On Enabling Attribute-Based Encryption to Be Traceable Against Traitors

Abstract Attribute-based encryption (ABE) is a versatile one-to-many encryption primitive, which enables fine-grained access control over encrypted data. Due to its promising applications in practice, ABE schemes with high efficiency, security and expressivity have been continuously emerging. On the other hand, due to the nature of ABE, a malicious user may abuse its decryption privilege. Therefore, being able to identify such a malicious user is crucial towards the practicality of ABE. Although some specific ABE schemes in the literature enjoys the tracing function, they are only proceeded case by case. Most of the ABE schemes do not support traceability. It is thus meaningful and important to have a generic way of equipping any ABE scheme with traceability. In this work, we partially solve the aforementioned problem. Namely, we propose a way of transforming (non-traceable) ABE schemes satisfying certain requirements to fully collusion-resistant black-box traceable ABE schemes, which adds only $O(\sqrt{\mathcal{K}})$ elements to the ciphertext where ${\mathcal{K}}$ is the number of users in the system. And to demonstrate the practicability of our transformation, we show how to convert a couple of existing non-traceable ABE schemes to support traceability.

FUZZY IDENTITY AND ATTRIBUTE BASED ENCRYPTION FOR FINE GRAINED ACCESS CONTROL OF ENCRYPTED DATA

International Journal of Modern Trends in Engineering & Research ◽

10.21884/ijmter.2018.5172.m7iz2 ◽

2018 ◽

Vol 5 (7) ◽

pp. 23-26

Keyword(s):

Access Control ◽

Encrypted Data ◽

Fine Grained ◽

Fuzzy Identity

Privacy-Preserving and Efficient Public Key Encryption with Keyword Search Based on CP-ABE in Cloud

Cryptography ◽

10.3390/cryptography4040028 ◽

2020 ◽

Vol 4 (4) ◽

pp. 28

Author(s):

Yunhong Zhou ◽

Shihui Zheng ◽

Licheng Wang

Keyword(s):

Access Control ◽

Data Privacy ◽

Keyword Search ◽

Good Method ◽

Privacy Preserving ◽

Public Key ◽

Public Key Encryption ◽

Encrypted Data ◽

Fine Grained ◽

In the area of searchable encryption, public key encryption with keyword search (PEKS) has been a critically important and promising technique which provides secure search over encrypted data in cloud computing. PEKS can protect user data privacy without affecting the usage of the data stored in the untrusted cloud server environment. However, most of the existing PEKS schemes concentrate on data users’ rich search functionalities, regardless of their search permission. Attribute-based encryption technology is a good method to solve the security issues, which provides fine-grained access control to the encrypted data. In this paper, we propose a privacy-preserving and efficient public key encryption with keyword search scheme by using the ciphertext-policy attribute-based encryption (CP-ABE) technique to support both fine-grained access control and keyword search over encrypted data simultaneously. We formalize the security definition, and prove that our scheme achieves selective indistinguishability security against an adaptive chosen keyword attack. Finally, we present the performance analysis in terms of theoretical analysis and experimental analysis, and demonstrate the efficiency of our scheme.

Server-Aided Revocable Attribute-Based Encryption from Lattices

Security and Communication Networks ◽

10.1155/2020/1460531 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Xingting Dong ◽

Yanhua Zhang ◽

Baocang Wang ◽

Jiangshan Chen

Keyword(s):

Access Control ◽

Standard Model ◽

Secret Key ◽

Bilinear Maps ◽

Encrypted Data ◽

Fine Grained ◽

The Standard Model ◽

Learning With Errors

Attribute-based encryption (ABE) can support a fine-grained access control to encrypted data. When the user’s secret-key is compromised, the ABE system has to revoke its decryption privileges to prevent the leakage of encrypted data. Although there are many constructions about revocable ABE from bilinear maps, the situation with lattice-based constructions is less satisfactory, and a few efforts were made to close this gap. In this work, we propose the first lattice-based server-aided revocable attribute-based encryption (SR-ABE) scheme and thus the first such construction that is believed to be quantum resistant. In the standard model, our scheme is proved to be secure based on the hardness of the Learning With Errors (LWE) problem.

