吉林大学学报(工学版) ›› 2014, Vol. 44 ›› Issue (3): 788-794.doi: 10.13229/j.cnki.jdxbgxb201403033

• Orignal Article • Previous Articles     Next Articles

Attribute-based encryption based access control scheme withconstant-size ciphertext in cloud computing

LI Qi1,2, MA Jian-feng1,2, XIONG Jin-bo1,2,ZHANG Tao1,2,LIU Xi-meng2,3   

  1. 1.School of Computer Science and Technology, Xidian University, Xi′an 710071, China;
    2.Shaanxi Key Laboratory of Network and System Security, Xidian University, Xi′an 710071, China;
    3.School of Telecommunications Engineering, Xidian University, Xi′an 710071, China
  • Received:2012-12-26 Online:2014-03-01 Published:2014-03-01

RICH HTML

0   

PDF (PC)

684

Abstract: Based on Attribute-Based Encryption (ABE), a variety of access control schemes have been constructed in cloud computing. However, in these schemes, the ciphertext overhead goes linearly with the number of attributes used in encryption. To address this concern, a CCP-ABE (Constant-size Ciphertext Policy ABE) based access control scheme is proposed. The original data is encrypted by a symmetric key; then symmetric key is encrypted under an AND-gate access policy. Only the user who possesses a set of attributes that satisfy the policy can recover the symmetric key. The security of the proposed scheme is proved based on security of the CPA (Chosen Plaintext Attack) secure CCP-ABE scheme. Moreover, a method of constructing CCA (Chosen Ciphertext attack) secure CCP-ABE schemes is introduced. Performance analysis indicates that the ciphertext overhead over the number of attributes included in ciphertext is constant-size rather than linearity.

Key words: computer application, access control, attribute-based encryption, cloud computing, constant-size

CLC Number: 

