Attribute-based Encryption Scheme Supporting Privacy Preserving and User Revocation in the Cloud Environment

doi:10.3969/j.issn.1671-1122.2017.06.003

Abstract

Abstract: In order to support fine-grained attribute revocation and privacy preserving in data outsourcing systems, an efficient privacy preserving attribute-based encryption scheme with user revocation is proposed. In the scheme, the attribute will be divided into two parts: attribute name and attribute value. Encryptor-specified access structures is partially hidden, so the value of user’s attributes will never be revealed to any third parties, and the user’s privacy will be effectively preserved. Meanwhile, a token system is used to create key encryption key which can address the challenging issue of efficient attribute revocation. The new scheme achieved fine-grained and immediate attribute revocation which is more suitable for the practical applications. In addition, the scheme is proved to be adaptively chosen plaintext attack secure in the standard model, and it can withstand conspiracy attack. Compared to the existing related schemes, computational cost and storage cost is reduced, and it is more suitable for the practical applications in which user attributes is much less than the total of system attributes.

Key words: cloud environment, attribute-based encryption, attribute revocation, privacy preserving

CLC Number:

TP393

YAN Xixi, YE Qing, LIU Yu. Attribute-based Encryption Scheme Supporting Privacy Preserving and User Revocation in the Cloud Environment[J]. 信息网络安全, 2017, 17(6): 14-21.

References

[1] 刘占斌,刘虹,火一莽. 云计算中基于密文策略属性基加密的数据访问控制协议[J]. 信息网络安全,2014（7）：57-60.
[2] IBRAIMI L, PETKOVIC M, NIKOYA S, et al. Mediated Ciphertext-policy Attribute-based Encryption and Its Application[C]//Springer. 10th International Workshop on Information Security Applications, August 25-27, 2009, Busan, Korea. Heidelberg: Springer, 2009: 310-322.
[3] YU Shucheng, WANG Cong, REN K, et al. Attribute-based Data Sharing with Attribute Revocation[C]//ACM. 5th ACM Symposium on Information, Computer and Communications Security, April 13-16, 2010, Beijing, China. New York: ACM, 2010: 262- 270.
[4] HUR J, NOH D K. Attribute-based Access Control with Efficient Revocation in Data Outsourcing Systems[J]. IEEE Transactions on Parallel and Distributed Systems, 2011,22(7): 1214–1221.
[5] XIE Xingxing, MA Hua, LI Jin, et al. An Efficient Ciphertext-policy Attribute-based Access Control towards Revocation in Cloud Computing[J]. Journal of Universal Computer Science, 2013, 19(16): 2349-2367.
[6] WEI Lifei, ZHU Haojin, CAO Zhenfu, et al. Security and Privacy for Storage and Computation in Cloud Computing[J]. Information Sciences, 2014, 258 (3): 371-386.
[7] WANG Guojun, LIU Qin. Hierarchical Attribute-based Encryption and Scalable User Revocation for Sharing Data in Cloud Servers[J]. Computers & Security, 2011, 30(3): 320-331.
[8] TAKERU N, MASAMI M, YOSHIAKI S. Provably Secure Attribute-based Encryption with Attribute Revocation and Grant Function Using Proxy Re-encryption and Attribute Key for Updating[J]. Human-Centric Computing and Information Sciences, 2015, (8): 1-13.
[9] 李拴保,王雪瑞,傅建明,等. 多云服务提供者环境下的一种用户密钥撤销方法[J]. 电子与信息学报,2015,37（9）：2225-2231.
[10] XIA Zhihua, ZHANG Liangao, LIU Dandan. Attribute-based Access Control Scheme with Efficient Revocation in Cloud Computing[J]. China Communications, 2016, 13(7): 92-99.
[11] 王沿平,余小娟,张亚玲. 具有两个可撤销属性列表的密钥策略的属性加密方案[J]. 电子与信息学报,2016,38（6）：1406-1411.
[12] NISHIDE T, YONEYAMA K, OHTA K. Attribute-based Encryption with Partially Hidden Encryptor-specified Access Structures[C]//Springer. 6th International Conference on Applied Cryptography and Network Security, June 3-6, 2008, New York, USA. Heidelberg: Springer, 2008: 111-129.
[13] LI Jin, REN Kui, ZHU Bo, et al. Privacy Aware Attribute-based Encryption with User Accountability[C]//Springer. 12th International Conference on Information Security, September 7-9, 2009, Pisa, Italy. Heidelberg: Springer, 2009: 347-362.
[14] LAI Junzuo, DENG Huijie, LI Yingjiu. Fully Secure Ciphertext-policy Hiding CP-ABE[C]//Springer. 7th Information Security Practice and Experience. May 30-June 1, 2011, Guangzhou, China. Heidelberg: Springer, 2011: 24-39.
[15] LAI Junzuo, DENG Huijie, LI Yingjiu. Expressive CP-ABE with Partially Hidden Access Structures[C]//ACM. 7th ACM Symposium on Information, Computer and Communications Security, May 2-4, 2012, Seoul, Korea. New York: ACM, 2012: 18-19.
[16] 王海斌,陈少真. 隐藏访问结构的基于属性加密方案[J]. 电子与信息学报,2012,34（2）：457-461.
[17] ZENG Fugeng, XU Chunxing. Attribute-based Encryption with Hidden Threshold Access Structure[J]. Computer Modeling & New Technologies, 2014, 18(12B): 19-22.
[18] ZHOU Zhibin, HUANG Dijiang, WANG Zhijie. Efficient Privacy-priserving Ciphertext-policy Attribute Based-encryption and Broadcast Encryption[J]. IEEE Transactions on Computers, 2015, 64(1): 126-138.
[19] 应作斌,马建峰,崔江涛. 支持动态策略更新的半策略隐藏属性加密方案[J]. 通信学报,2015,36（12）：178-189.
[20] 宋衍,韩臻,刘凤梅,等. 基于访问树的策略隐藏属性加密方案[J]. 通信学报,2015,36（9）：119-126.
[21] 李继国,石岳蓉,张亦辰. 隐私保护且支持用户撤销的属性基加密方案[J]. 计算机研究与发展,2015,52（10）：2281-2292.
[22] 秦志光,吴世坤,熊虎. 云存储服务中数据完整性审计方案综述[J]. 信息网络安全,2014（7）：1-6.
[23] SAHAI A, WATERS B. Fuzzy Identity-based Encryption[C]//IACR. Advances in Cryptology-EUROCRYPT 2005, May 22-26, 2005, Aarhus, Denmark. Heidelberg: Springer, 2005: 457-473.
[24] 赵洋,陈阳,熊虎,等. 云环境下一种可撤销授权的数据拥有性证明方案[J]. 信息网络安全,2015（8）：1-7.