A Key-Policy Searchable Attribute-Based Encryption Scheme for Efficient Keyword Search and Fine-Grained Access Control over Encrypted Data

Electronics ◽

10.3390/electronics8030265 ◽

2019 ◽

Vol 8 (3) ◽

pp. 265 ◽

Cited By ~ 3

Author(s):

Hui Yin ◽

Yinqiao Xiong ◽

Jixin Zhang ◽

Lu Ou ◽

Shaolin Liao ◽

...

Keyword(s):

Access Control ◽

Large Scale ◽

Keyword Search ◽

Data Access ◽

Encryption Scheme ◽

Encrypted Data ◽

Fine Grained ◽

Data Access Control ◽

Key Policy

Attribute based encryption is a promising technique that achieves flexible and fine-grained data access control over encrypted data, which is very suitable for a secure data sharing environment such as the currently popular cloud computing. However, traditional attribute based encryption fails to provide an efficient keyword based search on encrypted data, which somewhat weakens the power of this encryption technique, as search is usually the most important approach to quickly obtain data of interest from large-scale dataset. To address this problem, attribute based encryption with keyword search (ABKS) is designed to achieve fine-grained data access control and keyword based search, simultaneously, by an ingenious combination of attribute based encryption and searchable encryption. Recently, several ABKS schemes have been constructed in secure cloud storage system for data access control and keyword search. Nonetheless, each of these schemes has some defects such as impractical computation overhead and insufficient access policy expression. To overcome these limitations, in this paper, we design a Key-Policy Searchable Attribute-based Encryption Scheme (KPSABES) based on the full-blown key-policy attribute-based encryption proposed by Vipul Goyal et al. By novel design, our scheme not only inherits all advantages of that scheme but also achieves efficient and secure keyword search over encrypted data. We provide the detailed performance analyses and security proofs for our scheme. Extensive experiments demonstrated that our proposed scheme is superior in many aspects to the similar work.

Proceedings of the 13th ACM conference on Computer and communications security - CCS '06 ◽

Attribute-based encryption for fine-grained access control of encrypted data

10.1145/1180405.1180418 ◽

2006 ◽

Cited By ~ 1863

Author(s):

Vipul Goyal ◽

Omkant Pandey ◽

Amit Sahai ◽

Brent Waters

Keyword(s):

Access Control ◽

Encrypted Data ◽

Fine Grained ◽

Attribute Revocable Attribute-Based Encryption with Forward Secrecy for Fine-Grained Access Control of Shared Data

IEICE Transactions on Information and Systems ◽

10.1587/transinf.2016ofp0008 ◽

2017 ◽

Vol E100.D (10) ◽

pp. 2432-2439

Author(s):

Yoshiaki SHIRAISHI ◽

Kenta NOMURA ◽

Masami MOHRI ◽

Takeru NARUSE ◽

Masakatu MORII

Keyword(s):

Access Control ◽

Forward Secrecy ◽

Fine Grained ◽

Shared Data ◽

Enabling Efficient Decentralized and Privacy Preserving Data Sharing in Mobile Cloud Computing

Wireless Communications and Mobile Computing ◽

10.1155/2021/8513869 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Jiawei Zhang ◽

Ning Lu ◽

Teng Li ◽

Jianfeng Ma

Keyword(s):

Cloud Computing ◽

Access Control ◽

Mobile Devices ◽

Data Sharing ◽

Mobile Cloud Computing ◽

High Efficiency ◽

Mobile Cloud ◽

User Privacy ◽

Access Policy ◽

Fine Grained

Mobile cloud computing (MCC) is embracing rapid development these days and able to provide data outsourcing and sharing services for cloud users with pervasively smart mobile devices. Although these services bring various conveniences, many security concerns such as illegally access and user privacy leakage are inflicted. Aiming to protect the security of cloud data sharing against unauthorized accesses, many studies have been conducted for fine-grained access control using ciphertext-policy attribute-based encryption (CP-ABE). However, a practical and secure data sharing scheme that simultaneously supports fine-grained access control, large university, key escrow free, and privacy protection in MCC with expressive access policy, high efficiency, verifiability, and exculpability on resource-limited mobile devices has not been fully explored yet. Therefore, we investigate the challenge and propose an Efficient and Multiauthority Large Universe Policy-Hiding Data Sharing (EMA-LUPHDS) scheme. In this scheme, we employ fully hidden policy to preserve the user privacy in access policy. To adapt to large scale and distributed MCC environment, we optimize multiauthority CP-ABE to be compatible with large attribute universe. Meanwhile, for the efficiency purpose, online/offline and verifiable outsourced decryption techniques with exculpability are leveraged in our scheme. In the end, we demonstrate the flexibility and high efficiency of our proposal for data sharing in MCC by extensive performance evaluation.

