Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (12): 317-325.doi: 10.11896/jsjkx.231000056

• Information Security • Previous Articles     Next Articles

CP-ABE Scheme Supports Fully Policy and Attribute Hidden

JIANG Luhan, TIAN Youliang, XIANG Axin   

  1. State Key Laboratory of Public Big Data, Guizhou University, Guiyang 550025, China
    College of Computer Science and Technology, Guizhou University, Guiyang 550025, China
    Institute of Cryptography & Data Security, Guizhou University, Guiyang 550025, China
    Guizhou Provincial Key Laboratory of Cryptography and Blockchain Technology, Guiyang 550025, China
  • Received:2023-10-10 Revised:2024-05-15 Online:2024-12-15 Published:2024-12-10
  • About author:JIANG Luhan,born in 1998,postgra-duate.Her main research interests include secure information security and cryptographic algorithms.
    TIAN Youliang,born in 1982,Ph.D,professor,Ph.D supervisor.His main research interests include algorithmic game theory,cryptography and security protocols,big data security and privacy protection,blockchain and electronic currency,etc.
  • Supported by:
    National Key R&D Program of China(2021YFB3101100),National Natural Science Foundation of China(62272123,62262058),Project of High-level Innovative Talents of Guizhou Province([2020]6008),Science and Technology Program of Guiyang([2021]1-5,[2022]2-4) and Science and Technology Program of Guizhou Province([2020]5017,[2022]065).

PDF (PC)

141

Abstract: The existing ciphertext-policy attribute-based encryption schemes that support policy or attribute hiding can achieve fine-grained access control for privacy protection,but most of them only realize partial policy hiding of attribute values,and ignore the problem of hiding user attributes during key generation,which is still prone to user privacy information leakage.To address the above problems,a CP-ABE scheme that fully hides access policy and user attributes for data access control and user privacy information protection during key generation is proposed.Firstly,the attribute Morton filter(AMF) is proposed,in which the access policy is fully hidden in the AMF during the encryption phase,and the user can efficiently query and accurately determine the position of attributes in the policy during the decrypt phase.Secondly,a zk-SNARKs-based key generation method is developed to effectively conceal the user attributes throughout the key generation process.Finally,security and performance analysis are conducted to evaluate the proposed scheme,demonstrating its indistinguishability under chosen-plaintext attack security without compromising efficiency.

Key words: Attribute-based encryption, Access policy, User attributes, Fully hidden, Attribute Morton filters

CLC Number: 

