Browse > Article
http://dx.doi.org/10.3837/tiis.2018.10.025

Improving Security and Privacy-Preserving in Multi-Authorities Ciphertext-Policy Attribute-Based Encryption  

Hu, Shengzhou (College of Computer and Information, Hohai University)
Li, Jiguo (College of Computer and Information, Hohai University)
Zhang, Yichen (College of Computer and Information, Hohai University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.12, no.10, 2018 , pp. 5100-5119 More about this Journal
Abstract
Most of existing privacy-preserving multi-authorities attribute-based encryption schemes (PP-MA-ABE) only considers the privacy of the user identity (ID). However, in many occasions information leakage is caused by the disclosing of his/her some sensitive attributes. In this paper, we propose a collusion-resisting ciphertext-policy PP-MA-ABE (CRPP-MACP-ABE) scheme with hiding both user's ID and attributes in the cloud storage system. We present a method to depict anonymous users and introduce a managerial role denoted by IDM for the management of user's anonymous identity certificate ($AID_{Cred}$). The scheme uses $AID_{Cred}$ to realize privacy-preserving of the user, namely, by verifying which attribute authorities (AAs) obtain the blinded public attribute keys, pseudonyms involved in the $AID_{Cred}$ and then distributes corresponding private keys for the user. We use different pseudonyms of the user to resist the collusion attack launched by viciousAAs. In addition, we utilize IDM to cooperate with multiple authorities in producing consistent private key for the user to avoid the collusion attack launched by vicious users. The proposed CRPP-MACP-ABE scheme is proved secure. Some computation and communication costs in our scheme are finished in preparation phase (i.e. user registration). Compared with the existing schemes, our scheme is more efficient.
Keywords
Attribute-based encryption; CP-ABE; multi-authorities; privacy-preserving;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 J. Li, F. Sha, Y. Zhang, X. Huang and J. Shen. "Verifiable outsourced decryption of attribute-based encryption with constant ciphertext length," Security and Communication Networks, 2017.
2 Z. Wan, J. Liu, RH. Deng, "HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing," IEEE Transaction on Information Forensics and Security, vol. 7, no. 2, pp. 743-754, April, 2012.   DOI
3 H. Deng, Q. Wu, B. Qin, J. Domingo-Ferrer, L. Zhang, J. Liu, W. Shi. "Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts," Information Sciences. vol. 275, pp. 370-384, August, 2014.   DOI
4 Y. Guo, J. Li, Y. Zhang, J. Shen. "Hierarchical attribute-based encryption with continuous auxiliary inputs leakage," Security and Communication Networks, vol. 18, no. 9, pp. 4852-4862, 2016.
5 J. Hur and D.K. Noh, "Attribute-based access control with efficient revocation in data outsourcing systems," IEEE Trans. Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214-1221, July, 2011.   DOI
6 J. Lai, RH. Deng, Y. Li, "Fully secure ciphertext-policy hiding CP-ABE," in Proc. of International Conference on Information Security Practice and Experience, Springer-Verlag, pp. 24-39, May 30 - June 1, 2011.
7 J. Li, H. Wang, Y. Zhang, J. Shen. "Ciphertext-policy attribute-based encryption with hidden access policy and testing," KSII Transactions on Internet and Information Systems, vol. 10, no. 7, pp. 3339-3352, July, 2016.   DOI
8 K. Emura, A. Miyaji, A. Nomura, et al., "A ciphertext-policy attribute-based encryption scheme with constant ciphertext length," in Proc. of International Conference on Information Security Practice and Experience, Springer-Verlag, pp. 13-23, April 13-15, 2009.
9 J. Li, H. Yan, and Y. Zhang. "Certificateless public integrity checking of group shared data on cloud storage," IEEE Transactions on Services Computing, 2018.
10 Hao. Yan, J. Li, J. Han. "A novel efficient remote data possession checking protocol in cloud storage," IEEE Transactions on Information Forensics and Security, Vol. 12, no. 1, pp: 78-88, August, 2017.   DOI
11 H. Li, H. Zhu, S. Du, X. Liang, X. (Sherman) Shen, "Privacy leakage of location sharing in mobile social networks: attacks and defense," IEEE Transactions on Dependable and Secure Computing, August, 2016.
12 J. Li, X. Lin, Y. Zhang and J. Han, "KSF-OABE: outsourced attribute-based encryption with keyword search function for cloud storage," IEEE Trans. Service Comput., 10(5): 715-725, 2017.   DOI
13 K. Yang, X. Jia, "Expressive efficient and revocable data access control for multi-authority cloud storage," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 7, pp.1735-1744, July, 2014.   DOI
14 Y. Chen, L. Song, G. Yang, "Attribute-based access control for multi-authority systems with constant size ciphertext in cloud computing," China Communication, vol. 13, no. 2, pp. 146-162, February, 2016.   DOI
15 J. Li, W. Yao, J. Han, Y. Zhang and J. Shen, "User collusion avoidance CP-ABE with efficient attribute revocation for cloud storage," IEEE Systems Journal, 2017.
16 Y. Rahulamathavan, S. Veluru, J. Han, et al., "User collusion avoidance scheme for privacy-preserving decentralized key-policy attribute-based encryption," IEEE Transactions on Computers, vol. 65, no. 9, pp.2939-2946, Sept 9, 2016.   DOI
17 Z. Liu, Z. Cao, Q. Huang, et al., "Fully secure multi-authority ciphertext-policy attribute-based encryption without random oracles," in Proc. of European Conference on Research in Computer Security, Springer-Verlag, pp.278-297, September 12-14, 2011.
18 J. Li, Y. Shi, Y. Zhang. "Searchable ciphertext-policy attribute-based encryption with revocation in cloud storage," International Journal of Communication Systems, vol. 30, no. 1, January, 2017.
