logo

SCIENCE CHINA Information Sciences, Volume 60, Issue 5: 052105(2017) https://doi.org/10.1007/s11432-015-5449-9

Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack

More info
  • ReceivedOct 16, 2015
  • AcceptedDec 5, 2015
  • PublishedSep 13, 2016

Abstract

Attribute-based encryption with keyword search (ABKS) enables data owners to grant their search capabilities to other users by enforcing an access control policy over the outsourced encrypted data. However, existing ABKS schemes cannot guarantee the privacy of the access structures, which may contain some sensitive private information. Furthermore, resulting from the exposure of the access structures, ABKS schemes are susceptible to an off-line keyword guessing attack if the keyword space has a polynomial size. To solve these problems, we propose a novel primitive named hidden policy ciphertext-policy attribute-based encryption with keyword search (HP-CPABKS). With our primitive, the data user is unable to search on encrypted data and learn any information about the access structure if his/her attribute credentials cannot satisfy the access control policy specified by the data owner. We present a rigorous selective security analysis of the proposed HP-CPABKS scheme, which simultaneously keeps the indistinguishability of the keywords and the access structures. Finally, the performance evaluation verifies that our proposed scheme is efficient and practical.


Funded by

Fundamental Research Funds for the Central Universities(K13JB00160)

Strategic Priority Research Program of the Chinese Academy of Sciences(XDA06010701)

Program for New Century Excellent Talents in University(NCET-11-0565)

National Natural Science Foundation of China(61402471)

the 111 Project(B14005)

Fundamental Research Funds for the Central Universities(2012JBZ010)


Acknowledgment

Acknowledgments

This work was supported by the 111 Project (Grant No. B14005), Fundamental Research Funds for the Central Universities (Grant Nos. 2012JBZ010, K13JB00160), Program for New Century Excellent Talents in University (Grant No. NCET-11-0565), Strategic Priority Research Program of the Chinese Academy of Sciences (Grant No. XDA06010701), and National Natural Science Foundation of China (Grant No. 61402471).


References

[1] Zheng Q, Xu S, Ateniese G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: Proceedings of IEEE Conference on Computer Communications, INFOCOM, Toronto, 2014. 522--530. Google Scholar

[2] Sun W, Yu S, Lou W, et al. Protecting your right: attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. In: Proceedings of IEEE Conference on Computer Communications, INFOCOM, Toronto, 2014. 226--234. Google Scholar

[3] Sahai A, Waters B. Fuzzy identity-based encryption. In: Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2005. 457--473. Google Scholar

[4] Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 89--98. Google Scholar

[5] Ostrovsky R, Sahai A, Waters B. Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 195--203. Google Scholar

[6] Attrapadung N, Libert B, de Panafieu E. Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography. Berlin: Springer, 2011. 90--108. Google Scholar

[7] Rao Y S, Dutta R. Computationally efficient expressive key-policy attribute based encryption schemes with constant-size ciphertext. In: Proceedings of the 15th International Conference on Information and Communications Security, ICICS, Beijing, 2013. 346--362. Google Scholar

[8] Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, 2007. 321--334. Google Scholar

[9] Cheung L, Newport C. Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 456--465. Google Scholar

[10] Emura K, Miyaji A, Nomura A, et al. A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Proceedings of the 5th International Conference on Information Security Practice and Experience, Xi'an, 2009. 13--23. Google Scholar

[11] Waters B. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography. Berlin: Springer, 2011. 53--70. Google Scholar

[12] Byun J W, Rhee H S, Park H A, et al. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Proceedings of the 3rd VLDB International Conference on Secure Data Management. Berlin: Springer, 2006. 75--83. Google Scholar

[13] Xu P, Jin H, Wu Q, et al. Public-key encryption with fuzzy keyword search: a provably secure scheme under keyword guessing attack. IEEE Trans Comput, 2013, 62: 2266-2277 CrossRef Google Scholar

[14] Fang L, Susilo W, Ge C, et al. Public key encryption with keyword search secure against keyword guessing attacks without random oracle. Inf Sci, 2013, 238: 221-241 CrossRef Google Scholar

[15] Nishide T, Yoneyama K, Ohta K. Attribute-based encryption with partially hidden encryptor-specified access structures. In: Proceedings of the 6th International Conference on Applied Cryptography and Network Security, New York, 2008. 111--129. Google Scholar

[16] Lai J, Deng R H, Li Y. Fully secure ciphertext-policy hiding CP-ABE. In: Proceedings of the 7th International Conference on Information Security Practice and Experience, Guangzhou, 2011. 24--39. Google Scholar

[17] Li X, Gu D, Ren Y, et al. Efficient ciphertext-policy attribute based encryption with hidden policy. In: Proceedings of the 5th International Workshop on Internet and Distributed Computing Systems, Melbourne, 2012. 146--159. Google Scholar

[18] Lai J, Deng R H, Li Y. Expressive CP-ABE with partially hidden access structures. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, Seoul, 2012. 18--19. Google Scholar

[19] Boneh D, Boyen X, Goh E J. Hierarchical identity based encryption with constant size ciphertext. In: Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2005. 440--456. Google Scholar

[20] Kapadia A, Tsang P P, Smith S W. Attribute-based publishing with hidden credentials and hidden policies, In: Proceedings of the 14th Annual Network and Distributed System Security Symposium, San Diego, 2007. 179--192. Google Scholar

[21] Herranz J, Laguillaumie F, Ráfols C. Constant size ciphertexts in threshold attribute-based encryption. In: Proceedings of the 13th International Conference on Practice and Theory in Public Key Cryptography. Berlin: Springer, 2010. 19--34. Google Scholar

[22] Goyal V, Jain A, Pandey O, et al. Bounded ciphertext policy attribute based encryption. In: Proceedings of the 35th International Colloquium on Automata, Languages and Programming, Reykjavik, 2008. 579--591. Google Scholar

[23] Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Proceedings of the 29th Annual International Conference on Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2010. 62--91. Google Scholar

[24] Bellare M, Canetti R, Krawczyk H. Keying hash functions for message authentication. In: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology. London: Springer, 1996. 1--15. Google Scholar

[25] Bradshaw R W, Holt J E, Seamons K E. Concealing complex policies with hidden credentials. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, Washington, 2004. 146--157. Google Scholar

[26] Nishide T. Cryptographic schemes with minimum disclosure of private information in attribute-based encryption and multiparty computation. Dissertation for Ph.D. Degree. Tokyo: University of Electro-Communications, 2008. Google Scholar

[27] Schwartz J T. Fast probabilistic algorithms for verification of polynomial identities. J ACM, 1980, 27: 701-717 CrossRef Google Scholar

[28] Zippel R. Probabilistic algorithms for sparse polynomials. In: Proceedings of the International Symposiumon on Symbolic and Algebraic Computation. London: Springer, 1979. 216--226. Google Scholar

[29] The java pairing based cryptography library. http://gas.dia.unisa.it/projects/jpbc/. Google Scholar

[30] de Caro A, Iovino V. jPBC: Java pairing based cryptography. In: Proceedings of IEEE Symposium on Computers and Communications (ISCC), Kerkyra, 2011. 850--855. Google Scholar

Copyright 2020 Science China Press Co., Ltd. 《中国科学》杂志社有限责任公司 版权所有

京ICP备18024590号-1