Server-aided revocable attribute-based encryption for cloud computing services
Attribute-based encryption (ABE) has been regarded as a promising solution in cloud computing services to enable scalable access control without compromising the security. Despite of the advantages, efficient user revocation has been a challenge in ABE. One suggestion for user revocation is using th...
Saved in:
Main Authors: | , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2020
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/5070 https://ink.library.smu.edu.sg/context/sis_research/article/6073/viewcontent/Server_aided_abe_for_cloud_computing_services_sv.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-6073 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-60732020-04-06T09:55:43Z Server-aided revocable attribute-based encryption for cloud computing services CUI, Hui YUEN, Tsz Hon DENG, Robert H. WANG, Guilin Attribute-based encryption (ABE) has been regarded as a promising solution in cloud computing services to enable scalable access control without compromising the security. Despite of the advantages, efficient user revocation has been a challenge in ABE. One suggestion for user revocation is using the binary tree in the key generation phase of an ABE scheme, which enables a trusted key generation center to periodically distribute the key update information to all nonrevoked users over a public channel. This revocation approach reduces the size of key updates from linear to logarithmic in the number of users. But it requires each user to keep a private key of the logarithmic size, and asks each nonrevoked user to periodically update his/her decryption key for each new time period. To further optimize user revocation in ABE, a server-aided revocable ABE (SR-ABE) scheme has been proposed, in which almost all workloads of users incurred by the user revocation are outsourced to an untrusted server, and each user only needs to store a private key of the constant size. In addition, SR-ABE does not require any secure channel for the key transmission, and a user only needs to perform a small amount of calculations to decrypt a ciphertext. In this paper, we revisit the notion of SR-ABE, and present a generic construction of SR-ABE, which can transform a revocable ABE (RABE) scheme to an SR-ABE scheme. In addition, we give an instantiation of SR-ABE by applying the generic construction on a concrete RABE scheme, and implement an instantiation of SR-ABE and an RABE scheme to evaluate the performance of SR-ABE. 2020-01-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/5070 info:doi/10.1002/cpe.5680 https://ink.library.smu.edu.sg/context/sis_research/article/6073/viewcontent/Server_aided_abe_for_cloud_computing_services_sv.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University access control attribute-based encryption cloud computing outsourced computation revocation Information Security |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
access control attribute-based encryption cloud computing outsourced computation revocation Information Security |
spellingShingle |
access control attribute-based encryption cloud computing outsourced computation revocation Information Security CUI, Hui YUEN, Tsz Hon DENG, Robert H. WANG, Guilin Server-aided revocable attribute-based encryption for cloud computing services |
description |
Attribute-based encryption (ABE) has been regarded as a promising solution in cloud computing services to enable scalable access control without compromising the security. Despite of the advantages, efficient user revocation has been a challenge in ABE. One suggestion for user revocation is using the binary tree in the key generation phase of an ABE scheme, which enables a trusted key generation center to periodically distribute the key update information to all nonrevoked users over a public channel. This revocation approach reduces the size of key updates from linear to logarithmic in the number of users. But it requires each user to keep a private key of the logarithmic size, and asks each nonrevoked user to periodically update his/her decryption key for each new time period. To further optimize user revocation in ABE, a server-aided revocable ABE (SR-ABE) scheme has been proposed, in which almost all workloads of users incurred by the user revocation are outsourced to an untrusted server, and each user only needs to store a private key of the constant size. In addition, SR-ABE does not require any secure channel for the key transmission, and a user only needs to perform a small amount of calculations to decrypt a ciphertext. In this paper, we revisit the notion of SR-ABE, and present a generic construction of SR-ABE, which can transform a revocable ABE (RABE) scheme to an SR-ABE scheme. In addition, we give an instantiation of SR-ABE by applying the generic construction on a concrete RABE scheme, and implement an instantiation of SR-ABE and an RABE scheme to evaluate the performance of SR-ABE. |
format |
text |
author |
CUI, Hui YUEN, Tsz Hon DENG, Robert H. WANG, Guilin |
author_facet |
CUI, Hui YUEN, Tsz Hon DENG, Robert H. WANG, Guilin |
author_sort |
CUI, Hui |
title |
Server-aided revocable attribute-based encryption for cloud computing services |
title_short |
Server-aided revocable attribute-based encryption for cloud computing services |
title_full |
Server-aided revocable attribute-based encryption for cloud computing services |
title_fullStr |
Server-aided revocable attribute-based encryption for cloud computing services |
title_full_unstemmed |
Server-aided revocable attribute-based encryption for cloud computing services |
title_sort |
server-aided revocable attribute-based encryption for cloud computing services |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2020 |
url |
https://ink.library.smu.edu.sg/sis_research/5070 https://ink.library.smu.edu.sg/context/sis_research/article/6073/viewcontent/Server_aided_abe_for_cloud_computing_services_sv.pdf |
_version_ |
1770575205302796288 |