Publication Type

Journal Article

Version

acceptedVersion

Publication Date

5-2020

Abstract

With the development of cloud computing, many enterprises have been interested in outsourcing their data to cloud servers to decrease IT costs and rise capabilities of provided services. To afford confidentiality and fine-grained data access control, attribute-based encryption (ABE) was proposed and used in several cloud storage systems. However, scalability and flexibility in key delegation and user revocation mechanisms are primary issues in ABE systems. In this paper, we introduce the concept of a fully distributed revocable ciphertext-policy hierarchical ABE (FDR-CP-HABE) and design the first FDR-CP-HABE scheme. Our scheme offers a high level of flexibility and scalability in the key delegation and user revocation phases. Moreover, our scheme is efficient and provides lightweight computation in the decryption phase. Indeed, by exploiting a computation outsourcing technique, most of the operations are executed by the powerful cloud server, and very few computations are left to the users. Also, the storage cost on the user side is significantly decreased as compared to similar schemes. Furthermore, using the hardness assumption of DBDH problem, we prove that our scheme is adaptively secure in the standard model. Our security analyses and implementation results indicate that our scheme is efficient, secure, and scalable. (C) 2020 Elsevier B.V. All rights reserved.

Keywords

Cloud computing, Hierarchical attribute-based encryption, Ciphertext-policy attribute-based encryption, Access control

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Theoretical Computer Science

Volume

815

First Page

25

Last Page

46

ISSN

0304-3975

Identifier

10.1016/j.tcs.2020.02.030

Publisher

Elsevier

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1016/j.tcs.2020.02.030

Download

Share

COinS