research-article

Attribute-Based Proxy Re-Encryption With Direct Revocation Mechanism for Data Sharing in Clouds

Authors:

Liming FangAuthors Info & Claims

IEEE Transactions on Dependable and Secure Computing, Volume 21, Issue 2

Pages 949 - 960

https://doi.org/10.1109/TDSC.2023.3265979

Published: 11 April 2023 Publication History

Abstract

Cloud computing, which provides adequate storage and computation capability, has been a prevalent information infrastructure. Secure data sharing is a basic demand when data was outsourced to a cloud server. Attribute-based proxy re-encryption has been a promising approach that allows secure encrypted data sharing on clouds. With attribute-based proxy re-encryption, a delegator can designate a set of shared users through issuing a re-encryption key which will be used by the cloud server to transform the delegator's encrypted data to the shared users’. However, the existing attribute-based proxy re-encryption schemes lack a mechanism of revoking users from the sharing set which is critical for data sharing systems. Therefore, in this article, we propose a concrete attribute-based proxy re-encryption with direct revocation mechanism (ABPRE-DR) for encrypted data sharing that enables the cloud server to directly revoke users from the original sharing set involved in the re-encryption key. We implemented the new schemes and evaluated its performance. The experimental results show that the proposed ABPRE-DR scheme is efficient and practical.

References

[1]

K. Ren, C. Wang, and Q. Wang, “Security challenges for the public cloud,” IEEE Internet Comput., vol. 16, no. 1, pp. 69–73, Jan./Feb. 2012.

Digital Library

[2]

A. Sahai and B. Waters, “Fuzzy identity-based encryption,” in Proc. Int. Conf. Theory Appl. Cryptographic Techn., 2005, pp. 457–473.

[3]

V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryption for fine-grained access control of encrypted data,” in Proc. ACM Conf. Comput. Commun. Secur., 2006, pp. 89–98.

[4]

J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attribute-based encryption,” in Proc. IEEE Symp. Secur. Privacy, 2007, pp. 321–334.

Digital Library

[5]

K. Emura, A. Miyaji, A. Nomura, K. Omote, and M. Soshi, “A ciphertext-policy attribute-based encryption scheme with constant ciphertext length,” in Proc. Int. Conf. Inf. Secur. Pract. Exp., Springer, 2009, pp. 13–23.

[6]

S. Hohenberger and B. Waters, “Attribute-based encryption with fast decryption,” in Proc. Int. Workshop Public Key Cryptogr., Springer, 2013, pp. 162–179.

[7]

N. Attrapadung, B. Libert, and E. De Panafieu, “Expressive key-policy attribute-based encryption with constant-size ciphertexts,” in Proc. Int. Workshop Public Key Cryptogr., Springer, 2011, pp. 90–108.

[8]

J. Herranz, F. Laguillaumie, and C. Ràfols, “Constant size ciphertexts in threshold attribute-based encryption,” in Proc. Int. Workshop Public Key Cryptogr., Springer, 2010, pp. 19–34.

[9]

N. Attrapadung, J. Herranz, F. Laguillaumie, B. Libert, E. De Panafieu, and C. Ràfols, “Attribute-based encryption schemes with constant-size ciphertexts,” Theor. Comput. Sci., vol. 422, pp. 15–38, 2012.

Digital Library

[10]

C. Chen, Z. Zhang, and D. Feng, “Efficient ciphertext policy attribute-based encryption with constant-size ciphertext and constant computation-cost,” in Proc. Int. Conf. Provable Secur., Springer, 2011, pp. 84–101.

[11]

X. Chen, J. Li, X. Huang, J. Li, Y. Xiang, and D. S. Wong, “Secure outsourced attribute-based signatures,” IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 12, pp. 3285–3294, Dec. 2014.

[12]

Y. Zhang, X. Chen, J. Li, D. S. Wong, and H. Li, “Anonymous attribute-based encryption supporting efficient decryption test,” in Proc. 8th ACM SIGSAC Symp. Inf. Comput. Commun. Secur., 2013, pp. 511–516.

