Advertisement

DET-ABE: A Java API for Data Confidentiality and Fine-Grained Access Control from Attribute Based Encryption

  • Miguel Morales-SandovalEmail author
  • Arturo Diaz-Perez
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9311)

Abstract

Many works in the literature have proposed information security mechanisms relying on Paring Based Cryptography (PBC), for example, Ciphertext Policy Attribute Based Encryption (CP-ABE). However, a public set of software modules that allow integrating that kind of encryption for data security of information systems in an easy and transparent way is still missing. Available APIs like PBC (C-based) or jPBC (Java-based) are focused on low level arithmetic operations and several non trivial issues must still be addressed to integrate a functional PBC/ABE scheme into end-user applications for implementing end-to-end encryption. We present a novel and portable Java library (API) to ensure confidentiality and access control of sensitive data accessed only by authorized entities having as credentials a set of attributes. Novel encryption and decryption processes are defined, using the digital envelope technique (DET) under a client-server computing model. The new DET-ABE scheme supports standard security levels (AES encryption) and provides the user with an easy interface for transparent use of next generation cryptography, hiding the complexity associated to PBC (field and group arithmetic, curve selection) and ABE (setup, key management, encryption/decryption details). Running times of main API’s modules at server (ABE setup and key generation) and client (DET-ABE encryption/decryption) side are presented and discussed. From these results, it is concluded that the proposed API is easy to use and viable for providing confidentiality and access control mechanisms over data in end-user applications.

Keywords

Pairings Cryptographic API Attribute based encryption 

References

  1. 1.
    Ambrosin, M., Conti, M., Dargahi, T.: On the feasibility of attribute-based encryption on smartphone devices. In: Proceedings of the 2015 Workshop on IoT Challenges in Mobile and Industrial Systems, IoT-Sys 2015, pp. 49–54. ACM, New York (2015). http://doi.acm.org/10.1145/2753476.2753482
  2. 2.
    Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: Recommendation for key management part 1: general(Revision 3). In: NIST Special Publication 800–57, pp. 1–147 (2012)Google Scholar
  3. 3.
    Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006). http://dx.doi.org/10.1007/11693383_22 CrossRefGoogle Scholar
  4. 4.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of the 2007 IEEE Symposium on Security and Privacy, SP 2007, pp. 321–334. IEEE Computer Society, Washington, DC (2007). http://dx.doi.org/10.1109/SP.2007.11
  5. 5.
    Boneh, D.: Pairing-based cryptography: past, present, and future. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, p. 1. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001) CrossRefGoogle Scholar
  7. 7.
    Braun, J., Volk, F., Buchmann, J., Mühlhäuser, M.: Trust views for the web PKI. In: Katsikas, S., Agudo, I. (eds.) EuroMPI 2013. LNCS, vol. 8341, pp. 134–151. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  8. 8.
    Daemen, J., Rijmen, V.: The Design of Rijndael. Springer-Verlag New York Inc., Secaucus (2002) CrossRefzbMATHGoogle Scholar
  9. 9.
    De Caro, A., Iovino, V.: jPBC: Java pairing based cryptography. In: 2011 IEEE Symposium on Computers and Communications (ISCC), pp. 850–855, June 2011Google Scholar
  10. 10.
    Diffie, W., Van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Cryptography 2(2), 107–125 (1992). http://dx.doi.org/10.1007/BF00124891 MathSciNetCrossRefGoogle Scholar
  11. 11.
    Escofier, J.P.: Galois Theory, Graduate Texts in Mathematics, vol. 204. Springer, New York (2001) Google Scholar
  12. 12.
    Galbraith, S.D., McKee, J.F.: Pairings on elliptic curves over finite commutative rings. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 392–409. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  13. 13.
    Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discrete Appl. Math. 156(16), 3113–3121 (2008). http://dx.doi.org/10.1016/j.dam.2007.12.010 MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 89–98. ACM, New York (2006). http://doi.acm.org/10.1145/1180405.1180418
  15. 15.
    Herstain, I.N.: Abstract Algebra, 3rd edn. Wiley (1996)Google Scholar
  16. 16.
    Jahid, S., Mittal, P., Borisov, N.: Easier: Encryption-based access control in social networks with efficient revocation. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, pp. 411–415. ACM, New York (2011). http://doi.acm.org/10.1145/1966913.1966970
  17. 17.
    Liu, W., Liu, J., Wu, Q., Quin, B.: Android PBC: A pairing based cryptography toolkit for android platform. In: Communications Security Conference, CSC 2014, pp. 1–6. IEEE, May 2014Google Scholar
  18. 18.
    Lynn, B.: On the implementation of pairing-based cryptosystems. Ph.D. thesis, Stanford University, Department of Computere Science (2007)Google Scholar
  19. 19.
    Menezes, A.J., Vanstone, S.A., Oorschot, P.C.V.: Handbook of Applied Cryptography, 1st edn. CRC Press Inc., Boca Raton (1996) CrossRefzbMATHGoogle Scholar
  20. 20.
    Miller, F.P., Vandome, A.F., McBrewster, J.: Advanced Encryption Standard. Alpha Press (2009)Google Scholar
  21. 21.
    Pang, L., Yang, J., Jiang, Z.: A Survey of Research Progress and Development Tendency of Attribute-Based Encryption. The Scientific World Journal 2014, 1–13 (2014)CrossRefGoogle Scholar
  22. 22.
    Picazo-Sanchez, P., Tapiador, J.E., Peris-Lopez, P., Suarez-Tangil, G.: Secure publish-subscribe protocols for heterogeneous medical wireless body area networks. Sensors 14(12), 22619 (2014). http://www.mdpi.com/1424-8220/14/12/22619 CrossRefGoogle Scholar
  23. 23.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978). http://doi.acm.org/10.1145/359340.359342 MathSciNetCrossRefzbMATHGoogle Scholar
  24. 24.
    Rosenberg, B.: Handbook of Financial Cryptography and Security, 1st edn. Chapman & Hall/CRC (2010)Google Scholar
  25. 25.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). http://dx.doi.org/10.1007/11426639_27 CrossRefGoogle Scholar
  26. 26.
    Xiong, X., Wong, D.S., Deng, X.: TinyPairing: A fast and lightweight pairing-based cryptographic library for wireless sensor networks. In: 2010 IEEE Wireless Communication and Networking Conference, pp. 1–6. IEEE, April 2010Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2015

Authors and Affiliations

  1. 1.Laboratorio de Tecnologias de Informacion, CINVESTAV-LTIParque Cientifico Y Tecnologico de TamaulipasCiudad VictoriaMexico

Personalised recommendations