Advertisement

Soft Computing

, Volume 23, Issue 22, pp 11409–11417 | Cite as

Improvement of an outsourced attribute-based encryption scheme

  • Hongjie Chen
  • Yongjian LiaoEmail author
Foundations

Abstract

Attribute-based encryption (ABE) scheme has become an important technology in cryptography. However, the considerable overhead of encryption and decryption restricts its application on the devices with limited resource. Fortunately, as the development of cloud computing, someone presents that outsourcing decryption and encryption can be used to deal with the problem. This idea has drawn a lot of attention after being proposed. Recently, Li et al. put forward an efficient verifiable outsourced ABE scheme which outsources the encryption and decryption to the cloud server and enables its valid receivers to verify the correctness of the message after decrypting. However, in this paper, we prove that their scheme is not secure under chosen plaintext attack which is the basic security requirement of ABE scheme. Then, we improve their scheme and illustrate that the improved scheme is adaptive chosen ciphertext attack (CCA2) secure in the random oracle model. The final comparison shows that we do not add extra computational burden to improve the security.

Keywords

Attribute-based encryption Outsourced encryption Outsourced decryption Cloud computing CCA2 

Notes

Acknowledgements

This study was funded by the National Natural Science Foundation of China (NSFC) under Grant No. 61472066, and the Sichuan Science and Technology Program (Nos. 2018GZ0180, 2018GZ0085, 2017GZDZX002).

Compliance with ethical standards

Conflict of interest

The authors declare that there are no conflicts of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

