TY - JOUR
T1 - White-Box Traceable CP-ABE for Cloud Storage Service
T2 - How to Catch People Leaking Their Access Credentials Effectively
AU - Ning, Jianting
AU - Cao, Zhenfu
AU - Dong, Xiaolei
AU - Wei, Lifei
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2018/9/1
Y1 - 2018/9/1
N2 - Ciphertext-policy attribute-based encryption (CP-ABE) has been proposed to enable fine-grained access control on encrypted data for cloud storage service. In the context of CP-ABE, since the decryption privilege is shared by multiple users who have the same attributes, it is difficult to identify the original key owner when given an exposed key. This leaves the malicious cloud users a chance to leak their access credentials to outsourced data in clouds for profits without the risk of being caught, which severely damages data security. To address this problem, we add the property of traceability to the conventional CP-ABE. To catch people leaking their access credentials to outsourced data in clouds for profits effectively, in this paper, we first propose two kinds of non-interactive commitments for traitor tracing. Then we present a fully secure traceable CP-ABE system for cloud storage service from the proposed commitment. Our proposed commitments for traitor tracing may be of independent interest, as they are both pairing-friendly and homomorphic. We also provide extensive experimental results to confirm the feasibility and efficiency of the proposed solution.
AB - Ciphertext-policy attribute-based encryption (CP-ABE) has been proposed to enable fine-grained access control on encrypted data for cloud storage service. In the context of CP-ABE, since the decryption privilege is shared by multiple users who have the same attributes, it is difficult to identify the original key owner when given an exposed key. This leaves the malicious cloud users a chance to leak their access credentials to outsourced data in clouds for profits without the risk of being caught, which severely damages data security. To address this problem, we add the property of traceability to the conventional CP-ABE. To catch people leaking their access credentials to outsourced data in clouds for profits effectively, in this paper, we first propose two kinds of non-interactive commitments for traitor tracing. Then we present a fully secure traceable CP-ABE system for cloud storage service from the proposed commitment. Our proposed commitments for traitor tracing may be of independent interest, as they are both pairing-friendly and homomorphic. We also provide extensive experimental results to confirm the feasibility and efficiency of the proposed solution.
KW - Ciphertext-policy attribute-based encryption
KW - cloud storage
KW - commitment
KW - outsourced data security
KW - white-box traceablity
UR - https://www.scopus.com/pages/publications/85052865447
U2 - 10.1109/TDSC.2016.2608343
DO - 10.1109/TDSC.2016.2608343
M3 - 文章
AN - SCOPUS:85052865447
SN - 1545-5971
VL - 15
SP - 883
EP - 897
JO - IEEE Transactions on Dependable and Secure Computing
JF - IEEE Transactions on Dependable and Secure Computing
IS - 5
M1 - 7564443
ER -