An Attribute-Based Searchable Encryption Scheme for Non-Monotonic Access Structure

Attribute based encryption (ABE) is a widely used technique with tremendous application in cloud computing because it provides fine-grained access control capability. Owing to this property, it is emerging as a popular technique in the area of searchable encryption where the fine-grained access control is used to determine the search capabilities of a user. But, in the searchable encryption schemes developed using ABE it is assumed that the access structure is monotonic which contains AND, OR and threshold gates. Many ABE schemes have been developed for non-monotonic access structure which supports NOT gate, but this is the first attempt to develop a searchable encryption scheme for the same. The proposed scheme results in fast search and generates secret key and search token of constant size and also the ciphertext components are quite fewer than the number of attributes involved. The proposed scheme is proven secure against chosen keyword attack (CKA) in selective security model under Decisional Bilinear Diffie-Hellman (DBDH) assumption.

Download Full-text

A Novel File Hierarchy Access Control Scheme Using Attribute-Based Encryption

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.701-702.911 ◽

2014 ◽

Vol 701-702 ◽

pp. 911-918 ◽

Cited By ~ 1

Author(s):

Shu Lan Wang ◽

Jian Ping Yu ◽

Peng Zhang ◽

Ping Wang

Keyword(s):

Access Control ◽

Data Privacy ◽

Access Structure ◽

Secret Key ◽

Chosen Plaintext Attack ◽

Fine Grained ◽

Access Structures ◽

Diffie Hellman ◽

Attribute Based Encryption ◽

Control Scheme

Attribute-based encryption (ABE) can keep data privacy and realize fine-grained access control. However, the notion of file hierarchy hasn't been presented until now. The problem, the multiple hierarchical files to be shared only using once encryption scheme, cannot be effectively solved. Based on the access structure layered model, a novel access control scheme about file hierarchy is proposed by using ABE to solve the problem. The proposed scheme will not only decrease the number of access structures to one, but also only require a secret key to decrypt all the authorization files. It is proved to be secure against the chosen-plaintext attack (CPA) under the decision bilinear Diffie-Hellman (DBDH) assumption. In addition, the performance analysis results indicate that the proposed scheme is efficient and practical when a large number of hierarchical files are shared.

Download Full-text

Efficient Attribute-Based Data Sharing Scheme with Hidden Access Structures

The Computer Journal ◽

10.1093/comjnl/bxz052 ◽

2019 ◽

Vol 62 (12) ◽

pp. 1748-1760 ◽

Cited By ~ 2

Author(s):

Yang Chen ◽

Wenmin Li ◽

Fei Gao ◽

Wei Yin ◽

Kaitai Liang ◽

...

Keyword(s):

Access Control ◽

Data Sharing ◽

Inner Product ◽

Access Structure ◽

Online Data ◽

Fine Grained ◽

Access Structures ◽

Attribute Based Encryption ◽

And Performance ◽

Ciphertext Policy

AbstractOnline data sharing has become a research hotspot while cloud computing is getting more and more popular. As a promising encryption technique to guarantee the security shared data and to realize flexible fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has drawn wide attentions. However, there is a drawback preventing CP-ABE from being applied to cloud applications. In CP-ABE, the access structure is included in the ciphertext, and it may disclose user’s privacy. In this paper, we find a more efficient method to connect ABE with inner product encryption and adopt several techniques to ensure the expressiveness of access structure, the efficiency and security of our scheme. We are the first to present a secure, efficient fine-grained access control scheme with hidden access structure, the access structure can be expressed as AND-gates on multi-valued attributes with wildcard. We conceal the entire attribute instead of only its values in the access structure. Besides, our scheme has obvious advantages in efficiency compared with related schemes. Our scheme can make data sharing secure and efficient, which can be verified from the analysis of security and performance.

Download Full-text

Speech Encryption Scheme Based on Ciphertext Policy Hierarchical Attribute in Cloud Storage

Security and Communication Networks ◽

10.1155/2021/9606240 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Qiuyu Zhang ◽

Zhenyu Zhao ◽

Minrui Fu

Keyword(s):

Access Control ◽

Cloud Storage ◽

Random Oracle Model ◽

Access Structure ◽

Encryption Scheme ◽

Hierarchical Processing ◽

Fine Grained ◽

Speech Data ◽

Speech Encryption ◽

Ciphertext Policy

In order to ensure the confidentiality and secure sharing of speech data, and to solve the problems of slow deployment of attribute encryption systems and fine-grained access control in cloud storage, a speech encryption scheme based on ciphertext policy hierarchical attributes was proposed. First, perform hierarchical processing of the attributes of the speech data to reflect the hierarchical structure and integrate the hierarchical access structure into a single-access structure. Second, use the attribute fast encryption framework to construct the attribute encryption scheme of the speech data, and use the integrated access to the speech data; thus, the structure is encrypted and uploaded to the cloud for storage and sharing. Finally, use the hardness of decisional bilinear Diffie–Hellman (DBDH) assumption to prove that the proposed scheme is secure in the random oracle model. The theoretical security analysis and experimental results show that the proposed scheme can achieve efficient and fine-grained access control and is secure and extensible.

Download Full-text

Server-Aided Revocable Attribute-Based Encryption from Lattices

Security and Communication Networks ◽

10.1155/2020/1460531 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Xingting Dong ◽

Yanhua Zhang ◽

Baocang Wang ◽

Jiangshan Chen

Keyword(s):

Access Control ◽

Standard Model ◽

Secret Key ◽

Bilinear Maps ◽

Encrypted Data ◽

Fine Grained ◽

Attribute Based Encryption ◽

The Standard Model ◽

Learning With Errors

Attribute-based encryption (ABE) can support a fine-grained access control to encrypted data. When the user’s secret-key is compromised, the ABE system has to revoke its decryption privileges to prevent the leakage of encrypted data. Although there are many constructions about revocable ABE from bilinear maps, the situation with lattice-based constructions is less satisfactory, and a few efforts were made to close this gap. In this work, we propose the first lattice-based server-aided revocable attribute-based encryption (SR-ABE) scheme and thus the first such construction that is believed to be quantum resistant. In the standard model, our scheme is proved to be secure based on the hardness of the Learning With Errors (LWE) problem.

Download Full-text

A Lightweight Fine-Grained Searchable Encryption Scheme in Fog-Based Healthcare IoT Networks

Wireless Communications and Mobile Computing ◽

10.1155/2019/1019767 ◽

2019 ◽

Vol 2019 ◽

pp. 1-15 ◽

Cited By ~ 3

Author(s):

Hui Li ◽

Tao Jing

Keyword(s):

Access Control ◽

Healthcare System ◽

Limited Resource ◽

Searchable Encryption ◽

Security Requirements ◽

Communication Overhead ◽

Encryption Scheme ◽

Fine Grained ◽

Smart Healthcare ◽

Cloud Framework

For a smart healthcare system, a cloud based paradigm with numerous user terminals is to support and improve more reliable, convenient, and intelligent services. Considering the resource limitation of terminals and communication overhead in cloud paradigm, we propose a hybrid IoT-Fog-Cloud framework. In this framework, we deploy a geo-distributed fog layer at the edge of networks. The fogs can provide the local storage, sufficient processing power, and appropriate network functions. For the fog-based healthcare system, data confidentiality, access control, and secure searching over ciphertext are the key issues in sensitive data. Furthermore, how to adjust the storage and computing requirements to meet the limited resource is also a great challenge for data management. To address these, we design a lightweight keyword searchable encryption scheme with fine-grained access control for our proposed healthcare related IoT-Fog-Cloud framework. Through our design, the users can achieve a fast and efficient service by delegating a majority part of the workloads and storage requirements to fogs and the cloud without extra privacy leakage. We prove our scheme satisfies the security requirements and demonstrate the excellent efficiency through experimental evaluation.

Download Full-text

Hierarchical authority based weighted attribute encryption scheme

Computer Science and Information Systems ◽

10.2298/csis180912027t ◽

2019 ◽

Vol 16 (3) ◽

pp. 797-813

Author(s):

Qiuting Tian ◽

Dezhi Han ◽

Yanmei Jiang

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Encryption Scheme ◽

Storage Security ◽

Fine Grained ◽

Security Proof ◽

Attribute Based Encryption ◽

Encryption Schemes ◽

And Performance ◽

Cloud Storage Environment

With the development of cloud storage technology, data storage security has become increasingly serious. Aiming at the problem that existing attribute-based encryption schemes do not consider hierarchical authorities and the weight of attribute. A hierarchical authority based weighted attribute encryption scheme is proposed. This scheme will introduce hierarchical authorities and the weight of attribute into the encryption scheme, so that the authorities have a hierarchical relationship and different attributes have different importance. At the same time, the introduction of the concept of weight makes this scheme more flexible in the cloud storage environment and enables fine-grained access control. In addition, this scheme implements an online/offline encryption mechanism to improve the security of stored data. Security proof and performance analysis show that the scheme is safe and effective, and it can resist collusion attacks by many malicious users and authorization centers. It is more suitable for cloud storage environments than other schemes.

Download Full-text

BFR-SE: A Blockchain-Based Fair and Reliable Searchable Encryption Scheme for IoT with Fine-Grained Access Control in Cloud Environment

Wireless Communications and Mobile Computing ◽

10.1155/2021/5340116 ◽

2021 ◽

Vol 2021 ◽

pp. 1-21

Author(s):

Hongmin Gao ◽

Shoushan Luo ◽

Zhaofeng Ma ◽

Xiaodan Yan ◽

Yanping Xu

Keyword(s):

Access Control ◽

Service Providers ◽

Auxiliary Information ◽

Bloom Filter ◽

Searchable Encryption ◽

Security And Privacy ◽

Encryption Scheme ◽

Fine Grained ◽

Data User ◽

Iot Devices

Due to capacity limitations, large amounts of data generated by IoT devices are often stored on cloud servers. These data are usually encrypted to prevent the disclosure, which significantly affects the availability of this data. Searchable encryption (SE) allows a party to store his data created by his IoT devices or mobile in encryption on the cloud server to protect his privacy while retaining his ability to search for data. However, the general SE techniques are all pay-then-use. The searchable encryption service providers (SESP) are considered curious but honest, making it unfair and unreliable. To address these problems, we combined ciphertext-policy attribute-based encryption, Bloom filter, and blockchain to propose a blockchain-based fair and reliable searchable encryption scheme (BFR-SE) in this paper. In BFR-SE, we constructed an attribute-based searchable encryption model that can provide fine-grained access control. The data owner stores the indices on SESP and stores some additional auxiliary information on the blockchain. After a data user initiates a request, SESP must return the correct and integral search results before the deadline. Otherwise, the data user can send an arbitration request, and the blockchain will make a ruling. The blockchain will only perform arbitrations based on auxiliary information when disputes arise, saving the computing resources on-chain. We analyzed the security and privacy of BFR-SE and simulated our scheme on the EOS blockchain, which proves that BFR-SE is feasible. Meanwhile, we provided a thorough analysis of storage and computing overhead, proving that BFR-SE is practical and has good performance.

Download Full-text

A Key-Policy Searchable Attribute-Based Encryption Scheme for Efficient Keyword Search and Fine-Grained Access Control over Encrypted Data

Electronics ◽

10.3390/electronics8030265 ◽

2019 ◽

Vol 8 (3) ◽

pp. 265 ◽

Cited By ~ 3

Author(s):

Hui Yin ◽

Yinqiao Xiong ◽

Jixin Zhang ◽

Lu Ou ◽

Shaolin Liao ◽

...

Keyword(s):

Access Control ◽

Large Scale ◽

Keyword Search ◽

Data Access ◽

Encryption Scheme ◽

Encrypted Data ◽

Fine Grained ◽

Data Access Control ◽

Attribute Based Encryption ◽

Key Policy

Attribute based encryption is a promising technique that achieves flexible and fine-grained data access control over encrypted data, which is very suitable for a secure data sharing environment such as the currently popular cloud computing. However, traditional attribute based encryption fails to provide an efficient keyword based search on encrypted data, which somewhat weakens the power of this encryption technique, as search is usually the most important approach to quickly obtain data of interest from large-scale dataset. To address this problem, attribute based encryption with keyword search (ABKS) is designed to achieve fine-grained data access control and keyword based search, simultaneously, by an ingenious combination of attribute based encryption and searchable encryption. Recently, several ABKS schemes have been constructed in secure cloud storage system for data access control and keyword search. Nonetheless, each of these schemes has some defects such as impractical computation overhead and insufficient access policy expression. To overcome these limitations, in this paper, we design a Key-Policy Searchable Attribute-based Encryption Scheme (KPSABES) based on the full-blown key-policy attribute-based encryption proposed by Vipul Goyal et al. By novel design, our scheme not only inherits all advantages of that scheme but also achieves efficient and secure keyword search over encrypted data. We provide the detailed performance analyses and security proofs for our scheme. Extensive experiments demonstrated that our proposed scheme is superior in many aspects to the similar work.

Download Full-text

A Comprehensive Review of Access Control Mechanism Based on Attribute Based Encryption Scheme for Cloud Computing

International Journal of Advanced Pervasive and Ubiquitous Computing ◽

10.4018/ijapuc.2019070103 ◽

2019 ◽

Vol 11 (3) ◽

pp. 33-52

Author(s):

Lokesh B. Bhajantri ◽

Tabassum N. Mujawar

Keyword(s):

Cloud Computing ◽

Access Control ◽

Large Scale ◽

Control Mechanism ◽

Fine Grained ◽

Prevailing Paradigm ◽

Attribute Based Encryption ◽

Encryption Schemes ◽

Access Control Mechanism ◽

A New Technique

Cloud computing is the most prevailing paradigm, which provides computing resources and services over the Internet. Due to immense development in services provided by cloud computing, the trend to share large-scale and confidential data on cloud has been increased. Though cloud computing provides many benefits, ensuring security of the data stored in cloud is the biggest challenge. The security concern about the data becomes main barrier for adoption of cloud. One of the important security aspects is fine grained access control mechanism. The most widely used and efficient access control scheme for cloud computing is Attribute Based Encryption (ABE). The Attribute Based Encryption (ABE) scheme provides a new technique for embedding access policies cryptographically into encryption process. The article presents an overview of various existing attribute-based encryption schemes and traditional access control models. Also, the comparison of existing ABE schemes for cloud computing, on basis of various criteria is presented in the article.

Download Full-text