Skip to main content
SpringerLink
Log in

Forward and backward secure fuzzy encryption for data sharing in cloud computing

  • Methodologies and Application
  • Published:
Soft Computing Aims and scope Submit manuscript

Abstract

The great benefits introduced by big data analysis technology motivate both individuals and enterprises to collect and share the data over the internet. Although cloud storage provides a perfect platform for data sharing, the security issue becomes the principal obstacle to preventing users from outsourcing their data to cloud servers, especially when the data involve sensitive information. As a new variant of public-key encryption scheme, attribute-based encryption (ABE) provides a fuzzy matching between the data encryptor and decryptor. That is, the encryptor ensures that all those users with attributes satisfying the defined access policy can decrypt the shared data, but cannot identify which one can do that. Thus, the ABE scheme can preserve user privacy, and is regarded as a promising solution of securing data sharing in the cloud storage system. But the original ABE scheme cannot be directly deployed for several practical issues, such as key exposure and user revocation. In this paper, we simultaneously conquer the above two issues and put forward a forward and backward secure ciphertext-policy ABE scheme such that a revealed user secret key is useless for decrypting any ciphertexts. The proposed forward and backward secure ABE scheme is proved secure under a q-type assumption in the selective model, without random oracles. The performance discussion indicates that the proposed scheme provides stronger security guarantees than other similar ABE schemes, and thus is more desirable for cloud storage systems.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

Notes

  1. Here we do not provide the computation cost of these listed ABE schemes. In fact, the computation cost consists with the storage/communication cost, and also depends on these numbers in Table 1.

References

  • Abdalla M, Reyzin L (2000) A new forward-secure digital signature scheme. In: Advances in cryptology-ASIACRYPT 2000, Springer, pp 116–129

  • Anderson R (1997) Two remarks on public key cryptology. Unpublished Available from http://www.clcamacuk/users/rja14

  • Attrapadung N, Imai H (2009) Attribute-based encryption supporting direct/indirect revocation modes. In: IMA international conference on cryptography and coding, Springer, pp 278–300

  • Beimel A (1996) Secure schemes for secret sharing and key distribution. Ph.D. thesis, Technion-Israel Institute of technology, Faculty of computer science

  • Bellare M, Miner SK (1999) A forward-secure digital signature scheme. In: Advances in cryptology CRYPTO99, Springer, pp 431–448

  • Boldyreva A, Goyal V, Kumar V (2008) Id-based encryption with efficient revocation. In: CCS 2008, ACM, pp 417–426

  • Canetti R, Halevi S, Katz J (2007) A forward-secure public-key encryption scheme. J Cryptol 20(3):265–294

    Article  MathSciNet  MATH  Google Scholar 

  • Cui H, Deng RH, Li Y, Qin B (2016) Server-aided revocable attribute-based encryption. In: European symposium on research in computer security, Springer, pp 570–587

  • Fu Z, Sun X, Liu Q, Zhou L, Shu J (2015) Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans Commun 98(1):190–200

    Article  Google Scholar 

  • Fu Z, Huang F, Sun X, Vasilakos A, Yang CN (2016a) Enabling semantic search based on conceptual graphs over encrypted outsourced data. IEEE Trans Serv Comput. doi:10.1109/TSC.2016.2622697

  • Fu Z, Wu X, Guan C, Sun X, Ren K (2016b) Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans Inf Forensics Secur 11(12):2706–2716

    Article  Google Scholar 

  • He D, Wang D, Xie Q, Chen K (2017a) Anonymous handover authentication protocol for mobile wireless networks with conditional privacy preservation. Sci China Inf Sci 60(5):104

    Article  Google Scholar 

  • He D, Wang H, Zhang J, Wang L (2017b) Insecurity of an identity-based public auditing protocol for the outsourced data in cloud storage. Inf Sci 375:48–53

    Article  Google Scholar 

  • Hong J, Xue K, Li W (2015) Security analysis of attribute revocation in multiauthority data access control for cloud storage systems. IEEE Trans Inf Forensics Secur 10(6):1315–1317

