Skip to main content
SpringerLink
Log in

Securely outsourcing the ciphertext-policy attribute-based encryption

  • Published:
World Wide Web Aims and scope Submit manuscript

Abstract

Attribute-based Encryption (ABE) is a new and promising public key encryption that allows fine-grained authorization on data based on user attributes. Such property is favorable for multiple applications that require encrypted storage or access control on data, in particular: eHealth applications. However, ABE schemes are known not to be efficient in the encryption phase because ciphertext size and the time required to encrypt grow with the complexity of the access policy. Such drawback is critical in the context of pervasive computing, for instance, in the Internet of Things, where data producers are usually resource-constrained devices, e.g. smart phones or sensing platforms. In this work, we propose OEABE standing for Outsourcing mechanism for the Encryption of Ciphertext-Policy ABE (CP-ABE). We show how a user can offload expensive operations of CP-ABE encryption to a semi-trusted party in a secure manner. Our proposed mechanism requires only one exponentiation on resource-constrained devices. We provide also an informal security analysis of possible attacks from a semi-honest adversary against the proposed solution. To demonstrate the performance gains of our mechanism, we first conducted a performance estimation on an emulated Wismote sensor platform. Then, we implemented our proposal and did comparison to an existing implementation of CP-ABE on a laptop.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6

Similar content being viewed by others

References

  1. Alomair, B., Poovendran, R.: Unconditionally secure authenticated encryption with shorter keys. In: WOSIS (2009)

  2. Ambrosin, M., conti, M., Dargahi, T.: On the feasibility of attribute-based encryption on smartphone devices. IoT-Sys ’15 (2015)

  3. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73. 1 (1993)

  4. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE S & P (2007)

  5. Bianchi, G., Capossele, A.T., Petrioli, C., Spenza, D.: Agree: exploiting energy harvesting to support data-centric access control in wsns. Ad Hoc Netw. 11(8), 2625–2636 (2013)

    Article  Google Scholar 

  6. Chen, C., Zhang, Z., Feng, D.: Efficient ciphertext policy attribute-based encryption with constant-size ciphertext and constant computation-cost. In: Provable Security, pp. 84–101. Springer (2011)

  7. Cisco global cloud index: Forecast and methodology, 2014-2019 white paper

  8. Cpabe toolkit: http://acsc.cs.utexas.edu/cpabe/

  9. Dunkels, A., Grönvall, B., Voigt, T.: Contiki-a lightweight and flexible operating system for tiny networked sensors. In: IEEE LCN (2004)

  10. Gartner inc., Forecast: The internet of things worldwide (2013)

  11. Goldreich, O.: Foundations of Cryptography: Volume 2, Basic Applications. Cambridge University Press (2009)

  12. Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded ciphertext policy attribute based encryption. In: Automata, Languages and Programming, pp. 579–591. Springer (2008)

  13. Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of abe ciphertexts. In: USENIX Security Symposium, Volume 2011 (2011)

  14. Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Advances in Cryptology–EUROCRYPT 2011, pp. 568–588. Springer (2011)

  15. Nguyen, K.T., Laurent, M., Oualha, N.: Lightweight certificateless and provably-secure signcryptosystem for the internet of things. In: IEEE Trustcom (2015)

  16. Nist, recommaned elliptic curves for federal government use (1999)

  17. Pairing based cryptography library: http://crypto.standford.edu/pbc

  18. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Advances in Cryptology–EUROCRYPT 2005, pp. 457–473. Springer (2005)

  19. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 2, 38–47 (1996)

    Article  Google Scholar 

  20. Secg. sec 2: Recommended elliptic curve domain parameters version 2.0

  21. Touati, L., Challal, Y., Bouabdallah, A.: C-cp-abe: cooperative ciphertext policy attribute-based encryption for the internet of things. In: IEEE INDS (2014)

  22. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: PKC 2011, pp. 53–70. Springer (2011)

  23. Zhou, Z., Huang, D.: Efficient and secure data storage operations for mobile cloud computing. In: Proceedings of the 8th International Conference on Network and Service Management (2012)

Download references

Author information

Authors and Affiliations

  1. CEA, LIST, Communicating Systems Laboratory, 91191, Gif-sur-Yvette, France

    Kim Thuat Nguyen & Nouha Oualha

  2. Institut Mines-Telecom, Telecom SudParis, UMR CNRS, 5157 SAMOVAR, 9 rue Charles Fourier, 91011, Evry, France

    Maryline Laurent

Authors
  1. Kim Thuat Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nouha Oualha
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Maryline Laurent
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kim Thuat Nguyen.

Additional information

This article is part of the Topical Collection: Special Issue on Security and Privacy of IoT

Guest Editors: Tarik Taleb, Zonghua Zhang, and Hua Wang

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nguyen, K.T., Oualha, N. & Laurent, M. Securely outsourcing the ciphertext-policy attribute-based encryption. World Wide Web 21, 169–183 (2018). https://doi.org/10.1007/s11280-017-0473-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11280-017-0473-x

Keywords

Search

Navigation