A Blockchain-Based CP-ABE Scheme with Partially Hidden Access Structures

Data sharing has become a key technology to break down data silos in the big data era. Ciphertext-policy attribute-based encryption (CP-ABE) is widely used in secure data-sharing schemes to realize flexible and fine-grained access control. However, in traditional CP-ABE schemes, the access structure is directly shared along with the ciphertext, potentially leading to users’ private information leakage. Outsourcing data to a centralized third party can easily result in privacy leakage and single-point bottlenecks, and the lack of transparency in data storage and sharing casts doubts whether users’ data are safe. To address these issues, we propose a blockchain-based CP-ABE scheme with partially hidden access structures (BCP-ABE-PHAS) to achieve fine-grained access control while ensuring user privacy. First, we propose an efficient CP-ABE scheme with partially hidden access structures, where the ciphertext size is constant. To assist data decryption, we design a garbled Bloom filter to help users quickly locate the position of wildcards in the access structure. Then, to improve storage efficiency and system scalability, we propose a data storage scheme that combines blockchain technology and the interplanetary file system, ensuring data integrity. Finally, we employ smart contracts for a transparent data storage and sharing process without third-party participation. Security analysis and performance evaluation show that the proposed BCP-ABE-PHAS scheme can preserve policy privacy with efficient storage and low computational overhead.

Ciphertext-Policy Attribute-Based Encryption with Outsourced Set Intersection in Multimedia Cloud Computing

In a multimedia cloud computing system, suppose all cloud users outsource their own data sets to the cloud in the encrypted form. Each outsourced set is associated with an access structure such that a valid data user, Bob, with the credentials satisfying the access structure is able to conduct computing over outsourced encrypted set (e.g., decryption or other kinds of computing function). Suppose Bob needs to compute the set intersection over a data owner Alice’s and his own outsourced encrypted sets. Bob’s simple solution is to download Alice’s and Bob’s outsourced encrypted sets, perform set intersection operation, and decrypt the set intersection ciphertexts. A better solution is for Bob to delegate the cloud to calculate the set intersection, without giving the cloud any ability in breaching the secrecy of the sets. To solve this problem, this work introduces a novel primitive called ciphertext-policy attribute-based encryption with outsourced set intersection for multimedia cloud computing. It is the first cryptographic algorithm supporting a fully outsourced encrypted storage, computation delegation, fine-grained authorization security for ciphertext-policy model, without relying on an online trusted authority or data owners, and multi-elements set, simultaneously. We construct a scheme that provably satisfies the desirable security properties, and analyze its efficiency.

Speech Encryption Scheme Based on Ciphertext Policy Hierarchical Attribute in Cloud Storage

In order to ensure the confidentiality and secure sharing of speech data, and to solve the problems of slow deployment of attribute encryption systems and fine-grained access control in cloud storage, a speech encryption scheme based on ciphertext policy hierarchical attributes was proposed. First, perform hierarchical processing of the attributes of the speech data to reflect the hierarchical structure and integrate the hierarchical access structure into a single-access structure. Second, use the attribute fast encryption framework to construct the attribute encryption scheme of the speech data, and use the integrated access to the speech data; thus, the structure is encrypted and uploaded to the cloud for storage and sharing. Finally, use the hardness of decisional bilinear Diffie–Hellman (DBDH) assumption to prove that the proposed scheme is secure in the random oracle model. The theoretical security analysis and experimental results show that the proposed scheme can achieve efficient and fine-grained access control and is secure and extensible.

An Efficient Compartmented Secret Sharing Scheme Based on Linear Homogeneous Recurrence Relations

Multipartite secret sharing schemes are those that have multipartite access structures. The set of the participants in those schemes is divided into several parts, and all the participants in the same part play the equivalent role. One type of such access structure is the compartmented access structure, and the other is the hierarchical access structure. We propose an efficient compartmented multisecret sharing scheme based on the linear homogeneous recurrence (LHR) relations. In the construction phase, the shared secrets are hidden in some terms of the linear homogeneous recurrence sequence. In the recovery phase, the shared secrets are obtained by solving those terms in which the shared secrets are hidden. When the global threshold is t , our scheme can reduce the computational complexity of the compartmented secret sharing schemes from the exponential time to polynomial time. The security of the proposed scheme is based on Shamir’s threshold scheme, i.e., our scheme is perfect and ideal. Moreover, it is efficient to share the multisecret and to change the shared secrets in the proposed scheme.

A New Multi-stage Secret Sharing Scheme for Hierarchical Access Structure with Existential Quantifier

Multi-stage secret sharing scheme is practical in the case that there is a security system with m ordered checkpoints.It is natural to divide the m checkpoints into m different levels. There are m different secrets, and eachof them with a different importance corresponds to a checkpoint/level. The participants are also divided intom disjoint levels as they do in the hierarchical threshold access structure. Hierarchical threshold access structurewith the existential quantifier ( HTAS∃ ) does not cover the common practice that at least a few numbersof high-ranking participants are required to be involved in any recovery of the secret. The popular schemeswith hierarchical access structure were needed to check many matrices for non-singularity. We propose amulti-stage secret sharing scheme for HTAS∃ , and the tools are based on the linear homogeneous recurrencerelations (LHRRs) and one-way functions. We give the HTAS∃ a modification, so that this hierarchical accessstructure can satisfy the common practice. In our scheme, if the participants are divided into m levels, thereusually has m secrets. But before the (j − 1)-th secret is recovered, the j-th secret cannot be recovered. Ourscheme is a computational secure. The proposed scheme requires a share for each participant and the shareis as long as each secret. Our scheme has high efficiency by comparing with the state-of-the-art hierarchicalsecret sharing schemes.