Attribute-based encryption with verifiable outsourced decryption

Author

Junzuo LAI, Singapore Management UniversityFollow
Robert H. DENG, Singapore Management UniversityFollow
Chaowen GUAN, Singapore Management UniversityFollow
Jian WENG, Singapore Management UniversityFollow

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

8-2013

Abstract

Attribute-based encryption (ABE) is a public-keybased one-to-many encryption that allows users to encrypt and decrypt data based on user attributes. A promising application of ABE is flexible access control of encrypted data stored in the cloud, using access polices and ascribed attributes associated with private keys and ciphertexts.One of themain efficiency drawbacks of the existing ABE schemes is that decryption involves expensive pairing operations and the number of such operations grows with the complexity of the access policy. Recently, Green et al. proposed an ABE system with outsourced decryption that largely eliminates the decryption overhead for users. In such a system, a user provides an untrusted server, say a cloud service provider, with a transformation key that allows the cloud to translate any ABE ciphertext satisfied by that user’s attributes or access policy into a simple ciphertext, and it only incurs a small computational overhead for the user to recover the plaintext from the transformed ciphertext. Security of an ABE system with outsourced decryption ensures that an adversary (including a malicious cloud) will not be able to learn anything about the encrypted message; however, it does not guarantee the correctness of the transformation done by the cloud. In this paper, we consider a new requirement of ABE with outsourced decryption: verifiability. Informally, verifiability guarantees that a user can efficiently check if the transformation is done correctly.We give the formal model of ABE with verifiable outsourced decryption and propose a concrete scheme. We prove that our new scheme is both secure and verifiable, without relying on random oracles. Finally, we show an implementation of our scheme and result of performance measurements, which indicates a significant reduction on computing resources imposed on users.

Keywords

Attribute-based encryption, outsourced decryption, verifiability

Discipline

Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Information Forensics and Security

Volume

8

Issue

8

First Page

1343

Last Page

1354

ISSN

1556-6013

Identifier

10.1109/TIFS.2013.2271848

Publisher

IEEE

Citation

LAI, Junzuo; DENG, Robert H.; GUAN, Chaowen; and WENG, Jian. Attribute-based encryption with verifiable outsourced decryption. (2013). IEEE Transactions on Information Forensics and Security. 8, (8), 1343-1354.
Available at: https://ink.library.smu.edu.sg/sis_research/1940

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/TIFS.2013.2271848