Abstract
With the expansion of data, companies start to look for new efficient and cheap alternatives to store, share and manage their data. In this regard, cloud storage services appeared to fill this gap by providing a huge amount of computing resources ensuring data availability and efficient data management with low cost due to the pay-as-you-go payment-model adopted by cloud providers. However, by outsourcing their sensitive data (financial data, health records …), companies will no longer be in control of them, so this arises big challenges related to the confidentiality and data security against attackers (in case of compromised cloud servers) and even against curious cloud providers. Therefore, encrypting data before outsourcing them is the only way that gives to the data owners the control over their data. However, using traditional public key cryptography in a data-sharing context produces an unnecessary communication and computation overhead since for each targeted user, the data owner needs to encrypt a copy of data with the corresponding user’s public key. To fix this problem, many attribute-based encryption (ABE) schemes were proposed. In the ABE model, the encryption process is done based on the attributes instead of a unique public key, and users with matching attributes can decrypt the ciphertext, so data owners in this model don’t need to generate many copies of the same data as in the traditional cryptosystems. However, these schemes still require a huge computational power and communication cost since they are based on expensive bilinear pairing and modular exponentiation operations. We propose a lightweight version of the Ciphertext-Policy Attribute-Based Encryption (CP-ABE) using elliptic curve cryptography and scalar point multiplications, instead of bilinear pairings and modular exponentiations, to ensure a fine-grained access control with less computation cost and shorter keys and ciphertexts. The results show that our scheme improves the execution efficiency and requires a low-cost communication and storage.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Mell, P., Grance, T.: The NIST definition of cloud computing recommendations of the National Institute of Standards and Technology. Natl. Inst. Stand. Technol. Inf. Technol. Lab. 145, 7 (2011)
Armbrust, M., et al.: A view of cloud computing: clearing the clouds away from the true potential and obstacles posed by this computing capability. Commun. ACM 53(4), 50–58 (2010)
Zhang, Q., Cheng, L., Boutaba, R.: Cloud computing: state-of-the-art and research challenges. J. Internet. Serv. Appl. 1(1), 7–18 (2010)
Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R.H.: Above the clouds: a Berkeley view of cloud computing. University of California, Berkeley, Technical Report UCB, pp. 07–013 (2009)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Eurocrypt, pp. 457–473 (2005)
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security—CCS’06, p. 89 (2006)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 321–334 (2007)
Cheung, L., Newport, C.: Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007, pp. 456–465 (2007)
Ibraimi, L., Tang, Q., Hartel, P., Jonker, W.: Efficient and provable secure ciphertext-policy attribute-based encryption schemes. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 5451, pp. 1–12 (2009)
Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security—CCS’07, p. 195 (2007)
Attrapadung, N., Imai, H.: Dual-policy attribute based encryption. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 5536, pp. 168–185 (2009)
Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 5037, pp. 111–129 (2008)
Emura, K., Miyaji, A., Nomura, A., Omote, K., Soshi, M.: A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 5451, pp. 13–23 (2009)
Herranz, J., Laguillaumie, F., Ràfols, C.: Constant size ciphertexts in threshold attribute-based encryption. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 6056, pp. 19–34 (2010)
Lewko, A.B., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Eurocrypt, vol. 02, no. subaward 641, pp. 62–91 (2010)
Martínez, V.G., Encinas, L.H., Sanchez-Avila, C.: A survey of the elliptic curve integrated encryption scheme. Secur. Manag. 2(2), 495–504 (2010)
Shamir, A., Shamir, A.: How to share a secret. Commun. ACM 22(1), 612–613 (1979)
Kothari, S.C.: Generalized Linear Threshold Scheme. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 196, pp. 231–241 (1985)
Asmuth, C., Bloom, J.: A modular approach to key safeguarding. IEEE Trans. Inf. Theory 29(2), 208–210 (1983)
Benaloh, J., Leichter, J.: Generalized secret sharing and monotone functions. Advances in Cryptology—CRYPTO’88, vol. 403, pp. 27–35 (1988)
Beimel, A.: Secure schemes for secret sharing and key distribution. Tech. Inst. Technol. Fac. Comput. Sci. (1996)
Yao, X., Chen, Z., Tian, Y.: A lightweight attribute-based encryption scheme for the internet of things. Future Gener. Comput. Syst. 49, 104–112 (2015)
Pang, L., Yang, J., Jiang, Z.: A survey of research progress and development tendency of attribute-based encryption. Sci. World J. 2014, 13 (2014)
Waters, B.: Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization, vol. 6571 (2006), pp. 1–25 (2011)
Acknowledgements
This work is supported by the National Center for Scientific and Technical Research’s (CNRST) scholarship M.06/4.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
El Gafif, H., Meddah, N., Toumanari, A. (2019). A Lightweight Ciphertext-Policy Attribute-Based Encryption for Fine-Grained Access Control. In: Ezziyyani, M. (eds) Advanced Intelligent Systems for Sustainable Development (AI2SD’2018). AI2SD 2018. Advances in Intelligent Systems and Computing, vol 915. Springer, Cham. https://doi.org/10.1007/978-3-030-11928-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-11928-7_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-11927-0
Online ISBN: 978-3-030-11928-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)