Journal ArticleDOI
Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing
TLDR
This article provides a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system that can withstand collusion attack performed by revoked users cooperating with existing users and proves the security of the scheme under the divisible computation Diffie-Hellman assumption.Abstract:
With the development of cloud computing, outsourcing data to cloud server attracts lots of attentions. To guarantee the security and achieve flexibly fine-grained file access control, attribute based encryption (ABE) was proposed and used in cloud storage system. However, user revocation is the primary issue in ABE schemes. In this article, we provide a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system. The issue of user revocation can be solved efficiently by introducing the concept of user group. When any user leaves, the group manager will update users’ private keys except for those who have been revoked. Additionally, CP-ABE scheme has heavy computation cost, as it grows linearly with the complexity for the access structure. To reduce the computation cost, we outsource high computation load to cloud service providers without leaking file content and secret keys. Notably, our scheme can withstand collusion attack performed by revoked users cooperating with existing users. We prove the security of our scheme under the divisible computation Diffie-Hellman assumption. The result of our experiment shows computation cost for local devices is relatively low and can be constant. Our scheme is suitable for resource constrained devices.read more
Citations
More filters
Journal ArticleDOI
User Collusion Avoidance CP-ABE With Efficient Attribute Revocation for Cloud Storage
TL;DR: This work formalizes the definition and security model, which model collusion attack executed by the existing users cooperating with the revoked users, and presents a user collusion avoidance ciphertext-policy ABE scheme with efficient attribute revocation for the cloud storage system.
Journal ArticleDOI
Certificateless Public Integrity Checking of Group Shared Data on Cloud Storage
Jiguo Li,Hao Yan,Yichen Zhang +2 more
TL;DR: The technique of certificateless signature is utilized to present a new RDPC protocol for checking the integrity of data shared among a group and the security of the scheme is reduced to the assumptions of computational Diffie-Hellman (CDH) and discrete logarithm (DL).
Journal ArticleDOI
Full Verifiability for Outsourced Decryption in Attribute Based Encryption
TL;DR: An ABE scheme with verifiable outsourced decryption is proposed, which can simultaneously check the correctness for transformed ciphertext for the authorized users and unauthorized users and is proved to be selective CPA-secure in the standard model.
Journal ArticleDOI
A Novel Efficient Remote Data Possession Checking Protocol in Cloud Storage
TL;DR: This paper provides a new efficient RDPC protocol based on homomorphic hash function that is provably secure against forgery attack, replace attack, and replay attack based on a typical security model and gives a new optimized implementation for the ORT, which makes the cost of accessing ORT nearly constant.
Journal ArticleDOI
Lightweight Fine-Grained Search Over Encrypted Data in Fog Computing
TL;DR: A Lightweight Fine-Grained ciphertexts Search (LFGS) system in fog computing is presented by extending Ciphertext-Policy Attribute-Based Encryption and Searchable Encryption technologies, which can achieve fine-grained access control and keyword search simultaneously.
References
More filters
Journal ArticleDOI
Secure Overlay Cloud Storage with Access Control and Assured Deletion
TL;DR: This work design and implement FADE, a secure overlay cloud storage system that achieves fine-grained, policy-based access control and file assured deletion, and associates outsourced files with file access policies, and assuredly deletes files to make them unrecoverable to anyone upon revocations of fileAccess policies.
Journal ArticleDOI
White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Any Monotone Access Structures
TL;DR: This work adds traceability to an existing expressive, efficient, and secure CP-ABE scheme without weakening its security or setting any particular trade-off on its performance.
Journal ArticleDOI
Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation
TL;DR: A privacy-preserving PHR, which supports fine-grained access control and efficient revocation, and considers the situation that multiple data owners exist, and patient’s PHRs are encrypted and stored in semi-trust servers.
Journal ArticleDOI
Toward Secure Multikeyword Top-k Retrieval over Encrypted Cloud Data
TL;DR: This paper proposes a two-round searchable encryption (TRSE) scheme that supports top-k multikeyword retrieval and employs a vector space model and homomorphic encryption, and shows that the proposed scheme guarantees high security and practical efficiency.
Book ChapterDOI
Fine-Grained Access Control System Based on Outsourced Attribute-Based Encryption
TL;DR: Attribute-based encryption (ABE) is a promising cryptographic primitive, which has been widely applied to design fine-grained access control system recently, but is being criticized for its high scheme overhead as the computational cost grows with the complexity of the access formula.