Browse > Article
http://dx.doi.org/10.3837/tiis.2016.05.024

A key-insulated CP-ABE with key exposure accountability for secure data sharing in the cloud  

Hong, Hanshu (Key Lab of Broadband Wireless Communication and Sensor Network Technology, Nanjing University of Posts and Telecommunications)
Sun, Zhixin (Key Lab of Broadband Wireless Communication and Sensor Network Technology, Nanjing University of Posts and Telecommunications)
Liu, Ximeng (School of information systems, Singapore Management University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.10, no.5, 2016 , pp. 2394-2406 More about this Journal
Abstract
ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). In our scheme, data receiver can decrypt the ciphertext if the attributes he owns match with the self-centric policy which is set by the data owner. Besides, a unique identifier is embedded into each user's private key. If a malicious user exposes his private key for illegal data sharing, his identity can be exactly pinpointed by system manager. The key-insulation mechanism guarantees forward and backward security when key exposure happens as well as provides efficient key updating for users in the cloud system. The higher efficiency with proved security make our KI-CPABE-KEA more appropriate for secure data sharing in cloud computing.
Keywords
Key-insulated; ABE; accountability; key exposure protection; secure;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S. Yu, K. Ren, and W. Lou, “FDAC: toward fine-grained distributed data access control in wireless sensor networks,” IEEE Transactions on Parallel and Distributed Systems, vol. 22,no. 4, pp. 673–686, Apr., 2011. Article (CrossRef Link)   DOI
2 Dodis Y, Katz J, Xu S, Yung M. "Key-Insulated public-key cryptosystems," in Proc. of the Eurocrypt 2002. LNCS 2332, Berlin: Springer-Verlag, pp.65−82, Apr. 28-May 2, 2002. Article (CrossRef Link)
3 Ximeng Liu, Qi Li, Jianfeng Ma, Rui Li, Jinbo Xiong, “Provably secure unbounded multi-authority ciphertext-policy attribute-based encryption,” Security and Communication Networks, vol. 8, no.18, pp. 4098-4109, Dec., 2015. Article (CrossRef Link)   DOI
4 Qi Li, Jianfeng Ma, Rui Li, Jinbo Xiong, Ximeng Liu, “Large universe decentralized key-policy attribute-based encryption,” Security and Communication Networks, vol.8, no.3, pp. 501-509, Feb., 2015. Article (CrossRef Link)   DOI
5 Sahai, A, Waters, "Fuzzy identity-based encryption," in Proc. of Int. Conf.EUROCRYPT 2005, pp. 457-473, May 22-26, 2005. Article (CrossRef Link)
6 Hanshu Hong, Zhixin Sun, “High efficient key-insulated attribute based encryption scheme without bilinear pairing operations,” SpringerPlus, vol.5, no.1, pp.1-12, Dec., 2016. Article (CrossRef Link)   DOI
7 Shucheng Yu, Kui Ren, Wenjing Lou, "Defending against Key Abuse Attacks in KP-ABE Enabled Broadcast Systems," the series Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 19, pp.311-329, Sep. 14-18, 2009. Article (CrossRef Link)
8 Jianting Ning, Xiaolei Dong, Zhenfu Cao, “White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Flexible Attributes,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 6, pp.1274-1288, Jun., 2015. Article (CrossRef Link)   DOI
9 LI Ming, YU Shucheng, et al., “Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption,” IEEE Transactions on Parallel and Distributed Systems, vol.24, no.1: 131-143, Jan., 2013. Article (CrossRef Link)   DOI
10 Yu S, Wang C, Ren K, et al., "Attribute based data sharing with attribute revocation," in Proc. of the 5th Symposium on Information, Computer and Communications Security (ACM), pp. 261-270, Apr.13-16,2010. Article (CrossRef Link)
11 Ximeng Liu, Hui Zhu, Jianfeng Ma, "Attribute Based Multisignature Scheme for Wireless Communications," available at http://www.hindawi.com/journals/misy/2015/827320/. Article (CrossRef Link)
12 Chen L, Cheng Z, and Smart N P., “Identity-based key agreement protocols from Pairings,” International Journal of Information security, vol.6, no.4, pp. 213-241, Jul., 2007. Article (CrossRef Link)   DOI
13 J.-M. Do, Y.-J. Song, and N. Park, "Attribute Based Proxy Re-Encryption for Data Confidentiality in Cloud Computing Environments," in Proc. of First ACIS/JNU Int'l Conf. Computers, Networks, Systems and Industrial Eng. (CNSI), pp. 248-251, May, 2011. Article (CrossRef Link)
14 Jin Li, Kui Ren, Bo Zhu, “Privacy-Aware Attribute-Based Encryption with User Accountability,” Volume 5735 of the series Lecture Notes in Computer Science, pp. 347-362, Sep.7-9, 2009. Article (CrossRef Link)
15 Chunqiang Hu, Nan Zhang, “Body Area Network Security: A Fuzzy Attribute-Based Signcryption Scheme,” IEEE Journal on Selected Areas in Communications/SUPPLEMENT, vol.31, no.9, pp 37-46, Sep., 2013. Article (CrossRef Link)   DOI
16 Hur J, Noh D K., “Attribute-based access control with efficient revocation in data outsourcing systems,” Transactions on Parallel and Distributed Systems, IEEE, vol.22,no.7, pp. 1214-1221, Jul.,2011. Article (CrossRef Link)   DOI
17 M. Jason Hinek, Shaoquan Jiang, Reihaneh Safavi-Naini, "Attribute-Based Encryption with Key Cloning Protection," Available at http://eprint.iacr.org/2008/478
18 Han ND, Han LZ, Tuan DM, In HP and Jo M, "A scheme for Data Confidentiality in Cloud-assisted Wireless Body Area Networks,” Information Sciences, vol. 284, no.10, pp 157-166, Nov., 2013. Article (CrossRef Link)
19 Fatos Xhafa, Jianglang Feng, Yinghui Zhang, “Privacy-aware attribute-based PHR sharing with user accountability in cloud computing,” Journal of Supercomputing, vol.71, no.5:pp.1607–1619, May, 2015. Article (CrossRef Link)   DOI
20 YongTao Wang, KeFei Chen, Yu Long, “Accountable authority key policy attribute-based encryption,” Science China Information Sciences, Vol. 55, Issue 7, pp. 1631-1638, Jul., 2012. Article (CrossRef Link)   DOI
21 V. Goyal, O. Pandey, A. Sahai and B. Waters, "Attribute Based Encryption for Fine-Grained Access Control of Encrypted Data," in Proc. of ACM conference on Computer and Communications Security, pp. 89-98, Oct.30-Nov.3, 2006. Article (CrossRef Link)
22 Waters, B, "Ciphertext policy attribute based encryption: an expressive, efficient, and provably secure realization," in Proc. of Int. Conf. PKC 2011, pp. 53-70, Mar. 6-9, 2011. Article (CrossRef Link)
23 A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters, "Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption," Advances in Cryptology—EUROCRYPT 2010, pp. 62-91, Springer, Berlin, Germany, May 30-Jun.3, 2010. Article (CrossRef Link)
24 A. Lewko and B. Waters, “Decentralizing attribute-based encryption,” Advances in Cryptology–EUROCRYPT 2011, pp.568–588, May 15-19, 2011. Article (CrossRef Link)
25 J. Han, W. Susilo, Y. Mu, and J. Yan, "Privacy-preserving decentralized key-policy attribute-based encryption," in Proc. of 2012 IEEE Transactions on Parallel and Distributed Systems, vol.23, no.11, pp.2150-2162, Nov.,2012. Article (CrossRef Link)
26 Attrapadung N, Libert B, De Panafieu E, "Expressive key-policy attribute-based encryption with constant-size ciphertexts," Public Key Cryptography—PKC 2011, vol. 6571 of LNCS. Springer, pp. 90-108, Mar. 6-9, 2011. Article (CrossRef Link)