Soft Computing

, Volume 21, Issue 18, pp 5265–5279 | Cite as

Succinct multi-authority attribute-based access control for circuits with authenticated outsourcing

  • Jie Xu
  • Qiaoyan Wen
  • Wenmin Li
  • Jian Shen
  • Debiao He
Foundations

Abstract

Multi-authority attribute-based access control (MABAC), which allows different independent authorities to distribute secret keys, could be adopted to control access and keep data confidential. To circumvent efficiency drawbacks during the decryption, the notion of MABAC with outsourcing is applied. However, untrusted cloud server may respond a forged transformation or deceive a permissioned user with a terminator altogether. In addressing the above issue, a construction of circuit MABAC with authenticated outsourcing is considered, which enjoys succinct ciphertext and realizes the most flexible form of expression up to now. In such a scheme, combined MABAC with two types of authenticated messages (a publicly verifiable message and a privately verifiable one), both the fine-grained data access and the authenticity of the outsourcing are well guaranteed. Furthermore, the security and authentication of the proposed scheme are intensively proved. For the sake of completeness, we then simulate the scheme and show that it is appropriate for cloud computing.

Keywords

Access control Multi authorities Attribute-based encryption General circuits Authenticated outsourcing 

Notes

Acknowledgments

This work is supported by the Natural Science Foundation of China (Grant Nos. 61300181, 61502044, 61202434, 61170270, 61100203, 61121061), the Fundamental Research Funds for the Central Universities (Grant Nos. 2015RC23, 2011YB01). The work of D. He was supported by the Natural Science Foundation of China (Grant No. 61572379), the Project Funded by the Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD) and the Jiangsu Collaborative Innovation Center on Atmospheric Environment and Equipment Technology (CICAEET).

Compliance with ethical standards

Conflict of interest

The authors declare that they have no conflict of interest.

