Abstract
Attribute-based Encryption (ABE) realizes a novel and practical many-to-many encryption paradigm, in which the encryptor can appoint someone to decrypt it, and the decryptor does not know who the encryptor is. Therefore, the ABE has better privacy preserving to a certain extent for both participants to a certain degree. The original attribute-based encryption scheme usually has only one trusted authority, and the state of the system is not flexible enough to meet various dynamic needs of users, which become the bottleneck of the system. In addition, the computational overhead of the decryption is not cheap. In order to reduce the cost of decryption, a series of schemes such as encryption/decryption outsourcing have been proposed. However, those solutions simply outsource the process independently without any in-depth investigation into the trustworthiness issues. Hence, we construct an outsourced multi-authority attribute-based encryption with dynamicity and auditing (OMADA-ABE), which makes the system more practical and more flexible. Our solution can support the dynamic changes of the system as well as the auditing of outsourced decryption information to solve the above-mentioned related problems, so as to meet the potential requirements related to the real-world system. What’s more, we prove that the proposed scheme is secure against selective chosen-ciphertext attacks without random oracles, and it also achieves the collusion resistance. Finally, we compare our scheme with related researches and showed our advantage regarding the performance and other aspects.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security & Privacy (2007)
Qin, B., Deng, R.H., Liu, S., Ma, S.: Attribute-based encryption with efficient verifiable outsourced decryption. IEEE Trans. Inf. Forensics Secur. 10, 1384–1393 (2015)
Hui, M., Rui, Z., Wan, Z., Yao, L., Lin, S.: Verifiable and exculpable outsourced attribute-based encryption for access control in cloud computing. IEEE Trans. Dependable Secure Comput. 14(6), 679–692 (2017)
Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_28
Huang, L., Cao, Z., Liang, X., Shao, J.: Secure threshold multi authority attribute based encryption without a central authority. In: International Conference on Cryptology in India: Progress in Cryptology, pp. 2618–2632 (2008)
Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_31
Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of ABE ciphertexts. In: Proceedings of the 20th USENIX Conference on Security (2011)
Ren, Y.J., Jian, S., Jin, W., Jin, H., Lee, S.Y.: Mutual verifiable provable data auditing in public cloud storage. éè \(\cdot \) è 16(2), 317–323 (2015)
Lai, J., Deng, R.H., Guan, C., Weng, J.: Attribute-based encryption with verifiable outsourced decryption. IEEE Trans. Inf. Forensics and Secur. 8, 1343–1354 (2013)
Lin, S., Zhang, R., Ma, H., Wang, M.: Revisiting attribute-based encryption with verifiable outsourced decryption. IEEE Trans. Inf. Forensics Secur. 10(10), 2119–2130 (2015)
Sethi, K., Pradhan, A., Bera, P.: Practical traceable multi-authority CP-ABE with outsourcing decryption and access policy updation. J. Inf. Secur. Appl. 51 (2020)
Fan, C.I., Huang, S.M., Ruan, H.M.: Arbitrary-state attribute-based encryption with dynamic membership. IEEE Trans. Comput. 63(8), 1951–1961 (2014)
Lian, H., Wang, Q., Wang, G.: Large universe ciphertext-policy attribute-based encryption with attribute level user revocation in cloud storage. Int. Arab J. Inf. Technol. 17(1), 107–117 (2019)
Liu, L., Wang, S., Yan, Q.: A multi-authority key-policy ABE scheme from lattices in mobile ad hoc networks. Ad-hoc Sens. Wirel. Netw. 37(1–4), 117–143 (2017)
Hohenberger, S., Waters, B.: Online/offline attribute-based encryption. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 293–310. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54631-0_17
Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: International Symposium on ACM Symposium on Information, p. 261 (2010)
Xu, X., Zhou, J., Wang, X., Zhang, Y.: Multi-authority proxy re-encryption based on CPABE for cloud storage systems. J. Syst. Eng. Electron. 27, 211–223 (2016)
Premkamal, P.K., Pasupuleti, S.K., Alphonse, P.: Dynamic traceable CP-ABE with revocation for outsourced big data in cloud storage. Int. J. Commun. Syst. (6), e4351 (2020)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13
Boneh, D., Shoup, V.: A graduate course in applied cryptography. Draft 0.5 (2020)
Kan, Y., Jia, X.: Attributed-based access control for multi-authority systems in cloud storage. In: IEEE International Conference on Distributed Computing Systems (2012)
Chase, M., Chow, S.S.M.: Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, Chicago, Illinois, USA, 9–13 November 2009 (2009)
Sarma, R., Kumar, C., Barbhuiya, F.A.: MACFI: a multi-authority access control scheme with efficient ciphertext and secret key size for fog-enhanced IoT (2021)
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. ACM (2006)
Han, J., Susilo, W., Mu, Y., Zhou, J., Au, M.: Improving privacy and security in decentralized ciphertext-policy attribute-based encryption (2015)
Deng, Y.Q.: Dynamic attribute-based encryption scheme. Comput. Eng. Sci. (2014)
Rahulamathavan, Y., Veluru, S., Han, J., Fei, L., Rajarajan, M., Lu, R.: User collusion avoidance scheme for privacy-preserving decentralized key-policy attribute-based encryption. IEEE Trans. Comput. 65(9), 2939–2946 (2016)
Ling, J., Chen, J., Chen, J., Gan, W.: Multiauthority attribute-based encryption with traceable and dynamic policy updating. Secur. Commun. Netw. 2021(6), 1–13 (2021)
Ning, J., Cao, Z., Dong, X., Liang, K., Ma, H., Wei, L.: Auditable \(\sigma \)-time outsourced attribute-based encryption for access control in cloud computing. IEEE Trans. Inf. Forensics Secur. 13(1), 94–105 (2017)
Acknowledgement
This work has been partly supported by the Fundamentral Research Funds for the Central Universities (No. 30106220482).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Deng, Z., Chen, J. (2023). An Outsourced Multi-authority Attribute-Based Encryption for Privacy Protection with Dynamicity and Audit. In: Meng, W., Li, W. (eds) Blockchain Technology and Emerging Technologies. BlockTEA 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 498. Springer, Cham. https://doi.org/10.1007/978-3-031-31420-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-31420-9_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-31419-3
Online ISBN: 978-3-031-31420-9
eBook Packages: Computer ScienceComputer Science (R0)