Abstract
Many works in the literature have proposed information security mechanisms relying on Paring Based Cryptography (PBC), for example, Ciphertext Policy Attribute Based Encryption (CP-ABE). However, a public set of software modules that allow integrating that kind of encryption for data security of information systems in an easy and transparent way is still missing. Available APIs like PBC (C-based) or jPBC (Java-based) are focused on low level arithmetic operations and several non trivial issues must still be addressed to integrate a functional PBC/ABE scheme into end-user applications for implementing end-to-end encryption. We present a novel and portable Java library (API) to ensure confidentiality and access control of sensitive data accessed only by authorized entities having as credentials a set of attributes. Novel encryption and decryption processes are defined, using the digital envelope technique (DET) under a client-server computing model. The new DET-ABE scheme supports standard security levels (AES encryption) and provides the user with an easy interface for transparent use of next generation cryptography, hiding the complexity associated to PBC (field and group arithmetic, curve selection) and ABE (setup, key management, encryption/decryption details). Running times of main API’s modules at server (ABE setup and key generation) and client (DET-ABE encryption/decryption) side are presented and discussed. From these results, it is concluded that the proposed API is easy to use and viable for providing confidentiality and access control mechanisms over data in end-user applications.
Chapter PDF
Similar content being viewed by others
References
Ambrosin, M., Conti, M., Dargahi, T.: On the feasibility of attribute-based encryption on smartphone devices. In: Proceedings of the 2015 Workshop on IoT Challenges in Mobile and Industrial Systems, IoT-Sys 2015, pp. 49–54. ACM, New York (2015). http://doi.acm.org/10.1145/2753476.2753482
Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: Recommendation for key management part 1: general(Revision 3). In: NIST Special Publication 800–57, pp. 1–147 (2012)
Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006). http://dx.doi.org/10.1007/11693383_22
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of the 2007 IEEE Symposium on Security and Privacy, SP 2007, pp. 321–334. IEEE Computer Society, Washington, DC (2007). http://dx.doi.org/10.1109/SP.2007.11
Boneh, D.: Pairing-based cryptography: past, present, and future. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, p. 1. Springer, Heidelberg (2012)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Braun, J., Volk, F., Buchmann, J., Mühlhäuser, M.: Trust views for the web PKI. In: Katsikas, S., Agudo, I. (eds.) EuroMPI 2013. LNCS, vol. 8341, pp. 134–151. Springer, Heidelberg (2014)
Daemen, J., Rijmen, V.: The Design of Rijndael. Springer-Verlag New York Inc., Secaucus (2002)
De Caro, A., Iovino, V.: jPBC: Java pairing based cryptography. In: 2011 IEEE Symposium on Computers and Communications (ISCC), pp. 850–855, June 2011
Diffie, W., Van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Cryptography 2(2), 107–125 (1992). http://dx.doi.org/10.1007/BF00124891
Escofier, J.P.: Galois Theory, Graduate Texts in Mathematics, vol. 204. Springer, New York (2001)
Galbraith, S.D., McKee, J.F.: Pairings on elliptic curves over finite commutative rings. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 392–409. Springer, Heidelberg (2005)
Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discrete Appl. Math. 156(16), 3113–3121 (2008). http://dx.doi.org/10.1016/j.dam.2007.12.010
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 89–98. ACM, New York (2006). http://doi.acm.org/10.1145/1180405.1180418
Herstain, I.N.: Abstract Algebra, 3rd edn. Wiley (1996)
Jahid, S., Mittal, P., Borisov, N.: Easier: Encryption-based access control in social networks with efficient revocation. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, pp. 411–415. ACM, New York (2011). http://doi.acm.org/10.1145/1966913.1966970
Liu, W., Liu, J., Wu, Q., Quin, B.: Android PBC: A pairing based cryptography toolkit for android platform. In: Communications Security Conference, CSC 2014, pp. 1–6. IEEE, May 2014
Lynn, B.: On the implementation of pairing-based cryptosystems. Ph.D. thesis, Stanford University, Department of Computere Science (2007)
Menezes, A.J., Vanstone, S.A., Oorschot, P.C.V.: Handbook of Applied Cryptography, 1st edn. CRC Press Inc., Boca Raton (1996)
Miller, F.P., Vandome, A.F., McBrewster, J.: Advanced Encryption Standard. Alpha Press (2009)
Pang, L., Yang, J., Jiang, Z.: A Survey of Research Progress and Development Tendency of Attribute-Based Encryption. The Scientific World Journal 2014, 1–13 (2014)
Picazo-Sanchez, P., Tapiador, J.E., Peris-Lopez, P., Suarez-Tangil, G.: Secure publish-subscribe protocols for heterogeneous medical wireless body area networks. Sensors 14(12), 22619 (2014). http://www.mdpi.com/1424-8220/14/12/22619
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978). http://doi.acm.org/10.1145/359340.359342
Rosenberg, B.: Handbook of Financial Cryptography and Security, 1st edn. Chapman & Hall/CRC (2010)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). http://dx.doi.org/10.1007/11426639_27
Xiong, X., Wong, D.S., Deng, X.: TinyPairing: A fast and lightweight pairing-based cryptographic library for wireless sensor networks. In: 2010 IEEE Wireless Communication and Networking Conference, pp. 1–6. IEEE, April 2010
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Morales-Sandoval, M., Diaz-Perez, A. (2015). DET-ABE: A Java API for Data Confidentiality and Fine-Grained Access Control from Attribute Based Encryption. In: Akram, R., Jajodia, S. (eds) Information Security Theory and Practice. WISTP 2015. Lecture Notes in Computer Science(), vol 9311. Springer, Cham. https://doi.org/10.1007/978-3-319-24018-3_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-24018-3_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24017-6
Online ISBN: 978-3-319-24018-3
eBook Packages: Computer ScienceComputer Science (R0)