TY - GEN
T1 - Accountable authority ciphertext-policy attribute-based encryption with white-box traceability and public auditing in the cloud
AU - Ning, Jianting
AU - Dong, Xiaolei
AU - Cao, Zhenfu
AU - Wei, Lifei
N1 - Publisher Copyright:
© Springer International Publishing Switzerland 2015.
PY - 2015
Y1 - 2015
N2 - As a sophisticated mechanism for secure fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) is a highly promising solution for commercial applications such as cloud computing. However, there still exists one major issue awaiting to be solved, that is, the prevention of key abuse. Most of the existing CP-ABE systems missed this critical functionality, hindering the wide utilization and commercial application of CP-ABE systems to date. In this paper, we address two practical problems about the key abuse of CP-ABE: (1) The key escrow problem of the semi-trusted authority; and, (2) The malicious key delegation problem of the users. For the semi-trusted authority, its misbehavior (i.e., illegal key (re-)distribution) should be caught and prosecuted. And for a user, his/her malicious behavior (i.e., illegal key sharing) need be traced. We affirmatively solve these two key abuse problems by proposing the first accountable authority CP-ABE with white-box traceability that supports policies expressed in any monotone access structures. Moreover, we provide an auditor to judge publicly whether a suspected user is guilty or is framed by the authority.
AB - As a sophisticated mechanism for secure fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) is a highly promising solution for commercial applications such as cloud computing. However, there still exists one major issue awaiting to be solved, that is, the prevention of key abuse. Most of the existing CP-ABE systems missed this critical functionality, hindering the wide utilization and commercial application of CP-ABE systems to date. In this paper, we address two practical problems about the key abuse of CP-ABE: (1) The key escrow problem of the semi-trusted authority; and, (2) The malicious key delegation problem of the users. For the semi-trusted authority, its misbehavior (i.e., illegal key (re-)distribution) should be caught and prosecuted. And for a user, his/her malicious behavior (i.e., illegal key sharing) need be traced. We affirmatively solve these two key abuse problems by proposing the first accountable authority CP-ABE with white-box traceability that supports policies expressed in any monotone access structures. Moreover, we provide an auditor to judge publicly whether a suspected user is guilty or is framed by the authority.
KW - Attribute-based encryption
KW - Ciphertext-policy
KW - Key abuse
KW - Public auditing
KW - White-box traceablity
UR - https://www.scopus.com/pages/publications/84951838692
U2 - 10.1007/978-3-319-24177-7_14
DO - 10.1007/978-3-319-24177-7_14
M3 - 会议稿件
AN - SCOPUS:84951838692
SN - 9783319241760
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 270
EP - 289
BT - Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings
A2 - Pernul, Günther
A2 - Ryan, Peter Y.A.
A2 - Weippl, Edgar
PB - Springer Verlag
T2 - 20th European Symposium on Research in Computer Security, ESORICS 2015
Y2 - 21 September 2015 through 25 September 2015
ER -