Abstract
Multi-authority attribute-based access control (MABAC), which allows different independent authorities to distribute secret keys, could be adopted to control access and keep data confidential. To circumvent efficiency drawbacks during the decryption, the notion of MABAC with outsourcing is applied. However, untrusted cloud server may respond a forged transformation or deceive a permissioned user with a terminator altogether. In addressing the above issue, a construction of circuit MABAC with authenticated outsourcing is considered, which enjoys succinct ciphertext and realizes the most flexible form of expression up to now. In such a scheme, combined MABAC with two types of authenticated messages (a publicly verifiable message and a privately verifiable one), both the fine-grained data access and the authenticity of the outsourcing are well guaranteed. Furthermore, the security and authentication of the proposed scheme are intensively proved. For the sake of completeness, we then simulate the scheme and show that it is appropriate for cloud computing.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Agrawal S, Boneh D, Boyen X (2010) Efficient lattice (h)ibe in the standard model. In: Proceedings EUROCRYPT 2010, Springer, Berlin, vol 6110, pp 553–572
Applebaum B, Ishai Y, Kushilevitz E, Waters B (2015) Encoding functions with constant online rate, or how to compress garbled circuit keys. SIAM J Comput 44(2):433–466
Attrapadung N, Herranz J, Laguillaumie F, Libert B, de Panafieu E, Rfols C (2012) Attribute-based encryption schemes with constant-size ciphertexts. Theor Comput Sci 422:15–38
Bellare, Mihir, Namprempre C (2000) Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Proceedings ASIACRYPT 2000, vol 1976, pp 553–572
Boneh D, Gentry C, Gorbunov S, Halevi S, Nikolaenko V, Segev G, Vaikuntanathan V, Vinayagamurthy D (2014) Fully key-homomorphic encryption, arithmetic circuit abe and compact garbled circuits. In: Proceedings EUROCRYPT 2014, vol 8441, pp 553–572
Boyen X (2013) Attribute-based functional encryption on lattices. In: Proceedings TCC 2013, vol 7785, pp 122–142
Caro AD, Iovino V (2011) jpbc: Java pairing based cryptography. In: Computers and communications (ISCC), 2011 IEEE Symposium on, pp 850–855, doi:10.1109/ISCC.2011.5983948
Castiglione A, Cattaneo G, De Santis A, Petagna F, Ferraro Petrillo U (2006) SPEECH: Secure personal end-to-end communication with handheld, Vieweg, chap ISSE 2006 — Securing electronic business processes, pp 287–297. doi:10.1007/978-3-8348-9195-2_31
Castiglione A, Cattaneo G, Maio GD, Petagna F (2011) Secr3t: Secure end-to-end communication over 3g telecommunication networks. In: Innovative mobile and internet services in ubiquitous computing (IMIS), 2011 5th international conference on, pp 520–526, doi:10.1109/IMIS.2011.65
Chase M (2007) Multi-authority attribute based encryption. In: Proceedings TCC 2007, vol 4392, pp 515–534
Chen X, Li J, Ma J, Tang Q, Lou W (2014) New algorithms for secure outsourcing of modular exponentiations. IEEE Transact Parallel Distribut Syst 25(9):2386–2396
Chen X, Huang X, Li J, Ma J, Lou W, Wong DS (2015) New algorithms for secure outsourcing of large-scale systems of linear equations. IEEE Transact Informat Forens Sec 10(1):69–78
Coron JS, Lepoint T, Tibouchi M (2013) Practical multilinear maps over the integers. In: Proceedings CRYPTO 2013, vol 8042, pp 476–493
Coron JS, Lepoint T, Tibouchi M (2015) New multilinear maps over the integers. In: Proceedings CRYPTO 2015, vol 9215, pp 267–286
Fu Z, Ren K, Shu J, Sun X, Huang F (2015a) Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE TRANSACT Commun E98–B(1):190–200
Fu Z, Ren K, Shu J, Sun X, Huang F (2015b) Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Transactions on Parallel and Distributed Systems. doi:10.1109/TPDS.2015.2506573
Garg S, Gentry C, Halevi S, Sahai A, Waters B (2013) Attribute-based encryption for circuits from multilinear maps. In: Canetti R, Garay JA (eds) Proceedings CRYPTO 2013, vol 8043, pp 479–499
Goldwasser S, Kalai Y, Popa RA, Vaikuntanathan V, Zeldovich N (2013) Reusable garbled circuits and succinct functional encryption. In: Proceedings ACM, STOC ’13, pp 555–564
Gorbunov S, Vaikuntanathan V, Wee H (2013) Attribute-based encryption for circuits. In: Proceedings ACM, STOC ’13, pp 545–554, doi:10.1145/2488608.2488677
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings ACM, CCS ’06, pp 89–98, doi:10.1145/1180405.1180418
Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of abe ciphertexts. In: Proceedings USENIX security symposium, USENIX association, SEC’11, pp 34–34, http://dl.acm.org/citation.cfm?id=2028067.2028101
