Multi-authority attribute based encryption with honest-but-curious central authority

An attribute based encryption scheme capable of handling multiple authorities was recently proposed by Chase. The scheme is built upon a single-authority attribute based encryption scheme presented earlier by Sahai and Waters. Chase’s construction uses a trusted central authority that is inherently capable of decrypting arbitrary ciphertexts created within the system. We present a multi-authority attribute based encryption scheme in which only the set of recipients defined by the encrypting party can decrypt a corresponding ciphertext. The central authority is viewed as “honest-but-curious”: on the one hand it honestly follows the protocol, and on the other hand it is curious to decrypt arbitrary ciphertexts thus violating the intent of the encrypting party. The proposed scheme, which like its predecessors relies on the Bilinear Diffie-Hellman assumption, has a complexity comparable to that of Chase’s scheme. We prove that our scheme is secure in the selective ID model and can tolerate an honest-but-curious central authority

PHOABE : securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT

Attribute based encryption (ABE) is an encrypted access control mechanism that ensures efficient data sharing among dynamic group of users. Nevertheless, this encryption technique presents two main drawbacks, namely high decryption cost and publicly shared access policies, thus leading to possible users’ privacy leakage. In this paper, we introduce PHOABE, a Policy-Hidden Outsourced ABE scheme. Our construction presents several advantages. First, it is a multi-attribute authority ABE scheme. Second, the expensive computations for the ABE decryption process is partially delegated to a Semi Trusted Cloud Server. Third, users’ privacy is protected thanks to a hidden access policy. Fourth, PHOABE is proven to be selectively secure, verifiable and policy privacy preserving under the random oracle model. Five, estimation of the processing overhead proves its feasibility in IoT constrained environments

Distributed Multi-authority Attribute-based Encryption Scheme for Friend Discovery in Mobile Social Networks

AbstractIn recent years, the rapid expansion of the capability of portable devices, cloud servers and cellular network technologies is the wind beneath the wing of mobile social networks. Compared to traditional web-based online social networks, the mobile social networks can assist users to easily discover and make new social interaction with others. A challenging task is to protect the privacy of the users’ profiles and communications. Existing works are mainly based on traditional cryptographic methods, such as homomorphic and group signatures, which are very computationally costly. In this paper, we propose a novel distributed multi-authority attribute-based encryption scheme to efficiently achieve privacy-preserving without additional special signatures. In addition, the proposed scheme can achieve fine-grained and flexible access control. Detailed analysis demonstrates the effectiveness and practicability of our scheme

Simple Multi-Authority Attribute-Based Encryption for Short Messages

Central authority free multi-authority attribute based encryption scheme for short messages will be presented. Several multi-authority attribute based encryption schemes were recently proposed. We can divide these schemes into two groups, one of them are the ciphertext-policy attribute based encryption schemes (CP-ABE), the another one are the key-policy attribute based encryption schemes (KP-ABE). In our new multi-authority attribute based encryption scheme we combine them: the access structure will be given by authorities and the encryptor in conjunction. The authorities will be able to decide who is able to decrypt a ciphertext under their names, but the encryptor will choose the authorities whom he would involve in the encryption. In addition, our scheme is free of any central authority. The security of our new scheme relies on the decisional 3-party Diffie-Hellman assumption

A Novel Multi-Attribute Authority Based Encryption for Controlling Access to Cloud Data

Cloud computing has changed the way IT department are working with respect to outsourcing data and having controlled access to the data. In the new computing paradigm that supports on-demand services, the storage service became an attractive service for many cloud users. When data is outsourced to cloud, there is an issue of giving controlled access to the cloud data. Many schemes came into existence. Some of the schemes focus on auditing, provable data possession and proof of irretrievability. Some other schemes threw light into the access control on the cloud data. While giving privileges to accessing data attribute based encryption has achieved significant fine-grained control over the data. In this paper we propose a methodology that can allow controlled access to cloud data with multi-attribute authority based encryption. The multi-attribute based approach is used to make the scheme robust. Moreover the proposed approach is aimed at prevention of identity leakage and also achieves anonymity as well. We built a prototype application that demonstrates the proof of concept. The empirical results revealed that the proposed method improves access control significantly

Attribute-based encryption for cloud computing access control: A survey

National Research Foundation (NRF) Singapore; AXA Research Fun

Security and Privacy Attribute Based Data Sharing in Public Cloud Storage

Public cloud storage is a cloud storage model that give services to people and associations to store, alter and oversee data. Public cloud storage benefit is otherwise called storage benefit, utility storage and online storage. Cloud storage has numerous focal points, there is still stay different difficulties among which protection and security of clients data have significant issues in public cloud storage. Attribute Based Encryption (ABE) is a cryptographic system which gives data proprietor coordinate control over their data in public cloud storage. In the customary ABE conspire include single authority to keep up attribute set which can bring a solitary point bottleneck on both security and execution. Presently we utilize edge multi-authority Cipher content Policy Attribute-Based Encryption (CP-ABE) get to control plot, name TMACS. TMACS is Threshold Multi-Authority Access Control System. In TMACS, different authority mutually deals with the entire attribute set yet nobody has full control of a particular attribute. By joining limit secret sharing (t,n) and multi-authority CP-ABE conspire, we created dynamic multiauthority get to control framework in public cloud storage

An Emerging Secure and Expressive Data Access Control for Cloud Storage

Secure cloud storage, which is an emerging cloud service, is designed to protect the confidentiality of outsourced data but also to provide flexible data access for cloud users whose data is out of physical control. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is regarded as one of the most promising techniques that may be leveraged to secure the guarantee of the service. However, the use of CP-ABE may yield an inevitable security breach which is known as the misuse of access credential (i.e. decryption rights), due to the intrinsic “all-or-nothing” decryption feature of CP-ABE. In this paper, we investigate the two main cases of access credential misuse: one is on the semi-trusted authority side, and the other is on the side of cloud user. To mitigate the misuse, we propose the first accountable authority and revocable CP-ABE based cloud storage system with white-box traceability and auditing, referred to as CryptCloud+. We also present the security analysis and further demonstrate the utility of our system via experiments