient and suitable for resource-constrained mobile devices in outsourcing environment.

scholarly journals Accounting and Privacy Preserving of Data Owner in Cloud Storage

2021 ◽  
Vol 10 (6) ◽  
pp. 14-17
Author(s):  
Mohan A. ◽  
vamshikrishna P.
Keyword(s):  
Distributed Computing ◽  
Cloud Storage ◽  
Cloud Provider ◽  
Confidential Information ◽  
Encrypted Data ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Data Owner ◽  
Edos Attacks ◽  
Ciphertext Policy

People use the support of distributed computing however can't completely believe the cloud suppliers to have protection and confidential information. To guarantee secrecy, data owners relocate encoded information rather than plain texts. To divide the encoded documents with different clients, Ciphertext-Policy Attribute-based Encryption (CP-ABE) can be utilized. But this cannot become secure against some other assaults. Many other schemes did not gave guarantee that the cloud provider has the power to check whether a downloader can unscramble or not. Consequently, these files are accessible to everybody who is approachable to the cloud storage. An intentionally harmful assailant can download a great many records to start Economic Denial of Sustainability (EDoS) attacks, it will to a great extent expend the cloud asset. The owner will bear all the expenses for the cloud storage but the cloud provider doesn’t provide the whole information about the access or usage. There is no transparency for the owner. We have to solve these concerns. In order to this we are going to propose a solution for securing the encrypted data from EDoS attacks and providing the owner whole usage information about the cloud storage. We are implementing by using the arbitrary access policy of CP-ABE.

Sign in / Sign up

Export Citation Format

Share Document