[13]

A. Lewko and B. Waters, “New proof methods for attribute-based encryption: Achieving full security through selective techniques,” in Proc. Annu. Cryptol. Conf., Springer, 2012, pp. 180–198.

[14]

B. Waters, “Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization,” Lecture Notes Comput. Sci., vol. 2008, pp. 321–334, 2011.

[15]

J. Chen and H. Wee, “Semi-adaptive attribute-based encryption and improved delegation for boolean formula,” in Proc. Int. Conf. Secur. Cryptogr. Netw., Springer, 2014, pp. 277–297.

[16]

A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters, “Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption,” in Proc. Annu. Int. Conf. Theory Appl. Cryptographic Techn., Springer, 2010, pp. 62–91.

[17]

V. Koppula and B. Waters, “Realizing chosen ciphertext security generically in attribute-based encryption and predicate encryption,” in Proc. 39th Annu. Int. Cryptol. Conf., Santa Barbara, CA, USA, Springer, 2019, pp. 671–700.

[18]

T. Nishide, K. Yoneyama, and K. Ohta, “Attribute-based encryption with partially hidden encryptor-specified access structures,” in Proc. Int. Conf. Appl. Cryptogr. Netw. Secur., Springer, 2008, pp. 111–129.

[19]

T. V. X. Phuong, G. Yang, and W. Susilo, “Hidden ciphertext policy attribute-based encryption under standard assumptions,” IEEE Trans. Inf. Forensics Secur., vol. 11, no. 1, pp. 35–45, Jan. 2016.

Digital Library

[20]

H. Cui, R. H. Deng, G. Wu, and J. Lai, “An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures,” in Proc. Int. Conf. Provable Secur., Springer, 2016, pp. 19–38.

[21]

A. Kapadia, P. P. Tsang, and S. W. Smith, “Attribute-based publishing with hidden credentials and hidden policies,” in Proc. Netw. Distrib. Syst. Secur. Symp., Citeseer, 2007, pp. 179–192.

[22]

Y. Yu, J. Shi, H. Li, Y. Li, X. Du, and M. Guizani, “Key-policy attribute-based encryption with keyword search in virtualized environments,” IEEE J. Sel. Areas Commun., vol. 38, no. 6, pp. 1242–1251, Jun. 2020.

[23]

J. Li, X. Huang, J. Li, X. Chen, and Y. Xiang, “Securely outsourcing attribute-based encryption with checkability,” IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 8, pp. 2201–2210, Aug. 2014.

[24]

X. Liang, R. Lu, X. Lin, and X. S. Shen, “Ciphertext policy attribute based encryption with efficient revocation,” Tech. Rep., Univ. Waterloo, vol. 2, pp. 1–9, 2010.

[25]

S. Yu, C. Wang, K. Ren, and W. Lou, “Attribute based data sharing with attribute revocation,” in Proc. 5th ACM Symp. Inf., Comput. Commun. Secur., 2010, pp. 261–270.

[26]

J. Hur and D. K. Noh, “Attribute-based access control with efficient revocation in data outsourcing systems,” IEEE Trans. Parallel Distrib. Syst., vol. 22, no. 7, pp. 1214–1221, Jul. 2011.

Digital Library

[27]

X. Xie, H. Ma, J. Li, and X. Chen, “New ciphertext-policy attribute-based access control with efficient revocation,” in Proc. Inf. Commun. Technol.-EurAsia Conf., Springer, 2013, pp. 373–382.

[28]

Y. Jiang, W. Susilo, Y. Mu, and F. Guo, “Ciphertext-policy attribute-based encryption supporting access policy update and its extension with preserved attributes,” Int. J. Inf. Secur., vol. 17, no. 5, pp. 533–548, 2018.

