Browse > Article
http://dx.doi.org/10.3837/tiis.2014.11.021

Attribute-Based Data Sharing with Flexible and Direct Revocation in Cloud Computing  

Zhang, Yinghui (National Engineering Laboratory for Wireless Security, Xi'an University of Posts and Telecommunications)
Chen, Xiaofeng (State Key Laboratory of Integrated Service Networks (ISN), Xidian University)
Li, Jin (School of Computer Science, Guangzhou University)
Li, Hui (State Key Laboratory of Integrated Service Networks (ISN), Xidian University)
Li, Fenghua (State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.8, no.11, 2014 , pp. 4028-4049 More about this Journal
Abstract
Attribute-based encryption (ABE) is a promising cryptographic primitive for implementing fine-grained data sharing in cloud computing. However, before ABE can be widely deployed in practical cloud storage systems, a challenging issue with regard to attributes and user revocation has to be addressed. To our knowledge, most of the existing ABE schemes fail to support flexible and direct revocation owing to the burdensome update of attribute secret keys and all the ciphertexts. Aiming at tackling the challenge above, we formalize the notion of ciphertext-policy ABE supporting flexible and direct revocation (FDR-CP-ABE), and present a concrete construction. The proposed scheme supports direct attribute and user revocation. To achieve this goal, we introduce an auxiliary function to determine the ciphertexts involved in revocation events, and then only update these involved ciphertexts by adopting the technique of broadcast encryption. Furthermore, our construction is proven secure in the standard model. Theoretical analysis and experimental results indicate that FDR-CP-ABE outperforms the previous revocation-related methods.
Keywords
Data sharing; attribute-based encryption; revocation; cloud computing;
Citations & Related Records
연도 인용수 순위
  • Reference
1 A. Sahai and B. Waters, "Fuzzy identity-based encryption," EUROCRYPT'05, LNCS 3494, pp. 557-557, May 22-26, 2005.
2 V. Goyal, O. Pandey and B. Waters, "Attribute-based encryption for fine-grained access control of encrypted data," in Proc. of the 13th ACM conference on Computer and Communications Security (CCS'06), pp. 89-98, October 30- November 3, 2006.
3 J. Bethencourt, A. Sahai and B. Waters, "Ciphertext-policy attribute-based encryption," in Proc. of IEEE Symposium on Security and Privacy (SP'07), pp. 321-334, May 20-23, 2007.
4 S. Yu, C. Wang, K. Ren and W. Lou, "Attribute based data sharing with attribute revocation," in Proc. of the 5th ACM Symposium on Information Computer and Communications Security (ASIACCS'10), pp. 261-270, April 13-16, 2010.
5 N. Attrapadung and H. Imai, "Conjunctive broadcast and attribute-based encryption," Pairing'09, LNCS 5671, pp. 248-265, August 12-14, 2009.
6 J. Hur and D. K. Noh, "Attribute-based access control with efficient revocation in data outsourcing systems," IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214-1221, 2011.   DOI   ScienceOn
7 K. Yang, X. Jia and K. Ren, "Attribute-based fine-grained access control with efficient revocation in cloud storage systems," in Proc. of the 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS'13), pp. 523-528, May 8-10, 2013.
8 M. Li, S. Yu, Y. Zheng, K. Ren and W. Lou, "Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption," IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 1, pp. 131-143, 2013.   DOI   ScienceOn
9 L. Cheung and C. Newport, "Provably secure ciphertext policy abe," in Proc. of the 14th ACM conference on Computer and Communications Security (CCS'07), pp. 456-465, October 29- November 2, 2007.
10 A. Lewko, T. Okamoto, A. Sahai, K. Takashima and B. Waters, "Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption," EUROCRYPT'10, LNCS 6110, pp. 62-91, May 30-June 3, 2010.
11 Z. Liu, Z. Cao and D. S. Wong, "Blackbox traceable cp-abe: how to catch people leaking their keys by selling decryption devices on ebay," in Proc. of the 20th ACM conference on Computer and Communications Security (CCS'13), pp. 475-486, November 4-8, 2013.
12 T. Nishide, K. Yoneyama and K. Ohta, "Abe with partially hidden encryptor-specified access structure," in Proc. of Applied Cryptography and Network Security (ACNS'08), LNCS 5037, pp. 111-129, June 3-6, 2008.
13 J. Herranz, F. Laguillaumie and C. Rafols, "Constant size ciphertexts in threshold attribute-based encryption," PKC'10, LNCS 6056, pp. 19-34, May 26-28, 2010.
14 J. Lai, R. H. Deng and Y. Li, "Expressive cp-abe with partially hidden access structures," in Proc. of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS'12), pp. 18-19, May 2-4, 2012.
15 Y. Zhang, X. Chen, J. Li, D. S. Wong and H. Li, "Anonymous attribute-based encryption supporting efficient decryption test," in Proc. of the 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS'13), pp. 511-516, May 8-10, 2013.
16 N. D. Han, L. Han, D. M. Tuan, H. P. In and M. Jo, "A scheme for data confidentiality in cloud-assisted wireless body area networks," Information Sciences, vol. 284, pp. 157-166, 2014.   DOI   ScienceOn
17 C. Chen, Z. Zhang and D. Feng, "Efficient ciphertext policy attribute-based encryption with constant-size ciphertext and constant computation-cost," ProvSec'11, LNCS 6980, pp. 84-101, October 16-18, 2011.
18 A. Ge, R. Zhang, C. Chen, C. Ma and Z. Zhang, "Threshold ciphertext policy attribute-based encryption with constant size ciphertexts," in ACISP'12, LNCS 7372, pp. 336-349, July 9-11, 2012.
19 R. Lu, X. Lin and X. Shen, "SPOC: A secure and privacy-preserving opportunistic computing framework for mobile-healthcare emergency," IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 3, pp. 614-624, 2013.   DOI   ScienceOn
20 A. Fiat and M. Naor, "Broadcast encryption," CRYPTO'93, LNCS 773, pp. 480-491, August 22-26, 1993.
21 D. Boneh, C. Gentry and B. Waters, "Collusion resistant broadcast encryption with short ciphertexts and private keys," CRYPTO'05, LNCS 3621, pp. 258-275, August 14-18, 2005.
22 P. Wang, D. Feng and L. Zhang, "Towards attribute revocation in key-policy attribute based encryption," CANS'11, LNCS 7092, pp. 272-291, December 10-12, 2011.
23 Y. Cheng, Z. Wang, J. Ma, J. Wu, S. Mei and J. Ren, "Efficient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage," Journal of Zhejiang University-SCIENCE C, vol. 14, no. 2, pp. 85-97, 2013.
24 Y. Zhang, X. Chen, J. Li, H. Li and F. Li, "FDR-ABE: Attribute-based encryption with flexible and direct revocation," in Proc. of the 5th International Conference on Intelligent Networking and Collaborative Systems (INCoS'13), pp. 38-45, September 9-11, 2013.
25 R. Ostrovsky, A. Sahai and B. Waters, "Attribute-based encryption with non-monotonic access structures," in Proc. of the 14th ACM conference on Computer and Communications Security (CCS'07), pp. 195-203, October 29- November 2, 2007.
26 A. Sahai, H. Seyalioglu and B. Waters, "Dynamic credentials and ciphertext delegation for attribute-based encryption," CRYPTO'12, LNCS 7417, pp. 199-217, August 19-23, 2012.
27 J. Li, K. Ren, B. Zhu and Z. Wan, "Privacy-aware attribute-based encryption with user accountability," in Proc. of the International Information Security Conference (ISC'09), LNCS 5735, pp. 347-362, September 7-9, 2009.
28 A. Boldyreva, V. Goyal and V. Kumar, "Identity-based encryption with efficient revocation," in Proc. of the 15th ACM conference on Computer and communications security (CCS'08), pp. 417-426, October 27-31, 2008.
29 B. Lynn, "The stanford pairing based crypto library," 2014.