We propose a new large-universe multi-authority ciphertext-policy attribute-based encryption system. In this system, any string can be used as an attribute of the system, and there are several authorities, each of which is responsible for the authorized key distribution of a specific set of attributes. Then, we prove its security under two static assumptions without random oracle. The main techniques used in this work are “Waters’ hash” over global identifier and attribute information in the construction, as well as dual system encryption in the security proof. To the best of our knowledge, this is the first ciphertext-policy attribute-based encryption system satisfying both of “large-universe” property and “multi-authority” property without random oracle. Finally, as the application of our new scheme, we propose a new data access control scheme for cloud storage systems.
A.Beimel, Secure schemes for secret sharing and key distribution, PhD thesis, Israel Institute of Technology, Technion, Haifa, Israel, 1996.
2.
J.Bethencourt, A.Sahai and B.Waters, Ciphertext-policy attribute-based encryption, in: S&P 2007, IEEE, 2007, pp. 321–334.
3.
D.Boneh, E.Goh and K.Nissim, Evaluating 2-dnf formulas on ciphertexts, in: TCC 2005, Springer, Heidelberg, 2005, pp. 325–341.
4.
A.Castiglione, A.D.Santis and B.Masucci, Hierarchical and shared key assignment, in: NBiS 2014, IEEE, 2014, pp. 263–270.
5.
A.Castiglione, A.D.Santis and B.Masucci, Key indistinguishability vs. strong key indistinguishability for hierarchical key assignment schemes, IEEE Transactions on Dependable and Secure Computing (2015). doi:10.1109/TDSC.2015.2413415.
6.
M.Chase, Multi-authority attribute based encryption, in: TCC 2007, Springer, Heidelberg, 2007, pp. 515–534.
7.
M.Chase and S.S.M.Chow, Improving privacy and security in multi-authority attribute-based encryption, in: CCS 2009, ACM, New York, 2009, pp. 121–130.
8.
X.Chen, J.Li, J.Ma, Q.Tang and W.Lou, New algorithms for secure outsourcing of modular exponentiations, IEEE Transactions on Parallel and Distributed Systems25(9) (2014), 2386–2396.
9.
L.Cheung and C.C.Newport, Provably secure ciphertext policy ABE, in: CCS 2007, ACM, New York, 2007, pp. 456–465.
10.
C.Esposito, M.Ficco, F.Palmieri and A.Castiglione, Interconnecting federated clouds by using publish-subscribe service, Cluster Computing16(4) (2013), 887–903.
11.
C.Esposito, M.Ficco, F.Palmieri and A.Castiglione, Smart cloud storage service selection based on fuzzy logic, theory of evidence and game theory, IEEE Transactions on Computers (2015). doi:10.1109/TC.2015.2389952.
12.
V.Goyal, A.Jain, O.Pandey and A.Sahai, Bounded ciphertext policy attribute based encryption, in: ICALP 2008, Springer, Heidelberg, 2008, pp. 579–591.
13.
V.Goyal, O.Pandey, A.Sahai and B.Waters, Attribute-based encryption for fine-grained access control of encrypted data, in: CCS 2006, ACM, New York, 2006, pp. 89–98.
14.
M.Green, S.Hohenberger and B.Waters, Outsourcing the decryption of ABE ciphertexts, in: SEC 2011, ACM, New York, 2011, pp. 34–49.
15.
S.Hohenberger and B.Waters, Online/offline attribute-based encryption, in: PKC 2014, Springer, Heidelberg, 2014, pp. 293–310.
16.
T.Jiang, X.Chen, J.Li, D.S.Wong, J.Ma and J.K.Liu, TIMER: Secure and reliable cloud storage against data re-outsourcing, in: ISPEC 2014, Springer, Heidelberg, 2014, pp. 346–358.
17.
J.Lai, R.H.Deng, C.Guan and J.Weng, Attribute-based encryption with verifiable outsourced decryption, IEEE Transactions on Information Forensics and Security8(8) (2013), 1343–1354.
18.
