Shorter Decentralized Attribute-Based Encryption via Extended Dual System Groups

Decentralized attribute-based encryption (ABE) is a special form of multiauthority ABE systems, in which no central authority and global coordination are required other than creating the common reference parameters. In this paper, we propose a new decentralized ABE in prime-order groups by using extended dual system groups. We formulate some assumptions used to prove the security of our scheme. Our proposed scheme is fully secure under the standard k-Lin assumption in random oracle model and can support any monotone access structures. Compared with existing fully secure decentralized ABE systems, our construction has shorter ciphertexts and secret keys. Moreover, fast decryption is achieved in our system, in which ciphertexts can be decrypted with a constant number of pairings.

Download Full-text

On Deniability in the Common Reference String and Random Oracle Model

Advances in Cryptology - CRYPTO 2003 - Lecture Notes in Computer Science ◽

10.1007/978-3-540-45146-4_19 ◽

2003 ◽

pp. 316-337 ◽

Cited By ~ 74

Author(s):

Rafael Pass

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Common Reference ◽

The Common ◽

Common Reference String

Download Full-text

ID-based key-insulated signcryption with equality test in cloud computing

SN Applied Sciences ◽

10.1007/s42452-021-04469-9 ◽

2021 ◽

Vol 3 (4) ◽

Author(s):

Seth Alornyo ◽

Kingsford Kissi Mireku ◽

Mustapha Adamu Mohammed ◽

Daniel Adu-Gyamfi ◽

Michael Asante

Keyword(s):

Cloud Computing ◽

Random Oracle Model ◽

Random Oracle ◽

Harsh Environments ◽

Secret Key ◽

Secret Keys ◽

Security Property ◽

Equality Test ◽

Chosen Ciphertext Attack ◽

Chosen Message Attack

AbstractKey-insulated encryption reduces the problem of secret key exposure in hostile setting while signcryption cryptosystem attains the benefits of digitally signing a ciphertext and public key cryptosystem. In this study, we merge the primitives of parallel key-insulation cryptosystem and signcryption with equality test to construct ID-based parallel key-insulated signcryption with a test for equality (ID-PKSET) in cloud computing. The construction prevent data forgery, data re-play attacks and reduces the leakage of secret keys in harsh environments. Our scheme attains the security property of existential unforgeable chosen message attack (EUF-CMA) and indistinquishable identity chosen ciphertext attack (IND-ID-CCA2) using random oracle model.

Download Full-text

Large Universe CCA2 CP-ABE With Equality and Validity Test in the Standard Model

The Computer Journal ◽

10.1093/comjnl/bxaa075 ◽

2020 ◽

Author(s):

Cong Li ◽

Qingni Shen ◽

Zhikang Xie ◽

Xinyu Feng ◽

Yuejian Fang ◽

...

Keyword(s):

Standard Model ◽

Random Oracle Model ◽

Random Oracle ◽

Fine Grained ◽

Validity Check ◽

Attribute Based Encryption ◽

The Standard Model ◽

Series Of Experiments ◽

Ciphertext Policy ◽

Chosen Ciphertext Security

Abstract Attribute-based encryption with equality test (ABEET) simultaneously supports fine-grained access control on the encrypted data and plaintext message equality comparison without decrypting the ciphertexts. Recently, there have been several literatures about ABEET proposed. Nevertheless, most of them explore the ABEET schemes in the random oracle model, which has been pointed out to have many defects in practicality. The only existing ABEET scheme in the standard model, proposed by Wang et al., merely achieves the indistinguishable against chosen-plaintext attack security. Considering the aforementioned problems, in this paper, we propose the first direct adaptive chosen-ciphertext security ciphertext-policy ABEET scheme in the standard model. Our method only adopts a chameleon hash function and adds one dummy attribute to the access structure. Compared with the previous works, our scheme achieves the security improvement, ciphertext validity check and large universe. Besides, we further optimize our scheme to support the outsourced decryption. Finally, we first give the detailed theoretical analysis of our constructions in computation and storage costs, then we implement our constructions and carry out a series of experiments. Both results indicate that our constructions are more efficient in Setup and Trapdoor and have the shorter public parameters than the existing ABEET ones do.

