Attribute-based encryption with expressive and authorized keyword search

Author

Hui CUI, Singapore Management UniversityFollow
Robert H. DENG, Singapore Management UniversityFollow
Joseph K. LIU, Monash University
Yingjiu LI, Singapore Management UniversityFollow

Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

7-2017

Abstract

To protect data security and privacy in cloud storage systems, a common solution is to outsource data in encrypted forms so that the data will remain secure and private even if storage systems are compromised. The encrypted data, however, must be pliable to search and access control. In this paper, we introduce a notion of attribute-based encryption with expressive and authorized keyword search (ABE-EAKS) to support both expressive keyword search and fine-grained access control over encrypted data in the cloud. In ABE-EAKS, every data user is associated with a set of attributes and is issued a private attribute-key corresponding to his/her attribute set, and each data owner encrypts the message using attribute-based encryption and attaches the encrypted message with encrypted keywords related with the message, and then uploads the encrypted message and keywords to the cloud. To access encrypted messages containing certain keywords satisfying a search policy, a data user generates a trapdoor for the search policy using his/her private attribute-key and sends it to the cloud server equipped to the cloud. The cloud server searches over encrypted data stored in the cloud for the encrypted messages containing keywords satisfying the search policy and sends back the results to the data user who then decrypts the returned ciphertexts to obtain the underlying messages. We present a generic construction for ABE-EAKS, formally prove its security, give a concrete construction, and then extend the concrete ABE-EAKS scheme to support user revocation. Also, we implement the proposed ABE-EAKS scheme and its extension and study their performance through experiments.

Keywords

Cloud storage, Data security and privacy, Keyword search, Attribute-based encryption, Access control

Discipline

Data Storage Systems | Information Security

Research Areas

Cybersecurity

Publication

Information Security and Privacy: ACISP 2017: 22nd Australasian Conference: Auckland, New Zealand, July 3-5: Proceedings

Volume

10342

First Page

106

Last Page

126

ISBN

9783319600550

Identifier

10.1007/978-3-319-60055-0_6

Publisher

Springer

City or Country

Cham

Citation

CUI, Hui; DENG, Robert H.; LIU, Joseph K.; and LI, Yingjiu. Attribute-based encryption with expressive and authorized keyword search. (2017). Information Security and Privacy: ACISP 2017: 22nd Australasian Conference: Auckland, New Zealand, July 3-5: Proceedings. 10342, 106-126.
Available at: https://ink.library.smu.edu.sg/sis_research/3816

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1007/978-3-319-60055-0_6