Privacy-preserving Attribute-based Dynamic Broadcast Encryption Mechanism in Multi-user Communication System

doi:10.3969/j.issn.1671-1122.2021.04.003

Abstract

Abstract:

Multi-user information sharing mechanism has been paid more and more attention with the rapid development of cloud computing and the Internet of things. However, when users upload personal data to the cloud server to share with different users, unauthorized users and untrusted third-party cloud service providers will snoop on these private data, which will pose a serious threat to data security and user privacy. In addition, there are still some challenges in the multiple-user sharing mechanism, such as inflexible access control, user revocation and dynamic management, etc. To address these problems, this paper proposes a dynamic broadcast encryption mechanism. It combines attribute-based encryption with broadcast encryption techniques. The scheme uses the oblivious transmission protocol to realize the receiver anonymity and protect the user privacy while ensuring the data security. Additionally, the scheme supports new users to join the system dynamically at any time without affecting the decryption ability of previous users in the system, and achieves user revocation and fast decryption. Performance analysis shows that the scheme has obvious advantages in security and efficiency compared with existing schemes.

Key words: attribute-based broadcast encryption, cloud computing, oblivious transfer protocol, fast decryption

CLC Number:

TP309

YOU Wenting, ZHANG Leyou, YE Yadi, LI Hui. Privacy-preserving Attribute-based Dynamic Broadcast Encryption Mechanism in Multi-user Communication System[J]. Netinfo Security, 2021, 21(4): 21-30.

