中国邮电高校学报(英文) ›› 2014, Vol. 21 ›› Issue (6): 45-51.doi: 10.1016/S1005-8885(14)60344-7

• Information Security • 上一篇    下一篇

Secure personal data sharing in cloud computing using attribute-based broadcast encryption

傅镜艺,黄勤龙 马兆丰 杨义先   

  1. 北京邮电大学信息安全中心
  • 收稿日期:2014-04-29 修回日期:2014-06-24 出版日期:2014-12-31 发布日期:2014-12-31
  • 通讯作者: 傅镜艺 E-mail:fujingyi@bupt.edu.cn
  • 基金资助:

    中国国家自然科学基金

Secure personal data sharing in cloud computing using attribute-based broadcast encryption

FU jingyi,   

  • Received:2014-04-29 Revised:2014-06-24 Online:2014-12-31 Published:2014-12-31
  • Contact: FU jingyi E-mail:fujingyi@bupt.edu.cn
  • Supported by:

    National Natural Science Foundation of China

摘要:

 The ciphertext-policy (CP) attribute-based encryption (ABE) (CP-ABE) emergings as a promising technology for allowing users to conveniently access data in cloud computing. Unfortunately, it suffers from several drawbacks such as decryption overhead, user revocation and privacy preserving. The authors proposed a new efficient and privacy-preserving attribute-based broadcast encryption (BE) (ABBE) named EP-ABBE, that can reduce the decryption computation overhead by partial decryption, and protect user privacy by obfuscating access policy of ciphertext and user’s attributes. Based on EP-ABBE, a secure and flexible personal data sharing scheme in cloud computing was presented, in which the data owner can enjoy the flexibly of encrypting personal data using a specified access policy together with an implicit user index set. With the proposed scheme, efficient user revocation is achieved by dropping revoked user’s index from the user index set, which is with very low computation cost. Moreover, the privacy of user can well be protected in the scheme. The security and performance analysis show that the scheme is secure, efficient and privacy-preserving.

关键词: data sharing, ABBE, ABE, user revocation, partial decryption, privacy preserving

Abstract:  The ciphertext-policy (CP) attribute-based encryption (ABE) (CP-ABE) emergings as a promising technology for allowing users to conveniently access data in cloud computing. Unfortunately, it suffers from several drawbacks such as decryption overhead, user revocation and privacy preserving. The authors proposed a new efficient and privacy-preserving attribute-based broadcast encryption (BE) (ABBE) named EP-ABBE, that can reduce the decryption computation overhead by partial decryption, and protect user privacy by obfuscating access policy of ciphertext and user’s attributes. Based on EP-ABBE, a secure and flexible personal data sharing scheme in cloud computing was presented, in which the data owner can enjoy the flexibly of encrypting personal data using a specified access policy together with an implicit user index set. With the proposed scheme, efficient user revocation is achieved by dropping revoked user’s index from the user index set, which is with very low computation cost. Moreover, the privacy of user can well be protected in the scheme. The security and performance analysis show that the scheme is secure, efficient and privacy-preserving.

Key words: data sharing, ABBE, ABE, user revocation, partial decryption, privacy preserving

中图分类号: