Skip to main content
SpringerLink
Log in

An efficient and revocable storage CP-ABE scheme in the cloud computing

  • Published:
Computing Aims and scope Submit manuscript

Abstract

As a special kind of public-key encryption, attribute-based encryption (ABE) is able to achieve fine-grained access control mechanism by offering one-to-many encryption. Due to such unique characteristic, this primitive is widely employed in the cloud computing environment to provide flexible and secure data sharing. However, how to revoke the access privilege of a user to access encrypted data stored in cloud servers is challenging. Furthermore, the complex operation of ABE may cause a huge computational cost and is usually considered to be a heavy burden for system users. Motivated by the practical needs, an ABE scheme called efficient and revocable storage CP-ABE scheme with outsourced decryption and constant-size ciphertexts and secret keys is proposed in this paper. Our scheme offers the following features:

  1. 1.

    Chinese remainder theorem is utilized to achieve revocable storage. In detail, third party severs are allowed to update ciphertexts stored on them so that those revoked users cannot decrypt any ciphertexts any more.

  2. 2.

    To minimize local operations, the concept of outsourced ABE system with constant-size ciphertexts and secret keys are introduced. More specifically, decryptor is able to outsource most of computing work to the outsourcing service providers.

In addition, the scheme is provably secure against selectively chosen-ciphertext attack. At the end, we describe how to deploy the scheme in cloud computing environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Armbrust M, Fox A, Griffith R, Joseph AD, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I et al (2010) A view of cloud computing. Commun ACM 53(4):50–58

    Article  Google Scholar 

  2. Attrapadung N, Imai H (2009) Attribute-based encryption supporting direct/indirect revocation modes. In: Proceedings of the 12th IMA international conference, cryptography and coding 2009, pp 278–300

  3. Attrapadung N, Imai H (2009) Conjunctive broadcast and attribute-based encryption. Pairing 5671:248–265

    Google Scholar 

  4. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE symposium on security and privacy, 2007. SP’07. IEEE, pp 321–334

  5. Boldyreva A, Goyal V, Kumar V (2008) Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM conference on computer and communications security. ACM, pp 417–426

  6. Boneh D, Gentry C, Waters B (2005) Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Crypto, vol 3621. Springer, pp. 258–275

  7. Chen C, Chen J, Lim HW, Zhang Z, Feng D, Ling S, Wang H (2013) Fully secure attribute-based systems with short ciphertexts/signatures and threshold access structures. In: CT-RSA. Springer, pp 50–67

  8. Doshi N, Jinwala DC (2014) Fully secure ciphertext policy attribute-based encryption with constant length ciphertext and faster decryption. Secur Commun Netw 7(11):1988–2002

    Article  Google Scholar 

  9. Emura K, Miyaji A, Nomura A, Omote K, Soshi M (2009) A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: ISPEC, vol 9. Springer, pp 13–23

  10. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security. ACM, pp 89–98

  11. Green M, Hohenberger S, Waters B et al (2011) Outsourcing the decryption of ABE ciphertexts. In: USENIX security symposium, vol 2011

  12. Guo F, Mu Y, Susilo W, Wong DS, Varadharajan V (2014) CP-ABE with constant-size keys for lightweight devices. IEEE Trans Inf Forensics Secur 9(5):763–771

    Article  Google Scholar 

  13. Hayes B (2008) Cloud computing. Commun ACM 51(7):9–11

    Article  Google Scholar 

  14. Herranz J, Laguillaumie F, Ràfols C (2010) Constant size ciphertexts in threshold attribute-based encryption. Public Key Cryptogr PKC 2010:19–34

    MathSciNet  MATH  Google Scholar 

  15. Kamara S, Lauter KE et al (2010) Cryptographic cloud storage. In: Financial cryptography workshops, vol 6054. Springer, pp 136–149

  16. Lai J, Deng RH, Guan C, Weng J (2013) Attribute-based encryption with verifiable outsourced decryption. IEEE Trans Inf Forensics Secur 8(8):1343–1354

    Article  Google Scholar 

  17. Li J, Huang X, Li J, Chen X, Xiang Y (2014) Securely outsourcing attribute-based encryption with checkability. IEEE Trans Parallel Distrib Syst 25(8):2201–2210

    Article  Google Scholar 

  18. Li J, Jia C, Li J, Chen X (2012) Outsourcing encryption of attribute-based encryption with mapreduce. In: Information and communications security, pp. 191–201

  19. Li K, Ma H (2014) Outsourcing decryption of multi-authority abe ciphertexts. IJ Netw Secur 16(4):286–294

    MathSciNet  Google Scholar 

  20. Li M, Yu S, Zheng Y, Ren K, Lou W (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24(1):131–143

    Article  Google Scholar 

  21. Lyuu YD, Wu ML (2002) A fully public-key traitor-tracing scheme. In: 6th WSEAS international multiconference CSCC

  22. Ma H, Zhang R, Wan Z, Lu Y, Lin S (2015) Verifiable and exculpable outsourced attribute-based encryption for access control in cloud computing. IEEE Trans Dependable Secure Comput 14(6):679–692. https://doi.org/10.1109/TDSC.2015.2499755

    Article  Google Scholar 

  23. Mao X, Lai J, Mei Q, Chen K, Weng J (2016) Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption. IEEE Trans Dependable Secure Comput 13(5):533–546