Figures/Tables 6

References 32

[1]	BONEH D, GOH E J, NISSIM K. Evaluating 2-DNF Formulas on Ciphertexts[M]// Springer. Theory of Cryptography. Heidelberg: Springer, 2005: 325-341.
[2]	OSTROVSKY R, SAHAI A, WATERS B. Attribute-based Encryption with Non-monotonic Access Structures[C]// ACM. The 14th ACM Conference on Computer and Communications Security, October 29-November 2, 2007, Alexandria Virginia, USA. New York: ACM, 2007: 195-203.
[3]	LAI Junzuo, DENG R H, LI Yingjiu, et al. Fully Secure Key-policy Attribute-based Encryption with Constant-size Ciphertexts and Fast Decryption[C]// ACM. The 9th ACM Symposium on Information, Computer and Communications Security, June 4-6, 2014, Kyoto, Japan. New York: ACM, 2014: 239-248.
[4]	BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy Attribute-based Encryption[C]// IEEE. IEEE Symposium on Security & Privacy, May 20-23, 2007, Berkeley, CA, USA. NJ: IEEE, 2007: 321-334.
[5]	CHEUNG L, NEWPORT C. Provably Secure Ciphertext Policy ABE[C]// ACM. The 14th ACM Conference on Computer and Communications Security, October 29-November 2, 2007, Alexandria Virginia, USA. New York: ACM, 2007: 456-465.
[6]	FIAT A, NAOR M. Broadcast Encryption[M]// Springer. Advances in Cryptology — CRYPTO' 93. Heidelberg: Springer, 1993: 480-491.
[7]	BONEH D, GENTRY C, WATERS B. Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys[M]// Springer. Advances in Cryptology-CRYPTO 2005. Heidelberg: Springer, 2005: 258-275.
[8]	CÉCILE Delerablée, PAILLIER P, POINTCHEVAL D. Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys[M]// Springer. Pairing-based Cryptography-Pairing 2007. Heidelberg: Springer, 2007: 39-59.
[9]	LEWKO A, SAHAI A, WATERS B. Revocation Systems with Very Small Private Keys[C]// IEEE. 2010 IEEE Symposium on Security and Privacy, May 16-19, 2010, Berkeley, Oakland, CA, USA. NJ: IEEE, 2010: 273-285.
[10]	CHEN Liqing, LI Jiguo, ZHANG Yichen. Adaptively Secure Efficient Broadcast Encryption with Constant-size Secret key and Ciphertext[J]. Soft Computing, 2019,24(8):4589-4606. doi: 10.1007/s00500-019-04219-5 URL
[11]	ACHARYA K. Secure and Efficient Public Key Multi-channel Broadcast Encryption Schemes[EB/OL]. https://www.sciencedirect.com/science/article/abs/pii/S2214212619301899d, 2020-10-30
[12]	RAO Y S. A Secure and Efficient Ciphertext-policy Attribute-based Signcryption for Personal Health Records Sharing in Cloud Computing[J]. Future Generations Computer Systems, 2017,67(2):133-151. doi: 10.1016/j.future.2016.07.019 URL
[13]	LI Jiguo, YAO Wei, ZHANG Yichen, et al. Flexible and Fine-grained Attribute-based Data Storage in Cloud Computing[J]. IEEE Transactions on Services Computing, 2017,10(5):785-796. doi: 10.1109/TSC.2016.2520932 URL
[14]	NISHIDE T, YONEYAMA K, OHTA K. Attribute-based Encryption with Partially Hidden Encryptor-specified Access Structures[M]// Springer. Applied Cryptography and Network Security. Heidelberg: Springer, 2008: 111-129.
[15]	ZHANG Leyou, HU Gongcheng, MU Yi, et al. Hidden Ciphertext Policy Attribute-based Encryption with Fast Decryption for Personal Health Record System[J]. IEEE Access, 2019,7(3):33202-33213. doi: 10.1109/ACCESS.2019.2902040 URL
[16]	ZHANG Yinghui, CHEN Xiaofeng, LI Jin, et al. Anonymous attribute-based Encryption Supporting Efficient Decryption Test[C]// ACM. The 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, May 8-10, 2013, Hangzhou, China. New York: ACM, 2013: 511-516.
[17]	ZHANG Yichen, LI Jiguo, HAO Yan. Constant Size Ciphertext Distributed CP-ABE Scheme with Privacy Protection and Fully Hiding Access Structure[J]. IEEE Access, 2019,7(9):47982-47990. doi: 10.1109/Access.6287639 URL
[18]	WANG Zhiwei, HE Mingjun, CP-ABE with Hidden Policy from Waters Efficient Construction[EB/OL]. https://dl.acm.org/doi/abs/10.1155/2016/3257029, 2016-01-28.
[19]	PHUONG T V X, YANG Guomin, SUSILO W. Hidden Ciphertext Policy Attribute-based Encryption Under Standard Assumptions[J]. IEEE Transactions on Information Forensics & Security, 2016,11(1):35-45.
[20]	KATZ J, K, SAHAI A, WATERS B. Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products[M]// Springer. Advances in Cryptology-EUROCRYPT. Heidelberg: Springer, 2008: 146-162.
[21]	SHI E, WATERS B. Delegating Capabilities in Predicate Encryption Systems[M]// Springer. Automata, Languages and Programming. Heidelberg: Springer, 2008: 560-578.
[22]	LUBICZ D, SIRVENT T. Attribute-based Broadcast Encryption Scheme Made Efficient[M]// Springer. Progress in Cryptology-AFRICACRYPT 2008. Heidelberg: Springer, 2008: 325-342.
[23]	ATTRAPADUNG N, IMAI H. Conjunctive Broadcast and Attribute-based Encryption[M]// Springer. Pairing-based Cryptography-Pairing 2009. Heidelberg: Springer, 2009: 248-265.
[24]	CANARD S, PHAN D H, TRINH V C. Attribute-based Broadcast Encryption Scheme for Lightweight Devices[J]. IET Information Security, 2017,12(1):52-59. doi: 10.1049/ise2.v12.1 URL
[25]	PHUONG T V X, YANG Guomin, SUSILO W, et al. Attribute-based Broadcast Encryption with Short Ciphertext and Decryption Key[M]// Springer. Computer Security-ESORICS 2015. Cham: Springer, 2015: 252-269.
[26]	CANARD S, TRINH V C. Constant-size Ciphertext Attribute-based Encryption from Multi-channel Broadcast Encryption[M]// Springer. Information Systems Security. Cham: Springer, 2016: 193-211.
[27]	ZHOU Zhibin, HUANG Dijiang. On Efficient Ciphertext-policy Attribute-based Encryption and Broadcast Encryption[J]. IEEE Transactions on Computers, 2010,2010(1):753-755.
[28]	ZHOU Zhibin, HUANG Dijiang, WANG Z. Efficient Privacy-preserving Ciphertext-policy Attribute-based Encryption and Broadcast Encryption[J]. IEEE Transactions on Computers, 2015,64(1):126-138. doi: 10.1109/TC.2013.200 URL
[29]	XIONG Hu, ZHANG Hao, SUN Jianfei. Attribute-based Privacy-preserving Data Sharing for Dynamic Groups in Cloud Computing[J]. IEEE systems journal, 2019,13(3):2739-2750. doi: 10.1109/JSYST.4267003 URL
[30]	KUMAR G S, KRISHNA A S. Privacy Sustaining Constant Length Ciphertext-policy Attribute-based Broadcast Encryption: Methods and Protocols[EB/OL]. https://www.researchgate.net/publication/330434647_Privacy_Sustaining_Constant_Length_Ciphertext-Policy_Attribute-Based_Broadcast_Encryption_Methods_and_Protocols, 2020-10-29.
[31]	LEWKO A, OKAMOTO T, SAHAI A, et al. Fully Secure Functional Encryption: Attribute-based Encryption and (Hierarchical) Inner Product Encryption[M]// Springer. Advances in Cryptology-EUROCRYPT 2010. Heidelberg: Springer, 2010: 62-91.
[32]	LI Qingyi, ZHANG Fengli. A Fully Secure Attribute-based Broadcast Encryption Scheme[J]. International Journal of Network Security, 2015,17(3):263-271.

方案	群的阶数	访问策略	隐私保护	用户撤销
文献[25]方案	$p$	AND	×	×
文献[29]方案	$p$	AND	√	×
文献[32]方案	${{p}_{1}}{{p}_{2}}{{p}_{3}}$	LSSS	×	×
本文方案	${{p}_{1}}{{p}_{2}}{{p}_{3}}$	LSSS	√	√

方案	公钥长度	密钥长度	密文长度	解密代价
文献[25]方案	$(2m+n+2)\|G\|$	$(2n+5)\|G\|$	$4\|G\|+\|{{G}_{T}}\|$	$11p$
文献[29]方案	$(2m+8n+3)\|G\|$	$(4n+2)\|G\|$	$(4n+3)\|G\|+\|{{G}_{T}}\|$	$2p$
文献[32]方案	$(m+n+2)\|G\|+\|{{G}_{T}}\|$	$(m+n+1)\|{{G}_{{{p}_{3}}}}\|$	$(2l+2)\|G\|+\|{{G}_{T}}\|$	$(2\|I\|+2)p$
本文方案	$6\|G\|+\|{{G}_{T}}\|$	$(n+3)\|G\|$	$(l+2+m)\|{{G}_{{{p}_{3}}}}\|+\|{{G}_{T}}\|$	$4p$