Download Full-text

An Efficient V2I Authentication Scheme for VANETs

Mobile Information Systems ◽

10.1155/2018/4070283 ◽

2018 ◽

Vol 2018 ◽

pp. 1-11 ◽

Cited By ~ 6

Author(s):

Yousheng Zhou ◽

Siling Liu ◽

Min Xiao ◽

Shaojiang Deng ◽

Xiaojun Wang

Keyword(s):

Traffic Safety ◽

Vehicular Ad Hoc Networks ◽

Ad Hoc ◽

Intelligent Transportation System ◽

Random Oracle Model ◽

Random Oracle ◽

Forgery Attack ◽

Security Issues ◽

Secret Keys ◽

Hoc Networks

The advent of intelligent transportation system has a crucial impact on the traffic safety and efficiency. To cope with security issues such as spoofing attack and forgery attack, many authentication schemes for vehicular ad hoc networks (VANETs) have been developed, which are based on the hypothesis that secret keys are kept perfectly secure. However, key exposure is inevitable on account of the openness of VANET environment. To address this problem, key insulation is introduced in our proposed scheme. With a helper device, vehicles could periodically update their own secret keys. In this way, the forward and backward secrecy has been achieved. In addition, the elliptic curve operations have been integrated to improve the performance. The random oracle model is adopted to prove the security of the proposed scheme, and the experiment has been conducted to demonstrate the comparison between our scheme and the existing similar schemes.

Download Full-text

An Efficient Access Control Scheme for Cloud Environment

Cybernetics and Information Technologies ◽

10.2478/cait-2013-0027 ◽

2013 ◽

Vol 13 (3) ◽

pp. 77-90

Author(s):

Shan-Shan Tu ◽

Shao-Zhang Niu ◽

Meng-Jiao Li

Keyword(s):

Access Control ◽

Storage System ◽

Random Oracle Model ◽

Cloud Service ◽

Random Oracle ◽

Attribute Based Encryption ◽

Efficient Access ◽

Control Scheme ◽

Confidential Data ◽

Cryptographic Access Control

Abstract In order to keep the confidential data in the cloud against unauthorized parties, a cryptographic access control solution based on Attribute-Based Encryption (ABE) and Identity-Based Signature (IBS) is introduced in this paper. Under the premise that cloud service provider is untrustful, the proposed scheme can ensure the data security of the cloud storage system in an open environment, as well as reduce the complexity of management. Analysis and experimental results show that the scheme can be semantically secure against adaptive chosen ciphertext attacks under the random oracle model. Our concrete access control scheme can enhance the efficiency of the cloud to a certain extent.

Download Full-text

Traceable Multiauthority Attribute-Based Encryption with Outsourced Decryption and Hidden Policy for CIoT

Wireless Communications and Mobile Computing ◽

10.1155/2021/6682580 ◽

2021 ◽

Vol 2021 ◽

pp. 1-16

Author(s):

Suhui Liu ◽

Jiguo Yu ◽

Chunqiang Hu ◽

Mengmeng Li

Keyword(s):

Data Sharing ◽

Random Oracle Model ◽

Random Oracle ◽

Fine Grained ◽

Security Issues ◽

Efficient Management ◽

Attribute Based Encryption ◽

High Efficient ◽

Efficient Data ◽

Iot Devices

Cloud-assisted Internet of Things (IoT) significantly facilitate IoT devices to outsource their data for high efficient management. Unfortunately, some unsettled security issues dramatically impact the popularity of IoT, such as illegal access and key escrow problem. Traditional public-key encryption can be used to guarantees data confidentiality, while it cannot achieve efficient data sharing. The attribute-based encryption (ABE) is the most promising way to ensure data security and to realize one-to-many fine-grained data sharing simultaneously. However, it cannot be well applied in the cloud-assisted IoT due to the complexity of its decryption and the decryption key leakage problem. To prevent the abuse of decryption rights, we propose a multiauthority ABE scheme with white-box traceability in this paper. Moreover, our scheme greatly lightens the overhead on devices by outsourcing the most decryption work to the cloud server. Besides, fully hidden policy is implemented to protect the privacy of the access policy. Our scheme is proved to be selectively secure against replayable chosen ciphertext attack (RCCA) under the random oracle model. Some theory analysis and simulation are described in the end.