19 J. Ning, Z. Cao, X. Dong, H. Ma, L. Wei, K. Liang. "Auditable ${\sigma}$-times outsourced attribute-based encryption for access control in cloud computing". IEEE Transactions on Information Forensics and Security.
20 J. Li, Y. Wang, Y. Zhang, J. Han. "Full verifiability for outsourced decryption in attribute based encryption," IEEE Transactions on Services Computing, May, 2017.
21 J. Li, W. Yao, Y. Zhang, H. Qian and J. Han, "Flexible and fine-grained attribute-based data storage in cloud computing," IEEE Trans. Service Comput, vol. 10, no. 5, pp. 785-796, 2017.   DOI
22 H. Li, Q. Chen, H. Zhu, D. Ma, H. Wen, X. (Sherman) Shen, "Privacy leakage via de-anonymization and aggregation in heterogeneous social networks," IEEE Transactions on Dependable and Secure Computing, 2017,
23 A. Sahai and B. Waters, "Fuzzy identity-based encryption," in Proc. of 24th Annu. Int.Conf. Theory Appl. Cryptograph. Techn, pp. 457-473, May 22-26, 2005.
24 V. Goyal, O. Pandey, A. Sahai and B. Waters, "Attribute-based encryption for fine-grained access control of encrypted data," in Proc. of 13th ACM Conf. Comput. Commun. Security, pp. 89-98, October 30 - November 03, 2006.
25 S.Yu, C. Wang, K. Ren, et al., "Achieving secure, scalable, and fine-grained data access control in cloud computing," in Proc. of IEEE INFOCOM 2010, pp. 1-9, March 14-19, 2010.
26 K. Yang, X. Jia, R. Kui, "Attributed-based fine-grained access control with efficient revocation in cloud storage systems," in Proc. of the 8th ACM SIGSAC symposium on Information, Computer and Communications Security. ACM, pp. 523-528, May 08 - 10, 2013.
27 M. Chase, "Multi-authority attribute based encryption," in Proc. of Theory of Cryptography (Lecture Notes in Computer Science), vol. 4392, Heidelberg, Germany: Springer-Verlag, pp. 515-534, 2007.
28 M. Chase and S. S. Chow, "Improving privacy and security in multi-authority attribute-based encryption," in Proc. of 16th ACM Conf. CCS, pp. 121-130, November 09-13, 2009.
29 J. Ning, X. Dong, Z. Cao, L. Wei and X. Lin. "White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes," IEEE Transactions on Information Forensics and Security, vol. 10, no. 6, pp. 1274-1288, June, 2015. .   DOI
30 J. Ning, Z. Cao, X. Dong, and L. Wei. "White-box traceable CP-ABE for cloud storage service: how to catch people leaking their access credentials effectively," IEEE Transactions on Dependable and Secure Computing.
31 J. Li, Q. Yu, Y. Zhang. "Key-policy attribute-based encryption against continual auxiliary input leakage," Information Sciences, 2018.
32 Moni Naor, Benny Pinkas and Omer Reingold, "Distributed pseudo-random functions and KDCs," in Proc. of EUROCRYPT' 1999, vol. 1592, pp. 327-346, Springer, April 15, 1999.
33 D. Boneh, B. Lynn and H. Shacham, "Short signatures from the Weil pairing," J. Cryptology, vol. 17, no.4, pp. 297-319, Sept, 2004.   DOI
34 A. Beime, "Secure schemes for secret sharing and key distribution," Ph.D. dissertation, Dept. Comput. Sci., Technion-Israel Inst. Technol., Haifa, Israel, 1996.
35 J. Bethencourt, A. Sahai and B. Waters, "Ciphertext-policy attribute based encryption," in Proc. of IEEE Symp. SP, pp. 321-334, May, 2007.
36 J. Han, W. Susilo, Y. Mu and J. Yan, "Privacy-preserving decentralized key-policy attribute-based encryption," IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 11, pp. 2150-2162, Nov. 2012.   DOI
37 H. Qian, J. Li and Y. Zhang, "Privacy-preserving decentralized ciphertext-policy attribute-based encryption with fully hidden access structure," in Proc. of Information and Communications Security (Lecture Notes in Computer Science), vol. 8233, Heidelberg, Germany: Springer-Verlag, pp. 363-372, 2013.
38 H. Qian, J. Li, Y. Zhang and J. Han, "Privacy preserving personal health record using multi-authority attribute-based encryption with revocation," Int. J. Inf. Secur., vol. 14, no. 6, pp. 487-497, November, 2015.   DOI
39 J. Han, W. Susilo, Y. Mu, et al., "Improving privacy and security in decentralized ciphertext-policy attribute-based encryption," IEEE Transactions on information forensics and security, vol. 10, no. 3, pp. 665-678, Mar. 2015.   DOI
40 M. Wang, Z. Zhang, C. Chen, "Security analysis of a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme," Concurrency & Computation Practice & Experience, vol. 28, no. 4:pp. 1237-1245, August 18, 2016.   DOI
41 B. Waters, "Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization," in Proc. of Public Key Cryptography (Lecture Notes in Computer Science), vol. 6571. Heidelberg, Germany: Springer-Verlag, pp. 53-70, March 6-9, 2011.
42 R. Ostrovsky, A. Sahai, and B. Waters, "Attribute-based encryption with non-monotonic access structures," in Proc. of 14th ACM Conf. CCS, pp. 195-203, 2007.
43 A. Lewko, T. Okamoto, A. Sahai, K. Takashima and B. Waters, "Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption," in Proc. of International Conference on Theory and Applications of Cryptographic Techniques (Lecture Notes in Computer Science), vol. 6110. Heidelberg, Germany: Springer-Verlag, pp. 62-91, May 30 - June 3, 2010.