References

  1. Agrawal S, Boneh D, Boyen X (2010) Efficient lattice (h)ibe in the standard model. In: Proceedings EUROCRYPT 2010, Springer, Berlin, vol 6110, pp 553–572Google Scholar
  2. Applebaum B, Ishai Y, Kushilevitz E, Waters B (2015) Encoding functions with constant online rate, or how to compress garbled circuit keys. SIAM J Comput 44(2):433–466MathSciNetCrossRefMATHGoogle Scholar
  3. Attrapadung N, Herranz J, Laguillaumie F, Libert B, de Panafieu E, Rfols C (2012) Attribute-based encryption schemes with constant-size ciphertexts. Theor Comput Sci 422:15–38MathSciNetCrossRefMATHGoogle Scholar
  4. Bellare, Mihir, Namprempre C (2000) Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Proceedings ASIACRYPT 2000, vol 1976, pp 553–572Google Scholar
  5. Boneh D, Gentry C, Gorbunov S, Halevi S, Nikolaenko V, Segev G, Vaikuntanathan V, Vinayagamurthy D (2014) Fully key-homomorphic encryption, arithmetic circuit abe and compact garbled circuits. In: Proceedings EUROCRYPT 2014, vol 8441, pp 553–572Google Scholar
  6. Boyen X (2013) Attribute-based functional encryption on lattices. In: Proceedings TCC 2013, vol 7785, pp 122–142Google Scholar
  7. Caro AD, Iovino V (2011) jpbc: Java pairing based cryptography. In: Computers and communications (ISCC), 2011 IEEE Symposium on, pp 850–855, doi:10.1109/ISCC.2011.5983948
  8. Castiglione A, Cattaneo G, De Santis A, Petagna F, Ferraro Petrillo U (2006) SPEECH: Secure personal end-to-end communication with handheld, Vieweg, chap ISSE 2006 — Securing electronic business processes, pp 287–297. doi:10.1007/978-3-8348-9195-2_31
  9. Castiglione A, Cattaneo G, Maio GD, Petagna F (2011) Secr3t: Secure end-to-end communication over 3g telecommunication networks. In: Innovative mobile and internet services in ubiquitous computing (IMIS), 2011 5th international conference on, pp 520–526, doi:10.1109/IMIS.2011.65
  10. Chase M (2007) Multi-authority attribute based encryption. In: Proceedings TCC 2007, vol 4392, pp 515–534Google Scholar
  11. Chen X, Li J, Ma J, Tang Q, Lou W (2014) New algorithms for secure outsourcing of modular exponentiations. IEEE Transact Parallel Distribut Syst 25(9):2386–2396CrossRefGoogle Scholar
  12. Chen X, Huang X, Li J, Ma J, Lou W, Wong DS (2015) New algorithms for secure outsourcing of large-scale systems of linear equations. IEEE Transact Informat Forens Sec 10(1):69–78CrossRefGoogle Scholar
  13. Coron JS, Lepoint T, Tibouchi M (2013) Practical multilinear maps over the integers. In: Proceedings CRYPTO 2013, vol 8042, pp 476–493Google Scholar
  14. Coron JS, Lepoint T, Tibouchi M (2015) New multilinear maps over the integers. In: Proceedings CRYPTO 2015, vol 9215, pp 267–286Google Scholar
  15. Fu Z, Ren K, Shu J, Sun X, Huang F (2015a) Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE TRANSACT Commun E98–B(1):190–200CrossRefGoogle Scholar
  16. Fu Z, Ren K, Shu J, Sun X, Huang F (2015b) Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Transactions on Parallel and Distributed Systems. doi:10.1109/TPDS.2015.2506573
  17. Garg S, Gentry C, Halevi S, Sahai A, Waters B (2013) Attribute-based encryption for circuits from multilinear maps. In: Canetti R, Garay JA (eds) Proceedings CRYPTO 2013, vol 8043, pp 479–499Google Scholar
  18. Goldwasser S, Kalai Y, Popa RA, Vaikuntanathan V, Zeldovich N (2013) Reusable garbled circuits and succinct functional encryption. In: Proceedings ACM, STOC ’13, pp 555–564Google Scholar
  19. Gorbunov S, Vaikuntanathan V, Wee H (2013) Attribute-based encryption for circuits. In: Proceedings ACM, STOC ’13, pp 545–554, doi:10.1145/2488608.2488677
  20. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings ACM, CCS ’06, pp 89–98, doi:10.1145/1180405.1180418
  21. Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of abe ciphertexts. In: Proceedings USENIX security symposium, USENIX association, SEC’11, pp 34–34, http://dl.acm.org/citation.cfm?id=2028067.2028101
  22. Gu C (2015) Multilinear maps using ideal lattices without encodings of zero. Cryptology ePrint Archive, Report 2015/023, http://eprint.iacr.org/
  23. He D, Kumar N, Shen H, Lee JH (2016a) One-to-many authentication for access control in mobile pay-tv systems. Science China Information Sciences pp 1–14, doi:10.1007/s11432-015-5469-5
  24. He D, Zeadally S, Kumar N, Lee JH (2016b) Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal PP(99):1–12 doi:10.1109/JSYST.2016.2544805
  25. Herranz J, Laguillaumie F, Ràfols C (2010) Constant size ciphertexts in threshold attribute-based encryption. In: Nguyen PQ, Pointcheval D (eds) Proc. PKC 2010, vol 6056, pp 19–34Google Scholar
  26. Huang X, Xiang Y, Bertino E, Zhou J, Xu L (2014) Robust multi-factor authentication for fragile communications. IEEE Transactions on Dependable and Secure Computing 11(6):568–581CrossRefGoogle Scholar
  27. Huang X, Liu JK, Tang S, Xiang Y, Liang K, Xu L, Zhou J (2015) Cost-effective authentic and anonymous data sharing with forward security. IEEE Transactions on Computers 64(4):971–983MathSciNetCrossRefMATHGoogle Scholar
  28. Jiang Q, Ma J, Lu X, Tian Y (2015a) An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Networking and Applications 8(6):1070–1081CrossRefGoogle Scholar
  29. Jiang Q, Ma J, Li G, Li X (2015b) Improvement of robust smart-card-based password authentication scheme. Int J Commun Syst 28(2):383–393CrossRefGoogle Scholar
  30. Jiang Q, Khan MK, Lu X, Ma J, He D (2016) A privacy preserving three-factor authentication protocol for e-health clouds. The Journal of Supercomputing pp 1–24, doi:10.1007/s11227-015-1610-x
  31. Lewko A, Waters B (2010) New techniques for dual system encryption and fully secure hibe with short ciphertexts. In: Proc. TCC 2010, vol 5978, pp 455–479Google Scholar
  32. Lewko A, Waters B (2011) Decentralizing attribute-based encryption. In: Proc. EUROCRYPT 2011, vol 6632, pp 568–588Google Scholar
  33. Lewko A, Okamoto T, Sahai A, Takashima K, Waters B (2010) Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: Proc. EUROCRYPT 2010, vol 6110, pp 62–91Google Scholar
  34. Li J, Huang X, Li J, Chen X, Xiang Y (2014) Securely outsourcing attribute-based encryption with checkability. IEEE Transactions on Parallel and Distributed Systems 25(8):2201–2210CrossRefGoogle Scholar
  35. Li K, Ma H (2014) Outsourcing decryption of multi-authority abe ciphertexts. International Journal of Network Security 16:252–260Google Scholar
  36. Lin H, Cao Z, Liang X, Shao J (2008) Secure threshold multi authority attribute based encryption without a central authority. In: Proc. INDOCRYPT 2008, vol 5365, pp 426–436Google Scholar
  37. Liu J, Lai J, Huang X (2015) Dual trapdoor identity-based encryption with keyword search. Soft Computing pp 1–9, doi:10.1007/s00500-015-1960-6
  38. Müller S, Katzenbeisser S, Eckert C (2008) Distributed attribute-based encryption. In: Proc. ICISC 2008, vol 5461, pp 20–36Google Scholar
  39. Parno B, Raykova M, Vaikuntanathan V (2012) How to delegate and verify in public: Verifiable computation from attribute-based encryption. In: Proc. TCC 2012, pp 422–439Google Scholar
  40. Qin B, Deng RH, Liu S, Ma S (2015) Attribute-based encryption with efficient verifiable outsourced decryption. IEEE Transactions on Information Forensics and Security 10(7):1384–1393CrossRefGoogle Scholar
  41. Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Proc. EUROCRYPT 2005, vol 3494, pp 457–473Google Scholar
  42. Shamir A (1984) Identity-based cryptosystems and signature schemes. In: Proc. CRYPTO 1984, vol 196, pp 47–53Google Scholar
  43. Stinson DR (2005) Cryptography: Theory and Practice, Third Edition, Chapman and Hall/CRC, chap Secret sharing schemes, pp 481–514Google Scholar
  44. Waters B (2009) Dual system encryption: Realizing fully secure ibe and hibe under simple assumptions. In: Proc. CRYPTO 2009, vol 5677, pp 619–636Google Scholar
  45. Xu J, Wen Q, Li W, Jin Z (2016) Circuit ciphertext-policy attribute-based hybrid encryption with verifiable delegation in cloud computing. IEEE Transactions on Parallel and Distributed Systems 27(1):119–129CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2016

Authors and Affiliations

  • Jie Xu
    • 1
  • Qiaoyan Wen
    • 1
  • Wenmin Li
    • 1
  • Jian Shen
    • 2
  • Debiao He
    • 3
  1. 1.State Key Laboratory of Networking and Switching TechnologyBeijing University of Posts and TelecommunicationsBeijingChina
  2. 2.School of Computer and SoftwareNanjing University of Information Science and TechnologyNanjingChina
  3. 3.State Key Lab of Software Engineering, Computer SchoolWuhan UniversityWuhanChina

Personalised recommendations