References

  1. Beimel A (1996) Secure schemes for secret sharing and key distribution. Technion-Israel Institute of technology, Faculty of computer scienceGoogle Scholar
  2. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: 2007 IEEE symposium on security and privacy (SP ’07) (2007), pp 321–334.  https://doi.org/10.1109/SP.2007.11
  3. Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. In: Advances in cryptology—CRYPTO 2001, vol 2139. Springer, Berlin, pp 213–229.  https://doi.org/10.1007/3-540-44647-8_13 CrossRefGoogle Scholar
  4. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on Computer and communications security. ACM, pp 89–98.  https://doi.org/10.1145/1180405.1180418
  5. Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of abe ciphertexts. In: SEC’11 Proceedings of the 20th USENIX conference on Security, p 34Google Scholar
  6. Havisha V, Padmavathi P, Ramanamurthy S (2017) Cloud security-random attribute based encryption. Innov Comput Sci Eng 8:113–120.  https://doi.org/10.1007/978-981-10-3818-1_13 CrossRefGoogle Scholar
  7. Huang J, Chiang C, Liao I (2013) An efficient attribute-based encryption and access control scheme for cloud storage environment. Grid Pervasive Comput 7861:453–463.  https://doi.org/10.1007/978-3-642-38027-3_48 CrossRefGoogle Scholar
  8. Lai J, Deng R, Guan C, Weng J (2013) Attribute-based encryption with verifiable outsourced decryption. IEEE Trans Inf Forensics Secur 8(8):1343–1354.  https://doi.org/10.1109/TIFS.2013.2271848 CrossRefGoogle Scholar
  9. Li J, Jia C, Li J, Chen X (2012) Outsourcing encryption of attribute-based encryption with mapreduce. Inf Commun Secur 7618:191–201.  https://doi.org/10.1007/978-3-642-34129-8_17 CrossRefGoogle Scholar
  10. Li J, Huang X, Li J, Chen A, Xiang Y (2014) Securely outsourcing attribute-based encryption with checkability. IEEE Trans Parallel Distrib Syst 25(8):2201–2210.  https://doi.org/10.1109/TPDS.2013.271 CrossRefGoogle Scholar
  11. Li Y, Qi F, Tang Z (2017) Traceable and complete fine-grained revocable multi-authority attribute-based encryption scheme in social network. Secur Priv Anonymity Comput Commun Storage 10656:87–92.  https://doi.org/10.1007/978-3-319-72389-1_8 CrossRefGoogle Scholar
  12. Li J, Li X, Wang L, He D, Ahmad H, Niu X (2018a) Fuzzy encryption in cloud computation: efficient verifiable outsourced attribute-based encryption. Soft Comput 22(3):707–714.  https://doi.org/10.1007/s00500-017-2482-1 CrossRefGoogle Scholar
  13. Li X, Niu J, Kumari S, Wu F, Choo KKR (2018b) A robust biometrics based three-factor authentication scheme for global mobility networks in smart city. Future Gener Comput Syst 83:607–618.  https://doi.org/10.1016/j.future.2017.04.012 CrossRefGoogle Scholar
  14. Li X, Peng J, Niu J, Wu F, Liao J, Choo KKR (2018c) A robust and energy efficient authentication protocol for industrial internet of things. IEEE Internet Things J 5(3):1606–1615.  https://doi.org/10.1109/JIOT.2017.2787800 CrossRefGoogle Scholar
  15. Liao Y, He Y, Li F, Zhou S (2017) Analysis of a mobile payment protocol with outsourced verification in cloud server and the improvement. Comput Stand Interfaces 56:101–106.  https://doi.org/10.1016/j.csi.2017.09.008 CrossRefGoogle Scholar
  16. Liao Y, He Y, Li F, Jiang S, Zhou S (2018) Analysis of an abe scheme with verifiable outsourced decryption. Sensors 18:176.  https://doi.org/10.3390/s18010176 CrossRefGoogle Scholar
  17. Lin S, Zhang R, Ma H, Wang S (2015) Revisiting attribute-based encryption with verifiable outsourced decryption. IEEE Trans Inf Forensics Secur 10(10):2119–2130.  https://doi.org/10.1109/TIFS.2015.2449264 CrossRefGoogle Scholar
  18. Pooja R, Pavan B, Apoorva P (2017) Access control with anonymous authentication of data stored in clouds using abe algorithm. In: 2017 International conference on communication and signal processing (ICCSP), IEEE, pp 909–912.  https://doi.org/10.1109/ICCSP.2017.8286501
  19. Qin B, Deng R, Liu S, Ma S (2015) Attribute-based encryption with efficient verifiable outsourced decryption. IEEE Trans Inf Forensics Secur 10(7):1384–1393.  https://doi.org/10.1109/TIFS.2015.2410137 CrossRefGoogle Scholar
  20. Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Advances in cryptology—EUROCRYPT 2005, vol 3494. Springer, Berlin, pp 457–473.  https://doi.org/10.1007/11426639_27 Google Scholar
  21. Shankar V, Singh K (2018) Applications of attribute-based encryption in cloud computing environment. Big Data Anal 654:687–692.  https://doi.org/10.1007/978-981-10-6620-7_66 CrossRefGoogle Scholar
  22. Wang C, Li W, Li Y, Xu X (2013) A ciphertext-policy attribute-based encryption scheme supporting keyword search function. Cyberspace Saf Secur 8300:377–386.  https://doi.org/10.1007/978-3-319-03584-0_28 CrossRefGoogle Scholar
  23. Wang H, He D, Shen J, Zheng Z, Zhao C, Zhao M (2017) Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing. Soft Comput 21(24):7325–7335.  https://doi.org/10.1007/s00500-016-2271-2 CrossRefzbMATHGoogle Scholar
  24. Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Public key cryptography—PKC 2011, vol 6571. Springer, Berlin, pp 53–70.  https://doi.org/10.1007/978-3-642-19379-8_4 CrossRefGoogle Scholar
  25. Yang X, Yang M, Yang P, Q L (2017) A multi-authority attribute-based encryption access control for social network. In: 2017 3rd IEEE international conference on control science and systems engineering (ICCSSE), IEEE, pp 671–674.  https://doi.org/10.1109/CCSSE.2017.8088017
  26. Zhang J, Wang B, Xhafa F, Wang X, Li C (2017) Energy-efficient secure outsourcing decryption of attribute based encryption for mobile device in cloud computation. J Ambient Intell Humaniz Comput 10:1–10.  https://doi.org/10.1007/s12652-017-0658-2 CrossRefGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  1. 1.University of Electronic Science and Technology of ChinaChengduChina

Personalised recommendations