FDCO: attribute-based fast data cloud-outsourcing scheme for mobile devices

  • PDF / 974,781 Bytes
  • 18 Pages / 595.276 x 790.866 pts Page_size
  • 31 Downloads / 213 Views

DOWNLOAD

REPORT

REGULAR CONTRIBUTION

FDCO: attribute-based fast data cloud-outsourcing scheme for mobile devices Yanting Zhang2,4

· Jianwei Liu1 · Zongyang Zhang1,3

· Weiran Liu2

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Abstract We propose an attribute-based fast data cloud-outsourcing (FDCO) scheme, which shows great performance in mobile devices. Technically, this work is a CCA-secure online/offline key encapsulation scheme based on ciphertext-policy attribute-based encryption with public validity test and indirect user revocation mechanism. We adapt it to a mobile cloud-outsourcing scenario and present a concrete system. Our scheme is equipped with the following desirable properties: First, encapsulation needs only several lightweight online modular addition/multiplication operations, which is appealing to mobile users. Second, it is equipped with an efficient indirect user revocation mechanism to support access credential revocation. Third, it supports public encapsulation validity test, which enables auditors to filter invalid data, so as to prevent attackers from sending invalid data to stuff users’ accounts. Finally, we prove its security against chosen-ciphertext attacks (CCA) in the standard model. We conduct theoretical analyses and extensive experiments to show that our scheme is practical and efficient in application. Keywords Attribute-based encryption · Public validity test · Chosen-ciphertext security · Revocable encryption · Online/offline encryption

1 Introduction One major security concern in untrusted public cloud storage systems is that a dishonest cloud storage server may read and abuse users’ sensitive data without authorization. The basic idea of enforcing data access control is to encrypt before storing. Many cryptographic access control countermea-

B

Zongyang Zhang [email protected] Yanting Zhang [email protected] Jianwei Liu [email protected] Weiran Liu [email protected]

1

School of Cyber Science and Technology, Beihang University, Beijing, China

2

School of Electronic and Information Engineering, Beihang University, Beijing, China

3

Hefei Innovation Research Institute, Beihang University, Hefei, Anhui Province, China

4

ShenYuan Honors College, Beihang University, Beijing, China

sures have been proposed to address this problem. However, with the number of users increasing, traditional public key cryptographic countermeasures suffer from complicated key management and high storage overheads. Attribute-based encryption (ABE) [23] is considered as a prominent technique for data access control in untrusted storage systems, which helps data owners to exert fine-grained access control policies without the remote storage server being trusted. Considering practical scenarios (e.g., commercial data & corporation documents outsourcing), a data access control system should protect the security of data, support access credential revocation, as well as satisfy users’ efficiency requirement. When equipped with these desirable properties, it is difficult f

Data Loading...