Server-aided revocable attribute-based encryption
As a one-to-many public key encryption system, attribute-based encryption (ABE) enables scalable access control over encrypted data in cloud storage services. However, efficient user revocation has been a very challenging problem in ABE. To address this issue, Boldyreva, Goyal and Kumar [5] introduc...
Saved in:
Main Authors: | , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2016
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/3348 https://ink.library.smu.edu.sg/context/sis_research/article/4350/viewcontent/Server_AidedRevocableAttribute_2016_afv.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-4350 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-43502020-03-25T09:14:13Z Server-aided revocable attribute-based encryption CUI, Hui DENG, Robert H., Yingjiu LI, QIN, Baodong As a one-to-many public key encryption system, attribute-based encryption (ABE) enables scalable access control over encrypted data in cloud storage services. However, efficient user revocation has been a very challenging problem in ABE. To address this issue, Boldyreva, Goyal and Kumar [5] introduced a revocation method by combining the binary tree data structure with fuzzy identity-based encryption, in which a key generation center (KGC) periodically broadcasts key update information to all data users over a public channel. The Boldyreva-Goyal-Kumar approach reduces the size of key updates from linear to logarithm in the number of users, and it has been widely used in subsequent revocable ABE systems; however, it requires each data user to keep a private key of logarithmic size and all non-revoked data users to periodically update decryption keys for each new time period. To further optimize user revocation in ABE, in this paper, we propose a notion called server-aided revocable ABE (SR-ABE), in which almost all workloads of data users incurred by user revocation are delegated to an untrusted server and each data user only needs to store a key of constant size. We then define a security model for SR-ABE, and present a concrete SR-ABE scheme secure under this model. Interestingly, due to the key embedding gadget employed in the construction of SR-ABE, our SR-ABE scheme does not require any secure channels for key transmission, and also enjoys an additional property in the decryption phase, where a data user only needs to perform one exponentiation computation to decrypt a ciphertext. 2016-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3348 info:doi/10.1007/978-3-319-45741-3_29 https://ink.library.smu.edu.sg/context/sis_research/article/4350/viewcontent/Server_AidedRevocableAttribute_2016_afv.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Revocation Attribute-based encryption Server-aided Information Security |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Revocation Attribute-based encryption Server-aided Information Security |
spellingShingle |
Revocation Attribute-based encryption Server-aided Information Security CUI, Hui DENG, Robert H., Yingjiu LI, QIN, Baodong Server-aided revocable attribute-based encryption |
description |
As a one-to-many public key encryption system, attribute-based encryption (ABE) enables scalable access control over encrypted data in cloud storage services. However, efficient user revocation has been a very challenging problem in ABE. To address this issue, Boldyreva, Goyal and Kumar [5] introduced a revocation method by combining the binary tree data structure with fuzzy identity-based encryption, in which a key generation center (KGC) periodically broadcasts key update information to all data users over a public channel. The Boldyreva-Goyal-Kumar approach reduces the size of key updates from linear to logarithm in the number of users, and it has been widely used in subsequent revocable ABE systems; however, it requires each data user to keep a private key of logarithmic size and all non-revoked data users to periodically update decryption keys for each new time period. To further optimize user revocation in ABE, in this paper, we propose a notion called server-aided revocable ABE (SR-ABE), in which almost all workloads of data users incurred by user revocation are delegated to an untrusted server and each data user only needs to store a key of constant size. We then define a security model for SR-ABE, and present a concrete SR-ABE scheme secure under this model. Interestingly, due to the key embedding gadget employed in the construction of SR-ABE, our SR-ABE scheme does not require any secure channels for key transmission, and also enjoys an additional property in the decryption phase, where a data user only needs to perform one exponentiation computation to decrypt a ciphertext. |
format |
text |
author |
CUI, Hui DENG, Robert H., Yingjiu LI, QIN, Baodong |
author_facet |
CUI, Hui DENG, Robert H., Yingjiu LI, QIN, Baodong |
author_sort |
CUI, Hui |
title |
Server-aided revocable attribute-based encryption |
title_short |
Server-aided revocable attribute-based encryption |
title_full |
Server-aided revocable attribute-based encryption |
title_fullStr |
Server-aided revocable attribute-based encryption |
title_full_unstemmed |
Server-aided revocable attribute-based encryption |
title_sort |
server-aided revocable attribute-based encryption |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2016 |
url |
https://ink.library.smu.edu.sg/sis_research/3348 https://ink.library.smu.edu.sg/context/sis_research/article/4350/viewcontent/Server_AidedRevocableAttribute_2016_afv.pdf |
_version_ |
1770573118862000128 |