高效可证明安全的基于属性的在线/离线加密机制

doi:10.3969/j.issn.1000-436x.2014.07.013

Journal on Communications ›› 2014, Vol. 35 ›› Issue (7): 104-112.doi: 10.3969/j.issn.1000-436x.2014.07.013

• paperⅡ • Previous Articles Next Articles

Efficient and provably secure attribute-based online/offline encryption schemes

Hai-ying MA^1,²,Guo-sun ZENG¹,GZhan-jun WAN³,Wei WANG¹

¹ Department of Computer Science and Technology, Tongji University, Shanghai 201804, China
² College of Computer Science and Technology, Nantong University, Nantong 226019, China
³ School of Science, Nantong University, Nantong 226007, China

Online:2014-07-25 Published:2017-06-24
Supported by:
The National High Technology Research and Development Program of China(863 Program);The National Natural Science Foundation of China;The National Natural Science Foundation of China;The National Natural Science Foundation of China;The National Natural Science Foundation of China;The National Natural Science Foundation of China;The National Natural Science Foundation of China;The National Natural Science Foundation of China;The Joint of NSFC and Microsoft Asia Research;The Program of Shanghai Subject Chief Scientist;The Ph.D. Programs Foundation of Ministry of Education of China;The Special Fund for Fast Sharing of Science Paper in Net Era by CSTD;Shanghai Natural Science Foundation Program;The Science and Tech-nology Project of Nantong;The Science and Tech-nology Project of Nantong;The Science and Tech-nology Project of Nantong;The Natural Science Foundation of the Jiangsu Higher Education Institutions of China;The Natural Science Foundation of the Jiangsu Higher Education Institutions of China

Abstract

Abstract:

To improve the encryption efficiency, the online/offline cryptography was extended to ABE and the primitive of attribute-based online/offline encryption (ABOOE) was proposed. The ABOOE non-trivially splited the encryption process into two phases: the offline phase first executed most of heavy computations prior to knowing the message and the attributes' set; and then the online phase only performed light computations to produce the ciphertext once the attrib-utes' set and the message get available. An ABOOE scheme was first constructed with the CPA security. To enhance its security, the primitive of attribute-based online/offline KEM (ABOOKEM) was also introduced and a concrete ABOOKEM scheme was given, and then a generic transformation was proposed to get security against chosen-ciphertext attack (CCA) for ABOOE from any ABOOKEM with one-wayness. This transformation greatly improved the security for ABOOE without increasing the amount of computation. Compared with the famous ABE schemes, the proposed schemes improved the encryption efficiency and get suitable for power-constrained devices.

Key words: attribute-based encryption, online/offline, key encapsulation, lightweight devices, provable security

Hai-ying MA,Guo-sun ZENG,GZhan-jun WAN,Wei WANG. Efficient and provably secure attribute-based online/offline encryption schemes[J]. Journal on Communications, 2014, 35(7): 104-112.

Figures/Tables 1

References 24

[1]	SAHAI A , WATERS B . Fuzzy identity based encryption[A]. Proc of the EUROCRYPT[C]. Aarhus, Denmark, 2005. 457-473.
[2]	GOYAL V , PANDEY O , SAHAI A , et al. Attribute-based encryption for fine-grained access control of encrypted data[A]. Proc of the 13th ACM Conference on Computer and Communication Security[C]. Alexandria, Virginia, USA, 2006. 89-98.
[3]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attrib-ute-based encryption[A]. Proc of the 2007 IEEE Symposium on Secu-rity and Privacy[C]. Oakland, California, USA, 2007. 321-334.
[4]	ATTRAPADUNG N , IMAI H . Dual-Policy attribute based encryp-tion[A]. Applied Cryptography and Network Security[C]. Paris, France, 2009. 168-185.
[5]	CHEUNG L , NEWPORT C . Provably secure ciphertext policy ABE[A]. Computer and Communications Security[C]. New York, USA, 2007. 456-465.
[6]	OKAMOTO T , SAHAI A , WATERS B . Attribute-based encryption with non-monotonic access structures[A]. Proc of the 14th ACM Con-ference on Computer and Communication Security[C]. New York, USA, 2007. 195-203.
[7]	王鹏翩，冯登国，张立武 . 一种支持完全细粒度属性撤销的CP-ABE方案[J]. 软件学报， 2012,23(10):2805-2816. WANG P P , FENG D G , ZHANG L W . CP-ABE scheme supporting fully fine-grained attribute revocation[J]. Chinese Journal of Software, 2012,23(10):2805-2816.
[8]	ATTRAPADUNG N , IMAI H , Conjunctive broadcast and attrib-ute-based encryption[A]. Proc of the Pairing-Based Cyptography-Pairing 2009[C]. Palo Alto,USA, 2009. 248-265.
[9]	马海英，曾国荪 . 可追踪并撤销叛徒的属性基加密方案[J]. 计算机学报， 2012,35(9):1845-1855. MA H Y , ZENG G S . An attribute-based encryption scheme for traitor tracing and revocation together[J]. Chinese Journal of Computers, 2012,35(9):1845-1855.
[10]	WANG Y T , CHEN K F , CHEN J H . Attribute-based traitor tracing[J]. Journal of Information Science and Engineering, 2011,27(1):181-195.
[11]	YU S C , REN K , LOU W J , LI J . Defending against key abuse attacks in KP-ABE enabled broadcast system[A]. Pro of the Security and Pri-vacy in Communication Networks[C]. Athens, Greece, 2009. 311-329.
[12]	LI J , REN K , ZHU B , et al. Privacy-aware attribute-based encryp-tion with user accountability[J]. Information Security, 2009,5735:347-362.
[13]	WANG Y T , CHEN K F , LONG Y . Toward accountable authority attrib-ute-based encryption[J]. High Technology Letters, 2013,19(1):82-87.
[14]	BOZOVIC V , SOCEK D , STEINWANDT R , et al. Multi-authority attribute based encryption with honest-but-curious central authority[J]. International Journal of Computer mathematics, 2012,89(1/3):268-283.
[15]	LEWKO A , WATERS B . Decentralizing attribute-based encryp-tion[EB/OL]. , http://eprint.iacr.org/2010/351, 2010.
[16]	LIN H , CAO Z F , LIANG X H , et al. Secure threshold multi-authority attribute based encryption without a central authorit[J]. Progress in Cryptology INDOCRYPT, 2008,5365:426-436.
[17]	YU S S , REN K , LOU W J . FDAC: toward fine-grained distributed data access control in wireless sensor networks[A]. IEEE INFOCOM 2009[C]. Rio de Janeiro, Brazil, 2009. 963-971.
[18]	洪澄，张敏，冯登国 . 面向云存储的高效动态密文访问控制方法[J]. 通信学报， 2011,32(7):125-132. HONG C , ZHANG M , FENG D G . Achieving efficient dynamic cryp-tographic access control in cloud storage[J]. Chinese Journal of Com-munications, 2011,32(7):125-132.
[19]	HUR J . Fine-grained data access control for distributed sensor net-works[J]. Wireless Network, 2011,17(4):1235-1249.
[20]	祁正华，杨庚，任勋益，王卉 . 基于ABE-IBS的无线传感网签名加密一体化方法[J]. 通信学报， 2010,31(4):37-44. QI Z H , YANG G , REN X Y , et al. ABE-IBS based signature- encryp-tion method for WSN[J]. Journal on Communications, 2010,31(4):37-44.
[21]	EVEN S , GOLDREICH O , MACALI S . Online/offline digital signa-tures[A]. Proc of Advances in Cryptology[C]. Santa Barbara, Califor-nia, USA, 1989. 263-275.
[22]	GUO F C , MU Y , CHEN Z D . Identity-based online/offline encryp-tion[A]. Proc of Financial Cryptography and Data Security 2008[C]. Cozumel, Mexico, 2008. 247-261.
[23]	CHOW S SM , LIU J K , ZHOU J Y . Identity-based online/offline key encapsulation and encryption[A]. Proc of ASIACCS'11[C]. Hong Kong, China, 2011. 52-60.
[24]	SAKAI R , KASAHARA M . ID based cryptosystems with pairing on elliptic curve[EB/OL]. , http://eprint.iacr.org/2003/54, 2003.

Metrics

Recommended 0

No Suggested Reading articles found!

方案	加密或在线加密	解密	密文长度	安全性
Fuzzy IBE^[1]	(\|ω\|+1)E+M	dE+dM+dP	\|ω\|\|G\|+\| G_T\|	标准模型 IND-SS-CPA
KP-ABE^[2]	(\|ω\|+1)E+M	\|ω\|P+2\|S\|E+(\|S\|+1)M	\|ω\|\|G\|+\|G_T\|	标准模型 IND-SS-CPA
ABOOE-Ⅰ	\|ω\|m_c	(2\|S\|?1)M+\|S\|P +\|S\|E	\|Z_p\|+\|ω\|(2\|G\|+\|Z_p\|)	随机模型 IND-SS-CPA
ABOOE-Ⅱ	\|ω\|m_c	(2\|S\|?1)M+\|S\|P+\|S\|E	2\|Z_p\|+\|ω\|(2\|G\|+\|Z_p\|)	随机模型 IND-SS-CCA

Efficient and provably secure attribute-based online/offline encryption schemes

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 1

References 24

Related Articles 15

Metrics

Recommended 0

[1]	Xuejiao LIU, Tiancong CAO, Yingjie XIA. Research on efficient and secure cross-domain data sharing of IoV under blockchain architecture [J]. Journal on Communications, 2023, 44(3): 186-197.
[2]	Yiliang HAN, Kaiyang GUO, Riming WU, Kai LIU. Attribute-based encryption scheme against key abuse based on OBDD access structure from lattice [J]. Journal on Communications, 2023, 44(1): 75-88.
[3]	Ziyuan WANG, Ruizhong DU. Certificateless public key cryptography based provable data possession scheme in edge environment [J]. Journal on Communications, 2022, 43(7): 62-72.
[4]	Ruizhong DU, Tianhe ZHANG, Pengliang SHI. Ciphertext policy hidden access control scheme based on blockchain and supporting data sharing [J]. Journal on Communications, 2022, 43(6): 168-178.
[5]	Xinchun YIN, Mengyu WANG, Jianting NING. Lightweight searchable medical data sharing scheme [J]. Journal on Communications, 2022, 43(5): 110-122.
[6]	Huanhuan LIAN, Huiying HOU, Yunlei ZHAO. Post-quantum verifier-based three-party password authenticated key exchange protocol [J]. Journal on Communications, 2022, 43(4): 95-106.
[7]	Zhen LIU,Yiliang HAN,Xiaoyuan YANG,Shuguang LIU. Provable security signcryption scheme based on RLWE without trapdoor [J]. Journal on Communications, 2020, 41(6): 14-25.
[8]	Xixi YAN,Xu HE,Tao LIU,Qing YE,Jinxia YU,Yongli TANG. Traceable attribute-based encryption scheme with key-delegation abuse resistance [J]. Journal on Communications, 2020, 41(4): 150-161.
[9]	Xixi YAN,Xiaohan YUAN,Yongli TANG,Yanli CHEN. Verifiable attribute-based searchable encryption scheme based on blockchain [J]. Journal on Communications, 2020, 41(2): 187-198.
[10]	Changgen PENG, Xiaoyu ZHANG, Hongfa DING, Shanhui YANG. Efficient signcryption scheme based on Cocks’ identity cryptosystem [J]. Journal on Communications, 2020, 41(12): 128-138.
[11]	Youliang TIAN,Qiuxian LI,Duo ZHANG,Linjie WANG. Provably secure rational delegation computation protocol [J]. Journal on Communications, 2019, 40(7): 135-143.
[12]	FENG Chaosheng,LUO Wangping,QIN Zhiguang,YUAN Ding,ZOU Liping. Attribute-based proxy re-encryption scheme with multiple features [J]. Journal on Communications, 2019, 40(6): 177-189.
[13]	Lei SUN,Zhiyuan ZHAO,Jianhua WANG,Zhiqiang ZHU. Attribute-based encryption scheme supporting attribute revocation in cloud storage environment [J]. Journal on Communications, 2019, 40(5): 47-56.
[14]	Youliang TIAN,Kedi YANG,Zuan WANG,Tao FENG. Algorithm of blockchain data provenance based on ABE [J]. Journal on Communications, 2019, 40(11): 101-111.
[15]	Jian LIU,Ming XIAN,Huimei WANG,Hong RONG. Optimization method for attribute-based cryptographic access control in mobile cloud computing [J]. Journal on Communications, 2018, 39(7): 39-49.