KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

New Constructions of Hierarchical Attribute-Based Encryption for Fine-Grained Access Control in Cloud Computing

  • Zhang, Leyou (Department of Mathematics, Xidian University) ;
  • Hu, Yupu (Key Laboratory of Computer Networks and Information Security, Xidian University)
  • Received : 2012.12.23
  • Accepted : 2013.05.06
  • Published : 2013.05.30
Download PDF
⟨ Previous Next ⟩

Abstract

Cloud computing has emerged as perhaps the hottest development in information technology at present. This new computing technology requires that the users ensure that their infrastructure is safety and that their data and applications are protected. In addition, the customer must ensure that the provider has taken the proper security measures to protect their information. In order to achieve fine-grained and flexible access control for cloud computing, a new construction of hierarchical attribute-based encryption(HABE) with Ciphertext-Policy is proposed in this paper. The proposed scheme inherits flexibility and delegation of hierarchical identity-based cryptography, and achieves scalability due to the hierarchical structure. The new scheme has constant size ciphertexts since it consists of two group elements. In addition, the security of the new construction is achieved in the standard model which avoids the potential defects in the existing works. Under the decision bilinear Diffie-Hellman exponent assumption, the proposed scheme is provable security against Chosen-plaintext Attack(CPA). Furthermore, we also show the proposed scheme can be transferred to a CCA(Chosen-ciphertext Attack) secure scheme.

Keywords

References

  1. R. Buyya, C . ShinYeo, J. Broberg and I. Brandic. "Cloud computing and emerging it platforms: vision, hype, and reality for delivering computing as the 5th utility," Future Generation Computer Systems, vol. 25, no 6, pp. 599-616, June, 2009. https://doi.org/10.1016/j.future.2008.12.001
  2. J.M. Do, Y.J. Song and N. Park. "Attribute Based Proxy Re-encryption for Data Confidentiality in Cloud Computing Environments", in Proc. of 2011 First ACIS/JNU International Conference on Computers, Networks, Systems and Industrial Engineering(cnsi), Berlin, Springer-Verlag, pp. 248-251, May-23-25, 2011.
  3. A. Sahai, B. Waters. "Fuzzy Identity-Based Encryption," in Proc. of EUROCRYPT 2005, vol. 3494, Berlin, Springer-Verlag, pp. 457-473, May 22-26, 2005.
  4. V. Goyal, O. Pandey, A. Sahai, etal. "Attribute-based encryption for fine grained access control of encrypted data," in Proc. of the 13th ACM Conference on Computer and Communications Security, CCS 2006, ACM Press, pp. 72-81, October 30-November 3, 2006.
  5. S. Yu, C. Wang, K. Ren etal. "Achieving secure, scalable, and fine-grained data access control in cloud computing," in Proc. of IEEE INFOCOM, pp. 534-542, March 14-19, 2010.
  6. L. Ibraimi, Q. Tang and P. Hartel etal. "Efficient and provable secure ciphertext-policy attribute-based encryption schemes," in Proc. of the Information Security Practice and Experience, Berlin, Springer-Verlag, pp.1−12, April 13-15, 2009.
  7. N. Attrapadung, H. Imai. "Dual-Policy attribute based encryption," in Proc. of the Applied Cryptography and Network Security (ACNS). Berlin, Springer-Verlag, pp.168−185, June 2-5, 2009.
  8. A. Lewko, T. Okamoto and A Sahai, etal. "Fully secure functional encryption: Attribute-Based encryption and (hierarchical) inner product encryption," in Proc. of Advances in Cryptology-EUROCRYPT 2010, LNCS 6110, Berlin, Springer-Verlag, pp. 62−91, May 30- June 3, 2010.
  9. D. Boneh, X. Boyen and E. Goh. "Hierarchical identity based encryption with constant size ciphertext," in Proc. of Advances in EUROCRYPT, vol. 3494, Berlin, Springer-Verlag, pp. 440-456, May 22-26, 2005.
  10. L.Y. Zhang, Y.P. Hu, Q. Wu. "Hierarchical Identity-Based Encryption with Constant size private keys," ETRI Journal, 34(1), pp.142-145, February 2012. https://doi.org/10.4218/etrij.12.0211.0140
  11. B. Waters. "Dual key encryption: Realizing fully secure IBE and HIBE under simple assumption," in Proc of Advances in cryptology-CRYPTO, vol. 5677, Berlin, Springer-Verlag, pp. 619-636, August 16-20, 2009.
  12. D. Cash, D. Hofheinz and E. Kiltz. "How to Delegate a Lattice Basis," Journal of Cryptology, vol. 25, no. 4, pp 601-639, October 2012. https://doi.org/10.1007/s00145-011-9105-2
  13. G. Wang, Q. Liu and J. Wu. "Hierarchical attribute-based encryption for fine-grained access control in cloud storage services," in Proc. of ACM Conference on Computer and Communications Security (CCS)-2010 (Poster), ACM Press, pp. 735-737, October 4-8, 2010.
  14. G. Wang, Q. Liu and J. Wu, et al. "Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers." Computers and Security, vol. 30, no. 5, pp. 320-331, July 2011.
  15. R. Canetti, O. Goldreich and S. Halevi. "The random oracle methodology," Journal of ACM, vol. 51, no 4, pp. 557-594, July 2004. https://doi.org/10.1145/1008731.1008734
  16. J. Liu, Z.G. Wan and M. Gu. "Hierarchical Attribute-Set Based Encryption for Scalable, Flexibleand Fine-Grained Access Control in Cloud Computing," in Proc. of the Information Security Practice and Experience.-ISPEC, vol. 6672, Berlin, Springer-Verlag, pp. 98-107, May 30- June 1, 2011.
  17. Z. B. Zhou, D. J. Huang. "On Efficient Ciphertext-Policy Attribute Based Encryption and Broadcast Encryption," in Proc. of ACM Conference on Computer and Communications Security (CCS), ACM Press, pp. 753-755, October 4-8, 2010.
  18. E. Kiltz. "Chosen-ciphertext security from tag-based encryption," in Proc. of TCC 2006: 3rd Theory of Cryptography Conference, Berlin, Springer-Verlag, LNCS 3876, pp. 581-600, March 4-7, 2006.

Cited by

  1. An Improved Privacy Preserving Construction for Data Integrity Verification in Cloud Storage vol.8, pp.10, 2013, https://doi.org/10.3837/tiis.2014.10.019
  2. Computational Analytics of Client Awareness for Mobile Application Offloading with Cloud Migration vol.8, pp.11, 2013, https://doi.org/10.3837/tiis.2014.11.014
  3. Ciphertext policy attribute-based encryption supporting unbounded attribute space from R-LWE vol.11, pp.4, 2017, https://doi.org/10.3837/tiis.2017.04.025