Download Full-text

Flexible and Lightweight Access Control for Online Healthcare Social Networks in the Context of the Internet of Things

Mobile Information Systems ◽

10.1155/2017/7514867 ◽

2017 ◽

Vol 2017 ◽

pp. 1-15 ◽

Cited By ~ 2

Author(s):

Zhen Qin ◽

Jianfei Sun ◽

Dajiang Chen ◽

Hu Xiong

Keyword(s):

Social Networks ◽

Internet Of Things ◽

Access Control ◽

Random Oracle Model ◽

Random Oracle ◽

The Internet ◽

Attribute Based Encryption ◽

Control Scheme ◽

User Revocation ◽

The Internet Of Things

Online healthcare social networks (OHSNs) play an essential role in sharing information among medical experts and patients who are equipped with similar experiences. To access other patients’ data or experts’ diagnosis anywhere and anytime, it is necessary to integrate the OHSN into the Internet as part of the Internet of Things (IoT). Therefore, it is crucial to design an efficient and versatile access control scheme that can grant and revoke a user to access the OHSN. In this paper, we propose novel attribute-based encryption (ABE) features with user revocation and verifiable decryption outsourcing to control the access privilege of the users. The security of the proposed ABE scheme is given in the well-studied random oracle model. With the proposed ABE scheme, the malicious users can be excluded from the system and the user can offload most of the overhead in the decryption to an untrusted cloud server in a verifiable manner. An access control scheme for the OHSN has been given in the context of the IoT based on the proposed ABE scheme. The simulation demonstrates that our access control mechanism is practical.

Download Full-text

A Provably Secure ID-Based Designated Verifier Proxy Signature Scheme Based on DLP

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.411-414.721 ◽

2013 ◽

Vol 411-414 ◽

pp. 721-724 ◽

Cited By ~ 1

Author(s):

Bao Dian Wei

Keyword(s):

Discrete Logarithm ◽

Random Oracle Model ◽

Random Oracle ◽

Proxy Signature ◽

Signature Scheme ◽

Signature Schemes ◽

The Common ◽

Designated Verifier ◽

Provably Secure

Most of the existing ID-based designated verifier proxy signature schemes are implemented with pairings. The computation of parings is still much more expensive than the common modular multiplications and exponentiations. To obtain better efficiency, we construct an efficient ID-based DVPS scheme without pairings. The scheme is designed based on the hardness of the discrete logarithm problems. It is proven secure against adaptively chosen message attacks, in the random oracle model.

Download Full-text

A CP-ABE Scheme Supporting Arithmetic Span Programs

Security and Communication Networks ◽

10.1155/2020/3265871 ◽

2020 ◽

Vol 2020 ◽

pp. 1-16

Author(s):

Chao Ma ◽

Haiying Gao ◽

Duo Wei

Keyword(s):

Computing Environment ◽

Cloud Computing Environment ◽

Fine Grained ◽

Access Structures ◽

Attribute Based Encryption ◽

Experimental Sequence ◽

Secret Keys ◽

Span Programs ◽

Ciphertext Policy ◽

Access Policies

Attribute-based encryption achieves fine-grained access control, especially in a cloud computing environment. In a ciphertext-policy attribute-based encryption (CP-ABE) scheme, the ciphertexts are associated with the access policies, while the secret keys are determined by the attributes. In recent years, people have tried to find more effective access structures to improve the efficiency of encryption systems. This paper presents a ciphertext-policy attribute-based encryption scheme that supports arithmetic span programs. On the composite-order bilinear group, the security of the scheme is proven by experimental sequence based on the combination of composite-order bilinear entropy expansion lemma and subgroup decision (SD) assumption. And, it is an adaptively secure scheme with constant-size public parameters.

Download Full-text

Identity-Based Identification Scheme without Trusted Party against Concurrent Attacks

Security and Communication Networks ◽

10.1155/2020/8820271 ◽

2020 ◽

Vol 2020 ◽

pp. 1-9

Author(s):

Fei Tang ◽

Jiali Bao ◽

Yonghong Huang ◽

Dong Huang ◽

Fuqun Wang

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Bilinear Pairing ◽

Key Generation ◽

Secret Key ◽

Key Escrow ◽

Identification Scheme ◽

Identification Schemes ◽

Secret Keys ◽

Identity Based

Identification schemes support that a prover who holding a secret key to prove itself to any verifier who holding the corresponding public key. In traditional identity-based identification schemes, there is a key generation center to generate all users’ secret keys. This means that the key generation center knows all users’ secret key, which brings the key escrow problem. To resolve this problem, in this work, we define the model of identity-based identification without a trusted party. Then, we propose a multi-authority identity-based identification scheme based on bilinear pairing. Furthermore, we prove the security of the proposed scheme in the random oracle model against impersonation under passive and concurrent attacks. Finally, we give an application of the proposed identity-based identification scheme to blockchain.

Download Full-text