Forward and backward secure fuzzy encryption for data sharing in cloud computing
- 187 Downloads
The great benefits introduced by big data analysis technology motivate both individuals and enterprises to collect and share the data over the internet. Although cloud storage provides a perfect platform for data sharing, the security issue becomes the principal obstacle to preventing users from outsourcing their data to cloud servers, especially when the data involve sensitive information. As a new variant of public-key encryption scheme, attribute-based encryption (ABE) provides a fuzzy matching between the data encryptor and decryptor. That is, the encryptor ensures that all those users with attributes satisfying the defined access policy can decrypt the shared data, but cannot identify which one can do that. Thus, the ABE scheme can preserve user privacy, and is regarded as a promising solution of securing data sharing in the cloud storage system. But the original ABE scheme cannot be directly deployed for several practical issues, such as key exposure and user revocation. In this paper, we simultaneously conquer the above two issues and put forward a forward and backward secure ciphertext-policy ABE scheme such that a revealed user secret key is useless for decrypting any ciphertexts. The proposed forward and backward secure ABE scheme is proved secure under a q-type assumption in the selective model, without random oracles. The performance discussion indicates that the proposed scheme provides stronger security guarantees than other similar ABE schemes, and thus is more desirable for cloud storage systems.
KeywordsAttribute-based encryption Data sharing Fuzzy identity Forward and backward security
This work is supported by the National Nature Science Foundation of China (Nos. 61702549, 61502527, 61379150).
Compliance with ethical standards
Conflict of interest
The authors declare that they have no conflicts of interest.
This article does not contain any studies with human participants or animals performed by any of the authors.
- Abdalla M, Reyzin L (2000) A new forward-secure digital signature scheme. In: Advances in cryptology-ASIACRYPT 2000, Springer, pp 116–129Google Scholar
- Anderson R (1997) Two remarks on public key cryptology. Unpublished Available from http://www.clcamacuk/users/rja14
- Attrapadung N, Imai H (2009) Attribute-based encryption supporting direct/indirect revocation modes. In: IMA international conference on cryptography and coding, Springer, pp 278–300Google Scholar
- Beimel A (1996) Secure schemes for secret sharing and key distribution. Ph.D. thesis, Technion-Israel Institute of technology, Faculty of computer scienceGoogle Scholar
- Bellare M, Miner SK (1999) A forward-secure digital signature scheme. In: Advances in cryptology CRYPTO99, Springer, pp 431–448Google Scholar
- Boldyreva A, Goyal V, Kumar V (2008) Id-based encryption with efficient revocation. In: CCS 2008, ACM, pp 417–426Google Scholar
- Cui H, Deng RH, Li Y, Qin B (2016) Server-aided revocable attribute-based encryption. In: European symposium on research in computer security, Springer, pp 570–587Google Scholar
- Fu Z, Huang F, Sun X, Vasilakos A, Yang CN (2016a) Enabling semantic search based on conceptual graphs over encrypted outsourced data. IEEE Trans Serv Comput. doi: 10.1109/TSC.2016.2622697
- Itkis G, Reyzin L (2001) Forward-secure signatures with optimal signing and verifying. In: Advances in cryptology crypto 2001, Springer, pp 332–354Google Scholar
- Kitagawa T, Kojima H, Attrapadung N, Imai H (2015) Efficient and fully secure forward secure ciphertext-policy attribute-based encryption. In: 16th International conference on information security, Springer, pp 87–99Google Scholar
- Kozlov A, Reyzin L (2003) Forward-secure signatures with fast key update. In: Security in communication networks, Springer, pp 241–256Google Scholar
- Liang X, Li X, Lu R, Lin X, Shen X (2011) An efficient and secure user revocation scheme in mobile social networks. In: Global telecommunications conference (GLOBECOM 2011), IEEE, pp 1–5Google Scholar
- Liu JK, Yuen TH, Zhou J (2011) Forward secure ring signature without random oracles. In: International conference on information and communications security, Springer, pp 1–14Google Scholar
- Mayer-Schönberger V, Cukier K (2013) Big data: a revolution that will transform how we live, work, and think. Houghton Mifflin HarcourtGoogle Scholar
- Okamoto T, Takashima K (2011) Efficient attribute-based signatures for non-monotone predicates in the standard model. In: Public key cryptography–PKC 2011, Springer, pp 35–52Google Scholar
- Rouselakis Y, Waters B (2013) Practical constructions and new proof methods for large universe attribute-based encryption. In: CCS 2013, ACM, pp 463–474Google Scholar
- Sahai A, Waters B (2005) Fuzzy id-based encryption. In: Advances in cryptology–EUROCRYPT 2005, Springer, pp 457–473Google Scholar
- Seo JH, Emura K (2013) Revocable id-based encryption revisited: Security model and construction. In: Public-key cryptography–PKC 2013, Springer, pp 216–234Google Scholar
- Waters B (2011) Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Public key cryptography–PKC 2011, Springer, pp 53–70Google Scholar
- Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: ASIACCS 2010, ACM, pp 261–270Google Scholar
- Zhang Y, Wu A, Zheng D (2017) Efficient and privacy-aware attribute-based data sharing in mobile cloud computing. J Ambient Intell Humaniz Comput. doi: 10.1007/s12652-017-0509-1