Computer Science ›› 2022, Vol. 49 ›› Issue (10): 327-334.doi: 10.11896/jsjkx.211000189

• Information Security • Previous Articles     Next Articles

Lazy-mode Ciphertext-update Based Approach for CP-ABE Attribute Change

LEI Xue-jiao, WANG Yin-long, Nurmamat HELIL   

  1. College of Mathematics and System Science,Xinjiang University,Urumqi 830017,China
  • Received:2021-10-25 Revised:2022-04-06 Online:2022-10-15 Published:2022-10-13
  • About author:LEI Xue-jiao,born in 1997,postgra-duate.Her main research interests include information security and cryptography.
    Nurmamat HELIL,born in 1976,Ph.D,professor,Ph.D supervisor.His main research interests include information system security,access control,and cloud storage security.
  • Supported by:
    National Natural Science Foundation of China(61862059,61562085).

Abstract: Ciphertext-policy attribute-based encryption(CP-ABE) can be used to realize secure data sharing in cloud computing environments.However,user attribute change(attribute revocation and addition) in CP-ABE is a tricky problem.Generally,attribute change is realized via the proxy server’s secondary encryption of ciphertext and key update.However,when enforcing an attribute change,all ciphertexts related to this attribute should be updated.This paper proposes a user attribute change approach based on lazy-mode ciphertext-update.It analyzes the user’s access ability(before attribute revocation or after attribute addition) to the ciphertexts involved in attribute change and determines if these ciphertexts need to be updated,minimizing the scope of the ciphertexts that need to be updated and reducing the number of updates.This approach improves its efficiency by avoiding unnece-ssary ciphertext updates and shortening the ciphertext while preserving the original security features of the CP-ABE.Finally,a small-size test is conducted to verify the correctness of the proposed approach.

Key words: Ciphertext-policy attribute-based encryption, Attribute revocation, Attribute addition, Ciphertext update, Lazy-mode

CLC Number: 

  • TP309
[1]BETHENCOURT J,SAHAL A,WATERS B.Ciphertext-Policy Attribute-Based Encryption[C]//IEEE Symposium on Security &Privacy.IEEE Computer Society,2007:321-334.
[2]GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based Encryption for Fine-grained Access Control of Encrypted Data[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security.USA,2006:89-98.
[3]WATERS B.Ciphertext-policy Attribute-based Encryption:anExpressive,Efficient,and Provably Secure Realization[C]//International Workshop on Public Key Cryptography.Berlin:Springer,2008:53-70.
[4]ZU L,LIU Z,LI J.New Ciphertext-policy Attribute-based Encryption with Efficient Revocation[C]//2014 IEEE InternationalConference on Computer and Information Technology(CIT).IEEE,2014:281-287.
[5]XIE X,MA H,LI J,et al.An Efficient Ciphertext-Policy Attri-bute-Based Access Control Towards Revocation in Cloud Computing[J].Journal of Universal Computer Science,2013,19(16):2349-2367.
[6]HUR J,DONG K N.Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems[J].IEEE Transa-ctions on Parallel & Distributed Systems,2011,22(7):1214-1221.
[7]LIU C W,HSIEN W F,YANG C C,et al.A Survey of Attri-bute-Based Access Control with User Revocation in Cloud Data Storage[J].International Journal of Network Security,2016,18(5):900-916.
[8]YONG C,WANG Z Y,MA J,et al.Efficient Revocation in Ciphertext-Policy Attribute-Based Encryption Based Cryptogra-phic Cloud Storage[J].Journal of Zhejiang University-SCIENCE C(Computers & Electronics),2013,14(2):85-97.
[9]WANG P P,FENG D G,ZHANG L W.CP-ABE scheme supporting fully fine-grained attribute revocation[J].Journal of Software,2012,23(10):2805-2816.
[10]PIRRETTI M,TRAYNOR P,MCDANIEL P,et al.Secure Attribute-Based Systems[J].Journal of Computer Security,2010,18(5):799-837.
[11]FH A,MWA B,ST A,et al.A Revocable and Outsourced Multi-Authority Attribute-Based Encryption Scheme in Fog Computing[J].Computer Networks,2021(10):1-8.
[12]LI J,SHI Y,ZHANG Y.Searchable Ciphertext-Policy Attri-bute-Based Encryption with Revo-cation in Cloud Storage[J].International Journal of Communication Systems,2017,30(1):2933-2947.
[13]ZHANG W F,CHEN Z,LIU X D,et al.CP-ABE scheme supporting Fine-grained attribute direct revocation[J].Journal of Software,2019,30(9):2760-2771.
[14]LI J,YAO W,HAN J,et al.User Collusion Avoidance CP-ABE with Efficient Attribute Revocation for Cloud Storage[J].IEEE Systems Journal,2018(12):1767-1777.
[15]SUN L,ZHAO Z Y,WANG J H,et al.Attribute-based encryption scheme supporting attribute revocation in cloud storage environment[J].Journal of Communications,2019,40(5):47-56.
[16]YAN X X,TANG Y L.Attribute-based encryption scheme with efficient revocation in data outsourcing systems[J].Journal on Communications,2015,36(10):92-100.
[1] QIAO Mao,QIN Ling. AB-ACCS Scheme for Revocation of Efficient Attributes in Cloud Storage Services [J]. Computer Science, 2019, 46(7): 96-101.
[2] JIANG Ze-tao,HUANG Jin,HU Shuo,XU Zhi. Fully-outsourcing CP-ABE Scheme with Revocation in Cloud Computing [J]. Computer Science, 2019, 46(7): 114-119.
[3] LIU Sheng-jie, WANG Jing. Privacy Preserving Scheme for SNS in Cloud Environment [J]. Computer Science, 2019, 46(2): 133-138.
[4] WANG Jing, SI Shu-jian. Attribute Revocable Access Control Scheme for Brain-Computer Interface Technology [J]. Computer Science, 2018, 45(9): 187-194.
[5] ZHANG Guang-hua, LIU Hui-meng, CHEN Zhen-guo. Attribute-based Revocation Scheme in Cloud Computing Environment [J]. Computer Science, 2018, 45(8): 134-140.
[6] WENG An-xiang and LING Jie. Improved Scheme of CP-ABE with Hidden Access Structure [J]. Computer Science, 2017, 44(Z11): 377-380.
[7] YIN Kai-ze and WANG Hai-hang. Research on Access Control Model in Multi-clouds Storage System Based on CP-ABE [J]. Computer Science, 2016, 43(9): 165-168.
[8] LIU Xiao-jian, WANG Li-sheng and LIAO Xin-kao. Multiple Permissions Secure Access Control Scheme Combining CP-ABE and XACML in Cloud Storage [J]. Computer Science, 2016, 43(3): 118-121.
[9] ZHANG Bing-hong, ZHANG Chuan-rong, JIAO He-ping and ZHANG Xin-wei. Secure Model of Cloud Storage Supporting Attribute Revocation [J]. Computer Science, 2015, 42(7): 210-215.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!