    Article  Google Scholar 

  • Huang X, Liu JK, Tang S, Xiang Y, Liang K, Xu L, Zhou J (2015) Cost-effective authentic and anonymous data sharing with forward security. IEEE Trans Comput 64(4):971–983

    Article  MathSciNet  MATH  Google Scholar 

  • Itkis G, Reyzin L (2001) Forward-secure signatures with optimal signing and verifying. In: Advances in cryptology crypto 2001, Springer, pp 332–354

  • Kiraz MS (2016) A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing. J Ambient Intell Humaniz Comput 7(5):731–760

    Article  Google Scholar 

  • Kitagawa T, Kojima H, Attrapadung N, Imai H (2015) Efficient and fully secure forward secure ciphertext-policy attribute-based encryption. In: 16th International conference on information security, Springer, pp 87–99

  • Kozlov A, Reyzin L (2003) Forward-secure signatures with fast key update. In: Security in communication networks, Springer, pp 241–256

  • Kumari S, Khan MK, Atiquzzaman M (2015) User authentication schemes for wireless sensor networks: a review. Ad Hoc Netw 27:159–194

    Article  Google Scholar 

  • Kumari S, Li X, Wu F, Das AK, Arshad H, Khan MK (2016) A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps. Future Gen Comput Syst 63:56–75

    Article  Google Scholar 

  • Kumari S, Li X, Wu F, Das AK, Choo KKR, Shen J (2017) Design of a provably secure biometrics-based multi-cloud-server authentication scheme. Future Gen Comput Syst 68:320–330

    Article  Google Scholar 

  • Li J, Li X, Wang L, He D, Ahmad H, Niu X (2017) Fuzzy encryption in cloud computation: efficient verifiable outsourced attribute-based encryption. Soft Comput. doi:10.1007/s00500-017-2482-1

    Google Scholar 

  • Liang X, Li X, Lu R, Lin X, Shen X (2011) An efficient and secure user revocation scheme in mobile social networks. In: Global telecommunications conference (GLOBECOM 2011), IEEE, pp 1–5

  • Liu JK, Yuen TH, Zhou J (2011) Forward secure ring signature without random oracles. In: International conference on information and communications security, Springer, pp 1–14

  • Mayer-Schönberger V, Cukier K (2013) Big data: a revolution that will transform how we live, work, and think. Houghton Mifflin Harcourt

  • Okamoto T, Takashima K (2011) Efficient attribute-based signatures for non-monotone predicates in the standard model. In: Public key cryptography–PKC 2011, Springer, pp 35–52

  • Park Y, Sur C, Rhee KH (2016) Pseudonymous authentication for secure V2I services in cloud-based vehicular networks. J Ambient Intell Humaniz Comput 7(5):661–671

    Article  Google Scholar 

  • Rouselakis Y, Waters B (2013) Practical constructions and new proof methods for large universe attribute-based encryption. In: CCS 2013, ACM, pp 463–474

  • Sahai A, Waters B (2005) Fuzzy id-based encryption. In: Advances in cryptology–EUROCRYPT 2005, Springer, pp 457–473

  • Seo JH, Emura K (2013) Revocable id-based encryption revisited: Security model and construction. In: Public-key cryptography–PKC 2013, Springer, pp 216–234

  • Shi Y, Zheng Q, Liu J, Han Z (2015) Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation. Inf Sci 295:221–231

    Article  MathSciNet  MATH  Google Scholar 

  • Wang D, He D, Wang P, Chu CH (2015) Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans Depend Secur Comput 12(4):428–442

    Article  Google Scholar 

  • Wang H, He D, Shen J, Zheng Z, Zhao C, Zhao M (2016) Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing. Soft Comput. doi:10.1007/s00500-016-2271-2

    MATH  Google Scholar 

  • Wang H, He D, Shen J, Zheng Z, Yang X, Au MH (2017) Fuzzy matching and direct revocation: a new CP-ABE scheme from multilinear maps. Soft Comput. doi:10.1007/s00500-017-2488-8

