Browse > Article
http://dx.doi.org/10.3837/tiis.2013.05.023

New Constructions of Hierarchical Attribute-Based Encryption for Fine-Grained Access Control in Cloud Computing  

Zhang, Leyou (Department of Mathematics, Xidian University)
Hu, Yupu (Key Laboratory of Computer Networks and Information Security, Xidian University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.7, no.5, 2013 , pp. 1343-1356 More about this Journal
Abstract
Cloud computing has emerged as perhaps the hottest development in information technology at present. This new computing technology requires that the users ensure that their infrastructure is safety and that their data and applications are protected. In addition, the customer must ensure that the provider has taken the proper security measures to protect their information. In order to achieve fine-grained and flexible access control for cloud computing, a new construction of hierarchical attribute-based encryption(HABE) with Ciphertext-Policy is proposed in this paper. The proposed scheme inherits flexibility and delegation of hierarchical identity-based cryptography, and achieves scalability due to the hierarchical structure. The new scheme has constant size ciphertexts since it consists of two group elements. In addition, the security of the new construction is achieved in the standard model which avoids the potential defects in the existing works. Under the decision bilinear Diffie-Hellman exponent assumption, the proposed scheme is provable security against Chosen-plaintext Attack(CPA). Furthermore, we also show the proposed scheme can be transferred to a CCA(Chosen-ciphertext Attack) secure scheme.
Keywords
Cloud computing; Hierarchical Attribute-Based Encryption; Fine-Grained Access Control; Standard model;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 R. Buyya, C . ShinYeo, J. Broberg and I. Brandic. "Cloud computing and emerging it platforms: vision, hype, and reality for delivering computing as the 5th utility," Future Generation Computer Systems, vol. 25, no 6, pp. 599-616, June, 2009.   DOI   ScienceOn
2 J.M. Do, Y.J. Song and N. Park. "Attribute Based Proxy Re-encryption for Data Confidentiality in Cloud Computing Environments", in Proc. of 2011 First ACIS/JNU International Conference on Computers, Networks, Systems and Industrial Engineering(cnsi), Berlin, Springer-Verlag, pp. 248-251, May-23-25, 2011.
3 A. Sahai, B. Waters. "Fuzzy Identity-Based Encryption," in Proc. of EUROCRYPT 2005, vol. 3494, Berlin, Springer-Verlag, pp. 457-473, May 22-26, 2005.
4 V. Goyal, O. Pandey, A. Sahai, etal. "Attribute-based encryption for fine grained access control of encrypted data," in Proc. of the 13th ACM Conference on Computer and Communications Security, CCS 2006, ACM Press, pp. 72-81, October 30-November 3, 2006.
5 S. Yu, C. Wang, K. Ren etal. "Achieving secure, scalable, and fine-grained data access control in cloud computing," in Proc. of IEEE INFOCOM, pp. 534-542, March 14-19, 2010.
6 L. Ibraimi, Q. Tang and P. Hartel etal. "Efficient and provable secure ciphertext-policy attribute-based encryption schemes," in Proc. of the Information Security Practice and Experience, Berlin, Springer-Verlag, pp.1−12, April 13-15, 2009.
7 N. Attrapadung, H. Imai. "Dual-Policy attribute based encryption," in Proc. of the Applied Cryptography and Network Security (ACNS). Berlin, Springer-Verlag, pp.168−185, June 2-5, 2009.
8 A. Lewko, T. Okamoto and A Sahai, etal. "Fully secure functional encryption: Attribute-Based encryption and (hierarchical) inner product encryption," in Proc. of Advances in Cryptology-EUROCRYPT 2010, LNCS 6110, Berlin, Springer-Verlag, pp. 62−91, May 30- June 3, 2010.
9 D. Boneh, X. Boyen and E. Goh. "Hierarchical identity based encryption with constant size ciphertext," in Proc. of Advances in EUROCRYPT, vol. 3494, Berlin, Springer-Verlag, pp. 440-456, May 22-26, 2005.
10 L.Y. Zhang, Y.P. Hu, Q. Wu. "Hierarchical Identity-Based Encryption with Constant size private keys," ETRI Journal, 34(1), pp.142-145, February 2012.   DOI
11 B. Waters. "Dual key encryption: Realizing fully secure IBE and HIBE under simple assumption," in Proc of Advances in cryptology-CRYPTO, vol. 5677, Berlin, Springer-Verlag, pp. 619-636, August 16-20, 2009.
12 D. Cash, D. Hofheinz and E. Kiltz. "How to Delegate a Lattice Basis," Journal of Cryptology, vol. 25, no. 4, pp 601-639, October 2012.   DOI
13 G. Wang, Q. Liu and J. Wu. "Hierarchical attribute-based encryption for fine-grained access control in cloud storage services," in Proc. of ACM Conference on Computer and Communications Security (CCS)-2010 (Poster), ACM Press, pp. 735-737, October 4-8, 2010.
14 G. Wang, Q. Liu and J. Wu, et al. "Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers." Computers and Security, vol. 30, no. 5, pp. 320-331, July 2011.
15 E. Kiltz. "Chosen-ciphertext security from tag-based encryption," in Proc. of TCC 2006: 3rd Theory of Cryptography Conference, Berlin, Springer-Verlag, LNCS 3876, pp. 581-600, March 4-7, 2006.
16 R. Canetti, O. Goldreich and S. Halevi. "The random oracle methodology," Journal of ACM, vol. 51, no 4, pp. 557-594, July 2004.   DOI   ScienceOn
17 J. Liu, Z.G. Wan and M. Gu. "Hierarchical Attribute-Set Based Encryption for Scalable, Flexibleand Fine-Grained Access Control in Cloud Computing," in Proc. of the Information Security Practice and Experience.-ISPEC, vol. 6672, Berlin, Springer-Verlag, pp. 98-107, May 30- June 1, 2011.
18 Z. B. Zhou, D. J. Huang. "On Efficient Ciphertext-Policy Attribute Based Encryption and Broadcast Encryption," in Proc. of ACM Conference on Computer and Communications Security (CCS), ACM Press, pp. 753-755, October 4-8, 2010.