Skip to main content
Springer Nature Link
Log in

Provably Secure Self-Extractable Encryption

  • Conference paper
  • First Online:
Provable Security (ProvSec 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10592))

Included in the following conference series:

  • 1523 Accesses

Abstract

There is an increasing demand of data sharing via cloud. Data privacy and secrecy protections are arguably the major challenges in such applications. It is widely suggested to encrypt outsourced data using advanced encryption primitives for flexible sensitive data sharing in cloud. In all existing asymmetric based systems, a subtle issue is that the data owner itself cannot read the encrypted and outsourced data. This raises a problem for the data owner when she needs to access the outsourced data but locally there is no copy in the clear text form. To cope with this problem, we formalize a new framework, referred to as Self-EXtractable Encryption (SEXE). In addition to the normal functionalities of an advanced encryption primitive, SEXE is equipped with a useful self-extractability. With this property, the data owner can always access her encrypted data. We propose a generic SEXE construction from any advanced encryption primitives. Following the proposed generic construction, we instantiate several typical SEXE systems, including Self-EXtractable Identity-Based Encryption (SEXIBE), Self-Extractable Attribute-Based Encryption (SXABE) in Key-Policy setting and in Ciphertext-Policy setting.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205–222. Springer, Heidelberg (2005). doi:10.1007/11535218_13

    Chapter  Google Scholar 

  2. Anderson, R.: Technical perspective: a chilly sense of security. Commun. ACM 52(5), 90–90 (2009)

    Article  Google Scholar 

  3. Atallah, M.J., Blanton, M., Fazio, N., Frikken, K.B.: Dynamic and efficient key management for access hierarchies. ACM Trans. Inf. Syst. Secur. (TISSEC) 12(3), 18 (2009)

    Article  Google Scholar 

  4. Ateniese, G., Kevin, F., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1), 1–30 (2006)

    Article  MATH  Google Scholar 

  5. Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. thesis, Technion Israel Institute of technology, Faculty of computer science, January 1996

    Google Scholar 

  6. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: S&P 2007, pp. 321–334. IEEE (2007)

    Google Scholar 

  7. Boneh, D., Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24676-3_30

    Chapter  Google Scholar 

  8. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). doi:10.1007/3-540-44647-8_13

    Chapter  Google Scholar 

  9. Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005). doi:10.1007/11535218_16

    Chapter  Google Scholar 

  10. Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007). doi:10.1007/978-3-540-70936-7_29

    Chapter  Google Scholar 

  11. Camenisch, J., Neven, G., Shelat, A.: Simulatable adaptive oblivious transfer. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 573–590. Springer, Heidelberg (2007). doi:10.1007/978-3-540-72540-4_33

    Chapter  Google Scholar 

  12. Chan, A.C.-F., Blake, I.F.: Scalable, server-passive, user-anonymous timed release cryptography. In: ICDCS 2005, pp. 504–513. IEEE (2005)

    Google Scholar 

  13. Dan, B., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 514–532 (2001)

    Google Scholar 

  14. Delerablée, C.: Identity-based broadcast encryption with constant size ciphertexts and private keys. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 200–215. Springer, Heidelberg (2007). doi:10.1007/978-3-540-76900-2_12

    Chapter  Google Scholar 

  15. Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002). doi:10.1007/3-540-36178-2_34

    Chapter  Google Scholar 

  16. Goh, E.J., Shacham, H., Modadugu, N., Boneh, D.: Sirius: securing remote untrusted storage. In: NDSS 2003, pp. 131–145. Internet Society (2003)

    Google Scholar 

  17. Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986)

    Article  MathSciNet  MATH  Google Scholar 

  18. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: CCS 2006, pp. 89–98. ACM (2006)

    Google Scholar 

  19. Guan, Z., Cao, Z., Zhao, X., Chen, R., Chen, Z., Nan, X.: Webibc: identity based cryptography for client side security in web applications. In: ICDCS 2008, pp. 689–696. IEEE (2008)

    Google Scholar 

  20. Hacigümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: SIGMOD 2002, pp. 216–227. ACM (2002)

    Google Scholar 

  21. Hacigümüş, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: VLDB 2002, pp. 29–38. IEEE (2002)

    Google Scholar 

  22. Hohenberger, S., Koppula, V., Waters, B.: Adaptively secure puncturable pseudorandom functions in the standard model. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 79–102. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48797-6_4

    Chapter  Google Scholar 

  23. Hohenberger, S., Waters, B.: Online/Offline attribute-based encryption. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 293–310. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54631-0_17

    Chapter  Google Scholar 

  24. Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002). doi:10.1007/3-540-46035-7_31

    Chapter  Google Scholar 

  25. Hung, T., Li, X., Wan, Z., Wan, M.: Privacy preserving cloud data access with multi-authorities. In: INFOCOM 2013, pp. 2625–2633. IEEE (2013)

    Google Scholar 

  26. Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2011)

    Article  Google Scholar 

  27. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: scalable secure file sharing on untrusted storage. In: FAST 2003. USENIX Association (2003)

    Google Scholar 

  28. Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 146–162. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78967-3_9

