Outsourcing Encryption and Decryption CP-ABE Scheme with Revocation Storage in Cloud Computing

doi:10.3969/j.issn.1671-1122.2017.06.002

Abstract

Abstract: Taking into account the user’s need for data privacy and the untrustworthiness of cloud servers, the use of attribute-based cryptography(ABE) to build cloud-oriented security data sharing program is widely studied. When a user is revoked, the existing standard ABE mechanism can’t ensure that the revoked user can’t continue to access the massive ciphertext data in the cloud server. Aiming at the above problems, this paper proposes a ciphertext strategy attribute encryption scheme(SR-CP-ABE) which can support the reusable storage of encryption and decryption by combining the idea of ciphertext update and key update. The program ensures that the user can’t access the ciphertext by periodically updating the ciphertext stored in the cloud server. At the same time, this program through the combination of the idea of key split, encryption and decryption process in the complex computing outsourcing to the untrusted cloud server to reduce the user’s encryption and decryption calculation. The experimental results show that the proposed scheme is efficient and feasible.

Key words: cloud computing, ciphertext access control, outsourcing encryption and decryption computation, user revocation, key update

CLC Number:

TP393

QING Yong, SUN Wei, XIONG Hu, ZHAO Yang. Outsourcing Encryption and Decryption CP-ABE Scheme with Revocation Storage in Cloud Computing[J]. 信息网络安全, 2017, 17(6): 6-8.

References

[1] SAHAI A, WATERS B. Fuzzy Identity-based Encryption[C]//IACR. Advances in Cryptology-EUROCRYPT 2005, May 22-26, 2005, Aarhus, Denmark. Heidelberg: Springer, 2005: 457-473.
[2] GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based Encryption for Fine-grained Access Control of Encrypted Data[C]//ACM. 13th ACM Conference on Computer and Communications Security, October 30-November 3, 2006, Alexandria, VA, USA. New York: ACM, 2006: 89-98.
[3] BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy Attribute-based Encryption[C]//IEEE. 2007 IEEE Symposium on Security and Privacy, May 20-23 2007, Oakland, California, USA. New Jersey: IEEE, 2007:321-334.
[4] CHEUNG L, NEWPORT C. Provably Secure Ciphertext Policy ABE[C]//ACM. 2007 ACM Conference on Computer and Communications Security, October 28-31, 2007, Alexandria, Virginia, USA. New York: ACM, 2007: 456-465.
[5] WATERS B. Ciphertext-policy Attribute-based Encryption: an Expressive, Efficient, and Provably Secure Realization[C]//IACR. 14th International Conference on Practice and Theory in Public Key Cryptography, March 6-9, 2011, Taormina, Italy. Heidelberg: Springer, 2011: 53-70.
[6] LEWKO A, OKAMOTO T, SAHAI A, et al. Fully Secure Functional Encryption: Attribute-based Encryption and(Hierarchical) inner Product Encryption[C]//IACR. 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 30-June 3, 2010, French Riviera, France. Heidelberg: Springer, 2010: 62-91.
[7] 赵洋,任化强,熊虎,等. 无双线性对的云数据完整性验证方案[J]. 信息网络安全,2015（7）：7-12.
[8] 杨小东,王彩芬. 基于属性群的云存储密文访问控制方案[J]. 计算机工程,2012,38（11）：20-22.
[9] LI Jin, CHEN Xiaofeng, LI Jingwei, et al. Fine-granied Access Control System Based on Outsourced Attribute-based Encryption[C]//Springer. 18th European Symposium on Research in Computer Security, September 9-13, 2013, Egham UK. Heidelberg: Springer, 2013: 592-609.
[10] 李勇,曾振宇,张晓菲. 支持属性撤销的外包解密方案[J]. 清华大学学报（自然科学版）,2013,53（12）：1964-1969.
[11] GREEN M, HOHENBERGER S, WATERS B. Outsourcing the Decryption of ABE Ciphertexts[C]//ACM. 2011 USENIX Conference on Security, August 8-12, 2011, San Francisco, CA. New York: ACM, 2011: 1-16.
[12] 秦志光,包文意,赵洋,等. 云计算里的一种无双线性对的模糊关键字加密方式[J]. 信息网络安全,2015（11）：1-6.
[13] QIN Baodong, DENG R H, LIU Shengli, et al. Attribute-based Encryption with Efficent Verifiable Outsourced Decryption[J]. Information Forensics and Security, 2013, 10(7): 1384-1393.
[14] LI Jingwei, JIA Chunfu, LI Jin, et al. Outsourcing Encryption of Attribute-based Encryption with MapReduce[C]//ACM. 14th International Conference on Information and Communications Security, October 29-31, 2012, Hong Kong, China. New York: ACM, 2012: 191-201.
[15] LI Jin, HUANG Xinyin , LI Jingwei, et al. Securely Outsourcing Attribute-based Encryption with Checkability [J]. Parallel and Distributed System, 2014, 25(8): 2201-2210.
[16] 赵洋,陈阳,熊虎,等. 云环境下一种可撤销授权的数据拥有性证明方案[J]. 信息网络安全,2015（8）：1-7.
[17] WANG Hao, HE Debiao, SHEN Jian, et al. Verifiable Outsourced Ciphertext-policy Attribute-based Encryption in Cloud Computing[EB/OL]. https://www.researchgate.net/publication/305310348_Verifiable_outsourced_ciphertext-policy_attribute-based_encryption_in_cloud_computing, 2017-2-11.
[18] BONEH D, GOH E, NISSIM K. Evaluating 2-DNF Formulas on Ciphertexts[EB/OL]. http://web.cs.ucdavis.edu/~franklin/ecs228/pubs/2dnf.pdf, 2017-2-12.
[19] BEIMEL A. Secure Schemes for Secret Sharing and Key Distribution[EB/OL]. http://www.dphu.org/uploads/attachements/books/books_1542_0.pdf, 2017-2-12.
[20] LEWKO A, OKAMOTO T, SAHAI A, et al. Fully Secure Functional Encryption: Attribute-based Encryption and(Hierarchical) inner Product Encryption[C]//IACR. 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 30-June 3, 2010, French Riviera, France. Heidelberg: Springer, 2010: 62-91.
[21] ROUSELAKIS Y, WATERS B. Efficient Statically-secure Large-universe Multi-authority Attribute-based Encryption[C]//Springer. 2015 International Conference on Financial Cryptography and Data Security, January 26-30, 2015, Puerto Rico. Heidelberg: Springer, 2015: 315-332.
[22] 秦志光,包文意,赵洋,等. 云存储中一种模糊关键字搜索加密方案[J]. 信息网络安全,2015（6）：7-12.
[23] 闫玺玺,唐用力. 数据外包环境下的一种支持属性撤销的属性基加密方案[J].通信学报,2015,36（10）：92-100.
[24] 方雪峰,王晓明. 可撤销用户的外包加解密CP-ABE方案[J]. 计算机工程,2016,42（12）：124-128,132.
[25] 赵洋,包文意,熊虎,等. 云计算里一种陷门无法识别的公钥搜索加密方案[J]. 信息网络安全,2016（1）：1-5.
[26] LI Keying, MA Hua. Outsourcing Decryption of Multi-authority ABE Ciphertexts[J] International Journal Network Security, 2014, 16(4): 286-294.