Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines

Author

Hui MA, Chinese Academy of Sciences
Rui ZHANG, Chinese Academy of Sciences
Guomin YANG, Singapore Management UniversityFollow
Zishuai SONG, Chinese Academy of Sciences
Shuzhou SUN, Chinese Academy of Sciences
Yuting XIAO, Chinese Academy of Sciences

Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

9-2018

Abstract

Attribute based encryption (ABE) has potential to be applied in various cloud computing applications. However, the Snowden revelations show that powerful adversaries can corrupt users’ machines to compromise the security, and many implementations of provably secure encryption schemes may present undetectable vulnerabilities that can expose secret, e.g., the scheme still works properly even some backdoors have been stealthily engineered on users’ machines. Undoubtedly, ABE is also facing the above security threats. Recently, Mironov and Stephens-Davidowitz proposed cryptographic reverse firewall (CRF) to solve the problem. Unfortunately, no CRF-based protection for ABE has been proposed so far due to the complex system model and the extra access structure component. Besides, the encryption scheme in the CRF framework will suffer double computation latency, which is worse for ABE that has already yielded expensive operations. In this paper, we propose a concessive online/offline ciphertext-policy attribute based encryption with cryptographic reverse firewalls (COO-CP-ABE-CRF), which can resist the exfiltration of secret information and achieve selective CPA security. Furthermore, compared with the original scheme without CRF, our scheme reduces the total computation cost by half. Moreover, we develop an extensible library called libabelibabe that is compatible with Android devices, and we implement the prototype on a laptop and a mobile phone. The experimental results indicate that the scheme is efficient and practical.

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Computer Security: 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, September 3-7: Proceedings

Volume

11099

First Page

507

Last Page

526

ISBN

9783319989884

Identifier

10.1007/978-3-319-98989-1_25

Publisher

Springer

City or Country

Cham

Citation

MA, Hui; ZHANG, Rui; YANG, Guomin; SONG, Zishuai; SUN, Shuzhou; and XIAO, Yuting. Concessive online/offline attribute based encryption with cryptographic reverse firewalls: Secure and efficient fine-grained access control on corrupted machines. (2018). Computer Security: 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, September 3-7: Proceedings. 11099, 507-526.
Available at: https://ink.library.smu.edu.sg/sis_research/7415

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1007/978-3-319-98989-1_25