Outsourced KP-ABE with Enhanced Security
Although Key-Policy Attribute-Based Encryption (KP-ABE) has been widely applied to protect data in cloud computing, it is always criticized for its inefficiency drawbacks, coming from both key-issuing and decryption. Recently, some papers proposed the outsourcing solutions. But adversaries in the attack model of these researches were divided into two categories, and it is assumed that the two cannot communicate with each other, which is obviously unrealistic. In this paper, we first proved that there are severe security vulnerabilities in these schemes for this assumption, and then proposed a security enhanced Chosen Plaintext Attack (SE-CPA) model, which eliminates the improper limitations. By utilizing Proxy Re-Encryption (PRE), we also constructed a concrete KP-ABE Outsourcing scheme (O-KP-ABE) and proved its security under SE-CPA model. Comparisons with existing schemes show that our construction has comprehensive advantages in security and efficiency.
KeywordsKP-ABE Cloud computing Computation outsourcing Attack model Proxy re-encryption
This work was supported by the National Natural Science Foundation of China (Grant No.61170088) and Foundation of the State Key Laboratory of Software Development Environment (Grant No. SKLSDE-2014ZX-05).
- 3.Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. thesis, Technion-Israel Institute of Technology, Faculty of Computer Science (1996)Google Scholar
- 4.Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, 2007, SP 2007, pp. 321–334. IEEE (2007)Google Scholar
- 7.Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 185–194. ACM (2007)Google Scholar
- 9.Cheung, L., Newport, C.: Provably secure ciphertext policy abe. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 456–465. ACM (2007)Google Scholar
- 11.Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98. ACM (2006)Google Scholar
- 12.Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of abe ciphertexts. In: USENIX Security Symposium, p. 3 (2011)Google Scholar
- 20.Zhou, Z., Huang, D.: Efficient and secure data storage operations for mobile cloud computing. In: Proceedings of the 8th International Conference on Network and Service Management, pp. 37–45. International Federation for Information Processing (2012)Google Scholar