nr="93"Black Box rules. : Narrative der Verunsicherung in Zeiten von COVID-19

Jahrbuch f??r P??dagogik ◽

10.3726/jp012019k_93 ◽

2021 ◽

Vol 2019 (1) ◽

pp. 93-107

Author(s):

Agnieszka Czejkowska ◽

Katarina Froebus

Keyword(s):

Black Box ◽

The Other ◽

Individual Level ◽

Home Security ◽

Other Hand ◽

Innere Sicherheit ◽

The One

Zusammenfassung: Der vorliegende Beitrag widmet sich Narrativen der Verunsicherung, die in Zusammenhang mit der COVID-19-Krise aufgerufen werden und für ,,innere Sicherheit“ sorgen sollen. Dabei identifizieren wir Kalküle, die einerseits individuelle Besonnenheit aktivieren und anderseits gesellschaftliche Stabilisierung gewährleisten sollen. Das gelingt uns mit Rückgriff auf psychoanalytische Subjekttheorien, die Strategien der individuellen Rationalisierung fokussieren, und auf diskursorientierte Subjekttheorien, die gesellschaftliche Disziplinierungstechnologien in den Blick nehmen.Abstract: This article is focused on narratives of uncertainness, being created during the COVID-19 crisis in order to provide ‘home security’. In doing so, we identify approaches that on the one hand activate individual level-headedness and on the other hand are supposed to ensure societal stabilization. We succeed in doing this by resorting to psychoanalytic subject theories that emphasize strategies of individual rationalization and to discourse-oriented subject theories that accent social disciplinary technologies.

Unbounded Key-Policy Attribute-Based Encryption With Black-Box Traceability

10.21203/rs.3.rs-90899/v1 ◽

2020 ◽

Author(s):

yunxiu ye ◽

Zhenfu Cao ◽

Jiachen Shen

Keyword(s):

Control Method ◽

Black Box ◽

Broadcast Encryption ◽

Constant Number ◽

Malicious User ◽

Key Policy ◽

Actual Operation ◽

Attribute Based Access Control ◽

And Performance

Abstract Attribute-based encryption received widespread attention as soon as it proposes. However, due to its specific characteristics, the attribute-based access control method is not flexible enough in actual operation. In addition, since access authorities are determined according to users' attributes, users sharing the same attributes are difficult to distinguish. Once a malicious user makes illicit gains by their decryption authorities, it is difficult to trace specific users. This paper follows the practical demand to propose a more flexible key-policy attribute-based encryption scheme with black-box traceability. The scheme has a constant number of constant parameters which can be utilized to construct attribute-related parameters flexibly, and the method of traitor tracing in broadcast encryption is introduced to achieve effective malicious user tracing. In addition, the security and feasibility can be proved by the security proofs and performance evaluation in this paper.

Information Security in Diverse Computing Environments - Advances in Information Security, Privacy, and Ethics ◽

Is It Privacy or Is It Access Control?

10.4018/978-1-4666-6158-5.ch004 ◽

2014 ◽

pp. 51-58 ◽

Cited By ~ 1

Author(s):

Sylvia L. Osborn

Keyword(s):

Access Control ◽

Privacy Protection ◽

The Other ◽

Data Sets ◽

Online Systems ◽

Other Hand ◽

The One

With the widespread use of online systems, there is an increasing focus on maintaining the privacy of individuals and information about them. This is often referred to as a need for privacy protection. The author briefly examines definitions of privacy in this context, roughly delineating between keeping facts private and statistical privacy that deals with what can be inferred from data sets. Many of the mechanisms used to implement what is commonly thought of as access control are the same ones used to protect privacy. This chapter explores when this is not the case and, in general, the interplay between privacy and access control on the one hand and, on the other hand, the separation of these models from mechanisms for their implementation.