Gu C (2015) Multilinear maps using ideal lattices without encodings of zero. Cryptology ePrint Archive, Report 2015/023, http://eprint.iacr.org/
He D, Kumar N, Shen H, Lee JH (2016a) One-to-many authentication for access control in mobile pay-tv systems. Science China Information Sciences pp 1–14, doi:10.1007/s11432-015-5469-5
He D, Zeadally S, Kumar N, Lee JH (2016b) Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal PP(99):1–12 doi:10.1109/JSYST.2016.2544805
Herranz J, Laguillaumie F, Ràfols C (2010) Constant size ciphertexts in threshold attribute-based encryption. In: Nguyen PQ, Pointcheval D (eds) Proc. PKC 2010, vol 6056, pp 19–34
Huang X, Xiang Y, Bertino E, Zhou J, Xu L (2014) Robust multi-factor authentication for fragile communications. IEEE Transactions on Dependable and Secure Computing 11(6):568–581
Huang X, Liu JK, Tang S, Xiang Y, Liang K, Xu L, Zhou J (2015) Cost-effective authentic and anonymous data sharing with forward security. IEEE Transactions on Computers 64(4):971–983
Jiang Q, Ma J, Lu X, Tian Y (2015a) An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Networking and Applications 8(6):1070–1081
Jiang Q, Ma J, Li G, Li X (2015b) Improvement of robust smart-card-based password authentication scheme. Int J Commun Syst 28(2):383–393
Jiang Q, Khan MK, Lu X, Ma J, He D (2016) A privacy preserving three-factor authentication protocol for e-health clouds. The Journal of Supercomputing pp 1–24, doi:10.1007/s11227-015-1610-x
Lewko A, Waters B (2010) New techniques for dual system encryption and fully secure hibe with short ciphertexts. In: Proc. TCC 2010, vol 5978, pp 455–479
Lewko A, Waters B (2011) Decentralizing attribute-based encryption. In: Proc. EUROCRYPT 2011, vol 6632, pp 568–588
Lewko A, Okamoto T, Sahai A, Takashima K, Waters B (2010) Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: Proc. EUROCRYPT 2010, vol 6110, pp 62–91
Li J, Huang X, Li J, Chen X, Xiang Y (2014) Securely outsourcing attribute-based encryption with checkability. IEEE Transactions on Parallel and Distributed Systems 25(8):2201–2210
Li K, Ma H (2014) Outsourcing decryption of multi-authority abe ciphertexts. International Journal of Network Security 16:252–260
Lin H, Cao Z, Liang X, Shao J (2008) Secure threshold multi authority attribute based encryption without a central authority. In: Proc. INDOCRYPT 2008, vol 5365, pp 426–436
Liu J, Lai J, Huang X (2015) Dual trapdoor identity-based encryption with keyword search. Soft Computing pp 1–9, doi:10.1007/s00500-015-1960-6
Müller S, Katzenbeisser S, Eckert C (2008) Distributed attribute-based encryption. In: Proc. ICISC 2008, vol 5461, pp 20–36
Parno B, Raykova M, Vaikuntanathan V (2012) How to delegate and verify in public: Verifiable computation from attribute-based encryption. In: Proc. TCC 2012, pp 422–439
Qin B, Deng RH, Liu S, Ma S (2015) Attribute-based encryption with efficient verifiable outsourced decryption. IEEE Transactions on Information Forensics and Security 10(7):1384–1393
Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Proc. EUROCRYPT 2005, vol 3494, pp 457–473
Shamir A (1984) Identity-based cryptosystems and signature schemes. In: Proc. CRYPTO 1984, vol 196, pp 47–53
Stinson DR (2005) Cryptography: Theory and Practice, Third Edition, Chapman and Hall/CRC, chap Secret sharing schemes, pp 481–514
Waters B (2009) Dual system encryption: Realizing fully secure ibe and hibe under simple assumptions. In: Proc. CRYPTO 2009, vol 5677, pp 619–636
Xu J, Wen Q, Li W, Jin Z (2016) Circuit ciphertext-policy attribute-based hybrid encryption with verifiable delegation in cloud computing. IEEE Transactions on Parallel and Distributed Systems 27(1):119–129
Acknowledgments
This work is supported by the Natural Science Foundation of China (Grant Nos. 61300181, 61502044, 61202434, 61170270, 61100203, 61121061), the Fundamental Research Funds for the Central Universities (Grant Nos. 2015RC23, 2011YB01). The work of D. He was supported by the Natural Science Foundation of China (Grant No. 61572379), the Project Funded by the Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD) and the Jiangsu Collaborative Innovation Center on Atmospheric Environment and Equipment Technology (CICAEET).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Communicated by A. Di Nola.
Rights and permissions
About this article
Cite this article
Xu, J., Wen, Q., Li, W. et al. Succinct multi-authority attribute-based access control for circuits with authenticated outsourcing. Soft Comput 21, 5265–5279 (2017). https://doi.org/10.1007/s00500-016-2244-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-016-2244-5