Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation
Attribute-based encryption (ABE) enables fine-grained access control over encrypted data. A practical and popular approach for handing revocation in ABE is to use the indirect revocation mechanism, in which a key generation centre (KGC) periodically broadcasts key update information for all data use...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2019
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/5246 https://ink.library.smu.edu.sg/context/sis_research/article/6249/viewcontent/1559537938_E11243_e_tarjome.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-6249 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-62492020-07-23T18:22:10Z Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation XU, Shengmin YANG, Guomin MU, Yi Attribute-based encryption (ABE) enables fine-grained access control over encrypted data. A practical and popular approach for handing revocation in ABE is to use the indirect revocation mechanism, in which a key generation centre (KGC) periodically broadcasts key update information for all data users over a public channel. Unfortunately, existing RABE schemes are vulnerable to decryption key exposure attack which has been well studied in the identity-based setting. In this paper, we introduce a new notion for RABE called re-randomizable piecewise key generation by allowing a data user to re-randmomize the combined secret key and the key update to obtain the decryption key, and the secret key is unrecoverable even both the decryption key and the key update are known by the attacker. We then propose a new primitive called re-randomizable attribute-based encryption (RRABE) that can achieve both re-randomizable piecewise key generation and ciphertext delegation. We also refine the existing security model for RABE to capture decryption key exposure resistance and present a generic construction of RABE from RRABE. Finally, by applying our generic transformation, we give a concrete RABE scheme achieving decryption key exposure resistance and ciphertext delegation simultaneously. 2019-04-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/5246 info:doi/10.1016/j.ins.2018.11.031 https://ink.library.smu.edu.sg/context/sis_research/article/6249/viewcontent/1559537938_E11243_e_tarjome.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Access control Attribute-based encryption Revocable storage Ecryption key exposure Programming Languages and Compilers Software Engineering |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Access control Attribute-based encryption Revocable storage Ecryption key exposure Programming Languages and Compilers Software Engineering |
| spellingShingle |
Access control Attribute-based encryption Revocable storage Ecryption key exposure Programming Languages and Compilers Software Engineering XU, Shengmin YANG, Guomin MU, Yi Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation |
| description |
Attribute-based encryption (ABE) enables fine-grained access control over encrypted data. A practical and popular approach for handing revocation in ABE is to use the indirect revocation mechanism, in which a key generation centre (KGC) periodically broadcasts key update information for all data users over a public channel. Unfortunately, existing RABE schemes are vulnerable to decryption key exposure attack which has been well studied in the identity-based setting. In this paper, we introduce a new notion for RABE called re-randomizable piecewise key generation by allowing a data user to re-randmomize the combined secret key and the key update to obtain the decryption key, and the secret key is unrecoverable even both the decryption key and the key update are known by the attacker. We then propose a new primitive called re-randomizable attribute-based encryption (RRABE) that can achieve both re-randomizable piecewise key generation and ciphertext delegation. We also refine the existing security model for RABE to capture decryption key exposure resistance and present a generic construction of RABE from RRABE. Finally, by applying our generic transformation, we give a concrete RABE scheme achieving decryption key exposure resistance and ciphertext delegation simultaneously. |
| format |
text |
| author |
XU, Shengmin YANG, Guomin MU, Yi |
| author_facet |
XU, Shengmin YANG, Guomin MU, Yi |
| author_sort |
XU, Shengmin |
| title |
Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation |
| title_short |
Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation |
| title_full |
Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation |
| title_fullStr |
Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation |
| title_full_unstemmed |
Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation |
| title_sort |
revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2019 |
| url |
https://ink.library.smu.edu.sg/sis_research/5246 https://ink.library.smu.edu.sg/context/sis_research/article/6249/viewcontent/1559537938_E11243_e_tarjome.pdf |
| _version_ |
1770575348227899392 |