scholarly journals Implementation of an Attribute-Based Encryption Scheme Based on SM9

2019 ◽  
Vol 9 (15) ◽  
pp. 3074
Author(s):  
Yang Shi ◽  
Zhiyuan Ma ◽  
Rufu Qin ◽  
Xiaoping Wang ◽  
Wujing Wei ◽  
...  
Keyword(s):  
Smart Phone ◽  
Regulatory Compliance ◽  
Bilinear Pairing ◽  
Encryption Scheme ◽  
Sensitive Data ◽  
Fine Grained ◽  
Fundamental Building Block ◽  
Attribute Based Encryption ◽  
Identity Based ◽  
Computing Platforms

In recent years, attribute-based encryption (ABE) has been widely applied in mobile computing, cloud computing, and the Internet of things, for supporting flexible and fine-grained access control of sensitive data. In this paper, we present a novel attribute-based encryption scheme that is based on bilinear pairing over Barreto and Naehrig curves (BN-curves). The identity-based encryption scheme SM9, which is a Chinese commercial cryptographic standard and a forthcoming part of ISO/IEC11770-3, has been used as the fundamental building block, and thus we first introduce SM9 and present our SM9 implementation in details. Subsequently, we propose the design and implementation of the ABE scheme. Moreover, we also develop a hybrid ABE for achieving lower ciphertext expansion rate when the size of access structure or plaintext is large. The performance and energy consumption of the implementation of the proposed ABE and its hybrid version are evaluated with a workstation, a PC, a smart phone, and an embedded device. The experimental results indicated that our schemes work well on various computing platforms. Moreover, the proposed schemes and their implementations would benefit developers in building applications that fulfill the regulatory compliance with the Chinese commercial cryptographic standard since there is no existing ABE scheme compatible with any Chinese cryptographic standard.

scholarly journals An Efficient Key-Policy Attribute-Based Encryption Scheme with Constant Ciphertext Length

2013 ◽  
Vol 2013 ◽  
pp. 1-7 ◽  
Author(s):  
Changji Wang ◽  
Jianfa Luo
Keyword(s):  
Bilinear Pairing ◽  
Security And Privacy ◽  
Sensitive Data ◽  
Fine Grained ◽  
Access Structures ◽  
Promising Tool ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Cryptographic Primitive ◽  
Key Policy

There is an acceleration of adoption of cloud computing among enterprises. However, moving the infrastructure and sensitive data from trusted domain of the data owner to public cloud will pose severe security and privacy risks. Attribute-based encryption (ABE) is a new cryptographic primitive which provides a promising tool for addressing the problem of secure and fine-grained data sharing and decentralized access control. Key-policy attribute-based encryption (KP-ABE) is an important type of ABE, which enables senders to encrypt messages under a set of attributes and private keys are associated with access structures that specify which ciphertexts the key holder will be allowed to decrypt. In most existing KP-ABE scheme, the ciphertext size grows linearly with the number of attributes embedded in ciphertext. In this paper, we propose a new KP-ABE construction with constant ciphertext size. In our construction, the access policy can be expressed as any monotone access structure. Meanwhile, the ciphertext size is independent of the number of ciphertext attributes, and the number of bilinear pairing evaluations is reduced to a constant. We prove that our scheme is semantically secure in the selective-set model based on the general Diffie-Hellman exponent assumption.

scholarly journals Traceable Attribute-Based Secure Data Sharing with Hidden Policies in Mobile Health Networks

2020 ◽  
Vol 2020 ◽  
pp. 1-12
Author(s):  
Xueyan Liu ◽  
Yukun Luo ◽  
Xiaotao Yang
Keyword(s):  
Bilinear Pairing ◽  
Health Networks ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Data Owner ◽  
Data User ◽  
Efficient Scheme ◽  
And Performance ◽  
The One

The growing need to store, share, and manage medical and health records has resulted in electronic medical health sharing system (mHealth), which provides intelligent medical treatment for people. Attribute-based encryption (ABE) is regarded as a new cryptology to enhance fine-grained access control over encrypted sharing data in mHealth. However, some existing attribute-based mHealth systems not only violate the one-to-many application characteristics of attribute-based encryption mechanism but also destroy the anonymity of user. In this study, an efficient scheme is proposed to tackle the above defaults and offer two-way anonymity of data owner and data user by introducing a pseudoidentity. The computation of hidden access policy is reduced by removing the bilinear pairing, whereas the interaction between cloud storage and data user is avoided to save bandwidth during trapdoor generation. We also consider the temporal factor of the uploaded information by introducing access validity. Security and performance analyses show that the proposed scheme is efficient without reducing security.