    MATH  Google Scholar 

  • Waters B (2011) Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Public key cryptography–PKC 2011, Springer, pp 53–70

  • Wei J, Liu W, Hu X (2014) Forward-secure threshold attribute-based signature scheme. Comput J 58(10):2492–2506

    Article  Google Scholar 

  • Wei J, Liu W, Hu X (2015) Secure control protocol for universal serial bus mass storage devices. IET Comput Digit Tech 9(6):321–327

    Article  Google Scholar 

  • Wei J, Hu X, Liu W (2017a) Two-factor authentication scheme using attribute and password. Int J Commun Syst 30(1):1–14

    Article  Google Scholar 

  • Wei J, Liu W, Hu X (2017b) Forward-secure identity-based signature with efficient revocation. Int J Comput Math 94(7):1390–1411

    Article  MathSciNet  MATH  Google Scholar 

  • Wu W, Hu S, Yang X, Liu JK, Au MH (2017) Towards secure and cost-effective fuzzy access control in mobile cloud computing. Soft Comput 21(10):2643–2649

    Article  Google Scholar 

  • Xia Z, Wang X, Sun X, Wang Q (2016a) A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans Parallel Distrib Syst 27(2):340–352

    Article  Google Scholar 

  • Xia Z, Wang X, Zhang L, Qin Z, Sun X, Ren K (2016b) A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Trans Inf Forensics Secur 11(11):2594–2608

    Article  Google Scholar 

  • Xu J, Wen Q, Li W, Shen J, He D (2016) Succinct multi-authority attribute-based access control for circuits with authenticated outsourcing. Soft Comput. doi:10.1007/s00500-016-2244-5

    MATH  Google Scholar 

  • Yang K, Jia X, Ren K, Zhang B, Xie R (2013) Dac-macs: effective data access control for multiauthority cloud storage systems. IEEE Trans Inf Forensics Secur 8(11):1790–1801

    Article  Google Scholar 

  • Yu J, Hao R, Kong F, Cheng X, Fan J, Chen Y (2011a) Forward-secure identity-based signature: security notions and construction. Inf Sci 181(3):648–660

    Article  MathSciNet  MATH  Google Scholar 

  • Yu J, Kong F, Cheng X, Hao R, Fan J (2011b) Forward-secure identity-based public-key encryption without random oracles. Fundam Inform 111(2):241–256

    MathSciNet  MATH  Google Scholar 

  • Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: ASIACCS 2010, ACM, pp 261–270

  • Zhang M, Wu L, Wang XA, Yang X (2016) Unidirectional ibpre scheme from lattice for cloud computation. J Ambient Intell Humaniz Comput 7(5):623–631

    Article  Google Scholar 

  • Zhang Y, Wu A, Zheng D (2017) Efficient and privacy-aware attribute-based data sharing in mobile cloud computing. J Ambient Intell Humaniz Comput. doi: 10.1007/s12652-017-0509-1

  • Zhong H, Zhu W, Xu Y, Cui J (2016) Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft Comput. doi:10.1007/s00500-016-2330-8

    MATH  Google Scholar 

Download references

Acknowledgements

This work is supported by the National Nature Science Foundation of China (Nos. 61702549, 61502527, 61379150).

Author information

Authors and Affiliations

  1. State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, 450002, China

    Jianghong Wei, Xuexian Hu & Qihui Zhang

  2. School of Computer Science and Information Security, Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology, Guilin, 541004, Guangxi, China

    Wenfen Liu

Authors
  1. Jianghong Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xuexian Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wenfen Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Qihui Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jianghong Wei.

Ethics declarations

Conflict of interest

The authors declare that they have no conflicts of interest.

Ethical standard

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Communicated by V. Loia.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wei, J., Hu, X., Liu, W. et al. Forward and backward secure fuzzy encryption for data sharing in cloud computing. Soft Comput 23, 497–506 (2019). https://doi.org/10.1007/s00500-017-2834-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00500-017-2834-x

Keywords

Search

Navigation