Fine-grained cooperative access control scheme with hidden policies

doi:10.19682/j.cnki.1005-8885.2021.1021

The Journal of China Universities of Posts and Telecommunications ›› 2021, Vol. 28 ›› Issue (6): 13-25.doi: 10.19682/j.cnki.1005-8885.2021.1021

Previous Articles Next Articles

Fine-grained cooperative access control scheme with hidden policies

1. School of Cyberspace Security, Xi'an University of Posts and Telecommunications, Xi'an 710121, China
2. National Engineering Laboratory for Wireless Security, Xi'an University of Posts and Telecommunications, Xi'an 710121, China

Received:2021-07-31 Revised:2021-10-07 Online:2021-12-30 Published:2021-12-30
Supported by:
the National Natural Science Foundation of China (62072369, 62072371, 61772418), the Innovation Capability Support Program of Shaanxi (2020KJXX- 052), the Shaanxi Special Support Program Youth Top-notch Talent Program, the Key Research and Development Program of Shaanxi (2020ZDLGY08-04, 2021ZDLGY06-02), the Natural Science Basic Research Program of Shaanxi (2021JQ-722)

Abstract

Abstract:

The traditional ciphertext policy attribute-based encryption (CP-ABE) has two problems:one is that the access policy must be embedded in the ciphertext and sent, which leads to the disclosure of user爷 s privacy information, the other is that it does not support collaborative decryption, which cannot meet the actual demand of conditional collaborative decryption among multiple users. In order to deal with the above two problems at the same time, a fine-grained cooperative access control scheme with hidden policies (FCAC-HP) is proposed based on the existing CP-ABE schemes combined with blockchain technology. In FCAC-HP scheme, users are grouped by group identifier so that only users within the same group can cooperate. In the data encryption stage, the access policy is encrypted and then embedded in the ciphertext to protect the privacy information of the access policy. In the data access stage, the anonymous attribute matching technology is introduced so that only matched users can decrypt ciphertext data to improve the efficiency of the system. In this process, a smart contract is used to execute the

verification algorithm to ensure the credibility of the results. In terms of security, FCAC-HP scheme is based on the prime subgroup discriminative assumption and is proved to be indistinguishable under chosen plaintext attack (CPA) by dual system encryption technology. Experimental verification and analysis show that FCAC-HP scheme improves computational efficiency while implementing complex functions.

Key words: attribute-based encryption, hidden policy, group collaboration, blockchain

CLC Number:

TP309

Han Gang, Xing Qixuan, Zhang Yinghui. Fine-grained cooperative access control scheme with hidden policies[J]. The Journal of China Universities of Posts and Telecommunications, 2021, 28(6): 13-25.

References

1. Sahai A, Waters B. Fuzzy identity-based encryption. Advances in Cryptology: Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques (EUROCRYPT’05), 2005, May 22-26, Aarhus, Denmark. LNCS 3494. Berlin, Germany: Springer, 2005: 457-473

2. Shamir A. Identity-based cryptosystems and signature schemes. Advances in Cryptology: Proceedings of the 1984 Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT’84), 1984, Apr 9-11, Paris, France. LNCS 196. Berlin, Germany: Springer, 1984: 47-53

3. Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS’06), 2006, Oct 30-Nov 3, Alexandria, VA, USA. New York, NY, USA: ACM, 2006: 89-98

4. Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. Proceedings of the 2007 IEEE Symposium on Security and Privacy (SP '07), 2007, May 20-23, Berkeley, CA, USA. Piscataway, NJ, USA: IEEE, 2007: 321-334

5. Nishide T, Yoneyama K, Ohta K. Attribute-based encryption with partially hidden encryptor-specified access structures. Applied Cryptography and Network Security: Proceedings of the 6th International Conference on Applied Cryptography and Network Security (ACNS’08), 2008, Jun 3-6, New York, NY, USA. LNCS 5037. Berlin, Germany: Springer, 2008: 111-129

6. Zhong H, Zhu W L, Xu Y, et al. Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft Computing, 2018, 22: 243-251

7. Li F Q, Liu K M, Zhang L P, et al. EHRChain: A blockchain-based EHR system using attribute-based and homomorphic cryptosystem. IEEE Transactions on Services Computing, DOI:10.1109/TSC.2021.3078119 (To be published)

8. Lai J Z, Deng R H, Li Y J. Fully secure cipertext-policy hiding CP-ABE. Information Security Practice and Experience: Proceedings of the 7th International Conference on Information Security Practice and Experience (ISPEC’11), 2011, May 30-Jun 1, Guangzhou, China. LNCS 6672. Berlin, Germany: Springer, 2011: 24-39