  • TP393
[1] Li J T, Li N H, Winsborough W H. Automated trustnegotiation using cryptographic credentials[C]∥Proceedings of the 12th ACM Conference on Computer and Communications Security, New York, NY, USA, 2005: 46-57.
[2] Harney H, Colgrove A, Mcdaniel P. Principles of policy in secure groups[C]∥Proceedings of the Symposium on Network and Distributed System Security,San Diego,California,USA,2001: 66-74.
[3] 李凤华, 王巍, 马建峰,等. 协作信息系统的访问控制模型及其应用[J]. 通信学报, 2008, 29(9): 116-123.
Li Feng-hua, Wang Wei, Ma Jian-feng, et al. Access control model and its application for collaborative information systems[J]. Journal on Communications, 2008, 29(9): 116-123.
[4] Yu S C, Wang C, Ren K, et al. Achieving secure, scalable, and fine-grained data access control in cloud computing[C]∥Proceedings of the 2010 INFOCOM, San Diego, CA,2010:1-9.
[5] Wang G J, Liu Q, Wu J. Hierarchical attribute-based encryption for fine-grained access control in cloud storage services[C]∥Proceedings of the 17th ACM Conference on Computer and communications security, New York, NY, USA, 2010:735-737.
[6] Wan Z G, Liu J, Deng R H. HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing[J]. IEEE Transactions on Information Forensics and Security, 2012, 7(2):743-754.
[7] 孙国梓, 董宇, 李云. 基于 CP-ABE算法的云存储数据访问控制[J]. 通信学报, 2011, 32(7): 146-152.
Sun Guo-zhi, Dong Yu, Li Yun. CP-ABE based data access control for cloud storage[J]. Journal on Communications, 2011, 32(7): 146-152.
[8] Zhou Zhi-bin, Huang Di-jiang. On efficient ciphertext-policy attribute based encryption and broadcast encryption[C]∥Proceedings of the 17th ACM Conference on Computer and Communications Security, New York, NY, USA, 2010:753-755.
[9] Sahai A, Waters B. Fuzzy identity-based encryption[J]. Lecture Notes in Computer Science, 2005,3494: 457-473.
[10] Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]∥Proceedings of the 13th ACM Conference on Computer and Communications Security, New York, NY, USA, 2006: 89-98.
[11] Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption[C]∥IEEE Symposium on Security and Privacy, Berkeley, CA, 2007: 321-334.
[12] Cheung L, Newport C. Provably secure ciphertext policy ABE[C]∥Proceedings of the 14th ACM Conference on Computer and Communications Security, New York, NY, USA,2007: 456-465.
[13] Goyal V, Jain A, Pandey O, et al. Bounded ciphertext policy attribute based encryption[J]. Lecture Notes in Computer Science, 2008,5126: 579-591.
[14] Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption[J]. Lecture Notes in Computer Science, 2010,6110: 62-91.
[15] Lewko A, Sahai A, Waters B. Revocation systems with very small private keys[C]∥2010 IEEE Symposium on Security and Privacy, Oakland, CA, USA, 2010: 273-285.
[16] Lewko A, Waters B. Decentralizing attribute-based encryption[J]. Lecture Notes in Computer Science, 2011,6632: 568-588.
[17] Kallahalla M, Riedel E, Swaminathan R, et al. Plutus: Scalable secure file sharing on untrusted storage[C]∥Proceedings of the 2nd USENIX Conference on File and Storage Technologies, Berkeley, CA, USA, 2003: 29-42.
[18] Goh E J, Shacham H, Modadugu N, et al. SiRiUS: Securing remote untrusted storage[C]∥Proceedings of the Symposium on Network and Distributed System Security, San Diego,California,USA,2003:131-145.
[19] Gentry C, Silverberg A. Hierarchical ID-based Cryptography[M]. Lecture Notes in Computer Science, 2002,2501: 548-566.
[20] Canetti R, Halevi S, Katz J. Chosen-ciphertext security from identity-based encryption[J]. Lecture Notes in Computer Science, 2004,3027: 207-222.
[21] Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertexts and private keys[J]. Lecture Notes in Computer Science, 2005,3621: 258-275.
[1] LIU Fu,ZONG Yu-xuan,KANG Bing,ZHANG Yi-meng,LIN Cai-xia,ZHAO Hong-wei. Dorsal hand vein recognition system based on optimized texture features [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1844-1850.
[2] WANG Li-min,LIU Yang,SUN Ming-hui,LI Mei-hui. Ensemble of unrestricted K-dependence Bayesian classifiers based on Markov blanket [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1851-1858.
[3] JIN Shun-fu,WANG Bao-shuai,HAO Shan-shan,JIA Xiao-guang,HUO Zhan-qiang. Synchronous sleeping based energy saving strategy of reservation virtual machines in cloud data centers and its performance research [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1859-1866.
[4] ZHAO Dong,SUN Ming-yu,ZHU Jin-long,YU Fan-hua,LIU Guang-jie,CHEN Hui-ling. Improved moth-flame optimization method based on combination of particle swarm optimization and simplex method [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1867-1872.
[5] LIU En-ze,WU Wen-fu. Agricultural surface multiple feature decision fusion disease judgment algorithm based on machine vision [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1873-1878.
[6] OUYANG Dan-tong, FAN Qi. Clause-level context-aware open information extraction [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1563-1570.
[7] LIU Fu, LAN Xu-teng, HOU Tao, KANG Bing, LIU Yun, LIN Cai-xia. Metagenomic clustering method based on k-mer frequency optimization [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1593-1599.
[8] GUI Chun, HUANG Wang-xing. Network clustering method based on improved label propagation algorithm [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1600-1605.
[9] LIU Yuan-ning, LIU Shuai, ZHU Xiao-dong, CHEN Yi-hao, ZHENG Shao-ge, SHEN Chun-zhuang. LOG operator and adaptive optimization Gabor filtering for iris recognition [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1606-1613.
[10] CHE Xiang-jiu, WANG Li, GUO Xiao-xin. Improved boundary detection based on multi-scale cues fusion [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1621-1628.
[11] ZHAO Hong-wei, LIU Yu-qi, DONG Li-yan, WANG Yu, LIU Pei. Dynamic route optimization algorithm based on hybrid in ITS [J]. 吉林大学学报(工学版), 2018, 48(4): 1214-1223.
[12] HUANG Hui, FENG Xi-an, WEI Yan, XU Chi, CHEN Hui-ling. An intelligent system based on enhanced kernel extreme learning machine for choosing the second major [J]. 吉林大学学报(工学版), 2018, 48(4): 1224-1230.
[13] FU Wen-bo, ZHANG Jie, CHEN Yong-le. Network topology discovery algorithm against routing spoofing attack in Internet of things [J]. 吉林大学学报(工学版), 2018, 48(4): 1231-1236.
[14] CAO Jie, SU Zhe, LI Xiao-xu. Image annotation method based on Corr-LDA model [J]. 吉林大学学报(工学版), 2018, 48(4): 1237-1243.
[15] HOU Yong-hong, WANG Li-wei, XING Jia-ming. HTTP-based dynamic adaptive streaming video transmission algorithm [J]. 吉林大学学报(工学版), 2018, 48(4): 1244-1253.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
Copyright © Journal of Jilin University(Engineering and Technology Edition), All Rights Reserved.
Tel: +86-431-85095297 Fax: +86-431-85094074 E-mail: xbgxb@jlu.edu.cn
Powered by Beijing Magtech Co. Ltd