Abstract
Attribute-based encryption (ABE) allows users to encrypt and decrypt data based on attributes. It realizes fine-grained access control and can effectively solve the one-to-many encryption and decryption problem in open cloud application. Linear secret sharing scheme (LSSS) is the common access structure with a matrix on the attributes in ABE schemes, which may depict AND, OR, threshold operations, etc. However, LSSS access structure does not depict the complex and dynamic access policy of attributes, such as the complicated relationship of different attributes and the generation of dynamic attributes. It severely restricts the expansion of the practical application of ABE. Besides, there exists another problem; attribute authority (AA) in traditional ABE has a concentration of power and easily suffers from single-point failure or privacy leakage for being attacked or corrupted. Blockchain is a decentralized, tamper-free, traceable, and multi-party distributed database technology. Consortium blockchain (CB) is a partially centralized blockchain, whose openness is between the public blockchain and the private blockchain. In this paper, an ABE scheme on LSSS access structure with expressive dynamic attributes (EDA) based on CB (LSSS-EDA-ABE-CB) was proposed to resolve the above issues. EDA can construct the comprehensive attribute calculation expressions by conducting various operations, such as arithmetic operations, relational operations, and string operations. In virtue of the application of EDA, the proposed scheme can reconstruct new composite attributes to realize the dynamic adjustment of attributes. A partitioning method of EDA avoids one attribute appearing in two different EDA expressions. The CB technology enhanced the authority and trustworthiness of AA by openly recording AA’s attribute key distributions in CB transactions. The scheme in the paper was proven CPA-secure under the decision q-PBDHE assumption in standard model in the CB application environment. The scheme provides a more general data access policy and maintains the fine-grained character of ABE simultaneously. Finally, the security and performance analysis shows that the proposed scheme is secure and highly efficient.
Similar content being viewed by others
References
Sahai A, Waters B (2005) Fuzzy identity-based encryption. Advances in Cryptology-EUROCRYPT 3494:457–473
Goyal V et al (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp 89–98
Wan Z, Liu J, Deng R (2012) HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Transactions on Information Forensics & Security 7(2):743–754
Ge A et al (2012) Threshold ciphertext policy attribute-based encryption with constant size ciphertexts. Information Security and Privacy 7372:336–349
Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. Public Key Cryptography 6571:53–70
Chase M (2021) Multi-authority attribute based encryption. Theory of Cryptography Conference 4392:515–534
Hu S et al (2022) Complex and flexible data access policy in attribute-based encryption. J Supercomput 78(1):1010–1029
Odelu V et al (2017) Pairing-based CP-ABE with constant-size ciphertexts and secret keys for cloud environment. Computer Standards & Interfaces 54:3–9
Guo F et al (2014) CP-ABE with constant-size keys for lightweight devices. IEEE Trans Inf Forensics and Security 9(5):763–771
Feldman P (1987) A practical scheme for non-interactive verifiable secret sharing. Proc of FOCS 1987:427–437
Xue K et al (2017) CABE: A new comparable attribute-based encryption construction with 0-Encoding and 1-Encoding. IEEE Transactions on Computers 66(9):1491–1503
Khan F et al (2021) Efficient attribute-based encryption with repeated attributes optimization. International Journal of Information Security 20:431–444
Khan F et al (2021) Granular data access control with a patient-centric policy update for healthcare. Sensors 21(10):3556
Liu Z et al (2010) Efficient generation of linear secret sharing scheme matrices from threshold access trees. Cryptology ePrint Archive 374
Guo L et al (2021) TABE-DAC: Efficient traceable attribute-based encryption scheme with dynamic access control based on blockchain. IEEE Access 9:8479–8490
Weber SG (2013) Designing a hybrid attribute-based encryption scheme supporting dynamic attributes. Cryptology ePrint Archive 219
Yan X et al (2019) Privacy-preserving multi-authority attribute-based encryption with dynamic policy updating in PHR. Comput Sci Inf Syst 16(3):831–847
Jiang Y et al (2017) Ciphertext-policy attribute-based encryption supporting access policy update and its extension with preserved attributes. Int J Inf Secur 17(5):533–548
Li J et al (2019) An efficient attribute-based encryption scheme with policy update and file update in cloud computing. IEEE Trans Ind Inform 15(12):6500–6509
Belguith S et al (2020) Verifiable privacy-preserving outsourced attribute based signcryption supporting access policy update for cloud assisted iot applications. Future Gener Comput Syst 111:899–918
Yuan C et al (2017) Blockchain with accountable CPABE: How to effectively protect the electronic documents. IEEE 23rd Int Conf Parallel Distrib Syst (ICPADS) 2017:800–803
Yang X et al (2020) Medical data sharing scheme based on attribute cryptosystem and blockchain technology. IEEE Access 8:45468–45476
NIU S et al (2020) Electronic medical record data sharing scheme based on searchable encryption via consortium blockchain. Journal on Communications 41(8):204–214
Zhang A, Lin X (2018) Towards secure and privacy-preserving data sharing in e-health systems via consortium blockchain. J Med Syst 42(140):1–18
Zhang Y et al (2018) BaDS: Blockchain-based architecture for data sharing with ABS and CP-ABE in IoT. Wireless Commun Mobile Comput 2018:1–9
Wu A et al (2019) Efficient and privacy-preserving traceable attribute-based encryption in blockchain. Ann Telecommun 74:401–411
Guo L, Yang X, Yau W (2021) TABE-DAC: Efficient traceable attribute-based encryption scheme with dynamic access control based on blockchain. IEEE Access 9:8479–8490
Ding S et al (2019) A novel attribute-based access control scheme using blockchain for IoT. IEEE Access 7:38431–38441
Ezhil Arasi V, Indra Gandhi K, Kulothungan K (2022) Auditable attribute-based data access control using blockchain in cloud storage. J Supercomput:1–27
Beime A (1996) Secure schemes for secret sharing and key distribution. Technion - Israel Institute of technology, Faculty of computer science, Haifa, pp 218
Castro M, Liskov B (1999) Practical Byzantine fault tolerance. In Proc OSDI 99(1999):173–186
Ongaro D, Ousterhout KJ (2014) In search of an understandable consensus algorithm. {USENIX} Annual Technical Conference ({USENIX}{ATC}) 14:305–319
Merkle CR (1980) Protocols for public key cryptosystems. In: Proc 1980 Symposium on Security and Privacy. IEEE Computer Society, pp 122–133
Lynn B’s Pairing-Based Cryptography (PBC) Library. Available at: http://crypto.stanford.edu/pbc.
Funding
This work was supported by the science and technology project of the education department of Jiangxi Province in China (GJJ201402), the key research and development project of the science department in Jiangxi province in China (20171BBE50065), and the project “Research on technology and application of attribute-based encryption based on attached attribute conditional access policy” of National Natural Science Foundation in China.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare no competing interests.
Competing of interest
The authors declare no competing interests.
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Hu, S., Zhong, T., He, H. et al. Attribute-based encryption of LSSS access structure with expressive dynamic attributes based on consortium blockchain. Ann. Telecommun. 78, 509–524 (2023). https://doi.org/10.1007/s12243-023-00949-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-023-00949-8