• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International conference on cryptology and network security >Server-Aided Revocable Attribute-Based Encryption Resilient to Decryption Key Exposure
【24h】

Server-Aided Revocable Attribute-Based Encryption Resilient to Decryption Key Exposure

机译:基于服务器的可撤消基于属性的加密对解密密钥公开具有弹性

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Attribute-based encryption (ABE) is a promising approach that enables scalable access control on encrypted data. However, one of the main efficiency drawbacks of ABE is the lack of practical user revocation mechanisms. In CCS 2008, Boldyreva, Goyal and Kumar put forward an efficient way to revoke users. But, it requires each data user storing a (non-constant) number of long-term private keys and periodically communicating with the key generation center to update his/her decryption keys. In ESORICS 2016, Cui et al. proposed the first server-aided revocable ABE scheme to address the above two issues. It involves an untrusted server to transform any non-revoked user's ABE ciphertexts into short ciphertexts using user's short-term transformation keys. The data user can fully decrypt the transformed ciphertexts using his/her local decryption keys. Cui et al. also introduced the decryption key exposure (DKE) attacks on transformation keys. However, if the untrusted server colludes with an adversary, the scheme may be insecure against DKE attacks on user's local decryption keys. In this paper, we first revisit Cui et al. security model, and enhance it by capturing the DKE attacks on user's local decryption keys and allowing the adversary to fully corrupt the server simultaneously. We then construct a server-aided revocable ABE based on Rouselakis-Waters ciphertext-policy ABE (CCS 2013). We show that our scheme is secure against local decryption key exposure attacks, and maintains the outstanding properties of efficient user revocation, short local ciphertext size and fast local decryption.
机译:基于属性的加密(ABE)是一种有前途的方法,可以对加密数据进行可扩展的访问控制。但是,ABE的主要效率缺陷之一是缺乏实用的用户吊销机制。在CCS 2008中,Boldyreva,Goyal和Kumar提出了一种有效的撤消用户方式。但是,这要求每个数据用户存储(非恒定)数量的长期私钥,并定期与密钥生成中心进行通信以更新其解密密钥。在ESORICS 2016中,Cui等人。提出了第一个服务器辅助可撤消ABE方案来解决上述两个问题。它涉及到一个不受信任的服务器,该服务器使用用户的短期转换密钥将任何未吊销的用户的ABE密文转换为短密文。数据用户可以使用其本地解密密钥完全解密转换后的密文。崔等人。还介绍了对转换密钥的解密密钥暴露(DKE)攻击。但是,如果不受信任的服务器与对手串通,则该方案可能无法抵抗对用户本地解密密钥的DKE攻击。在本文中,我们首先回顾崔等人。安全模型,并通过捕获对用户本地解密密钥的DKE攻击并允许对手同时完全破坏服务器来增强它。然后,我们基于Rouselakis-Waters密文策略ABE(CCS 2013)构建服务器辅助的可撤消ABE。我们证明了我们的方案对本地解密密钥公开攻击是安全的,并保持了有效的用户撤销,较短的本地密文大小和快速的本地解密的突出特性。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号