Fuzzy encryption in cloud computation: efficient verifiable outsourced attribute-based encryption
Attributed-based encryption (ABE) is a promising cryptographic access control mechanism with a rich expressiveness of ABE policies. Due to the high complexities of encryption and decryption, users are burdened with large computation cost. Fortunately, outsourcing technologies can be used to reduce the computation overhead for the ABE schemes. In the recent decade, the achievements of the outsourced ciphertext-policy ABE (CP-ABE) schemes are inspiring. But, the outsourcing encryption algorithms for CP-ABE schemes are not addressed properly since the encryption exponents are dynamic. In this paper, we present an efficient outsourced CP-ABE scheme with checkability, where the number of the exponential operations in the encryption can be reduced to a constant by introducing a blinding algorithm. Meanwhile, the ciphertext size is not increased. Furthermore, to guarantee the correctness of our scheme, we provide the verification mechanism based on a collision-resistance hash function, which allows the users to efficiently check the validity of messages and outsourced computation results. Besides, the proposed scheme is secure against replayable chosen ciphertext attacks based on Green’s outsourcing security model. Intensive experiments are carried out to illustrate the efficiency of the proposed scheme.
KeywordsAttributed-based encryption Outsourced encryption Efficient verification Cloud servers
This study was funded by the National Natural Science Foundation of China (NSFC) (Nos. 61300220, 61370194, 61411146001, 61501333, 61572379), and the Scientific Research Fund of Hunan Provincial Education Department under Grant No. 16B089.
Compliance with ethical standards
Conflict of interest
The authors declare that there are no conflicts of interest.
This article does not contain any studies with human participants or animals performed by any of the authors.
- Beimel A (1996) Secure schemes for secret sharing and key distribution. Israel Institute of Technology, Technion, HaifaGoogle Scholar
- Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE symposium on security and privacy (SP ’07). IEEE, pp 321–334Google Scholar
- Bobba R, Khurana H, Prabhakaran M (2009) Attribute-sets: a practically motivated enhancement to attribute-based encryption. In: European symposium on research in computer security. Springer, Berlin, pp 587–604Google Scholar
- Goyal V, Jain A, Pandey O et al (2008) Bounded ciphertext policy attribute based encryption. In: International colloquium on automata, languages, and programming. Springer, Berlin, pp 579–591Google Scholar
- Goyal V, Pandey O, Sahai A et al (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security. ACM, pp 89–98Google Scholar
- Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of ABE ciphertexts. In: USENIX security symposium, vol 2011Google Scholar
- He D, Zeadally S, Wu L (2015) Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst J. doi: 10.1109/JSYST.2015.2428620
- He D, Zeadally S, Kumar N, Lee JH (2016a) Anonymous authentication for wireless body area networks with provable security. IEEE Syst J. doi: 10.1109/JSYST.2016.2544805
- He D, Kumar N, Wang H et al (2016b) A provably-secure cross-domain handshake scheme with symptoms-matching for mobile healthcare social network. IEEE Trans Dependable Secur Comput. doi: 10.1109/TDSC.2016.2596286
- Ibraimi L, Tang Q, Hartel P et al (2009) Efficient and provable secure ciphertext-policy attribute-based encryption schemes. In: International conference on information security practice and experience. Springer, Berlin, pp 1–12Google Scholar
- Lai J, Deng R H, Yang Y et al (2013) Adaptable ciphertext-policy attribute-based encryption. In: International conference on pairing-based cryptography. Springer, Berlin, pp 199–214Google Scholar
- Lewko A, Sahai A, Waters B (2010) Revocation systems with very small private keys. In: IEEE symposium on security and privacy. IEEE, pp 273–285Google Scholar
- Li J, Jia C, Li J et al (2012) Outsourcing encryption of attribute-based encryption with mapreduce. In: International conference on information and communications security. Springer, Berlin, pp 191–201Google Scholar
- Li X, Niu J, Wang Z, Chen C (2014) Applying biometrics to design three-factor remote user authentication scheme with key agreement. Secur Commun Netw 7(10):1488–1497Google Scholar
- Li X, Li J, Huang F (2016) A secure cloud storage system supporting privacy-preserving fuzzy deduplication. Soft Comput 20(4):1437C1448Google Scholar
- Ma J, Lai J, Deng R H, Ding X (2016) Adaptable key-policy attribute-based encryption with time interval. Soft Comput. doi: 10.1007/s00500-016-2177-z
- Mao X, Lai J, Mei Q, Chen K (2015) Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption. IEEE Trans Dependable Secure Comput 13(5):533–546Google Scholar
- Ostrovsky R, Sahai A, Waters B (2007) Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 195–203Google Scholar
- Ren YJ, Shen J, Wang J et al (2015) Mutual verifiable provable data auditing in public cloud storage. J Internet Technol 16(2):317–323Google Scholar
- Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Annual international conference on the theory and applications of cryptographic techniques. Springer, Berlin, pp 457–473Google Scholar
- Wang H, He D, Shen J et al (2016) Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing. Soft Comput. doi: 10.1007/s00500-016-2271-2
- Waters B (2011) Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: International workshop on public key cryptography. Springer, Berlin, pp 53–70Google Scholar
- Zhou Z, Huang D (2012) Efficient and secure data storage operations for mobile cloud computing. In: Proceedings of the 8th international conference on network and service management. International Federation for Information Processing, pp 37–45Google Scholar