Journal of the Institute of Electronics and Information Engineers (전자공학회논문지)

The Institute of Electronics and Information Engineers (대한전자공학회)
권호 표지
DOI QR코드

DOI QR Code

Ciphertext Policy-Attribute Based Encryption with Non Monotonic Access Structures

비단조 접근 구조를 갖는 CP-ABE 방식

  • Received : 2013.05.01
  • Published : 2013.09.25
Download PDF
⟨ Previous Next ⟩

Abstract

A ciphertext policy-attribute based encryption(CP-ABE) scheme can be used to realize access control mechanism without a trusted server. We propose an attribute-based access control mechanism by incorporating a CP-ABE scheme to ensure only authorized users can access the sensitive data. The idea of CP-ABE is to include access control policy in the ciphertexts, in which they can only be decrypted if a user possesses attributes that pass through the ciphertext's access structure. In this paper, we prove a secure CP-ABE scheme where the policy can be expressed in non-monotonic access structures. We further compare the performance of our scheme with the existing CP-ABE schemes.

CP-ABE 방식은 신뢰된 서버 없이 접근 제어 메카니즘을 구현할 수 있다. 본 논문에서는 권한을 부여받은 사용자가 민감한 데이터에 접근할 수 있도록 CP-ABE 방식으로 속성기반 접근 제어 메카니즘을 제안한다. CP-ABE 개념은 암호문에서 접근 제어 방법을 포함하는 것이다. 만약 사용자가 암호문의 접근 구조를 통해 속성을 가진다면 암호문은 복호될 수 있다. 본 논문에서는 제안한 CP-ABE 방식이 비단조 접근 구조로 표현됨을 증명하고 다른 CP-ABE 방식들과 성능 비교한다.

Keywords

References

  1. R. S. Sandhu and P. Samarati, "Access Control: Principles and Practice.", Communications Magazine, IEEE, vol. 32, no. 9, pp. 40-48, 1994.
  2. A. Kapadia, P. P. Tsang, and S. W. Smith. "Attribute-based publishing with hidden credentials and hidden policies." in Proceedings of The 14th Annual Network and Distributed System Security Symposium (NDSS), pp. 179-192, 2007.
  3. M. Pirretti, P. Traynor, P. McDaniel and B. Waters, "Secure attribute-based systems." in Proceedings of the 13th ACM conference on Computer and communications security, pp. 99-112, 2006.
  4. A. Sahai and B. Waters, "Fuzzy identity-based encryption", EUROCRYPT, Lecture Notes in Computer Science, vol 3494, pp. 457-473. Springer, 2005.
  5. V. Goyal, O. Pandey, A. Sahai, and B. Waters, "Attribute-based encryption for fine-grained access control of encrypted data." in Proceedings of the 13th ACM conference on Computer and communications security, CCS'06, (New York, NY, USA), pp. 89-98, ACM, 2006.
  6. J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext-policy attribute-based encryption." in IEEE Symposium on Security and Privacy, pp. 321-334, IEEE Computer Society, 2007.
  7. L. Ibraimi, Q. Tang, P. Hartel, and W. Jonker, "Efficient and provable secure ciphertext-policy attribute-based encryption schemes." in Proceedings of the 5th International Conference on Information Security Practice and Experience, ISPEC '09, (Berlin, Heidelberg), pp. 1-12, Springer-Verlag, 2009.
  8. B. Waters, "Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization." in Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography, PKC'11, (Berlin, Heidelberg), pp. 53-70, Springer-Verlag, 2011.
  9. R. Ostrovsky, A. Sahai, and B. Waters, "Attribute-based encryption with non-monotonic access structures." in Proceedings of the 14th ACM conference on Computer and communications security, pp. 195-203, 2007.
  10. Goyal, V., Jain, A., Pandey, O., & Sahai, A.. "Bounded ciphertext policy attribute based encryption". In Automata, Languages and Programming, pp.579-591, Springer Berlin Heidelberg, 2008.
  11. L. Cheung and C. Newport, "Provably secure ciphertext policy ABE," in Proceedings of the 14th ACM conference on Computer and communications security, CCS '07, (New York, NY, USA), pp. 456-465, ACM, 2007.
  12. T. Okamoto and K. Takashima, "Fully secure functional encryption with general relations from the decisional linear assumption." in Advances in Cryptology CRYPTO 2010 (T. Rabin, ed.), vol. 6223 of Lecture Notes in Computer Science, pp. 191-208, Springer Berlin, Heidelberg, 2010.
  13. Huang, Dijiang, and Mayank Verma, "ASPE: attribute-based secure policy enforcement in vehicular ad hoc networks." Ad Hoc Networks, Vol 7, no. 8, pages 1526-1535, 2009. https://doi.org/10.1016/j.adhoc.2009.04.011
  14. Liang, X., Barua, M., Lu, R., Lin, X., & Shen, X. S.. "Healthshare: Achieving secure and privacy-preserving health information sharing through health social networks.", Computer Communications, vol 35, no 15, pp. 1910-1920, 2012. https://doi.org/10.1016/j.comcom.2012.01.009
  15. Koo, D., Hur, J., & Yoon, H. "Secure and efficient data retrieval over encrypted data using attribute-based encryption in cloud storage.", Computers & Electrical Engineering, vol 39, no 1, pp 34-46, 2013. https://doi.org/10.1016/j.compeleceng.2012.11.002
  16. A. Beimel, Secure schemes for secret sharing and key distribution. PhD thesis, Israel Institute of Technology, 1996.
  17. V. Shoup. "Lower bounds for discrete logarithms and related problems". In EUROCRYPT, pp. 256-266, 1997.
  18. M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In ACM conference on Computer and Communications Security (ACM CCS), pp. 62-73, 1993.