  • TP309
[1]BASU S,BARDHAN A,GUPTA K,et al.Cloud computing security challenges & solutions-A survey[C]//2018 IEEE 8th Annual Computing and Communication Workshop and Confe-rence(CCWC).Las Vegas: IEEE,2018:347-356.
[2]SUBRAMANIAN N,JEYARAJ A.Recent security challenges in cloud computing[J].Computers & Electrical Engineering,2018,71:28-42.
[3]BIRJE M N,CHALLAGIDAD P S,GOUDAR R H,et al.Cloud computing review:concepts,technology,challenges and security[J].International Journal of Cloud Computing,2017,6(1):32-57.
[4]SAHAI A,WATERS B.Fuzzy identity-based encryption[C]//Advances in Cryptology-EUROCRYPT 2005:24th Annual International Conference on the Theory and Applications of Cryptographic Techniques.Denmark:Springer,2005:457-473.
[5]BETHENCOURT J,SAHAI A,Waters B.Ciphertext-policy attribute-based encryption[C]//2007 IEEE Symposium on Security and Privacy(SP’07).Piscataway:IEEE,2007:321-334.
[6]GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security.Alexandria:ACM,2006:89-98.
[7]LAI J,DENG R H,LI Y.Expressive CP-ABE with partially hidden access structures[C]//Proceedings of the 7th ACM Symposium on Information,Computer and Communications Security.New York:ACM,2012:18-19.
[8]BEIMEL A.Secure Schemes for Secret Sharing and Key Distribution[J/OL].https://www.cs.bgu.ac.il/~beimel/Papers/thesis.pdf.
[9]HAN D,PAN N,LI K C.A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection[J].IEEE Transactions on Dependable and Secure Computing,2022,19(1):316-327.
[10]ZHANG Z,ZHANG W,QIN Z.A partially hidden policy CP-ABE scheme against attribute values guessing attacks with online privacy-protective decryption testing in IoT assisted cloud computing[J].Future Generation Computer Systems,2021,123:181-195.
[11]CHINNASAMY P,DEEPALAKSHMI P,DUTTA A K,et al.Ciphertext-policy attribute-based encryption for cloud storage:Toward data privacy and authentication in AI-enabled IoT system[J].Mathematics,2021,10(1):1-24.
[12]ZHANG W,ZHANG Z,XIONG H,et al.PHAS-HEKR-CP-ABE:partially policy-hidden CP-ABE with highly efficient key revocation in cloud data sharing system[J].Journal of Ambient Intelligence and Humanized Computing,2022,13(1):613-627.
[13]HAN Q,ZHANG Y,LI H.Efficient and robust attribute-based encryption supporting access policy hiding in Internet of Things[J].Future Generation Computer Systems,2018,83:269-277.
[14]BRODER A,MITZENMACHER M.Network applications ofbloom filters:A survey[J].Internet Mathematics,2004,1(4):485-509.
[15]MA H,ZHOU D,LI P,et al.EVOAC-HP:An Efficient andVerifiable Outsourced Access Control Scheme with Hidden Po-licy[J].Sensors,2023,23(9):4384.
[16]BA Y,HU X,CHEN Y,et al.A blockchain-based CP-ABEscheme with partially hidden access structures[J].Security and Communication Networks,2021,2021:1-16.
[17]YING Z,JIANG W,LIU X,et al.Reliable policy updating under efficient policy hidden fine-grained access control framework for cloud data sharing[J].IEEE Transactions on Services Computing,2021,15(6):3485-3498.
[18]FAN B,ANDERSEN D G,KAMINSKY M,et al.Cuckoo filter:Practically better than bloom[C]//Proceedings of the 10th ACM International on Conference on Emerging Networking Experiments and Technologies.Australia:ACM,2014:75-88.
[19]XUE J,SHI L,ZHANG W,et al.Poly-ABE:A traceable and revocable fully hidden policy CP-ABE scheme for integrated demand response in multi-energy systems[J].Journal of Systems Architecture,2023,143(1):102982.
[20]CHASE M,CHOW S S M.Improving privacy and security in multi-authority attribute-based encryption[C]//Proceedings of the 16th ACM Conference on Computer and Communications Security.New York:ACM,2009:121-130.
[21]JUNG T,LI X Y,WAN Z,et al.Privacy preserving cloud data access with multi-authorities[C]//2013 Proceedings IEEE INFOCOM.Piscataway:IEEE,2013:2625-2633.
[22]NASIRAEE H,ASHOURI-TALOUKI M.Anonymous decen-tralized attribute-based access control for cloud-assisted IoT[J].Future Generation Computer Systems,2020,110:45-56.
[23]DUAN Z,ZHU J,ZHAO J Y.IAM-BDSS:A Secure Ciphertext-Policy and Identity-Attribute Management Data Sharing Scheme based on Block-chain[C]//2022 International Conference on Blockchain Technology and Information Security(ICBCTIS).Piscataway:IEEE,2022:117-122.
[24]BRESLOW A D,JAYASENA N S.Morton filters:faster,space-efficient cuckoo filters via biasing,compression,and decoupled logical sparsity[J].Proceedings of the VLDB Endowment,2018,11(9):1041-1055.
[25]APPLEBY A.Murmurhash[DB/OL].https://sites.google.com/site/murmurhash,2008.
[26]REITWIESSNER C.zkSNARKs in a nutshell[J].EthereumBlog,2016,6(1):1-15.
[27]BANERJEE A,CLEAR M,TEWARI H.Demystifying the Role of zk-SNARKs in Zcash[C]//2020 IEEE Conference on Application,Information and Network Security(AINS).Malaysia:IEEE,2020:12-19.
[28]SOBER M,KOBELT M,SCAFFINO G,et al.Distributed Key Generation with Smart Contracts using zk-SNARKs[C]//Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing.Tallinn Estonia:ACM,2023:231-240.
[29]BEN-SASSON E,CHIESA A,RIABZEV M,et al.Aurora:Transparent succinct arguments for R1CS[C]//Advances in Cryptology-EUROCRYPT 2019.Springer International Publishing,2019:103-128.
[30]GENNARO R,GENTRY C,PARNO B,et al.Quadratic spanprograms and succinct NIZKs without PCPs[C]//Advances in Cryptology-EUROCRYPT 2013.Greece:Springer,2013:626-645.
[31]CHEUNG L,NEWPORT C.Provably secure ciphertext policy ABE[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security.Virginia:ACM,2007:456-465.
[32]TU S,NIU S,LI H.A fine-grained access control and revocation scheme on clouds[J].Concurrency and Computation:Practice and Experience,2016,28(6):1697-1714.
[1] YAN Li, YIN Tian, LIU Peishun, FENG Hongxin, WANG Gaozhou, ZHANG Wenbin, HU Hailin, PAN Fading. Overview of Attribute-based Searchable Encryption [J]. Computer Science, 2024, 51(11A): 231100137-12.
[2] WANG Zheng, WANG Jingwei, YIN Xinchun. Attribute-based Sanitizable and Collaborative Data Sharing Scheme in Medical Scenarios [J]. Computer Science, 2024, 51(10): 416-424.
[3] LEI Xue-jiao, WANG Yin-long, Nurmamat HELIL. Lazy-mode Ciphertext-update Based Approach for CP-ABE Attribute Change [J]. Computer Science, 2022, 49(10): 327-334.
[4] HE Heng, JIANG Jun-jun, FENG Ke, LI Peng, XU Fang-fang. Efficient Multi-keyword Retrieval Scheme Based on Attribute Encryption in Multi-cloud Environment [J]. Computer Science, 2021, 48(11A): 576-584.
[5] SHI Yu-qing, LING Jie. Online/Offline Attribute-based Encryption with User and Attribute Authority Accountability [J]. Computer Science, 2020, 47(4): 292-297.
[6] ZHANG Zheng, WANG Hong-zhi, DING Xiao-ou, LI Jian-zhong, GAO Hong. Identification of Same User in Social Networks [J]. Computer Science, 2019, 46(9): 93-98.
[7] LIU Sheng-jie, WANG Jing. Privacy Preserving Scheme for SNS in Cloud Environment [J]. Computer Science, 2019, 46(2): 133-138.
[8] CHU Xiao-lu, LIU Pei-shun. Multi-authority Encryption Scheme Based on Public and Private Attributes [J]. Computer Science, 2018, 45(11): 124-129.
[9] YAN Ming, ZHANG Ying-hui, ZHENG Dong, LV Liu-di, SU Hao-nan. Flexibly Accessed and Vaguely Searchable EHR Cloud Service System [J]. Computer Science, 2018, 45(10): 172-177.
[10] WENG An-xiang and LING Jie. Improved Scheme of CP-ABE with Hidden Access Structure [J]. Computer Science, 2017, 44(Z11): 377-380.
[11] MA Xiao-xiao and YU Gang. Publicly Accountable Ciphertext-policy Attribute-based Encryption Scheme [J]. Computer Science, 2017, 44(5): 160-165.
[12] SONG Wen-na, XIANG Guang-li, LI An-kang, ZHANG Yue-xin and TAO Ran. Improved Attribute-based Encryption Scheme [J]. Computer Science, 2017, 44(1): 167-171.
[13] DING Xiao-hong, QIN Jing-yuan and WANG Xin. Attribute-based Encryption Scheme with Outsourcing Decryption Method [J]. Computer Science, 2016, 43(Z6): 357-360.
[14] YIN Kai-ze and WANG Hai-hang. Research on Access Control Model in Multi-clouds Storage System Based on CP-ABE [J]. Computer Science, 2016, 43(9): 165-168.
[15] HUANG Bao-hua, JIA Feng-wei and WANG Tian-jing. Database Access Control Policy Based on Attribute in Cloud Storage Platform [J]. Computer Science, 2016, 43(3): 167-173.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.