Abstract
In the era of cloud computing, it is convenient to share large-scale data among various kinds of users. As a kind of attribute-based encryption, ciphertext-policy attribute-based encryption (CP-ABE) is a potential technique for realizing fine-grained access control on shared data. However, traditional CP-ABE is not suitable for mobile cloud computing, where mobile users are resource-limited and privacy is fragile. In this paper, we propose an efficient and privacy-aware attribute-based data sharing system supporting offline key generation and offline encryption. In the proposed system, sensitive attribute values specified in an access structure are not explicitly sent along with a ciphertext. The online/offline encryption mechanism alleviates the computational burden of mobile users by performing most of encryption tasks without draining the battery. In addition, the online/offline key generation mechanism allows the attribute authority to finish most of operations in the key generation process in advance, which enables efficient mobile user registration. Finally, the proposed system is proven fully secure in the standard model and performance analysis shows its effectiveness in mobile cloud computing.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Beimel A (1996) Secure schemes for secret sharing and key distribution. Dissertation, Technion-Israel Institute of Technology
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE symposium on security and privacy, SP’07, IEEE, Oakland, pp 321–334. doi:10.1109/SP.2007.11
Boneh D, Waters B (2007) Conjunctive, subset, and range queries on encrypted data. In: Salil V (ed) Proceedings of the 4th theory of cryptography conference, TCC’07. Lecture notes in computer science, vol 4392. Springer, Berlin, pp 535–554. doi:10.1007/978-3-540-70936-7_29
Boneh D, Goh EJ, Nissim K (2005) Evaluating 2-DNF formulas on ciphertexts. In: Kilian J (ed) Proceedings of the 2th theory of cryptography conference, TCC’05. Lecture notes in computer science, vol 3378. Springer, Berlin, pp 325–341. doi:10.1007/978-3-540-30576-7_18
Chen X, Zhang F, Susilo W, Mu Y (2007) Efficient generic on-line/off-line signatures without key exposure. In: Katz J, Yung M (eds) Proceedings of the 5th international conference on applied cryptography and network security, ACNS’07. Lecture notes in computer science, vol 4521. Springer, Berlin, pp 18–30. doi:10.1007/978-3-540-72738-5_2
Chen X, Zhang F, Tian H, Wei B, Susilo W, Mu Y, Lee H, Kim K (2008) Efficient generic on-line/off-line (threshold) signatures without key exposure. Inf Sci 178(21):4192–4203. doi:10.1007/978-3-540-72738-5_2
Cheung L, Newport C (2007) Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM conference on computer and communications security, CCS’07, ACM, New York, pp 456–465. doi:10.1145/1315245.1315302
Datta P, Dutta R, Mukhopadhyay S (2015) Fully secure online/offline predicate and attribute-based encryption. In: Lopez J, Wu Y (eds) Proceedings of the 11th international conference on information security practice and experience, ISPEC’15. Lecture notes in computer science, vol 9065. Springer, Berlin, pp 331–345. doi:10.1007/978-3-319-17533-1_23
Even S, Goldreich O, Micali S (1996) On-line/off-line digital signatures. J Cryptol 9(1):35–67. doi:10.1007/BF02254791
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security, CCS’06, ACM, New York, pp 89–98. doi:10.1145/1180405.1180418
Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of ABE ciphertexts. In: Proceedings of the 20th USENIX conference on security, USENIX’11, USENIX Association, Berkeley. http://static.usenix.org/events/sec11/tech/full_papers/Green.pdf. Accessed 8 Aug 2011
Guo F, Mu Y, Chen Z (2008) Identity-based online/offline encryption. In: Tsudik G (ed) Proceedings of the 12th international conference on financial cryptography and data security, FC’08. Lecture notes in computer science, vol 12. Springer, Berlin, pp 247–261. doi:10.1007/978-3-540-85230-8_22
Hohenberger S, Waters B (2014) Online/offline attribute-based encryption. In: Krawczyk H (ed) Proceedings of the 17th international conference on practice and theory in public-key cryptography, PKC’14. Lecture notes in computer science, vol 8383. Springer, Berlin, pp 293–310. doi:10.1007/978-3-642-54631-0_17
Jung T, Li XY, Wan Z, Wan M (2015) Control cloud data access privilege and anonymity with fully anonymous attribute-based encryption. IEEE Trans Inf Forensics Secur 10(1):190–199. doi:10.1109/TIFS.2014.2368352
Kapadia A, Tsang PP, Smith SW (2007) Attribute-based publishing with hidden credentials and hidden policies. In: Proceedings of the network and distributed system security symposium, NDSS’07, The Internet Society, pp 179–192. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.94.7574&rep=rep1&type=pdf. Accessed 28 Feb 2007
Katz J, Sahai A, Waters B (2008) Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart N (ed) Advances in cryptology-EUROCRYPT’08. Lecture notes in computer science, vol 4965. Springer, Berlin, pp 146–162. doi:10.1007/978-3-540-78967-3_9
