A Key-policy Attribute-based Encryption Scheme with Constant Size Ciphertext
Chang-Ji WANG
School of Information Science and Technology
Sun Yat-sen University, Guangzhou 510275, China
Research Center of Software Technology for Information Service
South China Normal University, Guangzhou 501631, China
Email: isswchj@mail.sysu.edu.cn
Jian-Fa Luo
School of Information Science and Technology
Sun Yat-sen University, Guangzhou 510275, China
Email: timothylup@qq.com
Abstract—Attribute-based encryption (ABE) is a new cryp-
tographic primitive which provides a promising tool for ad-
dressing the problem of secure and fine-grained data sharing
and decentralized access control. Key-policy attribute-based
encryption (KP-ABE) is an important class of ABE, where ci-
phertexts are labeled with sets of attributes and private keys are
associated with access structures that control which ciphertexts
a user is able to decrypt. KP-ABE has important applications
in data sharing on untrusted cloud storage. However, the
ciphertext size grows linearly with the number of attributes
embedded in ciphertext in most existing KP-ABE schemes. In
this paper, we describe our work on designing a KP-ABE
scheme with constant size ciphertext for monotonic access
structures. The downside of the proposed KP-ABE scheme is
that private keys have multiple size growth in the number
of attributes in the access structure. The proposed KP-ABE
scheme is proved to be secure under the general Diffie-Hellman
exponent assumption.
Keywords-identity-based broadcast encryption; key-policy
attribute-based encryption; cloud computing; constant size
ciphertexts; general Diffie-Hellman exponent assumption.
I. INTRODUCTION
Cloud computing is a model for enabling ubiquitous,
convenient, on-demand network access to a shared pool of
configurable computing resources (e.g., networks, servers,
storage, applications, and services) that can be rapidly
provisioned and released with minimal management effort
or service provider interaction [1]. There are two main
categories of cloud infrastructure, public cloud and private
cloud. To take advantage of public clouds, data owners must
upload their data to commercial cloud service providers
which are usually considered to be semi-trusted, i.e., honest
but curious [2]. That means the cloud service providers will
try to find out as much secret information in the users’
outsourced data as possible, but they will honestly follow
the protocol in general.
Traditional access control techniques are based on the
assumption that the server is in the trusted domain of the data
owner and therefore an omniscient reference monitor can be
used to enforce access policies against authenticated users.
However, in the cloud computing paradigm this assumption
usually does not hold and therefore these solutions are not
applicable. Therefore, there is a need for a decentralized,
scalable and flexible way to control access to cloud data
without fully relying on the cloud service providers.
Given the above problems, it is important that data access
be protected by encryption. Roughly, encryption provides a
method of encoding data such that it can only be understood
with access to a proper decryption key. In traditional encryp-
tion systems, encrypted data is targeted for decryption by a
single known user. Unfortunately this functionality lacks the
expressiveness needed for more advanced data sharing.
To address these emerging needs, Sahai and Waters [3]
introduced the concept of attribute-based encryption (ABE).
Instead of encrypting to individual users, in ABE system,
one can embed an access policy into the ciphertext or
decryption key. Besides, ABE also has collusion-resistance
property, i.e., if multiple users collude, they should only be
able to decrypt a ciphertext if at least one of the users could
decrypt it on their own. Thus, data access is self-enforcing
from the cryptography, requiring no trusted mediator.
ABE can be viewed as an extension of the notion of
identity-based encryption (IBE) in which user identity is
generalized to a set of descriptive attributes instead of a
single string specifying the user identity. Compared with
IBE [4], ABE has significant advantage as it achieves
flexible one-to-many encryption instead of one-to-one, it is
envisioned as a promising tool for addressing the problem
of secure and fine-grained data sharing and decentralized
access control.
There are two types of ABE depending on which of
private keys or ciphertexts that access policies are associated
with.
In a key-policy attribute-based encryption (KP-ABE) sys-
tem, users’ keys are issued by the attribute authority captures
an access structure that specifies which type of ciphertexts
the key can decrypt, while ciphertexts are labeled by the
sender with a set of descriptive attributes. KP-ABE may be
suitable for structured organizations with rules about who
may read particular documents, but it is unable to specify
policies on a per-message basis. Other important applica-
tions include secure forensic analysis and pay-TV system
with package policy (called target broadcast). The first KP-
ABE construction was provided by Goyal et al. [5], which
2012 Eighth International Conference on Computational Intelligence and Security
978-0-7695-4896-8/12 $26.00 © 2012 IEEE
DOI 10.1109/CIS.2012.106
447
下载后可阅读完整内容,剩余4页未读,立即下载
weixin_38575421
- 粉丝: 6
- 资源: 918
我的内容管理
展开
最新资源
- C++多态实现机制详解:虚函数与早期绑定
- Java多线程与异常处理详解
- 校园导游系统:无向图实现最短路径探索
- SQL2005彻底删除指南:避免重装失败
- GTD时间管理法:提升效率与组织生活的关键
- Python进制转换全攻略:从10进制到16进制
- 商丘物流业区位优势探究:发展战略与机遇
- C语言实训:简单计算器程序设计
- Oracle SQL命令大全:用户管理、权限操作与查询
- Struts2配置详解与示例
- C#编程规范与最佳实践
- C语言面试常见问题解析
- 超声波测距技术详解:电路与程序设计
- 反激开关电源设计:UC3844与TL431优化稳压
- Cisco路由器配置全攻略
- SQLServer 2005 CTE递归教程:创建员工层级结构
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
