scholarly journals Large Universe Ciphertext-Policy Attribute-Based Encryption with Attribute Level User Revocation in Cloud Storage

2019 ◽  
Vol 17 (1) ◽  
pp. 107-117 ◽  
Author(s):  
Huijie Lian ◽  
Qingxian Wang ◽  
Guangbo Wang

Ciphertext-Policy Attribute-Based Encryption (CP-ABE), especially large universe CP-ABE that is not bounded with the attribute set, is getting more and more extensive application in the cloud storage. However, there exists an important challenge in original large universe CP-ABE, namely dynamic user and attribute revocation. In this paper, we propose a large universe CP-ABE with efficient attribute level user revocation, namely the revocation to an attribute of some user cannot influence the common access of other legitimate attributes. To achieve the revocation, we divide the master key into two parts: delegation key and secret key, which are sent to the cloud provider and user separately. Note that, our scheme is proved selectively secure in the standard model under "q-type" assumption. Finally, the performance analysis and experimental verification have been carried out in this paper, and the experimental results show that, compared with the existing revocation schemes, although our scheme increases the computational load of storage Service Provider (CSP) in order to achieve the attribute revocation, it does not need the participation of Attribute Authority (AA), which reduces the computational load of AA. Moreover, the user does not need any additional parameters to achieve the attribute revocation except of the private key, thus saving the storage space greatly

2017 ◽  
Vol 2017 ◽  
pp. 1-12 ◽  
Author(s):  
Guangbo Wang ◽  
Jianhua Wang

Attribute-based encryption (ABE) scheme is more and more widely used in the cloud storage, which can achieve fine-grained access control. However, it is an important challenge to solve dynamic user and attribute revocation in the original scheme. In order to solve this problem, this paper proposes a ciphertext-policy ABE (CP-ABE) scheme which can achieve attribute level user attribution. In this scheme, if some attribute is revoked, then the ciphertext corresponding to this attribute will be updated so that only the individuals whose attributes meet the access control policy and have not been revoked will be able to carry out the key updating and decrypt the ciphertext successfully. This scheme is proved selective-structure secure based on the q-Parallel Bilinear Diffie-Hellman Exponent (BDHE) assumption in the standard model. Finally, the performance analysis and experimental verification have been carried out in this paper, and the experimental results show that, compared with the existing revocation schemes, although our scheme increases the computational load of storage service provider (CSP) in order to achieve the attribute revocation, it does not need the participation of attribute authority (AA), which reduces the computational load of AA. Moreover, the user does not need any additional parameters to achieve the attribute revocation except for the private key, thus saving the storage space greatly.


2014 ◽  
Vol 571-572 ◽  
pp. 79-89
Author(s):  
Ting Zhong ◽  
You Peng Sun ◽  
Qiao Liu

In the cloud storage system, the server is no longer trusted, which is different from the traditional storage system. Therefore, it is necessary for data owners to encrypt data before outsourcing it for sharing. Simultaneously, the enforcement of access policies and support of policies updates becomes one of the most challenging issues. Ciphertext-policy attribute-based encryption (CP-ABE) is an appropriate solution to this issue. However, it comes with a new obstacle which is the attribute and user revocation. In this paper, we propose a fine-grained access control scheme with efficient revocation based on CP-ABE approach. In the proposed scheme, we not only realize an efficient and immediate revocation, but also eliminate some burden of computational overhead. The analysis results indicate that the proposed scheme is efficient and secure for access control in cloud storage systems.


Author(s):  
Mohan A. ◽  
vamshikrishna P.

People use the support of distributed computing however can't completely believe the cloud suppliers to have protection and confidential information. To guarantee secrecy, data owners relocate encoded information rather than plain texts. To divide the encoded documents with different clients, Ciphertext-Policy Attribute-based Encryption (CP-ABE) can be utilized. But this cannot become secure against some other assaults. Many other schemes did not gave guarantee that the cloud provider has the power to check whether a downloader can unscramble or not. Consequently, these files are accessible to everybody who is approachable to the cloud storage. An intentionally harmful assailant can download a great many records to start Economic Denial of Sustainability (EDoS) attacks, it will to a great extent expend the cloud asset. The owner will bear all the expenses for the cloud storage but the cloud provider doesn’t provide the whole information about the access or usage. There is no transparency for the owner. We have to solve these concerns. In order to this we are going to propose a solution for securing the encrypted data from EDoS attacks and providing the owner whole usage information about the cloud storage. We are implementing by using the arbitrary access policy of CP-ABE.


2013 ◽  
Vol 14 (2) ◽  
pp. 85-97 ◽  
Author(s):  
Yong Cheng ◽  
Zhi-ying Wang ◽  
Jun Ma ◽  
Jiang-jiang Wu ◽  
Song-zhu Mei ◽  
...  

2019 ◽  
Vol 15 (4) ◽  
pp. 155014771984127 ◽  
Author(s):  
Gang Yu ◽  
Yongjuan Wang ◽  
Zhenfu Cao ◽  
Jian Lin ◽  
Xiangyu Wang

2019 ◽  
Vol 62 (12) ◽  
pp. 1849-1862
Author(s):  
San Ling ◽  
Khoa Nguyen ◽  
Huaxiong Wang ◽  
Juanyang Zhang

Abstract Efficient user revocation is a necessary but challenging problem in many multi-user cryptosystems. Among known approaches, server-aided revocation yields a promising solution, because it allows to outsource the major workloads of system users to a computationally powerful third party, called the server, whose only requirement is to carry out the computations correctly. Such a revocation mechanism was considered in the settings of identity-based encryption and attribute-based encryption by Qin et al. (2015, ESORICS) and Cui et al. (2016, ESORICS ), respectively. In this work, we consider the server-aided revocation mechanism in the more elaborate setting of predicate encryption (PE). The latter, introduced by Katz et al. (2008, EUROCRYPT), provides fine-grained and role-based access to encrypted data and can be viewed as a generalization of identity-based and attribute-based encryption. Our contribution is 2-fold. First, we formalize the model of server-aided revocable PE (SR-PE), with rigorous definitions and security notions. Our model can be seen as a non-trivial adaptation of Cui et al.’s work into the PE context. Second, we put forward a lattice-based instantiation of SR-PE. The scheme employs the PE scheme of Agrawal et al. (2011, ASIACRYPT) and the complete subtree method of Naor et al. (2001, CRYPTO) as the two main ingredients, which work smoothly together thanks to a few additional techniques. Our scheme is proven secure in the standard model (in a selective manner), based on the hardness of the learning with errors problem.


Sign in / Sign up

Export Citation Format

Share Document