9. Wang H B, Chen S Z. Attribute-based encryption with hidden access structures. Journal of Electronics and Information Technology, 2012, 34(2): 457-561 (in Chinese)

10. Yeh S C, Su M Y, Chen H H, et al. An efficient and secure approach for a cloud collaborative editing. Journal of Network and Computer Applications, 2013, 36(6): 1632-1641

11. Li M T, Huang X Y, Liu J K, et al. GO-ABE: Group-oriented attribute-based encryption. Network and System Security: Proceedings of the 9th International Conference on Network and System Security (NSS’15), 2015, Nov 3-5, New York, NY, USA. LNCS 8792. Berlin, Germany: Springer, 2015: 260-270

12. He P, Yu G, Zhang Y F, et al. Survey on blockchain technology and its application prospect. Computer Science, 2017, 44(4): 1-7 (in Chinese)

13. Hu G C, Zhang L Y, Mu Y, et al. An expressive "test-decrypt-verify" attribute-based encryption scheme with hidden policy for smart medical cloud. IEEE Systems Journal, 2021, 15(1): 365-376

14. Lei L, Cai Q W, Jing J W, et al. Enforcing access controls on encrypted cloud storage with policy hiding. Journal of Software, 2016, 27(6): 1432-1450 (in Chinese)

15. Khuntia S, Syam Kumar P. New hidden policy CP-ABE for big data access control with privacy-preserving policy in cloud computing. Proceedings of the 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT’18), 2018, Jul 10-12, Bengaluru, India. Piscataway, NJ, USA: IEEE, 2018: 7p

16. Jin C C, Feng X Y, Shen Q N. Fully secure hidden ciphertext policy attribute-based encryption with short ciphertext size. Proceedings of the 6th International Conference on Communication and Network Security, 2016, Nov 26-29, Singapore. New York, NY, USA: ACM, 2016: 91-98

17. Gao Z S, Cao L F, Du X H. Research progress of access control based on blockchain. https://kns.cnki.net/kcms/detail/detail.aspx?dbcode=CAPJ&dbname=CAPJLAST&filename=WXAQ2021031900D&uniplatform=NZKPT&v=f7elQvvfxw64hlQaWGhfsXK1FsMtRgFvdh_LfvJqwF4WmgbmGvlPL49YFGANf1b0. 2021 (in Chinese)

18. Zyskind G, Zekrifa D M S, Pentland A S, et al. Decentralizing privacy: using blockchain to protect personal data. Proceedings of the 36th IEEE Symposium on Security and Privacy Workshops, 2015, May 21-22, San Jose, CA, USA. Piscataway, NJ, USA: IEEE, 2015: 180-184

19. Wu A X, Zhang Y H, Zheng X K, et al. Efficient and privacy-preserving traceable attribute-based encryption in blockchain. Annals of Telecommunications, 2019, 74(7/8): 401-411

20. Maesa D, Mori P, Ricci L. Blockchain based access control. Distributed Applications and Interoperable Systems: Proceedings of the 17th IFIP International Conference on Distributed Applications and Interoperable Systems (DAIS’17), 2017, Jun 19-22, Neuchâtel, Switzerland. LNCS 10320. Berlin, Germany: Springer, 2017: 206-220

21. Huang H S, Chang T S, Wu J Y. A secure file sharing system based on IPFS and blockchain. Proceedings of the 2nd International Electronics Communication Conference (IECC’20), 2020, Jul 8-10, Singapore. New York, NY, USA: ACM, 2020: 96-100

22. Tapscott D, Tapscott A. Blockchain revolution: How the technology behind Bitcoin is changing money, business, and the world. Quality Management Journal, 2016, 25(1): 64-65

23. Zhang Y Y, Kasahara S, Shen Y L, et al. Smart contract-based access control for the Internet of things. IEEE Internet of Things Journal, 2019, 6(2): 1594-1605

24. Wang X L, Jiang X Z, Li Y. Model for data access control and sharing based on blockchain. Journal of Software, 2019, 30(6): 1661-1669 (in Chinese)

25. Waters B. Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions. Advances in Cryptology: Proceedings of the 29th Annual International Cryptology Conference (CRYPTO’09), 2009, Aug 16-20, Santa Barbara, CA, USA. LNCS 5677. Berlin, Germany: Springer, 2009: 619-636

26. Shi Y F, Zheng Q J, Liu J Q, et al. Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation. Information Sciences, 2015, 295: 221-231

Metrics

Comments

Copyright © 2020 The Journal of China Universities of Posts and Telecommunications
　 Adress: P.O. Box 231,Beijing University of Posts and Telecommunications,10 Xi Tucheng Road,Beijing 100876,P.R.China　Post Code: 100081
Tel：86-010-62282493　Fax： 86-010-62283461　E-mail: jchupt@bupt.edu.cn
Support by: Beijing Magtech Co.Ltd

[1]	Han Yushan, Che Bichen, Liu Jiali, Dou Zhao, Di Junyu. Nearly universal and efficient quantum secure multi-party computation protocol [J]. The Journal of China Universities of Posts and Telecommunications, 2022, 29(4): 51-68.
[2]	Tao Yunting, Kong Fanyu, Yu Jia. EPMDA: an efficient privacy-preserving multi-dimensional data aggregation scheme for edge computing-based IoT system [J]. The Journal of China Universities of Posts and Telecommunications, 2021, 28(6): 26-35.
[3]	Xu Yan, Li Zheng, Ding Long, Xu Rui. Cross-domain data cloud storage auditing scheme based on certificateless cryptography [J]. The Journal of China Universities of Posts and Telecommunications, 2021, 28(6): 36-47.
[4]	Zhao Guosheng, Zhang Jingting, Wang Jian. Research on location privacy protection method of sensor-cloud base station [J]. The Journal of China Universities of Posts and Telecommunications, 2021, 28(1): 64-77.
[5]	Zhao Zongqu, Ma Shaoti, Wang Yongjun, Tang Yongli, Ye Qing. Two-factor ( biometric and password) authentication key exchange on lattice based on key consensus [J]. The Journal of China Universities of Posts and Telecommunications, 2020, 27(6): 42-53.
[6]	Lin Jie, Liu Chuanyi, Fang Binxing. VMScan: an out-of-VM malware scanner [J]. The Journal of China Universities of Posts and Telecommunications, 2020, 27(4): 59-68.
[7]	Tang Yongli, Wang Mingming, Ye Qing, Qin Panke, Zhao Zongqu. Lattice-based hierarchical identity-based broadcast encryption scheme in the standard model [J]. The Journal of China Universities of Posts and Telecommunications, 2019, 26(4): 70-79.
[8]	Cai Xiumei, Liu Chao, Huang Xianying, Liu Xiaoyang, Cao Qiong, Yang Hongyu. Dynamic model of computer viruses under the effect of removable media and external computers [J]. JOURNAL OF CHINA UNIVERSITIES OF POSTS AND TELECOM, 2018, 25(4): 86-93.
[9]	Min Xiangshen, Fan Jiulun, Zhang Xuefeng, Ren Fang. Color image encryption scheme based on chaotic systems [J]. JOURNAL OF CHINA UNIVERSITIES OF POSTS AND TELECOM, 2018, 25(2): 39-48.
[10]	Ding Haiyang, Li Zichen, Bi Wei. (k, n) halftone visual cryptography based on Shamir‘s secret sharing [J]. JOURNAL OF CHINA UNIVERSITIES OF POSTS AND TELECOM, 2018, 25(2): 60-76.
[11]	Chen Shangdi, Wen Jiejing. New key pre-distribution scheme using symplectic geometry over finite fields for wireless sensor networks [J]. JOURNAL OF CHINA UNIVERSITIES OF POSTS AND TELECOM, 2017, 24(5): 16-22.
[12]	Xie Jia,Hu Yupu, Gao Juntao, Gao Wen, Li Xuelian. Attribute-based signatures on lattices [J]. JOURNAL OF CHINA UNIVERSITIES OF POSTS AND TELECOM, 2016, 23(4): 83-90.
[13]	. Fast key generation for Gentry-style homomorphic encryption [J]. Acta Metallurgica Sinica(English letters), 2014, 21(6): 37-44.
[14]	FU jingyi. Secure personal data sharing in cloud computing using attribute-based broadcast encryption [J]. Acta Metallurgica Sinica(English letters), 2014, 21(6): 45-51.
[15]	ZHANG De-dong, MA Zhao-feng, NIU Xin-xin, LI Guo-you. Secure and efficient anonymous proxy signature scheme in the random oracle model [J]. Acta Metallurgica Sinica(English letters), 2013, 20(4): 87-92.

Fine-grained cooperative access control scheme with hidden policies

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments