Jinguang Han

Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption

Decentralized attribute-based encryption (ABE) is a variant of a multiauthority ABE scheme where each authority can issue secret keys to the user independently without any cooperation and a central authority. This is in contrast to the previous constructions, where multiple authorities must be online and setup the system interactively, which is impractical. Hence, it is clear that a decentralized ABE scheme eliminates the heavy communication cost and the need for collaborative computation in the setup stage. Furthermore, every authority can join or leave the system freely without the necessity of reinitializing the system. In contemporary multiauthority ABE schemes, a users secret keys from different authorities must be tied to his global identifier (GID) to resist the collusion attack. However, this will compromise the users privacy. Multiple authorities can collaborate to trace the user by his GID, collect his attributes, then impersonate him. Therefore, constructing a decentralized ABE scheme with privacy-preserving remains a challenging research problem. In this paper, we propose a privacy-preserving decentralized key-policy ABE scheme where each authority can issue secret keys to a user independently without knowing anything about his GID. Therefore, even if multiple authorities are corrupted, they cannot collect the users attributes by tracing his GID. Notably, our scheme only requires standard complexity assumptions (e.g., decisional bilinear Diffie-Hellman) and does not require any cooperation between the multiple authorities, in contrast to the previous comparable scheme that requires nonstandard complexity assumptions (e.g., q-decisional Diffie-Hellman inversion) and interactions among multiple authorities. To the best of our knowledge, it is the first decentralized ABE scheme with privacy-preserving based on standard complexity assumptions.

Identity-based data storage in cloud computing

Identity-based proxy re-encryption schemes have been proposed to shift the burden of managing numerous files from the owner to a proxy server. Nevertheless, the existing solutions suffer from several drawbacks. First, the access permission is determined by the central authority, which makes the scheme impractical. Second, they are insecure against collusion attacks. Finally, only queries from the same domain (intra-domain) are considered. We note that one of the main applications of identity-based proxy re-encryption schemes is in the cloud computing scenario. Nevertheless, in this scenario, users in different domains can share files with each other. Therefore, the existing solutions do not actually solve the motivating scenario, when the scheme is applicable for cloud computing. Hence, it remains an interesting and challenging research problem to design an identity-based data storage scheme which is secure against collusion attacks and supports intra-domain and inter-domain queries. In this paper, we propose an identity-based data storage scheme where both queries from the intra-domain and inter-domain are considered and collusion attacks can be resisted. Furthermore, the access permission can be determined by the owner independently.

Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation

Personal health record (PHR) service is an emerging model for health information exchange. In PHR systems, patient’s health records and information are maintained by the patient himself through the Web. In reality, PHRs are often outsourced to be stored at the third parties like cloud service providers. However, there have been serious privacy concerns about cloud service as it may expose user’s sensitive data like PHRs to those cloud service providers or unauthorized users. Using attribute-based encryption (ABE) to encrypt patient’s PHRs in cloud environment, secure and flexible access control can be achieved. Yet, problems like scalability in key management, fine-grained access control, and efficient user revocation remain to be addressed. In this paper, we propose a privacy-preserving PHR, which supports fine-grained access control and efficient revocation. To be specific, our scheme achieves the goals (1) scalable and fine-grained access control for PHRs by using multi-authority ABE scheme, and (2) efficient on-demand user/attribute revocation and dynamic policy update. In our scheme, we consider the situation that multiple data owners exist, and patient’s PHRs are encrypted and stored in semi-trust servers. The access structure in our scheme is expressive access tree structure, and the security of our scheme can be reduced to the standard decisional bilinear Diffie–Hellman assumption.

KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage

Cloud computing becomes increasingly popular for data owners to outsource their data to public cloud servers while allowing intended data users to retrieve these data stored in cloud. This kind of computing model brings challenges to the security and privacy of data stored in cloud. Attribute-based encryption (ABE) technology has been used to design fine-grained access control system, which provides one good method to solve the security issues in cloud setting. However, the computation cost and ciphertext size in most ABE schemes grow with the complexity of the access policy. Outsourced ABE (OABE) with fine-grained access control system can largely reduce the computation cost for users who want to access encrypted data stored in cloud by outsourcing the heavy computation to cloud service provider (CSP). However, as the amount of encrypted files stored in cloud is becoming very huge, which will hinder efficient query processing. To deal with above problem, we present a new cryptographic primitive called attribute-based encryption scheme with outsourcing key-issuing and outsourcing decryption, which can implement keyword search function (KSF-OABE). The proposed KSF-OABE scheme is proved secure against chosen-plaintext attack (CPA). CSP performs partial decryption task delegated by data user without knowing anything about the plaintext. Moreover, the CSP can perform encrypted keyword search without knowing anything about the keywords embedded in trapdoor.

Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing

With the development of cloud computing, outsourcing data to cloud server attracts lots of attentions. To guarantee the security and achieve flexibly fine-grained file access control, attribute based encryption (ABE) was proposed and used in cloud storage system. However, user revocation is the primary issue in ABE schemes. In this article, we provide a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system. The issue of user revocation can be solved efficiently by introducing the concept of user group. When any user leaves, the group manager will update users’ private keys except for those who have been revoked. Additionally, CP-ABE scheme has heavy computation cost, as it grows linearly with the complexity for the access structure. To reduce the computation cost, we outsource high computation load to cloud service providers without leaking file content and secret keys. Notably, our scheme can withstand collusion attack performed by revoked users cooperating with existing users. We prove the security of our scheme under the divisible computation Diffie-Hellman assumption. The result of our experiment shows computation cost for local devices is relatively low and can be constant. Our scheme is suitable for resource constrained devices.

Attribute-Based Oblivious Access Control

In an attribute-based system (ABS), users are identified by various attributes, instead of their identities. Since its seminal introduction, the attribute-based mechanism has attracted a lot of attention. However, current ABS schemes have a number of drawbacks: (i) the communication cost is linear in the number of the required attributes; (ii) the computation cost is linear in the number of the required attributes and (iii) there are no efficient verification algorithms for the secret keys. These drawbacks limit the use of ABS in practice. In this paper, we propose an attribute-based oblivious access control (ABOAC) scheme to address these problems, where only the receiver whose attributes satisfy the access policies can obtain services obliviously. As a result, the receiver does not release anything about the contents of the selected services and his attributes to the sender, and even the number and supersets of his attributes are protected. The sender only knows the number of the services selected by the authorized receiver. Notably, the costs of computation and communication are constant and independent of the number of required attributes. While, in the prior comparable schemes, both the costs of computation and communication are linear in the required attributes. Therefore, our ABOAC scheme provides a novel and elegant solution to protect users privacy in the systems where both the bandwidth and the computing capability are limited, such as wireless sensor and actor networks, mobile ad hoc networks, etc..

A Novel Efficient Remote Data Possession Checking Protocol in Cloud Storage

As an important application in cloud computing, cloud storage offers user scalable, flexible, and high-quality data storage and computation services. A growing number of data owners choose to outsource data files to the cloud. Because cloud storage servers are not fully trustworthy, data owners need dependable means to check the possession for their files outsourced to remote cloud servers. To address this crucial problem, some remote data possession checking (RDPC) protocols have been presented. But many existing schemes have vulnerabilities in efficiency or data dynamics. In this paper, we provide a new efficient RDPC protocol based on homomorphic hash function. The new scheme is provably secure against forgery attack, replace attack, and replay attack based on a typical security model. To support data dynamics, an operation record table (ORT) is introduced to track operations on file blocks. We further give a new optimized implementation for the ORT, which makes the cost of accessing ORT nearly constant. Moreover, we make the comprehensive performance analysis, which shows that our scheme has advantages in computation and communication costs. Prototype implementation and experiments exhibit that the scheme is feasible for real applications.

User Collusion Avoidance Scheme for Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption

Decentralized attribute-based encryption (ABE) is a variant of a multiauthority ABE scheme where each authority can issue secret keys to the user independently without any cooperation and a central authority. This is in contrast to the previous constructions, where multiple authorities must be online and setup the system interactively, which is impractical. Hence, it is clear that a decentralized ABE scheme eliminates the heavy communication cost and the need for collaborative computation in the setup stage. Furthermore, every authority can join or leave the system freely without the necessity of reinitializing the system. In contemporary multiauthority ABE schemes, a users secret keys from different authorities must be tied to his global identifier (GID) to resist the collusion attack. However, this will compromise the users privacy. Multiple authorities can collaborate to trace the user by his GID, collect his attributes, then impersonate him. Therefore, constructing a decentralized ABE scheme with privacy-preserving remains a challenging research problem. In this paper, we propose a privacy-preserving decentralized key-policy ABE scheme where each authority can issue secret keys to a user independently without knowing anything about his GID. Therefore, even if multiple authorities are corrupted, they cannot collect the users attributes by tracing his GID. Notably, our scheme only requires standard complexity assumptions (e.g., decisional bilinear Diffie-Hellman) and does not require any cooperation between the multiple authorities, in contrast to the previous comparable scheme that requires nonstandard complexity assumptions (e.g., q-decisional Diffie-Hellman inversion) and interactions among multiple authorities. To the best of our knowledge, it is the first decentralized ABE scheme with privacy-preserving based on standard complexity assumptions.

User Collusion Avoidance CP-ABE With Efficient Attribute Revocation for Cloud Storage

Attribute-based encryption (ABE) can guarantee confidentiality and achieve fine-grained data access control in a cloud storage system. Due to the fact that every attribute in ABE may be shared by multiple users and each user holds multiple attributes, any single-attribute revocation for some user may affect the other users with the same attribute in the system. Therefore, how to revoke attribute efficiently is an important and challenging problem in ABE schemes. In order to solve above problems, we first give a concrete attack to the existing ABE scheme with attribute revocation. Then, we formalize the definition and security model, which model collusion attack executed by the existing users cooperating with the revoked users. Finally, we present a user collusion avoidance ciphertext-policy ABE scheme with efficient attribute revocation for the cloud storage system. The problem of attribute revocation is solved efficiently by exploiting the concept of an attribute group. When an attribute is revoked from a user, the group manager updates other users’ secret keys. Furthermore, we prove that the proposed scheme is secure against collusion attack launched by the existing users and the revoked users. The security of the proposed scheme is reduced to the computational Diffie–Hellman assumption.

Full Verifiability for Outsourced Decryption in Attribute Based Encryption

Attribute based encryption (ABE) is a popular cryptographic technology to protect the security of users’ data. However, the decryption cost and ciphertext size restrict the application of ABE in practice. For most existing ABE schemes, the decryption cost and ciphertext size grow linearly with the complexity of access structure. This is undesirable to the devices with limited computing capability and storage space. Outsourced decryption is considered as a feasible method to reduce the users decryption overhead, which enables a user to outsource a large number of decryption operations to the cloud service provider (CSP). However, outsourced decryption cannot guarantee the correctness of transformation done by the cloud, so it is necessary to check the correctness of outsourced decryption to ensure security for users’ data. Current research mainly focuses on verifiability of outsourced decryption for the authorized users. It still remains a challenging issue that how to guarantee the correctness of outsourced decryption for unauthorized users. In this paper, we propose an ABE scheme with verifiable outsourced decryption (called full verifiability for outsourced decryption), which can simultaneously check the correctness for transformed ciphertext for the authorized users and unauthorized users. The proposed ABE scheme with verifiable outsourced decryption is proved to be selective CPA-secure in the standard model.