    Chapter  Google Scholar 

  29. Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011). doi:10.1007/978-3-642-20465-4_31

    Chapter  Google Scholar 

  30. Li, M., Shucheng, Y., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2013)

    Article  Google Scholar 

  31. Liu, Z., Cao, Z., Wong, D.S.: Efficient generation of linear secret sharing scheme matrices from threshold access trees. Cryptology ePrint Archive, Report 2010/374 (2010). http://eprint.iacr.org/2010/374

  32. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). doi:10.1007/3-540-48910-X_16

    Chapter  Google Scholar 

  33. Rouselakis, Y., Waters, B.: Practical constructions and new proof methods for large universe attribute-based encryption. In: CCS 2013, pp. 463–474. ACM (2013)

    Google Scholar 

  34. Ruj, S., Stojmenovic, M., Nayak, A.: Decentralized access control with anonymous authentication of data stored in clouds. IEEE Trans. Parallel Distrib. Syst. 25(2), 384–394 (2014)

    Article  Google Scholar 

  35. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). doi:10.1007/11426639_27

    Chapter  Google Scholar 

  36. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). doi:10.1007/3-540-39568-7_5

    Chapter  Google Scholar 

  37. Shao, J., Lu, R., Lin, X.: Fine-grained data sharing in cloud computing for mobile devices. In: INFOCOM 2015, pp. 2677–2685. IEEE (2015)

    Google Scholar 

  38. Sun, J., Fang, Y.: Cross-domain data sharing in distributed electronic health record systems. IEEE Trans. Parallel Distrib. Syst. 21(6), 754–764 (2010)

    Article  Google Scholar 

  39. Sun, J., Zhu, X., Zhang, C., Fang, Y.: HCPP: cryptography based secure EHR system for patient privacy and emergency healthcare. In: ICDCS 2011, pp. 373–382. IEEE (2011)

    Google Scholar 

  40. Sun, W., Yu, S., Lou, W., Hou, Y.T., Li, H.: Protecting your right: attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. In: INFOCOM 2014, pp. 226–234. IEEE (2014)

    Google Scholar 

  41. Yamada, S., Attrapadung, N., Santoso, B., Schuldt, J.C.N., Hanaoka, G., Kunihiro, N.: Verifiable predicate encryption and applications to CCA security and anonymous predicate authentication. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 243–261. Springer, Heidelberg (2012). doi:10.1007/978-3-642-30057-8_15

    Chapter  Google Scholar 

  42. Yang, K., Jia, X., Ren, K., Zhang, B.: Dac-macs: effective data access control for multi-authority cloud storage systems. In: INFOCOM 2010, pp. 2895–2903. IEEE (2013)

    Google Scholar 

  43. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: INFOCOM 2010, pp. 1–9. IEEE (2010)

    Google Scholar 

  44. Zhang, L., Jung, T., Liu, C., Ding, X., Li, X.-Y., Liu, Y.: Pop: privacy-preserving outsourced photo sharing and searching for mobile devices. In: 2015 IEEE 35th International Conference on Distributed Computing Systems (ICDCS), pp. 308–317. IEEE (2015)

    Google Scholar 

  45. Zheng, Q., Xu, S., Ateniese, G.: Vabks: verifiable attribute-based keyword search over outsourced encrypted data. In: INFOCOM 2014, pp. 522–530. IEEE (2014)

    Google Scholar 

Download references

Acknowledgment

This paper is supported by the National Key Research and Development Program of China through project 2017YFB0802505, the Natural Science Foundation of China through projects 61672083, 61370190, 61532021, 61472429, and 61402029, by the National Cryptography 700 Development Fund through project MMJJ20170106, by the Beijing Natural Science Foundation through project 4132056.

Author information

Authors and Affiliations

  1. School of Electronic and Information Engineering, Beihang University, Beijing, China

    Zhi Liang, Qianhong Wu, Weiran Liu & Jianwei Liu

  2. State Key Laboratory of Cryptology, P.O. Box 5159, Beijing, 100878, China

    Zhi Liang, Qianhong Wu & Jianwei Liu

  3. School of Computer, Nanjing University of Posts and Telecommunications, Nanjing, China

    Fu Xiao

Authors
  1. Zhi Liang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qianhong Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Weiran Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jianwei Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Fu Xiao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Qianhong Wu or Fu Xiao .

Editor information

Editors and Affiliations

  1. NTT Laboratories, Tokyo, Japan

    Tatsuaki Okamoto

  2. Shaanxi Normal University, Xi’an, China

    Yong Yu

  3. Hong Kong Polytechnic University, Hong Kong, China

    Man Ho Au

  4. University of Wollongong, Wollongong, New South Wales, Australia

    Yannan Li

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Liang, Z., Wu, Q., Liu, W., Liu, J., Xiao, F. (2017). Provably Secure Self-Extractable Encryption. In: Okamoto, T., Yu, Y., Au, M., Li, Y. (eds) Provable Security. ProvSec 2017. Lecture Notes in Computer Science(), vol 10592. Springer, Cham. https://doi.org/10.1007/978-3-319-68637-0_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-68637-0_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-68636-3

  • Online ISBN: 978-3-319-68637-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics