Attribute-Based Encryption (ABE) is often used in cloud storage to achieve fine-grained access control. In order to further protect the sensitive information of access control policy and solve the key escrow caused by the authority center generating the private key for users alone. In this paper, the attributes of access control policy are remapped to achieve its privacy. Additionally, a two-party computing protocol in which the user generates partial private key component is devised to solve the problem of key escrow. At last, the security of this scheme is proved in the standard model, and the performance analysis and experiment validation are conducted, which show that although some additional computation overhead is added for achieving the privacy of access control policy and solving the problem of key escrow, the receiver in proposed scheme has smaller computation overhead compared with the existing related schemes because most of the decryption is delegated to the storage center to carry out.
王光波,王建华. 基于属性加密的云存储方案研究[J]. 电子与信息学报, 2016, 38(11): 2931-2939.
WANG Guangbo, WANG Jianhua. Research on Cloud Storage Scheme with Attribute-based Encryption. JEIT, 2016, 38(11): 2931-2939.
SAHAI A and WATERS B. Fuzzy Identity-Based Encryption [M]. Heidelberg, Berlin, Springer, 2005: 457-473. doi: 10.1007 /11426639_27.
[2]
YADAV U C. Ciphertext-policy attribute-based encryption with hiding access structure[C]. 2015 IEEE International Advance Computing Conference (IACC), Bangalore, India, 2015: 6-10. doi: 10.1109/IADCC.2015.7154664.
[3]
NARUSE T, MOHRI M, and SHIRAISHI Y. Provably secure attribute-based encryption with attribute revocation and grant function using proxy re-encryption and attribute key for updating[J]. Human-centric Computing and Information Sciences, 2015, 5(1): 1-13.
[4]
WANG H, YANG B, and WANG Y. Server aided ciphertext- policy attribute-based encryption[C]. IEEE International Conference on Advanced Information Networking & Applications Workshops, Gwangju, Korea, 2015: 440-444. doi: 10.1109/WAINA.2015.11.
[5]
QI L, MA J, RUI L, et al. Large universe decentralized key- policy attribute-based encryption[J]. Security & Communi- cation Networks, 2015, 8(3): 501-509.
[6]
WANG X, ZHANG J, SCHOOLER E M, et al. Performance evaluation of attribute-based encryption: Toward data privacy in the IoT[C]. IEEE International Conference on Communications (ICC), Sydney, Australia, 2014: 725-730.
[7]
KAPADIA A, TSANG P P, and SMITH S W. Attribute- based publishing with hidden credentials and hidden policies [C]. Network and Distributed System Security Symposium, NDSS 2007, San Diego, CA, USA, 2007: 179-192.
[8]
NISHIDE T, YONEYAMA K, and OHTA K. Attribute- based Encryption with Partially Hidden Encryptor-specified Access Structures[M]. Heidelberg, Berlin, Springer, 2008: 111-129. doi: 10.1007/978-3-540-68914-0_7.
[9]
LAI J, DENG R H, and LI Y. Fully secure cipertext-policy hiding CP-ABE[J]. Lecture Notes in Computer Science, 2011, 6672: 24-39.
WANG Haibin and CHEN Shaozhen. Attribute-based encryption with hidden access structures[J]. Journal of Electronics & Information Technology, 2012, 34(2): 457-461.
[11]
HUR J. Attribute-based secure data sharing with hidden policies in smart grid[J]. IEEE Transactions on Parallel & Distributed Systems, 2013, 24(11): 2171-2180. doi: 10.1109/ TPDS.2012.61.
SONG Yan, HAN Zhen, LIU Fengmei, et al. Attribute-based encryption with hidden policies in the access tree[J]. Journal on Communications, 2015, 36(9): 119-126.
[13]
LUAN Ibraimi, QIANG Tang, PITER Hartel, et al. Efficient and Provable Secure Ciphertext-policy Attribute-Based Encryption Schemes. Information Security Practice and Experience[M]. Heidelberg, Berlin, Springer, 2009: 1-12.
[14]
CHASE M and CHOW S S M. Improving privacy and security in multi-authority attribute-based encryption[C]. ACM Conference on Computer and Communications Security, Chicago, IL, USA, 2009: 121-130. doi: 10.1145/1653662. 1653678.
[15]
YANG M, LIU F, HAN J L, et al. An efficient attribute based encryption scheme with revocation for outsourced data sharing control[C]. 2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control, Beijing, China, 2011: 516-520.
[16]
LIU Z, CAO Z, and WONG D. Traceable ciphertext-policy attribute-based encryption supporting any monotone access structures[J]. IEEE Transactions on Information Forensics and Security, 2013, 8(1): 76-88.
[17]
BONEH D and BOYEN X. Short signatures without random oracles[C]. Advances in Cryptology-EUROCRYPT 2004, Switzerland, 2004: 56-73.
[18]
ZAVATTONI E, PEREZ L J D, MITSUNARI S, et al. Software implementation of an attribute-based encryption scheme[J]. IEEE Transactions on Computers, 2015, 64(5): 1429-1441. [19] CHEUNG L and NEWPORT C. Provably secure ciphertext policy ABE[C]. Proceedings of the 14th ACM Conference on Computer and Communications Security, New York, USA, 2007: 456-465. doi: 10.1145/1315245.1315302.
[20]
LEWKO A, OKAMOTO T, SAHAI A, et al. Fully Secure Functional Encryption: Attribute-based Encryption and (Hierarchical) Inner Product Encryption[M]. Heidelberg, Berlin, Springer, 2010: 62-91. doi: 10.1007/978-3-642-13190- 5_4.
[21]
BELENKIY M, CAMENISCH J, CHASE M, et al. Randomizable Proofs and Delegatable Anonymous Credentials[M]. Heidelberg, Berlin, Springer, 2009: 108-125. doi: 10.1007/978-3-642-03356-8_7.
[22]
LYNN B. The pairing-based cryptography (PBC) library[OL]. http://crypto.stanford.edu/pbc, 2006.
[23]
BETHENCOURT J, SAHAI A, and WATERS B. Advanced crypto software collection: The cpabetoolkit[OL]. http://acsc. cs.utexas.edu/cpabe,2011.