Digital Library

[29]

J. Kim, W. Susilo, J. Baek, S. Nepal, and D. Liu, “Ciphertext-delegatable CP-ABE for a dynamic credential: A modular approach,” in Proc. Australas. Conf. Inf. Secur. Privacy, Springer, 2019, pp. 3–20.

[30]

J. Wei, X. Chen, X. Huang, X. Hu, and W. Susilo, “RS-HABE: Revocable-storage and hierarchical attribute-based access scheme for secure sharing of e-health records in public cloud,” IEEE Trans. Dependable Secure Comput., vol. 18, no. 5, pp. 2301–2315, Sep./Oct. 2021.

Digital Library

[31]

D. Han, N. Pan, and K.-C. Li, “A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection,” IEEE Trans. Dependable Secure Comput., vol. 19, no. 1, pp. 316–327, Jan./Feb. 2022.

Digital Library

[32]

N. Attrapadung, “Unbounded dynamic predicate compositions in attribute-based encryption,” in Proc. 38th Annu. Int. Conf. Theory Appl. Cryptographic Techn., Darmstadt, Germany, Springer, 2019, pp. 34–67.

[33]

M. Blaze, G. Bleumer, and M. Strauss, “Divertible protocols and atomic proxy cryptography,” in Proc. Int. Conf. Theory Appl. Cryptographic Techn., Springer, 1998, pp. 127–144.

[34]

G. Ateniese, K. Fu, M. Green, and S. Hohenberger, “Improved proxy re-encryption schemes with applications to secure distributed storage,” ACM Trans. Inf. Syst. Secur., vol. 9, no. 1, pp. 1–30, 2006.

Digital Library

[35]

X. Liang, Z. Cao, H. Lin, and J. Shao, “Attribute based proxy re-encryption with delegating capabilities,” in Proc. Int. Symp. Inf., Comput. Commun. Secur., 2009, pp. 276–286.

[36]

K. Liang et al., “A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing,” Future Gener. Comput. Syst., vol. 52, pp. 95–108, 2015.

Digital Library

[37]

K. Liang and W. Susilo, “Searchable attribute-based mechanism with efficient data sharing for secure cloud storage,” IEEE Trans. Inf. Forensics Secur., vol. 10, no. 9, pp. 1981–1992, Sep. 2015.

Digital Library

[38]

C. Ge, W. Susilo, J. Wang, Z. Huang, L. Fang, and Y. Ren, “A key-policy attribute-based proxy re-encryption without random oracles,” Comput. J., vol. 59, no. 7, pp. 970–982, Jul. 2016.

[39]

K. Liang, M. H. Au, W. Susilo, D. S. Wong, G. Yang, and Y. Yu, “An adaptively CCA-secure ciphertext-policy attribute-based proxy re-encryption for cloud data sharing,” in Proc. Int. Conf. Inf. Secur. Pract. Exp., Springer, 2014, pp. 448–461.

[40]

C. Ge, W. Susilo, L. Fang, J. Wang, and Y. Shi, “A CCA-secure key-policy attribute-based proxy re-encryption in the adaptive corruption model for dropbox data sharing system,” Designs, Codes Cryptogr., vol. 86, no. 11, pp. 2587–2603, 2018.

Digital Library

[41]

C. Ge, W. Susilo, Z. Liu, J. Xia, P. Szalachowski, and F. Liming, “Secure keyword search and data sharing mechanism for cloud computing,” IEEE Trans. Dependable Secure Comput., vol. 18, no. 6, pp. 2787–2800, Nov./Dec. 2021.

Digital Library

[42]

A. Sahai, H. Seyalioglu, and B. Waters, “Dynamic credentials and ciphertext delegation for attribute-based encryption,” in Proc. Annu. Cryptol. Conf., Springer, 2012, pp. 199–217.

