An Attribute-Based Encryption Method Using Outsourced Decryption and Hierarchical Access Structure, Journal of Telecommunications and Information Technology, 2022, nr 2

Cloud computing is being rapidly adopted by many organizations from different domains and large amounts of data is stored in the cloud. In order to ensure data security, the attribute-based access control mechanism has been emerging recently as a fine-grained access control model that grants access based on the data user’s attributes. In this model, the data owner builds the access policy using the attributes of the data users and access to the data is granted only if the requirements of such an access policy are satisfied. Ciphertext policy-based attribute-based encryption (CPABE) is one of the most widely used methods for providing encrypted access control. Complex, time consuming and costly paring operations are the major issue with the CPABE method. Hence, another efficient method is needed to reduce the data user’s overhead while decrypting data. This paper presents an efficient method consisting in outsourcing decryption operations to a third-party server, so that complex operations may be performed by that machine with only some simple calculations left on the data user’s side. The concept of a hierarchical access structure is also integrated with the traditional CPABE technique. The hierarchical approach enables the data owner to encrypt multiple data using a single common hierarchical access structure. This allows the user to decrypt only the relevant part of ciphertext, depending on which fragment of the hierarchical access structure is satisfied. The paper evaluates also the performance of the proposed model in terms of time and storage cost

An Attribute-Based Encryption Method Using Outsourced Decryption and Hierarchical Access Structure

Cloud computing is being rapidly adopted by many organizations from different domains and large amounts of data is stored in the cloud. In order to ensure data security, the attribute-based access control mechanism has been emerging recently as a fine-grained access control model that grants access based on the data user’s attributes. In this model, the data owner builds the access policy using the attributes of the data users and access to the data is granted only if the requirements of such an access policy are satisfied. Ciphertext policy-based attribute-based encryption (CPABE) is one of the most widely used methods for providing encrypted access control. Complex, time consuming and costly paring operations are the major issue with the CPABE method. Hence, another efficient method is needed to reduce the data user’s overhead while decrypting data. This paper presents an efficient method consisting in outsourcing decryption operations to a third-party server, so that complex operations may be performed by that machine with only some simple calculations left on the data user’s side. The concept of a hierarchical access structure is also integrated with the traditional CPABE technique. The hierarchical approach enables the data owner to encrypt multiple data using a single common hierarchical access structure. This allows the user to decrypt only the relevant part of ciphertext, depending on which fragment of the hierarchical access structure is satisfied. The paper evaluates also the performance of the proposed model in terms of time and storage cost

Hierarchical Access Structure-based Scheme with Outsourcing and Revocation Mechanism for Cloud Environment

Ciphertext policy attribute-based encryption (CPABE) is one of the efficient implementations of encrypted access control scheme for cloud computing. Though multiple implementations of CPABE exist, there are some issues that need to be addressed, including efficient revocation approach, decryption time, storage cost etc. In this paper, an efficient scheme that incorporates a hierarchical access structure, outsourced decryption, as well as user and attribute revocation is presented. The hierarchical access structure is utilized to encrypt multiple data using one common access structure and makes the encryption process more efficient. The outsourcing server is used to perform partial decryption, so that all heavy computations are performed by this server and less overhead is incurred by the data user. The proposed framework also integrates the evaluation of trustworthiness of data users and service providers to ensure trusted and encrypted access control procedures. The paper also presents an analysis of the time required for performing different operations. Simulation results show that the proposed scheme outperforms the existing approaches