An Attribute-Based Searchable Encryption Scheme for Non-Monotonic Access Structure

2020 ◽  
pp. 263-283 ◽  
Author(s):  
Mamta ­ ◽  
Brij B. Gupta
Keyword(s):  
Access Control ◽  
Searchable Encryption ◽  
Access Structure ◽  
Encryption Scheme ◽  
Security Model ◽  
Secret Key ◽  
Fine Grained ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Encryption Schemes

Attribute based encryption (ABE) is a widely used technique with tremendous application in cloud computing because it provides fine-grained access control capability. Owing to this property, it is emerging as a popular technique in the area of searchable encryption where the fine-grained access control is used to determine the search capabilities of a user. But, in the searchable encryption schemes developed using ABE it is assumed that the access structure is monotonic which contains AND, OR and threshold gates. Many ABE schemes have been developed for non-monotonic access structure which supports NOT gate, but this is the first attempt to develop a searchable encryption scheme for the same. The proposed scheme results in fast search and generates secret key and search token of constant size and also the ciphertext components are quite fewer than the number of attributes involved. The proposed scheme is proven secure against chosen keyword attack (CKA) in selective security model under Decisional Bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Server-Aided Revocable Predicate Encryption: Formalization and Lattice-Based Instantiation

2019 ◽  
Vol 62 (12) ◽  
pp. 1849-1862
Author(s):  
San Ling ◽  
Khoa Nguyen ◽  
Huaxiong Wang ◽  
Juanyang Zhang
Keyword(s):  
Third Party ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
The Standard Model ◽  
User Revocation ◽  
Promising Solution ◽  
Identity Based ◽  
Role Based ◽  
Predicate Encryption ◽  
Learning With Errors Problem

Abstract Efficient user revocation is a necessary but challenging problem in many multi-user cryptosystems. Among known approaches, server-aided revocation yields a promising solution, because it allows to outsource the major workloads of system users to a computationally powerful third party, called the server, whose only requirement is to carry out the computations correctly. Such a revocation mechanism was considered in the settings of identity-based encryption and attribute-based encryption by Qin et al. (2015, ESORICS) and Cui et al. (2016, ESORICS ), respectively. In this work, we consider the server-aided revocation mechanism in the more elaborate setting of predicate encryption (PE). The latter, introduced by Katz et al. (2008, EUROCRYPT), provides fine-grained and role-based access to encrypted data and can be viewed as a generalization of identity-based and attribute-based encryption. Our contribution is 2-fold. First, we formalize the model of server-aided revocable PE (SR-PE), with rigorous definitions and security notions. Our model can be seen as a non-trivial adaptation of Cui et al.’s work into the PE context. Second, we put forward a lattice-based instantiation of SR-PE. The scheme employs the PE scheme of Agrawal et al. (2011, ASIACRYPT) and the complete subtree method of Naor et al. (2001, CRYPTO) as the two main ingredients, which work smoothly together thanks to a few additional techniques. Our scheme is proven secure in the standard model (in a selective manner), based on the hardness of the learning with errors problem.

scholarly journals An Efficient ECC-Based CP-ABE Scheme for Power IoT

Processes ◽  
2021 ◽  
Vol 9 (7) ◽  
pp. 1176
Author(s):  
Rui Cheng ◽  
Kehe Wu ◽  
Yuling Su ◽  
Wei Li ◽  
Wenchao Cui ◽  
...  
Keyword(s):  
Access Control ◽  
Elliptic Curve Cryptography ◽  
Energy Production ◽  
Control Function ◽  
Rapid Development ◽  
Bilinear Pairing ◽  
Security And Privacy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

The rapid development of the power Internet of Things (IoT) has greatly enhanced the level of security, quality and efficiency in energy production, energy consumption, and related fields. However, it also puts forward higher requirements for the security and privacy of data. Ciphertext-policy attribute-based encryption (CP-ABE) is considered a suitable method to solve this issue and can implement fine-grained access control. However, its internal bilinear pairing operation is too expensive, which is not suitable for power IoT with limited computing resources. Hence, in this paper, a novel CP-ABE scheme based on elliptic curve cryptography (ECC) is proposed, which replaces the bilinear pairing operation with simple scalar multiplication and outsources most of the decryption work to edge devices. In addition, time and location attributes are combined in the proposed scheme, allowing the data users to access only within the range of time and locations set by the data owners to achieve a more fine-grained access control function. Simultaneously, the scheme uses multiple authorities to manage attributes, thereby solving the performance bottleneck of having a single authority. A performance analysis demonstrates that the proposed scheme is effective and suitable for power IoT.

scholarly journals Hierarchical authority based weighted attribute encryption scheme

2019 ◽  
Vol 16 (3) ◽  
pp. 797-813
Author(s):  
Qiuting Tian ◽  
Dezhi Han ◽  
Yanmei Jiang
Keyword(s):  
Data Storage ◽  
Cloud Storage ◽  
Encryption Scheme ◽  
Storage Security ◽  
Fine Grained ◽  
Security Proof ◽  
Attribute Based Encryption ◽  
Encryption Schemes ◽  
And Performance ◽  
Cloud Storage Environment

With the development of cloud storage technology, data storage security has become increasingly serious. Aiming at the problem that existing attribute-based encryption schemes do not consider hierarchical authorities and the weight of attribute. A hierarchical authority based weighted attribute encryption scheme is proposed. This scheme will introduce hierarchical authorities and the weight of attribute into the encryption scheme, so that the authorities have a hierarchical relationship and different attributes have different importance. At the same time, the introduction of the concept of weight makes this scheme more flexible in the cloud storage environment and enables fine-grained access control. In addition, this scheme implements an online/offline encryption mechanism to improve the security of stored data. Security proof and performance analysis show that the scheme is safe and effective, and it can resist collusion attacks by many malicious users and authorization centers. It is more suitable for cloud storage environments than other schemes.

Sign in / Sign up

Export Citation Format

Share Document