Server-aided revocable attribute-based encryption for cloud computing services

Attribute-based encryption (ABE) has been regarded as a promising solution in cloud computing services to enable scalable access control without compromising the security. Despite of the advantages, efficient user revocation has been a challenge in ABE. One suggestion for user revocation is using th...

Full description

Saved in:
Bibliographic Details
Main Authors: CUI, Hui, YUEN, Tsz Hon, DENG, Robert H., WANG, Guilin
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2020
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/5070
https://ink.library.smu.edu.sg/context/sis_research/article/6073/viewcontent/Server_aided_abe_for_cloud_computing_services_sv.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-6073
record_format dspace
spelling sg-smu-ink.sis_research-60732020-04-06T09:55:43Z Server-aided revocable attribute-based encryption for cloud computing services CUI, Hui YUEN, Tsz Hon DENG, Robert H. WANG, Guilin Attribute-based encryption (ABE) has been regarded as a promising solution in cloud computing services to enable scalable access control without compromising the security. Despite of the advantages, efficient user revocation has been a challenge in ABE. One suggestion for user revocation is using the binary tree in the key generation phase of an ABE scheme, which enables a trusted key generation center to periodically distribute the key update information to all nonrevoked users over a public channel. This revocation approach reduces the size of key updates from linear to logarithmic in the number of users. But it requires each user to keep a private key of the logarithmic size, and asks each nonrevoked user to periodically update his/her decryption key for each new time period. To further optimize user revocation in ABE, a server-aided revocable ABE (SR-ABE) scheme has been proposed, in which almost all workloads of users incurred by the user revocation are outsourced to an untrusted server, and each user only needs to store a private key of the constant size. In addition, SR-ABE does not require any secure channel for the key transmission, and a user only needs to perform a small amount of calculations to decrypt a ciphertext. In this paper, we revisit the notion of SR-ABE, and present a generic construction of SR-ABE, which can transform a revocable ABE (RABE) scheme to an SR-ABE scheme. In addition, we give an instantiation of SR-ABE by applying the generic construction on a concrete RABE scheme, and implement an instantiation of SR-ABE and an RABE scheme to evaluate the performance of SR-ABE. 2020-01-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/5070 info:doi/10.1002/cpe.5680 https://ink.library.smu.edu.sg/context/sis_research/article/6073/viewcontent/Server_aided_abe_for_cloud_computing_services_sv.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University access control attribute-based encryption cloud computing outsourced computation revocation Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic access control
attribute-based encryption
cloud computing
outsourced computation
revocation
Information Security
spellingShingle access control
attribute-based encryption
cloud computing
outsourced computation
revocation
Information Security
CUI, Hui
YUEN, Tsz Hon
DENG, Robert H.
WANG, Guilin
Server-aided revocable attribute-based encryption for cloud computing services
description Attribute-based encryption (ABE) has been regarded as a promising solution in cloud computing services to enable scalable access control without compromising the security. Despite of the advantages, efficient user revocation has been a challenge in ABE. One suggestion for user revocation is using the binary tree in the key generation phase of an ABE scheme, which enables a trusted key generation center to periodically distribute the key update information to all nonrevoked users over a public channel. This revocation approach reduces the size of key updates from linear to logarithmic in the number of users. But it requires each user to keep a private key of the logarithmic size, and asks each nonrevoked user to periodically update his/her decryption key for each new time period. To further optimize user revocation in ABE, a server-aided revocable ABE (SR-ABE) scheme has been proposed, in which almost all workloads of users incurred by the user revocation are outsourced to an untrusted server, and each user only needs to store a private key of the constant size. In addition, SR-ABE does not require any secure channel for the key transmission, and a user only needs to perform a small amount of calculations to decrypt a ciphertext. In this paper, we revisit the notion of SR-ABE, and present a generic construction of SR-ABE, which can transform a revocable ABE (RABE) scheme to an SR-ABE scheme. In addition, we give an instantiation of SR-ABE by applying the generic construction on a concrete RABE scheme, and implement an instantiation of SR-ABE and an RABE scheme to evaluate the performance of SR-ABE.
format text
author CUI, Hui
YUEN, Tsz Hon
DENG, Robert H.
WANG, Guilin
author_facet CUI, Hui
YUEN, Tsz Hon
DENG, Robert H.
WANG, Guilin
author_sort CUI, Hui
title Server-aided revocable attribute-based encryption for cloud computing services
title_short Server-aided revocable attribute-based encryption for cloud computing services
title_full Server-aided revocable attribute-based encryption for cloud computing services
title_fullStr Server-aided revocable attribute-based encryption for cloud computing services
title_full_unstemmed Server-aided revocable attribute-based encryption for cloud computing services
title_sort server-aided revocable attribute-based encryption for cloud computing services
publisher Institutional Knowledge at Singapore Management University
publishDate 2020
url https://ink.library.smu.edu.sg/sis_research/5070
https://ink.library.smu.edu.sg/context/sis_research/article/6073/viewcontent/Server_aided_abe_for_cloud_computing_services_sv.pdf
_version_ 1770575205302796288