nach oben

Soft Computing

Erschienen in:

03.08.2017 | Methodologies and Application

Efficient subtree-based encryption for fuzzy-entity data sharing

verfasst von: Weiran Liu, Jianwei Liu, Qianhong Wu, Bo Qin, David Naccache, Houda Ferradi

Erschienen in: Soft Computing | Ausgabe 23/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cloud storage brings strong conveniences for flexible data sharing. When sharing data with a large number of entities described with fuzzy identities, the data owners must leverage a suitable encryption scheme to meet the security and efficiency requirements. (hierarchical) Identity-based encryption is a promising candidate to ensure fuzzy-entity data sharing while meeting the security requirement, but encounters the efficiency difficulty in multireceiver settings. We introduce the notion of subtree-based encryption (SBE) to support multireceiver data sharing mechanism in large-scale enterprises. Users in SBE are organized in a tree structure. Superior users can generate the secret keys to their subordinates. Unlike HIBE merely allowing a single decryption path, SBE enables encryption for a subset of users. We define the security notion for SBE, namely Ciphertext Indistinguishability against Adaptively Chosen-Sub-Tree and Chosen-Ciphertext Attack (IND-CST-CCA2). We propose two secure SBE schemes (SBEs). We first propose a basic SBEs against Adaptively Chosen-Sub-Tree and Chosen-Plaintext Attack (IND-CST-CPA), in which we do not allow the attacker to get decryption results from other users in the security game. We then propose a CCA2-secure SBEs from the basic scheme without requiring any other cryptographic primitives. Our CCA2-secure scheme natively allows public ciphertext validity test, which is a useful property when a CCA2-secure SBEs is used to design advanced protocols and auditing mechanisms for fuzzy-entity data sharing.

Vorheriger Artikel Adaptive parameter control of search group algorithm using fuzzy logic applied to networked control systems

Nächster Artikel Checking virtual machine kernel control-flow integrity using a page-level dynamic tracing approach

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Abdalla M, Bellare M, Catalano D, Kiltz E, Kohno T, Lange T, Malone-Lee J, Neven G, Paillier P, Shi H (2005) Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: CRYPTO 2005, vol 3621. LNCS. Springer, Berlin, pp 205–222CrossRef

Boneh D, Boyen X (2004a) Efficient selective-id secure identity-based encryption without random oracles. In: EUROCRYPT 2004, vol 3027. LNCS. Springer, Berlin, pp 223–238CrossRef

Boneh D, Boyen X (2004b) Secure identity based encryption without random oracles. In: CRYPTO 2004, vol 3152. LNCS. Springer, Berlin, pp 443–459CrossRef

Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. In: CRYPTO 2001, vol 2139. LNCS. Springer, Berlin, pp 213–229CrossRef

Boneh D, Franklin M (2003) Identity-based encryption from the weil pairing. SIAM J Comput 32(3):586–615MathSciNetCrossRef

Boneh D, Hamburg M (2008) Generalized identity based and broadcast encryption schemes. In: ASIACRYPT 2008, vol 5350. LNCS. Springer, Berlin, pp 455–470CrossRef

Boneh D, Katz J (2005) Improved efficiency for CCA-secure cryptosystems built using identity-based encryption. In: CT-RSA 2005, vol 3376. LNCS. Springer, Berlin, pp 87–103

Boneh D, Boyen X, Goh EJ (2005a) Hierarchical identity based encryption with constant size ciphertext. In: EUROCRYPT 2005, vol 3494. LNCS. Springer, Berlin, pp 440–456

Boneh D, Gentry C, Waters B (2005b) Collusion resistant broadcast encryption with short ciphertexts and private keys. In: CRYPTO 2005, vol 3621. LNCS. Springer, Berlin, pp 258–275CrossRef

Boyen X, Mei Q, Waters B (2005) Direct chosen ciphertext security from identity-based techniques. In: CCS 2005. ACM, pp 320–329

Canetti R, Halevi S, Katz J (2003) A forward-secure public-key encryption scheme. In: EUROCRYPT 2003, vol 2656. LNCS. Springer, Berlin, pp 255–271

Canetti R, Halevi S, Katz J (2004) Chosen-ciphertext security from identity-based encryption. In: EUROCRYPT 2004, vol 3027. LNCS. Springer, Berlin, pp 207–222CrossRef

Chen HC (2016) A trusted user-to-role and role-to-key access control scheme. Soft Comput 20(5):1721–1733CrossRef

Chen J, Wee H (2013) Fully, (almost) tightly secure IBE and dual system groups. In: CRYPTO 2013, vol 8043. LNCS. Springer, Berlin, pp 435–460CrossRef

Chen X, Li J, Huang X, Ma J, Lou W (2015) New publicly verifiable databases with efficient updates. IEEE Trans Dependable Secure Comput 12(5):546–556CrossRef

Cocks C (2001) An identity based encryption scheme based on quadratic residues. In: Cryptography and coding 2001, vol 2260. LNCS. Springer, Berlin, pp 360–363CrossRef

Delerablée C (2007) Identity-based broadcast encryption with constant size ciphertexts and private keys. In: ASIACRYPT 2007, vol 4833. LNCS. Springer, Berlin, pp 200–215

Delerablée C, Paillier P, Pointcheval D (2007) Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys. In: Pairing 2007, vol 4575. LNCS. Springer, Berlin, pp 39–59

Deng H, Wu Q, Qin B, Domingo-Ferrer J, Zhang L, Liu J, Shi W (2014) Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. Inf Sci 275:370–384MathSciNetCrossRef

Fiat A, Naor M (1994) Broadcast encryption. In: CRYPTO 1993, vol 773. LNCS. Springer, Berlin, pp 480–491

Garg S, Gentry C, Halevi S (2013) Candidate multilinear maps from ideal lattices. In: EUROCRYPT 2013, vol 7881. LNCS. Springer, Berlin, pp 1–17

Gentry C (2006) Practical identity-based encryption without random oracles. In: EUROCRYPT 2006, vol 4004. LNCS. Springer, Berlin, pp 445–464CrossRef

Gentry C, Halevi S (2009) Hierarchical identity based encryption with polynomially many levels. In: TCC 2009, vol 5444. LNCS. Springer, Berlin, pp 437–456CrossRef

Gentry C, Silverberg A (2002) Hierarchical id-based cryptography. In: ASIACRYPT 2002, vol 2501. LNCS. Springer, Berlin, pp 548–566

Gentry C, Waters B (2009) Adaptive security in broadcast encryption systems (with short ciphertexts). In: EUROCRYPT 2009, vol 5479. LNCS. Springer, Berlin, pp 171–188CrossRef

Gentry C, Peikert C, Vaikuntanathan V (2008) Trapdoors for hard lattices and new cryptographic constructions. In: STOC 2008. ACM, pp 197–206

Horwitz J, Lynn B (2002) Toward hierarchical identity-based encryption. In: EUROCRYPT 2002, vol 2332. LNCS. Springer, Berlin, pp 466–481CrossRef

Hu Y, Jia H (2016) Cryptanalysis of GGH map. In: EUROCRYPT 2016, vol 9665. LNCS. Springer, Berlin, pp 537–565CrossRef

Huan J, Yang Y, Huang X, Yuen TH, Li J, Cao J (2016) Accountable mobile e-commerce scheme via identity-based plaintext-checkable encryption. Inf Sci 345:143–155CrossRef

Huang X, Xiang Y, Chonka A, Zhou J, Deng RH (2011) A generic framework for three-factor authentication: preserving security and privacy in distributed systems. IEEE Trans Parallel Distrib Syst 22(8):1390–1397CrossRef

Huang X, Liu JK, Hua S, Xiang Y, Liang K, Zhou J (2015) Cost-effective authentic and anonymous data sharing with forward security. IEEE Trans Comput 64(4):971–983MathSciNetCrossRef

Kim J, Susilo W, Au MH, Seberry J (2015) Adaptively secure identity-based broadcast encryption with a constant-sized ciphertext. IEEE Trans Inf Forensics Secur 10(3):679–693CrossRef

Lewko A (2010) New techniques for dual system encryption and fully secure hibe with short ciphertexts. In: TCC 2010, vol 5978. LNCS. Springer, Berlin, pp 455–479CrossRef

Lewko A, Waters B (2012) New proof methods for attribute-based encryption: Achieving full security through selective techniques. In: CRYPTO 2012, vol 7417. LNCS. Springer, Berlin, pp 180–198

Lewko A, Okamoto T, Sahai A, Takashima K, Waters B (2010) Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: EUROCRYPT 2010, vol 6110. LNCS. Springer, Berlin, pp 62–91CrossRef

Libert B, Paterson KG, Quaglia EA (2012) Anonymous broadcast encryption: Adaptive security and efficient constructions in the standard model. In: PKC 2012, vol 7293. LNCS. Springer, Berlin, pp 206–224CrossRef

Liu W, Liu J, Wu Q, Qin B (2014) Hierarchical identity-based broadcast encryption. In: ACISP 2014, vol 8544. LNCS. Springer, Berlin, pp 242–257

Liu W, Liu X, Liu J, Wu Q, Zhang J (2015a) Auditing and revocation enabled role-based access control over outsourced private ERHS. In: HPCC, pp 336–341

Liu Z, Weng J, Li J, Yang J, Fu C, Jia C (2015b) Cloud-based electronic health record system supporting fuzzy keyword search. Soft Comput 20(8):3243–3255CrossRef

Liu W, Liu J, Wu Q, Qin B, Li Y (2016) Practical chosen-ciphertext secure hierarchical identity-based broadcast encryption. Int J Inf Secur 15(1):35–50CrossRef

Maurer UM, Yacobi Y (1991) Non-interactive public-key cryptography. In: EUROCRYPT 1991, vol 547. LNCS. Springer, Berlin, pp 498–507

Qin B, Wu Q, Zhang L, Farràs O, Domingo-Ferrer J (2012) Provably secure threshold public-key encryption with adaptive security and short ciphertexts. Inf Sci 210:67–80MathSciNetCrossRef

Ren Y, Gu D (2009) Fully CCA2 secure identity based broadcast encryption without random oracles. Inf Process Lett 109(11):527–533MathSciNetCrossRef

Seo JH, Kobayashi T, Ohkubo M, Suzuki K (2009) Anonymous hierarchical identity-based encryption with constant size ciphertexts. In: PKC 2009, vol 5443. LNCS. Springer, Berlin, pp 215–234CrossRef

Shamir A (1985) Identity-based cryptosystems and signature schemes. In: CRYPTO 1984, vol 196. LNCS. Springer, Berlin, pp 47–53

Wang J, Chen X, Huang X, You I, Xiang Y (2015) Verifiable auditing for outsourced database in cloud computing. IEEE Trans Comput 64(11):3293–3303MathSciNetCrossRef

Waters B (2005) Efficient identity-based encryption without random oracles. In: EUROCRYPT 2005, vol 3494. LNCS. Springer, Berlin, pp 114–127

Waters B (2009) Dual system encryption: realizing fully secure ibe and hibe under simple assumptions. In: CRYPTO 2009, vol 5677. LNCS. Springer, Berlin, pp 619–636CrossRef

Wu Q, Qin B, Zhang L, Domingo-Ferrer J, Farràs O, Manjón J (2016) Contributory broadcast encryption with efficient encryption and short ciphertexts. IEEE Trans Comput 65(2):466–479

Zhang L, Wu Q, Domingo-Ferrer J, Qin B, Zeng P (2014a) Signatures in hierarchical certificateless cryptography: efficient constructions and provable security. Inf Sci 272:223–237MathSciNetCrossRef

Zhang M, Yang B, Takagi T (2014b) Anonymous spatial encryption under affine space delegation functionality with full security. Inf Sci 277:715–730MathSciNetCrossRef

Zhou X, Liu J, Liu W, Wu Q (2016) Anonymous role-based access control on e-health records. In: ASIACCS 2016. ACM, pp 559–570

Titel: Efficient subtree-based encryption for fuzzy-entity data sharing
verfasst von: Weiran Liu
Jianwei Liu
Qianhong Wu
Bo Qin
David Naccache
Houda Ferradi
Publikationsdatum: 03.08.2017
Verlag: Springer Berlin Heidelberg
Erschienen in: Soft Computing / Ausgabe 23/2018
Print ISSN: 1432-7643
Elektronische ISSN: 1433-7479
DOI: https://doi.org/10.1007/s00500-017-2743-z

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 23/2018

A new container scheduling algorithm based on multi-objective optimization

Ciphertext retrieval via attribute-based FHE in cloud computing

Adaptive parameter control of search group algorithm using fuzzy logic applied to networked control systems

A class of belief structures based on possibility measures

Dimension reduction in radio maps based on the supervised kernel principal component analysis

An efficient and secure searchable public key encryption scheme with privacy protection for cloud storage