Enabling Access Control for Encrypted Multi-Dimensional Data in Cloud Computing through Range Search

With the growing popularity of cloud computing, data owners are increasingly opting to outsource their data to cloud servers due to the numerous benefits it offers. However, this outsourcing raises concerns about data privacy since the data stored on remote cloud servers is not directly controlled by the owners. Encryption of the data is an effective approach to mitigate these privacy concerns. However, encrypted data lacks distinguishability, leading to limitations in supporting common operations such as range search and access control. In this research paper, we propose a method called RSAC (Range Search Supporting Access Control) for encrypted multi-dimensional data in cloud computing. Our method leverages policy design, bucket embedding, algorithm design, and Ciphertext Policy-Attribute Based Encryption (CPABE) to achieve its objectives. We present extensive experimental results that demonstrate the efficiency of our method and conduct a thorough security analysis to ensure its robustness. Our proposed RSAC method addresses the challenges of range search and access control over encrypted multi-dimensional data, thus contributing to enhancing privacy and security in cloud computing environments

Reusable garbled circuits and succinct functional encryption

Garbled circuits, introduced by Yao in the mid 80s, allow computing a function f on an input x without leaking anything about f or x besides f(x). Garbled circuits found numerous applications, but every known construction suffers from one limitation: it offers no security if used on multiple inputs x. In this paper, we construct for the first time reusable garbled circuits. The key building block is a new succinct single-key functional encryption scheme. Functional encryption is an ambitious primitive: given an encryption Enc(x) of a value x, and a secret key sk_f for a function f, anyone can compute f(x) without learning any other information about x. We construct, for the first time, a succinct functional encryption scheme for {\em any} polynomial-time function f where succinctness means that the ciphertext size does not grow with the size of the circuit for f, but only with its depth. The security of our construction is based on the intractability of the Learning with Errors (LWE) problem and holds as long as an adversary has access to a single key sk_f (or even an a priori bounded number of keys for different functions). Building on our succinct single-key functional encryption scheme, we show several new applications in addition to reusable garbled circuits, such as a paradigm for general function obfuscation which we call token-based obfuscation, homomorphic encryption for a class of Turing machines where the evaluation runs in input-specific time rather than worst-case time, and a scheme for delegating computation which is publicly verifiable and maintains the privacy of the computation.Natural Sciences and Engineering Research Council of Canada (NSERC Discovery Grant)United States. Defense Advanced Research Projects Agency (DARPA award FA8750-11-2-0225)United States. Defense Advanced Research Projects Agency (DARPA award N66001-10-2-4089)National Science Foundation (U.S.) (NSF award CNS-1053143)National Science Foundation (U.S.) (NSF award IIS-1065219)Google (Firm

Fine-Grained Access Control Systems Suitable for Resource-Constrained Users in Cloud Computing

For the sake of practicability of cloud computing, fine-grained data access is frequently required in the sense that users with different attributes should be granted different levels of access privileges. However, most of existing access control solutions are not suitable for resource-constrained users because of large computation costs, which linearly increase with the complexity of access policies. In this paper, we present an access control system based on ciphertext-policy attribute-based encryption. The proposed access control system enjoys constant computation cost and is proven secure in the random oracle model under the decision Bilinear Diffie-Hellman Exponent assumption. Our access control system supports AND-gate access policies with multiple values and wildcards, and it can efficiently support direct user revocation. Performance comparisons indicate that the proposed solution is suitable for resource-constrained environment

Attribute-based encryption for cloud computing access control: A survey

National Research Foundation (NRF) Singapore; AXA Research Fun