Advertisement

A Lightweight Ciphertext-Policy Attribute-Based Encryption for Fine-Grained Access Control

Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 915)

Abstract

With the expansion of data, companies start to look for new efficient and cheap alternatives to store, share and manage their data. In this regard, cloud storage services appeared to fill this gap by providing a huge amount of computing resources ensuring data availability and efficient data management with low cost due to the pay-as-you-go payment-model adopted by cloud providers. However, by outsourcing their sensitive data (financial data, health records …), companies will no longer be in control of them, so this arises big challenges related to the confidentiality and data security against attackers (in case of compromised cloud servers) and even against curious cloud providers. Therefore, encrypting data before outsourcing them is the only way that gives to the data owners the control over their data. However, using traditional public key cryptography in a data-sharing context produces an unnecessary communication and computation overhead since for each targeted user, the data owner needs to encrypt a copy of data with the corresponding user’s public key. To fix this problem, many attribute-based encryption (ABE) schemes were proposed. In the ABE model, the encryption process is done based on the attributes instead of a unique public key, and users with matching attributes can decrypt the ciphertext, so data owners in this model don’t need to generate many copies of the same data as in the traditional cryptosystems. However, these schemes still require a huge computational power and communication cost since they are based on expensive bilinear pairing and modular exponentiation operations. We propose a lightweight version of the Ciphertext-Policy Attribute-Based Encryption (CP-ABE) using elliptic curve cryptography and scalar point multiplications, instead of bilinear pairings and modular exponentiations, to ensure a fine-grained access control with less computation cost and shorter keys and ciphertexts. The results show that our scheme improves the execution efficiency and requires a low-cost communication and storage.

Keywords

Cloud computing Fine-grained access control Elliptic curve cryptography Attribute-Based encryption 

Notes

Acknowledgements

This work is supported by the National Center for Scientific and Technical Research’s (CNRST) scholarship M.06/4.

References

  1. 1.
    Mell, P., Grance, T.: The NIST definition of cloud computing recommendations of the National Institute of Standards and Technology. Natl. Inst. Stand. Technol. Inf. Technol. Lab. 145, 7 (2011)Google Scholar
  2. 2.
    Armbrust, M., et al.: A view of cloud computing: clearing the clouds away from the true potential and obstacles posed by this computing capability. Commun. ACM 53(4), 50–58 (2010)Google Scholar
  3. 3.
    Zhang, Q., Cheng, L., Boutaba, R.: Cloud computing: state-of-the-art and research challenges. J. Internet. Serv. Appl. 1(1), 7–18 (2010)Google Scholar
  4. 4.
    Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R.H.: Above the clouds: a Berkeley view of cloud computing. University of California, Berkeley, Technical Report UCB, pp. 07–013 (2009)Google Scholar
  5. 5.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Eurocrypt, pp. 457–473 (2005)Google Scholar
  6. 6.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security—CCS’06, p. 89 (2006)Google Scholar
  7. 7.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 321–334 (2007)Google Scholar
  8. 8.
    Cheung, L., Newport, C.: Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007, pp. 456–465 (2007)Google Scholar
  9. 9.
    Ibraimi, L., Tang, Q., Hartel, P., Jonker, W.: Efficient and provable secure ciphertext-policy attribute-based encryption schemes. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 5451, pp. 1–12 (2009)Google Scholar
  10. 10.
    Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security—CCS’07, p. 195 (2007)Google Scholar
  11. 11.
    Attrapadung, N., Imai, H.: Dual-policy attribute based encryption. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 5536, pp. 168–185 (2009)Google Scholar
  12. 12.
    Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 5037, pp. 111–129 (2008)Google Scholar
  13. 13.
    Emura, K., Miyaji, A., Nomura, A., Omote, K., Soshi, M.: A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 5451, pp. 13–23 (2009)Google Scholar
  14. 14.
    Herranz, J., Laguillaumie, F., Ràfols, C.: Constant size ciphertexts in threshold attribute-based encryption. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 6056, pp. 19–34 (2010)Google Scholar
  15. 15.
    Lewko, A.B., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Eurocrypt, vol. 02, no. subaward 641, pp. 62–91 (2010)Google Scholar
  16. 16.
    Martínez, V.G., Encinas, L.H., Sanchez-Avila, C.: A survey of the elliptic curve integrated encryption scheme. Secur. Manag. 2(2), 495–504 (2010)Google Scholar
  17. 17.
    Shamir, A., Shamir, A.: How to share a secret. Commun. ACM 22(1), 612–613 (1979)MathSciNetzbMATHGoogle Scholar
  18. 18.
    Kothari, S.C.: Generalized Linear Threshold Scheme. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). LNCS, vol. 196, pp. 231–241 (1985)Google Scholar
  19. 19.
    Asmuth, C., Bloom, J.: A modular approach to key safeguarding. IEEE Trans. Inf. Theory 29(2), 208–210 (1983)MathSciNetGoogle Scholar
  20. 20.
    Benaloh, J., Leichter, J.: Generalized secret sharing and monotone functions. Advances in Cryptology—CRYPTO’88, vol. 403, pp. 27–35 (1988)Google Scholar
  21. 21.
    Beimel, A.: Secure schemes for secret sharing and key distribution. Tech. Inst. Technol. Fac. Comput. Sci. (1996)Google Scholar
  22. 22.
    Yao, X., Chen, Z., Tian, Y.: A lightweight attribute-based encryption scheme for the internet of things. Future Gener. Comput. Syst. 49, 104–112 (2015)Google Scholar
  23. 23.
    Pang, L., Yang, J., Jiang, Z.: A survey of research progress and development tendency of attribute-based encryption. Sci. World J. 2014, 13 (2014)Google Scholar
  24. 24.
    Waters, B.: Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization, vol. 6571 (2006), pp. 1–25 (2011)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.National School of Applied SciencesIbn Zohr UniversityAgadirMorocco

Personalised recommendations