    Article  Google Scholar 

  24. Mao X, Lai J, Mei Q, Chen K, Weng J (2016) Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption. IEEE Trans Dependable Secure Comput 13(5):533–546

    Article  Google Scholar 

  25. Ni J, Zhang K, Lin X, Shen X (2017) Securing fog computing for internet of things applications: challenges and solutions. IEEE Commun Surv Tutor. https://doi.org/10.1109/COMST.2017.2762345

    Google Scholar 

  26. Odelu V, Das AK, Rao YS, Kumari S, Khan MK, Choo KKR (2017) Pairing-based CP-ABE with constant-size ciphertexts and secret keys for cloud environment. Comput Stand Interfaces 54:3–9

    Article  Google Scholar 

  27. Qin B, Deng RH, Liu S, Ma S (2015) Attribute-based encryption with efficient verifiable outsourced decryption. IEEE Trans Inf Forensics Secur 10(7):1384–1393

    Article  Google Scholar 

  28. Rolim CO, Koch FL, Westphall CB, Werner J, Fracalossi A, Salvador GS (2010) A cloud computing solution for patient’s data collection in health care institutions. In: Second international conference on eHealth, telemedicine, and social medicine, 2010. ETELEMED’10. IEEE, pp 95–99

  29. Sahai A, Seyalioglu H, Waters B (2012) Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Advances in cryptology—CRYPTO 2012. Springer, pp 199–217

  30. Sahai A, Waters B et al (2005) Fuzzy identity-based encryption. In: Eurocrypt, vol 3494. Springer, pp 457–473

  31. Shen J, Zhou T, Chen X, Li J, Susilo W (2017) Anonymous and traceable group data sharing in cloud computing. IEEE Trans Inf Forensics Secur PP(99):1–1

  32. Teng CC, Mitchell J, Walker C, Swan A, Davila C, Howard D, Needham T (2010) A medical image archive solution in the cloud. In: 2010 IEEE international conference on software engineering and service sciences (ICSESS). IEEE, pp 431–434

  33. Wang H, Zheng Z, Lei W, Wang Y (2015) Adaptively secure outsourcing ciphertext-policy attribute-based encryption. J Comput Res Dev 52(10):2270–2280

    Google Scholar 

  34. Xiong H, Sun J (2017) Comments on verifiable and exculpable outsourced attribute-based encryption for access control in cloud computing. IEEE Trans Dependable Secure Comput 14(4):461–462

    Article  Google Scholar 

  35. Xiong H, Wang Q, Sun J (2017) Comments on “Circuit ciphertext-policy attribute-based hybrid encryption with verifiable delegation”. Inf Process Lett 127:67–70. https://doi.org/10.1016/j.ipl.2017.07.008

    Article  MathSciNet  MATH  Google Scholar 

  36. Xu Z, Martin KM (2012) Dynamic user revocation and key refreshing for attribute-based encryption in cloud storage. In: 2012 IEEE 11th international conference on trust, security and privacy in computing and communications (TrustCom). IEEE, pp 844–849

  37. Xu J, Wen Q, Li W, Jin Z (2016) Circuit ciphertext-policy attribute-based hybrid encryption with verifiable delegation in cloud computing. IEEE Trans Parallel Distrib Syst 27(1):119–129

    Article  Google Scholar 

  38. Yang CT, Chen LT, Chou WL, Wang KC (2010) Implementation of a medical image file accessing system on cloud computing. In: 2010 IEEE 13th international conference on computational science and engineering (CSE). IEEE, pp 321–326

  39. Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM symposium on information, computer and communications security. ACM, pp 261–270

  40. Zhang R, Ma H, Lu Y (2017) Fine-grained access control system based on fully outsourced attribute-based encryption. J Syst Softw 125:344–353

    Article  Google Scholar 

  41. Zhang Y, Zheng D, Chen X, Li J, Li H (2014) Computationally efficient ciphertext-policy attribute-based encryption with constant-size ciphertexts. In: International conference on provable security. Springer, pp 259–273

  42. Zhou Z, Huang D (2010) On efficient ciphertext-policy attribute based encryption and broadcast encryption. In: Proceedings of the 17th ACM conference on computer and communications security. ACM, pp 753–755

Download references

Acknowledgements

This work was supported in part by the National Science Foundation of China (Nos. 61370026 and U1401257), Science and Technology Project of Guangdong Province (No. 2016A010101002), 13th Five-Year Plan of National Cryptography Development Fund for Cryptographic Theory of China (MMJJ20170204), Fundamental Research Funds for the Central Universities (No. ZYGX2016J091), Guangxi Colleges and Universities Key Laboratory of cloud computing and complex systems and Neijiang Science and Technology Incubating Project (No. 170676).

Author information

Authors and Affiliations

  1. University of Electronic Science and Technology of China, Chengdu, 610054, China

    Yang Zhao, Mao Ren, Songquan Jiang, Guobin Zhu & Hu Xiong

  2. Guangxi Colleges and Universities Key Laboratory of Cloud Computing and Complex Systems, Guilin University of Electronic Technology, Guilin, 541004, China

    Hu Xiong

Authors
  1. Yang Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mao Ren
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Songquan Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Guobin Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Hu Xiong
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hu Xiong.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhao, Y., Ren, M., Jiang, S. et al. An efficient and revocable storage CP-ABE scheme in the cloud computing. Computing 101, 1041–1065 (2019). https://doi.org/10.1007/s00607-018-0637-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-018-0637-2

Keywords

Mathematics Subject Classification

Search

Navigation