Publication Type

Journal Article

Version

acceptedVersion

Publication Date

11-2023

Abstract

Cloud computing has emerged as a popular choice for distributing data among both individuals and companies. Ciphertext-policy attribute-based encryption (CP-ABE) has been extensively used to provide data security and enable fine-grained access control. With this encryption technique, only users whose attributes satisfy the access policy can access the plaintext. In order to mitigate the computational overhead on users, particularly on lightweight devices, partial decryption has been introduced, where the cloud assists in performing the decryption computations without revealing sensitive information. However, in this process, the cloud obtains the user's attributes, thus infringing on the user's privacy. To address this issue, this article proposes a privacy-preserving cloud-based data distribution system with filtering (PPDF) to enable partial decryption without revealing the user's attributes. The proposed system also employs an edge server to assist the user in filtering out invalid ciphertexts, i.e., ciphertexts where the user's attributes do not satisfy the access policy, and transmit only the valid partially decrypted ciphertexts to the data receiver. Consequently, the proposed PPDF scheme achieves constant decryption cost for the data receiver. We provide a security proof and a performance evaluation of the proposed scheme, which confirms its effectiveness and practicality in various real-world applications.

Keywords

attributes test, date filtering, date sharing, outsource decryption, Privacy-preserving

Discipline

Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Services Computing

Volume

16

Issue

6

First Page

3920

Last Page

3930

ISSN

1939-1374

Identifier

10.1109/TSC.2023.3297175

Publisher

Institute of Electrical and Electronics Engineers

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/TSC.2023.3297175

Download

Share

COinS