[43]

Nik-U, “PBC package,” 2015. [Online]. Available: https://github.com/Nik-U/pbc

[44]

B. Lynn et al., “PBC library,” 2006. [Online]. Available: http://crypto.stanford.edu/pbc

Cited By

Lan CLi HWang CYang XYao H(2024)KASE-AKAComputer Standards & Interfaces10.1016/j.csi.2024.10385290:COnline publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1016/j.csi.2024.103852
Umar TNadeem MAnwer F(2024)A new modified Skew Tent Map and its application in pseudo-random number generatorComputer Standards & Interfaces10.1016/j.csi.2023.10382689:COnline publication date: 25-Jun-2024
https://dl.acm.org/doi/10.1016/j.csi.2023.103826
Liu ZMambo MTso RTseng Y(2024)Anonymous hierarchical identity-based encryption with delegated traceability for cloud-based data sharing systemsComputer Standards & Interfaces10.1016/j.csi.2023.10381789:COnline publication date: 25-Jun-2024
https://dl.acm.org/doi/10.1016/j.csi.2023.103817
Show More Cited By

Index Terms

Attribute-Based Proxy Re-Encryption With Direct Revocation Mechanism for Data Sharing in Clouds
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption
  2. Security services

Index terms have been assigned to the content through auto-classification.

Recommendations

Attribute-based Proxy Re-encryption with Direct Revocation Mechanism for Data Sharing in Clouds
ACM TURC '23: Proceedings of the ACM Turing Award Celebration Conference - China 2023

Cloud computing, which provides adequate storage and computation capability, has been a prevalent information infrastructure. Secure data sharing is a basic demand when data was outsourced to a cloud server. Attribute-based proxy re-encryption has been ...
A ciphertext-policy attribute-based proxy re-encryption scheme for data sharing in public clouds

Ciphertext-policy attribute-based proxy re-encryption CP-ABPRE extends the traditional Proxy Re-Encryption PRE by allowing a semi-trusted proxy to transform a ciphertext under an access policy to another ciphertext with the same plaintext under a new ...
A pairing-free certificate-based proxy re-encryption scheme for secure data sharing in public clouds

To assure the confidentiality of the sensitive data stored in public cloud storages, the data owners should encrypt their data before submitting them to the clouds. However, it brings new challenge for us to effectively share the encrypted data in the ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image IEEE Transactions on Dependable and Secure Computing

IEEE Transactions on Dependable and Secure Computing Volume 21, Issue 2

March-April 2024

500 pages

Issue’s Table of Contents

1545-5971 © 2023 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.

Publisher

IEEE Computer Society Press

Washington, DC, United States

Publication History

Published: 11 April 2023

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 24 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lan CLi HWang CYang XYao H(2024)KASE-AKAComputer Standards & Interfaces10.1016/j.csi.2024.10385290:COnline publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1016/j.csi.2024.103852
Umar TNadeem MAnwer F(2024)A new modified Skew Tent Map and its application in pseudo-random number generatorComputer Standards & Interfaces10.1016/j.csi.2023.10382689:COnline publication date: 25-Jun-2024
https://dl.acm.org/doi/10.1016/j.csi.2023.103826
Liu ZMambo MTso RTseng Y(2024)Anonymous hierarchical identity-based encryption with delegated traceability for cloud-based data sharing systemsComputer Standards & Interfaces10.1016/j.csi.2023.10381789:COnline publication date: 25-Jun-2024
https://dl.acm.org/doi/10.1016/j.csi.2023.103817
Maiti SMisra SMondal A(2024)MBPComputer Communications10.1016/j.comcom.2023.11.020214:C(57-66)Online publication date: 12-Apr-2024
https://dl.acm.org/doi/10.1016/j.comcom.2023.11.020
Li XXie YWang HSu XLi H(2023)dAPRE:Efficient and Reliable Attribute-Based Proxy Re-Encryption Using DAG for Data Sharing in IoTIEEE Transactions on Consumer Electronics10.1109/TCE.2023.334602870:1(584-596)Online publication date: 22-Dec-2023
https://dl.acm.org/doi/10.1109/TCE.2023.3346028

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents