logo

SCIENCE CHINA Information Sciences, Volume 59, Issue 4: 042701(2016) https://doi.org/10.1007/s11432-015-5428-1

Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating

More info
  • ReceivedJun 1, 2015
  • AcceptedJul 7, 2015
  • PublishedFeb 26, 2016

Abstract

Attribute-Based Encryption (ABE) is a promising new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud. With the help of ABE, the majority of security issues in accessing cloud data can be solved. However, a key limitation remains, namely policy updating. Whenever the access policy is updated, a common approach is to have the data owner retrieve the data and re-encrypt it with new policy, before sending the new ciphertext back to the cloud. This straight-forward approach will lead to heavy computation and communication overhead. Although a number of other approaches have been proposed in this regard, they suffer from two limitations; namely, supporting only limited update-policy types or having weak security models. In order to address these limitations, we propose a novel solution to the attribute-based encryption access control system by introducing a dynamic policy-updating technique which we call DPU-CP-ABE. The scheme is proved to be adaptively secure under the standard model and can support any type of policy updating. In addition, our scheme can significantly reduce the computation and communication costs of updating ciphertext.


Funded by

National High-Tech R&D Program(863)

National Natural Science Foundation of China(U1405255)

National Natural Science Foundation of China(61502248)

National Natural Science Foundation of China(61202179)

National Natural Science Foundation of China(61472298)

"source" : null , "contract" : "2015AA016007"}]

National Natural Science Foundation of China(61173089)

National Natural Science Foundation of China(61472310)


Acknowledgment

Acknowledgments

This work was supported by National Natural Science Foundation of China (Grant Nos. 61202179, 61173089, 61472298, 61472310, U1405255, 61502248), National High-Tech R&D Program (863) (Grant No. 2015AA016007), SRF for ROCS, SEM and Fundamental Research Funds for the Central Universities.


References

[1] Sahai A, Waters B. Fuzzy identity-based encryption. In: Proceedings of 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, 2005. 457--473. Google Scholar

[2] Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 89--98. Google Scholar

[3] Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, 2007. 321--334. Google Scholar

[4] Hur J, Noh D K. IEEE Trans Parall Distrib Syst, 2011, 22: 1214-1221 Google Scholar

[5] Yang K, Jia X, Ren K, et al. Enabling efficient access control with dynamic policy updating for big data in the cloud. In: Proceedings of the IEEE International Conference on Infocom, Toronto, 2014. 2013--2021. Google Scholar

[6] Lewko A, Waters B. Decentralizing attribute-based encryption. In: Proceedings of 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, 2011. 568--588. Google Scholar

[7] Liu Z, Cao Z F, Huang Q, et al. Fully secure multi-authority ciphertext-policy attribute-based encryption without random oracles. In: Proceedings of 16th European Symposium on Research in Computer Security, Leuven, 2011. 278--297. Google Scholar

[8] Ruj S, Nayak A, Stojmenovic I. Dacc: distributed access control in clouds. In: Proceedings of the IEEE International Conference on Trustcom, Changsha, 2011. 91--98. Google Scholar

[9] Sahai A, Seyalioglu H, Waters B. Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Proceedings of 32nd Annual Cryptology Conference, Santa Barbara, 2012. 199--217. Google Scholar

[10] Waters B. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, 2011. 53--70. Google Scholar

[11] Chase M. Multi-authority attribute based encryption. In: Proceedings of 4th Theory of Cryptography Conference, Amsterdam, 2007. 515--534. Google Scholar

[12] Beimel A. Secure schemes for secret sharing and key distribution. Dissertation for the Doctoral Degree. Haifa: Technion-Israel Institute of Technology, Faculty of Computer Science, 1996. Google Scholar

[13] Goldwasser S, Micali S, Rivest R L. SIAM J Comput, 1988, 17: 281-308 Google Scholar

[14] Yu S C, Wang C, Ren K, et al. Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of the IEEE International Conference on Infocom, San Diego, 2010. 1--9. Google Scholar

[15] Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Proceedings of 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, 2010. 62--91. Google Scholar

Copyright 2019 Science China Press Co., Ltd. 《中国科学》杂志社有限责任公司 版权所有

京ICP备18024590号-1