Lai J, Deng RH, Li Y (2011) Fully secure cipertext-policy hiding CP-ABE. In: Bao F, Weng J (eds) Proceedings of the 7th international conference on information security practice and experience, ISPEC’11. Lecture notes in computer science, vol 6672. Springer, Berlin, pp 24–39. doi:10.1007/978-3-642-21031-0_3
Lai J, Deng RH, Li Y (2012) Expressive cp-abe with partially hidden access structures. In: Proceedings of the 7th ACM symposium on information, computer and communications security, ASIACCS’12, ACM, New York, pp 18–19. doi:10.1145/2414456.2414465
Lai J, Deng R, Guan C, Weng J (2013) Attribute-based encryption with verifiable outsourced decryption. IEEE Trans Inf Forensics Secur 8(8):1343–1354. doi:10.1109/TIFS.2013.2271848
Lewko A, Waters B (2012) New proof methods for attribute-based encryption: achieving full security through selective techniques. In: Safavi-Naini R, Canetti R (eds) Advances in cryptology–CRYPTO’12. Lecture notes in computer science, vol 7417. Springer, Berlin, pp 180–198. doi:10.1007/978-3-642-32009-5_12
Lewko A, Okamoto T, Sahai A, Takashima K, Waters B (2010) Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert H (ed) Advances in cryptology-EUROCRYPT’10. Lecture notes in computer science, vol 6110. Springer, Berlin, pp 62–91. doi:10.1007/978-3-642-13190-5_4
Li J, Ren K, Zhu B, Wan Z (2009) Privacy-aware attribute-based encryption with user accountability. In: Samarati P, Yung M, Martinelli F, Ardagna C (eds) Proceedings of the international information security conference, ISC’09. Lecture notes in computer science, vol 5735. Springer, Berlin, pp 347–362. doi:10.1007/978-3-642-04474-8_28
Li J, Huang X, Li J, Chen X, Xiang Y (2014) Securely outsourcing attribute-based encryption with checkability. IEEE Trans Parallel Distrib Syst 25(8):2201–2210. doi:10.1109/TPDS.2013.271
Nishide T, Yoneyama K, Ohta K (2008) Attribute-based encryption with partially hidden encryptor-specified access structure. In: Bellovin S, Gennaro R, Keromytis A, Yung M (eds) Proceedings of applied cryptography and network security, ACNS’08. Lecture notes in computer science, vol 5037. Springer, Berlin, pp 111–129. doi:10.1007/978-3-540-68914-0_7
Park SM, Chung SM (2014) Privacy-preserving attribute-based access control for grid computing. Int J Grid Util Comput 5(4):286–296. doi:10.1504/IJGUC.2014.065372
Phuong TVX, Yang G, Susilo W (2016) Hidden ciphertext policy attribute-based encryption under standard assumptions. IEEE Trans Inf Forensics Secur 11(1):35–45. doi:10.1109/TIFS.2015.2475723
Rao YS, Dutta R (2015) Fully secure bandwidth-efficient anonymous ciphertext-policy attribute-based encryption. Secur Commun Netw 8(18):4157–4176. doi:10.1002/sec.1331
Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Cramer R (ed) Advances in cryptology-EUROCRYPT’05. Lecture notes in computer science, vol 3494. Springer, Berlin, pp 557–557. doi:10.1007/11426639_27
Wang C, Li W (2013) An efficient attribute-based signature scheme with claim-predicate mechanism. Int J Grid Util Comput 4(2–3):151–159. doi:10.1504/IJGUC.2013.056251
Zhang Y, Chen X, Li J, Wong DS, Li H (2013) Anonymous attribute-based encryption supporting efficient decryption test. In: Proceedings of the 8th ACM SIGSAC symposium on information, computer and communications security, ASIACCS’13, ACM, New York, pp 511–516. doi:10.1145/2484313.2484381
Zhang Y, Chen X, Li J, Li H (2014) Generic construction for secure and efficient handoff authentication schemes in EAP-based wireless networks. Comput Netw 75:192–211. doi:10.1016/j.comnet.2014.10.009
Zhang Y, Li J, Chen X, Li H (2016a) Anonymous attribute-based proxy re-encryption for access control in cloud computing. Secur Commun Netw 9(14):2397–2411. doi:10.1002/sec.1509
Zhang Y, Zheng D, Chen X, Li J, Li H (2016b) Efficient attribute-based data sharing in mobile clouds. Pervasive Mob Comput 28:135–149. doi:10.1016/j.pmcj.2015.06.009
Zhang Y, Chen X, Li J, Wong DS, Li H, You I (2017) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42–61. doi:10.1016/j.ins.2016.04.015
Zhu S, Yang X (2015) Protecting data in cloud environment with attribute-based encryption. Int J Grid Util Comput 6(2):91–97. doi:10.1504/IJGUC.2015.068824
Acknowledgements
This work is supported by National Natural Science Foundation of China (Nos. 61402366, 61472472, 61502248), Natural Science Basic Research Plan in Shaanxi Province (Nos. 2015JQ6236, 2016JM6033, 2015JQ6262, 2013JZ020), Scientific Research Program Funded by Shaanxi Provincial Education Department (No. 15JK1686). Yinghui Zhang is supported by New Star Team of Xi’an University of Posts and Telecommunications.
Author information
Authors and Affiliations
Corresponding author
Additional information
A preliminary version of this paper appears in BWCCA 2016.
Rights and permissions
About this article
Cite this article
Zhang, Y., Wu, A. & Zheng, D. Efficient and privacy-aware attribute-based data sharing in mobile cloud computing. J Ambient Intell Human Comput 9, 1039–1048 (2018). https://doi.org/10.1007/s12652-017-0509-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-017-0509-1