A.B.Lewko, Tools for simulating features of composite order bilinear groups in the prime order setting, in: EUROCRYPT 2012, Springer, Heidelberg, 2012, pp. 318–335.
19.
A.B.Lewko, T.Okamoto, A.Sahai, K.Takashima and B.Waters, Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption, in: EUROCRYPT 2010, Springer, Heidelberg, 2010, pp. 62–91.
20.
A.B.Lewko and B.Waters, Decentralizing attribute-based encryption, in: EUROCRYPT 2011, Springer, Heidelberg, 2011, pp. 568–588.
21.
A.B.Lewko and B.Waters, Unbounded HIBE and attribute-based encryption, in: EUROCRYPT 2011, Springer, Heidelberg, 2011, pp. 547–567.
22.
A.B.Lewko and B.Waters, New proof methods for attribute-based encryption: Achieving full security through selective techniques, in: CRYPTO 2012, Springer, Heidelberg, 2012, pp. 180–198.
23.
J.Li, C.Jia, J.Li and X.Chen, Outsourcing encryption of attribute-based encryption with MapReduce, in: ICICS 2012, Springer, Heidelberg, 2012, pp. 191–201.
24.
J.Li, J.Li, X.Chen, C.Jia and D.S.Wong, Securely outsourcing attribute-based encryption with checkability, IEEE Transactions on Parallel and Distributed Systems25(8) (2014), 2201–2210.
25.
H.Lin, Z.Cao, X.Liang and J.Shao, Secure threshold multi authority attribute based encryption without a central authority, in: INDOCRYPT 2008, Springer, Heidelberg, 2008, pp. 426–436.
26.
T.Okamoto and K.Takashima, Homomorphic encryption and signatures from vector decomposition, in: Pairing 2008, Springer, Heidelberg, 2008, pp. 57–74.
27.
T.Okamoto and K.Takashima, Hierarchical predicate encryption for inner-products, in: ASIACRYPT 2009, Springer, Heidelberg, 2009, pp. 214–231.
28.
T.Okamoto and K.Takashima, Fully secure functional encryption with general relations from the decisional linear assumption, in: CRYPTO 2010, Springer, Heidelberg, 2010, pp. 191–208.
29.
R.Ostrovsky, A.Sahai and B.Waters, Attribute-based encryption with non-monotonic access structures, in: CCS 2007, ACM, New York, 2007, pp. 195–203.
30.
F.Palmieri, U.Fiore, S.Ricciardi and A.Castiglione, Grasp-based resource re-optimization for effective big data access in federated clouds, Future Generation Computer Systems54 (2016), 168–179. doi:10.1016/j.future.2015.01.017.
31.
Y.Rouselakis and B.Waters, Practical constructions and new proof methods for large universe attribute-based encryption, in: CCS 2013, ACM, New York, 2013, pp. 463–474.
32.
Y.Rouselakis and B.Waters, Efficient statically-secure large-universe multi-authority attribute-based encryption, IACR Cryptology ePrint archive, 2015, available at: http://eprint.iacr.org/2015/016.
33.
A.Sahai and B.Waters, Fuzzy identity-based encryption, in: EUROCRYPT 2005, Springer, Heidelberg, 2005, pp. 457–473.
34.
H.Wang, B.Yang and Y.Wang, Server aided ciphertext-policy attribute-based encryption, in: WAINA 2015, IEEE, 2015, pp. 440–444.
35.
H.Wang, Z.Zheng, L.Wu and Y.Wang, Adaptively secure outsourcing ciphertext-policy attribute-based encryption, Journal of Computer Research and Development52(10) (2015), 2270–2280(in Chinese).
36.
B.Waters, Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization, in: PKC 2011, Springer, Heidelberg, 2011, pp. 53–70.
37.
K.Yang, X.Jia, K.Ren, B.Zhang and R.Xie, DAC-MACS: Effective data access control for multiauthority cloud storage systems, IEEE Transactions on Information Forensics and Security8(11) (2013), 1790–1801.
