Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines
Attribute based encryption (ABE) has potential to be applied in various cloud computing applications. However, the Snowden revelations show that powerful adversaries can corrupt users’ machines to compromise the security, and many implementations of provably secure encryption schemes may present und...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2018
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/7415 https://ink.library.smu.edu.sg/context/sis_research/article/8418/viewcontent/Concessive_online_offline_attribute_based_encryption_with_cryptographic_reverse_firewalls.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-8418 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-84182023-08-11T05:24:00Z Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines MA, Hui ZHANG, Rui YANG, Guomin SONG, Zishuai SUN, Shuzhou XIAO, Yuting Attribute based encryption (ABE) has potential to be applied in various cloud computing applications. However, the Snowden revelations show that powerful adversaries can corrupt users’ machines to compromise the security, and many implementations of provably secure encryption schemes may present undetectable vulnerabilities that can expose secret, e.g., the scheme still works properly even some backdoors have been stealthily engineered on users’ machines. Undoubtedly, ABE is also facing the above security threats. Recently, Mironov and Stephens-Davidowitz proposed cryptographic reverse firewall (CRF) to solve the problem. Unfortunately, no CRF-based protection for ABE has been proposed so far due to the complex system model and the extra access structure component. Besides, the encryption scheme in the CRF framework will suffer double computation latency, which is worse for ABE that has already yielded expensive operations. In this paper, we propose a concessive online/offline ciphertext-policy attribute based encryption with cryptographic reverse firewalls (COO-CP-ABE-CRF), which can resist the exfiltration of secret information and achieve selective CPA security. Furthermore, compared with the original scheme without CRF, our scheme reduces the total computation cost by half. Moreover, we develop an extensible library called libabelibabe that is compatible with Android devices, and we implement the prototype on a laptop and a mobile phone. The experimental results indicate that the scheme is efficient and practical. 2018-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7415 info:doi/10.1007/978-3-319-98989-1_25 https://ink.library.smu.edu.sg/context/sis_research/article/8418/viewcontent/Concessive_online_offline_attribute_based_encryption_with_cryptographic_reverse_firewalls.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Information Security |
| spellingShingle |
Information Security MA, Hui ZHANG, Rui YANG, Guomin SONG, Zishuai SUN, Shuzhou XIAO, Yuting Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines |
| description |
Attribute based encryption (ABE) has potential to be applied in various cloud computing applications. However, the Snowden revelations show that powerful adversaries can corrupt users’ machines to compromise the security, and many implementations of provably secure encryption schemes may present undetectable vulnerabilities that can expose secret, e.g., the scheme still works properly even some backdoors have been stealthily engineered on users’ machines. Undoubtedly, ABE is also facing the above security threats. Recently, Mironov and Stephens-Davidowitz proposed cryptographic reverse firewall (CRF) to solve the problem. Unfortunately, no CRF-based protection for ABE has been proposed so far due to the complex system model and the extra access structure component. Besides, the encryption scheme in the CRF framework will suffer double computation latency, which is worse for ABE that has already yielded expensive operations. In this paper, we propose a concessive online/offline ciphertext-policy attribute based encryption with cryptographic reverse firewalls (COO-CP-ABE-CRF), which can resist the exfiltration of secret information and achieve selective CPA security. Furthermore, compared with the original scheme without CRF, our scheme reduces the total computation cost by half. Moreover, we develop an extensible library called libabelibabe that is compatible with Android devices, and we implement the prototype on a laptop and a mobile phone. The experimental results indicate that the scheme is efficient and practical. |
| format |
text |
| author |
MA, Hui ZHANG, Rui YANG, Guomin SONG, Zishuai SUN, Shuzhou XIAO, Yuting |
| author_facet |
MA, Hui ZHANG, Rui YANG, Guomin SONG, Zishuai SUN, Shuzhou XIAO, Yuting |
| author_sort |
MA, Hui |
| title |
Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines |
| title_short |
Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines |
| title_full |
Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines |
| title_fullStr |
Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines |
| title_full_unstemmed |
Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines |
| title_sort |
concessive online/offline attribute based encryption with cryptographic reverse firewalls: secure and efficient fine-grained access control on corrupted machines |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2018 |
| url |
https://ink.library.smu.edu.sg/sis_research/7415 https://ink.library.smu.edu.sg/context/sis_research/article/8418/viewcontent/Concessive_online_offline_attribute_based_encryption_with_cryptographic_reverse_firewalls.pdf |
| _version_ |
1779156846448214016 |