Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage

SpaCCS 2017: Security, Privacy, and Anonymity in Computation, Communication, and Storage pp 744–756Cite as

Fully Decentralized Multi-Authority ABE Scheme in Data Sharing System

  • Conference paper
  • First Online:

  • 2966 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10658))

Abstract

In this paper, we propose an attribute-based encryption (ABE) scheme that can be used in data sharing systems with multiple distrusted authorizes. Unlike prior multi-authority ABEs, this scheme can achieve secret key generation in a fully decentralized manner, which eliminates the security risk on central authority (CA) compromise. By separating the key generation process among authorities and data owners (DOs), our scheme is resilient to collusion between malicious authorities and users. This new fully Decentralized Multi-Authority ABE (f-DMA) scheme is derived from CP-ABE that is resilient to collusion between authorities and users. Our system distinguishes between DO principal and attribute authorities (AAs): DOs own the data but allows AAs to arbitrate access by providing attribute labels to users. The data is protected by access policy encryption over these attributes. Unlike prior systems, attributes generated by AAs are not user-specific, and neither is the system susceptible to collusion between users who try to escalate their access by sharing keys. We prove our scheme correct under the Decisional Bilinear Diffie-Hellman (DBDH) assumption; we also include a complete end-to-end implementation that demonstrates the practical efficacy of our technique.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Chow, R., Golle, P., Jakobsson, M., et al.: Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of IEEE 3rd International Conference on Cloud Computing, pp. 85–90, July 2010

    Google Scholar 

  2. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_5

    Chapter  Google Scholar 

  3. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium Security and Privacy, Berkeley, CA, pp. 321–334 (2007)

    Google Scholar 

  4. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of Public Key Cryptography (PKC 2011), pp. 53–70 (2011)

    Google Scholar 

  5. Wang, S., Zhou, J., Liu, J.K., et al.: An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans. Inf. Forensics Secur. 11(6), 1265–1277 (2016)

    Article  Google Scholar 

  6. Balu, A., Kuppusamy, K.: An expressive and provably secure ciphertext-policy attribute-based encryption. Inf. Sci. 276, 354–362 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  7. Kwon, H., Kim, D., Hahn, C., et al.: Security authentication using ciphertext policy attribute-based encryption in mobile multi-hop networks. Multimedia Tools Appl. 75, 1–15 (2016)

    Article  Google Scholar 

  8. Chase, M.: Multi-authority attribute based encryption. In: Vadhan, Salil P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_28

    Chapter  Google Scholar 

  9. Liu, J., Huang, X., Liu, J.K.: Secure sharing of personal health records in cloud computing: ciphertext-policy attribute-based signcryption. Future Gener. Comput. Syst. 52, 67–76 (2015)

    Article  Google Scholar 

  10. Chase, M., Chow, S.S.M.: Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of 16th ACM Conference on Computer and Communications Security (CCS 2009), pp. 121–130 (2009)

    Google Scholar 

  11. Ahire, A., Jawalkar, P.: Secure system for data sharing using cipher-text policy attribute encryption with message authentication codes for data integrity. Int. Res. J. Eng. Technol. 22(5), 1021–1027 (2015)

    Google Scholar 

  12. Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_4

    Chapter  Google Scholar 

  13. Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques, pp. 568–588 (2011)

    Google Scholar 

  14. Yang, K., Jia, X., Ren, K.: DAC-MACS: effective date access control for multi-authority cloud storage systems. IEEE Trans. Inf. Forensics Secur. 8(11), 1790–1801 (2013)

    Article  Google Scholar 

  15. Yang, K., Jia, X.: Attribute-based access control for multi-authority system in cloud storage. In: Proceedings of International Conference on Distributed Computing Systems (ICDCS), pp. 536–545 (2012)

    Google Scholar 

  16. Yang, K., Jia, X.: Expressive, efficient and revocable data access control for multi-authority cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(7), 1735–1744 (2013)

    Article  Google Scholar 

  17. Taeho, J., Li, X., Wan, Z., et al.: Privacy preserving cloud data access with multi-authorities. In: Proceedings of IEEE INFOCOM, pp. 2625–2633 (2013)

    Google Scholar 

  18. Jahid, S., Mittal, P., Borisov, N.: Easier: encryption-based access control in social networks with efficient revocation. In: Proceedings of 6th ACM Symposium on Information, Computer and Communications Security, pp. 411–415 (2011)

    Google Scholar 

  19. Li, M., Yu, S., Zheng, Y., et al.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2012)

    Article  Google Scholar 

  20. Hur, J., Kang, K.: Secure data retrieval for decentralized disruption-tolerant military networks. IEEE/ACM Trans. Netw. 22(1), 16–26 (2014)

    Article  Google Scholar 

  21. Bethencourt, J., Sahai, A., Waters, B.: The cpabe toolkit [OL]. http://acsc.csl.sri.com/cpabe/.2007.3

  22. Jung, T., Li, X., Wan, Z., et al.: Control cloud data access privilege and anonymity with fully anonymous attribute-based encryption. IEEE Trans. Inf. Forensics Secur. 10(1), 190–199 (2015)

    Article  Google Scholar 

  23. Canetti, R.: Decisional Diffie-Hellman assumption. In: van Tilborg, H.C.A. (ed.) Encyclopedia of Cryptography and Security, pp. 140–142. Springer, Heidelberg (2005). https://doi.org/10.1007/0-387-23483-7_99

    Chapter  Google Scholar 

  24. Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36178-2_34

    Chapter  Google Scholar 

  25. Muller, S., Katzenbeisser, S., Eckert, C.: On multi-authority ciphertext-policy attribute-based encryption. Bull. Korean Math. Soc. 46(4), 803–819 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  26. Li, J., Huang, Q., Chen, X., Chow, S.S., Wong, D.S., Xie, D.: Multiauthority ciphertext-policy attribute-based encryption with accountability. In: Proceedings of ACM Symposium on Information (ASIACCS), pp. 386–390 (2011)

    Google Scholar 

Download references

Acknowledgements

This work is supported by the National Natural Science Foundation of China under grant 61402160. Hunan Provincial Natural Science Foundation under grant 2016JJ3043. Open Funding for Universities in Hunan Province under grant 14K023.

Author information

Authors and Affiliations

  1. College of Computer Science and Electronic Engineering, Hunan University, Changsha, 410082, China

    Xiehua Li & Ziyu Huang

Authors
  1. Xiehua Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ziyu Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiehua Li .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Edith Kinney Gaylord Presidential Professor, University of Oklahoma, Norman, Oklahoma, USA

    Mohammed Atiquzzaman

  3. Aalto University, Espoo, Finland

    Zheng Yan

  4. University of Texas at San Antonio, San Antonio, Texas, USA

    Kim-Kwang Raymond Choo

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, X., Huang, Z. (2017). Fully Decentralized Multi-Authority ABE Scheme in Data Sharing System. In: Wang, G., Atiquzzaman, M., Yan, Z., Choo, KK. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2017. Lecture Notes in Computer Science(), vol 10658. Springer, Cham. https://doi.org/10.1007/978-3-319-72395-2_66

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-72395-2_66

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-72394-5

  • Online ISBN: 978-3-319-72395-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation