Advertisement

Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack

可抵抗关键字猜测攻击的隐藏策略属性基可检索加密方案

Abstract

Attribute-based encryption with keyword search (ABKS) enables data owners to grant their search capabilities to other users by enforcing an access control policy over the outsourced encrypted data. However, existing ABKS schemes cannot guarantee the privacy of the access structures, which may contain some sensitive private information. Furthermore, resulting from the exposure of the access structures, ABKS schemes are susceptible to an off-line keyword guessing attack if the keyword space has a polynomial size. To solve these problems, we propose a novel primitive named hidden policy ciphertext-policy attribute-based encryption with keyword search (HP-CPABKS). With our primitive, the data user is unable to search on encrypted data and learn any information about the access structure if his/her attribute credentials cannot satisfy the access control policy specified by the data owner. We present a rigorous selective security analysis of the proposed HP-CPABKS scheme, which simultaneously keeps the indistinguishability of the keywords and the access structures. Finally, the performance evaluation verifies that our proposed scheme is efficient and practical.

创新点

在基于属性的可检索加密方案中, 数据拥有者可以通过设定访问控制策略将自己的密文检索能力授权给其他用户, 实现了云环境下的数据共享。但是, 现有基于属性的可检索方案都未考虑密文策略的隐私性, 因此无法抵抗关键字猜测攻击。为了解决以上问题, 本文使用非对称双线性映射, 提出了一种可抵抗关键字猜测攻击的隐藏策略属性基可检索加密方案HP-CPABKS, 成功实现密文策略的隐藏, 从而抵抗了关键字猜测攻击。且通过理论和实验分析了其效率。

This is a preview of subscription content, log in to check access.

References

  1. 1

    Zheng Q, Xu S, Ateniese G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: Proceedings of IEEE Conference on Computer Communications, INFOCOM, Toronto, 2014. 522–530

  2. 2

    Sun W, Yu S, Lou W, et al. Protecting your right: attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. In: Proceedings of IEEE Conference on Computer Communications, INFOCOM, Toronto, 2014. 226–234

  3. 3

    Sahai A, Waters B. Fuzzy identity-based encryption. In: Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. London: Springer, 2005. 457–473

  4. 4

    Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 89–98

  5. 5

    Ostrovsky R, Sahai A, Waters B. Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 195–203

  6. 6

    Attrapadung N, Libert B, de Panafieu E. Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography. London: Springer, 2011. 90–108

  7. 7

    Rao Y S, Dutta R. Computationally efficient expressive key-policy attribute based encryption schemes with constantsize ciphertext. In: Proceedings of the 15th International Conference on Information and Communications Security, ICICS, Beijing, 2013. 346–362

  8. 8

    Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, 2007. 321–334

  9. 9

    Cheung L, Newport C. Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 456–465

  10. 10

    Emura K, Miyaji A, Nomura A, et al. A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Proceedings of the 5th International Conference on Information Security Practice and Experience, Xi’an, 2009. 13–23

  11. 11

    Waters B. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography. Berlin: Springer, 2011. 53–70

  12. 12

    Byun J W, Rhee H S, Park H A, et al. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Proceedings of the 3rd VLDB International Conference on Secure Data Management. London: Springer, 2006. 75–83

  13. 13

    Xu P, Jin H, Wu Q, et al. Public-key encryption with fuzzy keyword search: a provably secure scheme under keyword guessing attack. IEEE Trans Comput, 2013, 62: 2266–2277

  14. 14

    Fang L, Susilo W, Ge C, et al. Public key encryption with keyword search secure against keyword guessing attacks without random oracle. Inf Sci, 2013, 238: 221–241

  15. 15

    Nishide T, Yoneyama K, Ohta K. Attribute-based encryption with partially hidden encryptor-specified access structures. In: Proceedings of the 6th International Conference on Applied Cryptography and Network Security, New York, 2008. 111–129

  16. 16

    Lai J, Deng R H, Li Y. Fully secure ciphertext-policy hiding CP-ABE. In: Proceedings of the 7th International Conference on Information Security Practice and Experience, Guangzhou, 2011. 24–39

  17. 17

    Li X, Gu D, Ren Y, et al. Efficient ciphertext-policy attribute based encryption with hidden policy. In: Proceedings of the 5th International Workshop on Internet and Distributed Computing Systems, Melbourne, 2012. 146–159

  18. 18

    Lai J, Deng R H, Li Y. Expressive CP-ABE with partially hidden access structures. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, Seoul, 2012. 18–19

  19. 19

    Boneh D, Boyen X, Goh E J. Hierarchical identity based encryption with constant size ciphertext. In: Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. London: Springer, 2005. 440–456

  20. 20

    Kapadia A, Tsang P P, Smith S W. Attribute-based publishing with hidden credentials and hidden policies, In: Proceedings of the 14th Annual Network and Distributed System Security Symposium, San Diego, 2007. 179–192

  21. 21

    Herranz J, Laguillaumie F, Ráfols C. Constant size ciphertexts in threshold attribute-based encryption. In: Proceedings of the 13th International Conference on Practice and Theory in Public Key Cryptography. London: Springer, 2010. 19–34

  22. 22

    Goyal V, Jain A, Pandey O, et al. Bounded ciphertext policy attribute based encryption. In: Proceedings of the 35th International Colloquium on Automata, Languages and Programming, Reykjavik, 2008. 579–591

  23. 23

    Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Proceedings of the 29th Annual International Conference on Theory and Applications of Cryptographic Techniques. London: Springer, 2010. 62–91

  24. 24

    Bellare M, Canetti R, Krawczyk H. Keying hash functions for message authentication. In: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology. London: Springer, 1996. 1–15

  25. 25

    Bradshaw R W, Holt J E, Seamons K E. Concealing complex policies with hidden credentials. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, Washington, 2004. 146–157

  26. 26

    Nishide T. Cryptographic schemes with minimum disclosure of private information in attribute-based encryption and multiparty computation. Dissertation for Ph.D. Degree. Tokyo: University of Electro-Communications, 2008

  27. 27

    Schwartz J T. Fast probabilistic algorithms for verification of polynomial identities. J ACM, 1980, 27: 701–717

  28. 28

    Zippel R. Probabilistic algorithms for sparse polynomials. In: Proceedings of the International Symposiumon on Symbolic and Algebraic Computation. London: Springer, 1979. 216–226

  29. 29

    The java pairing based cryptography library. http://gas.dia.unisa.it/projects/jpbc/The java pairing based cryptography library. http://gas.dia.unisa.it/projects/jpbc

  30. 30

    de Caro A, Iovino V. jPBC: Java pairing based cryptography. In: Proceedings of IEEE Symposium on Computers and Communications (ISCC), Kerkyra, 2011. 850–855

Download references

Author information

Correspondence to Shuo Qiu.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Qiu, S., Liu, J., Shi, Y. et al. Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack. Sci. China Inf. Sci. 60, 052105 (2017). https://doi.org/10.1007/s11432-015-5449-9

Download citation

Keywords

  • attribute-based keyword search
  • access structure
  • privacy
  • hidden policy
  • keyword guessing attack
  • 052105

关键词

  • 关键字检索
  • 属性加密
  • 访问控制
  • 策略隐藏
  • 关键字猜测攻击